Since: API level 17

public class

AuditLogRulesInfo

extends Object
implements Parcelable

java.lang.Object
↳	com.samsung.android.knox.log.AuditLogRulesInfo

Class Overview

This class provides the configuration object that is used by AuditLog to perform selective data logging, via setAuditLogRules(AuditLogRulesInfo).
Using this class, administrator will be able to configure the rules, based on the following parameters:

Severity: This parameter configures the rule for severity level of data selection. The selection scale is:
AUDIT_LOG_SEVERITY_ALERT
AUDIT_LOG_SEVERITY_CRITICAL
AUDIT_LOG_SEVERITY_ERROR
AUDIT_LOG_SEVERITY_WARNING
AUDIT_LOG_SEVERITY_NOTICE

Outcome: This parameter is used to select log information based on outcome.The defined values for this parameter are:
AUDIT_LOG_OUTCOME_ALL
AUDIT_LOG_OUTCOME_FAILURE
AUDIT_LOG_OUTCOME_SUCCESS

Groups: Use a list with the module groups:
AUDIT_LOG_GROUP_SECURITY
AUDIT_LOG_GROUP_SYSTEM
AUDIT_LOG_GROUP_NETWORK
AUDIT_LOG_GROUP_EVENTS
AUDIT_LOG_GROUP_APPLICATION

Users: Provide a list with the current users on device to select auditable information based on user. Only owner (User 0) administrator is able to filter audit events by user.

EnableKernel: Administrator may request all information from kernel to be logged, using boolean value true. Using false will disable this selection. To avoid selection of unnecessary information causing excessive storage allocation, it is recommended to leave this value as false. Disabling kernel will not interfere on collection of necessary data that comes from kernel, including IpTables and Encryption information.

Since

API level 17

KNOX 2.5

Summary

Constants
int	AUDIT_LOG_OUTCOME_ALL	Use this constant to configure AuditLogRulesInfo Outcome value to All.
int	AUDIT_LOG_OUTCOME_FAILURE	Use this constant to configure AuditLogRulesInfo Outcome value to Failure.
int	AUDIT_LOG_OUTCOME_SUCCESS	Use this constant to configure AuditLogRulesInfo Outcome value to Success.

[Expand]

Inherited Constants

From interface android.os.Parcelable

Public Constructors
	AuditLogRulesInfo() This constructor is used to instantiate an AuditLogRulesInfo object with the most permissive values and kernel messages disabled.
	AuditLogRulesInfo(int severityRule, int outcomeRule, List<Integer> groupsRule, boolean enableKernel, List<Integer> userRule) This constructor is used to instantiate an AuditLogRulesInfo object with parameters defined by the administrator.

Public Methods
List<Integer>	getGroupsRule() This API retrieves the list of group modules of an AuditLogRulesInfo object.
int	getOutcomeRule() This API retrieves the value set as outcome for an AuditLogRulesInfo object.
int	getSeverityRule() This API retrieves the value set as severity for an AuditLogRulesInfo object.
List<Integer>	getUsersRule() This API retrieves the list of users of an AuditLogRulesInfo object.
boolean	isKernelLogsEnabled() Deprecated in API level 35 NOTE: This API is not available since Android 12.
void	setGroupsRule(List<Integer> groupsRule) This API configures the list of group modules of an AuditLogRulesInfo object.
void	setKernelLogsEnabled(boolean enableKernel) Deprecated in API level 35 NOTE: This API is not available since Android 12.
void	setOutcomeRule(int outcomeRule) This API configures an outcome level for AuditLogRulesInfo object.
void	setSeverityRule(int severityRule) This API configures a severity level of an AuditLogRulesInfo object.
void	setUsersRule(List<Integer> userRule) This API configures the list of users of an AuditLogRulesInfo object.

[Expand]

Inherited Methods

From class java.lang.Object

From interface android.os.Parcelable

Constants

public static final int AUDIT_LOG_OUTCOME_ALL

Since: API level 17

Use this constant to configure AuditLogRulesInfo Outcome value to All.

