Package com.sap.cloud.sdk.cloudplatform.auditlog

Interface AuditLog

All Known Implementing Classes:
DefaultLoggerAuditLog
public interface AuditLog
Interface for audit logging.

Important: For performance reasons, use only efficiently for logging of relevant events. The logging methods allow to log:

  • security relevant events,
  • read access to sensitive personal data,
  • changes to configuration data,
  • and changes to personal data.

  • Method Details

    • logSecurityEventBeginning

      void logSecurityEventBeginning(@Nonnull AccessRequester initiator, @Nullable String message) throws AuditLogAccessException
      Logs the start of a generic security event.
      Parameters:
      initiator - Information about the user that starts performing the security event.
      message - Descriptive log message.
      Throws:
      AuditLogAccessException - If there is an issue while accessing the AuditLog.

    • logSecurityEvent

      void logSecurityEvent(@Nonnull AccessRequester initiator, @Nullable String message, @Nullable Throwable throwable) throws AuditLogAccessException
      Logs a generic security event.
      Parameters:
      initiator - Information about the user that performed the security event.
      message - Descriptive log message.
      throwable - The exception in case of an error.
      Throws:
      AuditLogAccessException - If there is an issue while accessing the AuditLog.

    • logConfigChangeBeginning

      void logConfigChangeBeginning(@Nonnull AccessRequester initiator, @Nonnull AuditedDataObject object, @Nonnull AccessedAttribute attributeAffected, @Nullable AccessedAttribute... attributesAffected) throws AuditLogAccessException
      Logs the start of a change of some attributes of configuration data.
      Parameters:
      initiator - Information about the user starting to modify the configuration.
      object - An instance of AuditedDataObject that represents the object that will be modified.
      attributeAffected - An attribute that will be changed.
      attributesAffected - An arbitrary number of attributes that will be changed.
      Throws:
      AuditLogAccessException - If there is an issue while accessing the AuditLog.

    • logConfigChange

      void logConfigChange(@Nonnull AccessRequester initiator, @Nonnull AuditedDataObject object, @Nullable Throwable error, @Nonnull AccessedAttribute attributeAffected, @Nullable AccessedAttribute... attributesAffected) throws AuditLogAccessException
      Logs the change of some attributes of configuration data.
      Parameters:
      initiator - Information about the user modifying the configuration.
      object - An instance of AuditedDataObject that represents the object that has been modified.
      error - The exception in case of an error.
      attributeAffected - An attribute that has been changed.
      attributesAffected - An arbitrary number of attributes that have been changed.
      Throws:
      AuditLogAccessException - If there is an issue while accessing the AuditLog.

    • logDataReadAttempt

      void logDataReadAttempt(@Nonnull AccessRequester initiator, @Nonnull AuditedDataObject object, @Nonnull AuditedDataSubject subject, @Nonnull AccessedAttribute attributeAffected, @Nullable AccessedAttribute... attributesAffected) throws AuditLogAccessException
      Logs the attempt to read some attributes from an object.
      Parameters:
      initiator - Information about the user trying to the read the attributes.
      object - An instance of AuditedDataObject that represents the object to be read.
      subject - An instance of AuditedDataSubject that represents the owner of the data to be read.
      attributeAffected - An attribute that should be read.
      attributesAffected - An arbitrary number of attributes that should be read.
      Throws:
      AuditLogAccessException - If there is an issue while accessing the AuditLog.

    • logDataRead

      void logDataRead(@Nonnull AccessRequester initiator, @Nonnull AuditedDataObject object, @Nonnull AuditedDataSubject subject, @Nullable Throwable error, @Nonnull AccessedAttribute attributeAffected, @Nullable AccessedAttribute... attributesAffected) throws AuditLogAccessException
      Logs the read access to some attributes of an object.
      Parameters:
      initiator - Information about the user reading the attributes.
      object - An instance of AuditedDataObject that represents the object that has been read.
      subject - An instance of AuditedDataSubject that represents the owner of the data that has been read.
      error - The exception in case of an error.
      attributeAffected - An attribute that has been read.
      attributesAffected - An arbitrary number of attributes that have been read.
      Throws:
      AuditLogAccessException - If there is an issue while accessing the AuditLog.

    • logDataWriteAttempt

      void logDataWriteAttempt(@Nonnull AccessRequester initiator, @Nonnull AuditedDataObject object, @Nonnull AuditedDataSubject subject, @Nonnull AccessedAttribute attributeAffected, @Nullable AccessedAttribute... attributesAffected) throws AuditLogAccessException
      Logs the attempt to write to some attributes of an object.
      Parameters:
      initiator - Information about the user trying to write to some attributes.
      object - An instance of AuditedDataObject that represents the object that is about to be modified.
      subject - An instance of AuditedDataSubject that represents the owner of the data that is about to be modified.
      attributeAffected - An attribute that should be modified, containing the old and new value.
      attributesAffected - An arbitrary number of attributes that should be modified, containing the old and new values.
      Throws:
      AuditLogAccessException - If there is an issue while accessing the AuditLog.

    • logDataWrite

      void logDataWrite(@Nonnull AccessRequester initiator, @Nonnull AuditedDataObject object, @Nonnull AuditedDataSubject subject, @Nullable Throwable error, @Nonnull AccessedAttribute attributeAffected, @Nullable AccessedAttribute... attributesAffected) throws AuditLogAccessException
      Logs the modification of some attributes of an object.
      Parameters:
      initiator - Information about the user changing the attributes.
      object - An instance of AuditedDataObject that represents the object that has been modified.
      subject - An instance of AuditedDataSubject that represents the owner of the data that has been modified.
      error - The exception in case of an error.
      attributeAffected - An attribute that has been modified, containing the old and new value.
      attributesAffected - An arbitrary number of attributes that have been modified, containing the old and new values.
      Throws:
      AuditLogAccessException - If there is an issue while accessing the AuditLog.