evennia.contrib.utils.auditing.server

Auditable Server Sessions: Extension of the stock ServerSession that yields objects representing user inputs and system outputs.

Evennia contribution - Johnny 2017

class evennia.contrib.utils.auditing.server.AuditedServerSession[source]

Bases: ServerSession

This particular implementation parses all server inputs and/or outputs and passes a dict containing the parsed metadata to a callback method of your creation. This is useful for recording player activity where necessary for security auditing, usage analysis or post-incident forensic discovery.

* WARNING * All strings are recorded and stored in plaintext. This includes those strings which might contain sensitive data (create, connect, @password). These commands have their arguments masked by default, but you must mask or mask any custom commands of your own that handle sensitive information.

See README.md for installation/configuration instructions.

audit(**kwargs)[source]

Extracts messages and system data from a Session object upon message send or receive.

Keyword Arguments:

  • src (str) – Source of data; ‘client’ or ‘server’. Indicates direction.

  • text (str or list) – Client sends messages to server in the form of lists. Server sends messages to client as string.

Returns:

log (dict)

Dictionary object containing parsed system and user data

related to this message.

mask(msg)[source]

Masks potentially sensitive user information within messages before writing to log. Recording cleartext password attempts is bad policy.

Parameters:

msg (str) – Raw text string sent from client <-> server

Returns:

msg (str) – Text string with sensitive information masked out.

data_out(**kwargs)[source]

Generic hook for sending data out through the protocol.

Keyword Arguments:

kwargs (any) – Other data to the protocol.

data_in(**kwargs)[source]

Hook for protocols to send incoming data to the engine.

Keyword Arguments:

kwargs (any) – Other data from the protocol.