Since

API level 17

KNOX 2.5

Constant Value: 2 (0x00000002)

public static final int AUDIT_LOG_OUTCOME_FAILURE

Since: API level 17

Use this constant to configure AuditLogRulesInfo Outcome value to Failure.

Since

API level 17

KNOX 2.5

Constant Value: 0 (0x00000000)

public static final int AUDIT_LOG_OUTCOME_SUCCESS

Since: API level 17

Use this constant to configure AuditLogRulesInfo Outcome value to Success.

Since

API level 17

KNOX 2.5

Constant Value: 1 (0x00000001)

Public Constructors

public AuditLogRulesInfo ()

Since: API level 17

This constructor is used to instantiate an AuditLogRulesInfo object with the most permissive values and kernel messages disabled.

Usage

The Default values are:

Severity: AUDIT_LOG_SEVERITY_NOTICE
Outcome: AUDIT_LOG_OUTCOME_ALL
Groups: a null value.
Kernel: false(Kernel originated messages disabled).
Users: a null value.


 

 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

Since

API level 17

KNOX 2.5

public AuditLogRulesInfo (int severityRule, int outcomeRule, List<Integer> groupsRule, boolean enableKernel, List<Integer> userRule)

Since: API level 17

This constructor is used to instantiate an AuditLogRulesInfo object with parameters defined by the administrator.

Parameters

severityRule	Defined value for severity.
outcomeRule	Defined value for outcome
groupsRule	Defined list with Module Groups
enableKernel	Enable or disable kernel originated messages.
userRule	Defined filter by user (only available to Owner)

Usage

Administrator must inform the parameter values to use this API.


 List<Integer> mGroups = new ArrayList<Integer>();

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_SECURITY);

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_SYSTEM);

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_NETWORK);

 List<Integer> mUsers = new ArrayList<Integer>();

 mUsers.add(0);

 mUsers.add(100);

 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo(

         AuditLog.AUDIT_LOG_SEVERITY_NOTICE,

         AUDIT_LOG_OUTCOME_RULES_ALL, mGroups, false, mUsers);

Since

API level 17

KNOX 2.5

Public Methods

public List<Integer> getGroupsRule ()

Since: API level 17

This API retrieves the list of group modules of an AuditLogRulesInfo object.

Returns

Returns the list of Groups.

Usage

Administrator may use this API to retrieve the list of group modules configured for an AuditLogRulesInfo.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 List mGroups = mAuditLogRulesInfo.getGroupsRule();

Since

API level 17

KNOX 2.5

public int getOutcomeRule ()

Since: API level 17

This API retrieves the value set as outcome for an AuditLogRulesInfo object.

Returns

Returns the value set as Outcome.

Usage

Administrator may use this API to retrieve the outcome set for an AuditLogRulesInfo object


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 int outComerule = mAuditLogRulesInfo.getOutcomeRule();

Since

API level 17

KNOX 2.5

public int getSeverityRule ()

Since: API level 17

This API retrieves the value set as severity for an AuditLogRulesInfo object.

Returns

Returns the value set as Severity.

Usage

Administrator may use this API to get the severity value set for an AuditLogRulesInfo object.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 int severityRule = mAuditLogRulesInfo.getSeverityRule();

Since

API level 17

KNOX 2.5

public List<Integer> getUsersRule ()

Since: API level 17

This API retrieves the list of users of an AuditLogRulesInfo object.

Returns

Returns the list of Users.

Usage

Administrator may use this API to retrieve the list of users configured for an AuditLogRulesInfo.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 List mUsers = mAuditLogRulesInfo.getUsersRule();

Since

API level 17

KNOX 2.5

public boolean isKernelLogsEnabled ()

Since: API level 17

Deprecated in API level 35
NOTE: This API is not available since Android 12.

This API retrieves the value of kernel logging configuration on AuditLogRulesInfo object.

Returns

Returns true if kernel logs selection is enabled and false otherwise.

