evennia.contrib.utils.auditing.server

Auditable Server Sessions: Extension of the stock ServerSession that yields objects representing user inputs and system outputs.

Evennia contribution - Johnny 2017

class evennia.contrib.utils.auditing.server.AuditedServerSession[source]

Bases: evennia.server.serversession.ServerSession

This particular implementation parses all server inputs and/or outputs and passes a dict containing the parsed metadata to a callback method of your creation. This is useful for recording player activity where necessary for security auditing, usage analysis or post-incident forensic discovery.

* WARNING * All strings are recorded and stored in plaintext. This includes those strings which might contain sensitive data (create, connect, @password). These commands have their arguments masked by default, but you must mask or mask any custom commands of your own that handle sensitive information.

See README.md for installation/configuration instructions.

audit(**kwargs)[source]

Extracts messages and system data from a Session object upon message send or receive.

Keyword Arguments
  • src (str) – Source of data; ‘client’ or ‘server’. Indicates direction.

  • text (str or list) – Client sends messages to server in the form of lists. Server sends messages to client as string.

Returns

log (dict)

Dictionary object containing parsed system and user data

related to this message.

mask(msg)[source]

Masks potentially sensitive user information within messages before writing to log. Recording cleartext password attempts is bad policy.

Parameters

msg (str) – Raw text string sent from client <-> server

Returns

msg (str) – Text string with sensitive information masked out.

data_out(**kwargs)[source]

Generic hook for sending data out through the protocol.

Keyword Arguments

kwargs (any) – Other data to the protocol.

data_in(**kwargs)[source]

Hook for protocols to send incoming data to the engine.

Keyword Arguments

kwargs (any) – Other data from the protocol.