My application provides access to an external database through the Conf-D Data Provider API. For auditing purposes, I would like to log some information about who/what/why the data in the external database is being accessed. Specifically, I would like to know if the data callbacks cb_get_object(), cb_find_next_object(), etc. being invoked by Conf-D are the result of a NETCONF (to build a diff) vs. a NETCONF or .
Is there a way to determine which NETCONF operation , , , etc. initiated the transaction? For example, is there anything provided via the transaction callbacks or data callbacks that would provide this information or could be used to query this information from Conf-D?
To expand on my question above, I’d really like to be able to log the operation and subtree/xpath filter from my application.
I’d like to log something like the following for get operations:
INFO myuser@203.0.113.23 <get> /if:interfaces/interface[name='eth0']/enabled succeeded with response 'ok'
INFO myuser@203.0.113.23 <get-config> /if:interfaces/interface[name='eth0']/enabled succeeded with response 'ok'
I’d like to log something like the following for set operations:
INFO myuser@203.0.113.23 modify /if:interfaces/interface[name='eth0']/enabled = false
INFO myuser@203.0.113.23 <edit-confg> succeeded with response 'ok'
I’m able to figure out how to log ‘set’ operations, but it is not clear how I could log ‘get’ operations.