Usage

Administrator may use this API to retrieve kernel logging status of an AuditLogRulesInfo object.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 boolean ret = mAuditLogRulesInfo.isKernelLogsEnabled();

Since

API level 17

KNOX 2.5

public void setGroupsRule (List<Integer> groupsRule)

Since: API level 17

This API configures the list of group modules of an AuditLogRulesInfo object.

Parameters

groupsRule	A list containing a set of selected module groups.

Usage

Administrator may use this API to set the group modules for an AuditLogRulesInfo.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 List mGroups = new ArrayList();

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_SECURITY);

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_SYSTEM);

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_NETWORK);

 mAuditLogRulesInfo.setGroupsRule(mGroups);

Since

API level 17

KNOX 2.5

public void setKernelLogsEnabled (boolean enableKernel)

Since: API level 17

Deprecated in API level 35
NOTE: This API is not available since Android 12.

This API configures kernel logging status AuditLogRulesInfo object.
It is recommended to leave kernel messages logging off, in order to preserve storage allocation with unnecessary information.

Parameters

enableKernel	Enable or disable kernel originated messages.

Usage

Administrator may use this API to configure kernel logging of an AuditLogRulesInfo.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 mAuditLogRulesInfo.setKernelLogsEnabled(true);

Since

API level 17

KNOX 2.5

public void setOutcomeRule (int outcomeRule)

Since: API level 17

This API configures an outcome level for AuditLogRulesInfo object.

Parameters

outcomeRule	Defined value for outcome

Usage

Administrator may use this API to configure Outcome value for an AuditLogRulesInfo.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 mAuditLogRulesInfo.setOutcomeRule(AUDIT_LOG_OUTCOME_FAILURE);

Since

API level 17

KNOX 2.5

public void setSeverityRule (int severityRule)

Since: API level 17

This API configures a severity level of an AuditLogRulesInfo object.

Parameters

severityRule	Defined value for severity.

Usage

Administrator may use this API to configure severity level for an AuditLogRulesInfo.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 mAuditLogRulesInfo.setSeverityRule(AuditLog.AUDIT_LOG_SEVERITY_NOTICE);

Since

API level 17

KNOX 2.5

public void setUsersRule (List<Integer> userRule)

Since: API level 17

This API configures the list of users of an AuditLogRulesInfo object.

Parameters

userRule	A list containing a set of selected users.

Usage

Administrator may use this API to configure users for an AuditLogRulesInfo.

NOTE: Only owner (User 0) administrator is able to filter audit events by user.


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 List mUsers = new ArrayList();

 mUsers.add(0);

 mUsers.add(100);

 mAuditLogRulesInfo.setUsersRule(mUsers);

Since

API level 17

KNOX 2.5

Knox SDK API reference

Classes

AuditLogRulesInfo

Class Overview

Since

Summary

Constants

public static final int AUDIT_LOG_OUTCOME_ALL

Since

public static final int AUDIT_LOG_OUTCOME_FAILURE

Since

public static final int AUDIT_LOG_OUTCOME_SUCCESS

Since

Public Constructors

public AuditLogRulesInfo ()

Usage

Since

See Also

public AuditLogRulesInfo (int severityRule, int outcomeRule, List<Integer> groupsRule, boolean enableKernel, List<Integer> userRule)

Parameters

Usage

Since

See Also

Public Methods

public List<Integer> getGroupsRule ()

Returns

Usage

Since

See Also

public int getOutcomeRule ()

Returns

Usage

Since

See Also

public int getSeverityRule ()

Returns

Usage

Since

See Also

public List<Integer> getUsersRule ()

Returns

Usage

Since

See Also

public boolean isKernelLogsEnabled ()

Returns

Usage

Since

See Also

public void setGroupsRule (List<Integer> groupsRule)

Parameters

Usage

Since

See Also

public void setKernelLogsEnabled (boolean enableKernel)

Parameters

Usage

Since

See Also

public void setOutcomeRule (int outcomeRule)

Parameters

Usage

Since

See Also

public void setSeverityRule (int severityRule)

Parameters

Usage

Since

See Also

public void setUsersRule (List<Integer> userRule)

Parameters

Usage

Since

See Also