Summary: Constants | Inherited Constants | Ctors | Methods | Inherited Methods | [Expand All]
Since: API level 17
public class

AuditLogRulesInfo

extends Object
implements Parcelable
java.lang.Object
   ↳ com.samsung.android.knox.log.AuditLogRulesInfo

Class Overview

This class provides the configuration object that is used by AuditLog to perform selective data logging, via setAuditLogRules(AuditLogRulesInfo).
Using this class, administrator will be able to configure the rules, based on the following parameters:

Severity: This parameter configures the rule for severity level of data selection. The selection scale is:
AUDIT_LOG_SEVERITY_ALERT
AUDIT_LOG_SEVERITY_CRITICAL
AUDIT_LOG_SEVERITY_ERROR
AUDIT_LOG_SEVERITY_WARNING
AUDIT_LOG_SEVERITY_NOTICE

Outcome: This parameter is used to select log information based on outcome.The defined values for this parameter are:
AUDIT_LOG_OUTCOME_ALL
AUDIT_LOG_OUTCOME_FAILURE
AUDIT_LOG_OUTCOME_SUCCESS

Groups: Use a list with the module groups:
AUDIT_LOG_GROUP_SECURITY
AUDIT_LOG_GROUP_SYSTEM
AUDIT_LOG_GROUP_NETWORK
AUDIT_LOG_GROUP_EVENTS
AUDIT_LOG_GROUP_APPLICATION

Users: Provide a list with the current users on device to select auditable information based on user. Only owner (User 0) administrator is able to filter audit events by user.

EnableKernel: Administrator may request all information from kernel to be logged, using boolean value true. Using false will disable this selection. To avoid selection of unnecessary information causing excessive storage allocation, it is recommended to leave this value as false. Disabling kernel will not interfere on collection of necessary data that comes from kernel, including IpTables and Encryption information.

Since
API level 17
KNOX 2.5

Summary

Constants
int AUDIT_LOG_OUTCOME_ALL Use this constant to configure AuditLogRulesInfo Outcome value to All.
int AUDIT_LOG_OUTCOME_FAILURE Use this constant to configure AuditLogRulesInfo Outcome value to Failure.
int AUDIT_LOG_OUTCOME_SUCCESS Use this constant to configure AuditLogRulesInfo Outcome value to Success.
[Expand]
Inherited Constants
From interface android.os.Parcelable
Public Constructors
AuditLogRulesInfo()
This constructor is used to instantiate an AuditLogRulesInfo object with the most permissive values and kernel messages disabled.
AuditLogRulesInfo(int severityRule, int outcomeRule, List<Integer> groupsRule, boolean enableKernel, List<Integer> userRule)
This constructor is used to instantiate an AuditLogRulesInfo object with parameters defined by the administrator.
Public Methods
List<Integer> getGroupsRule()
This API retrieves the list of group modules of an AuditLogRulesInfo object.
int getOutcomeRule()
This API retrieves the value set as outcome for an AuditLogRulesInfo object.
int getSeverityRule()
This API retrieves the value set as severity for an AuditLogRulesInfo object.
List<Integer> getUsersRule()
This API retrieves the list of users of an AuditLogRulesInfo object.
boolean isKernelLogsEnabled()
Deprecated in API level 35
NOTE: This API is not available since Android 12.
void setGroupsRule(List<Integer> groupsRule)
This API configures the list of group modules of an AuditLogRulesInfo object.
void setKernelLogsEnabled(boolean enableKernel)
Deprecated in API level 35
NOTE: This API is not available since Android 12.
void setOutcomeRule(int outcomeRule)
This API configures an outcome level for AuditLogRulesInfo object.
void setSeverityRule(int severityRule)
This API configures a severity level of an AuditLogRulesInfo object.
void setUsersRule(List<Integer> userRule)
This API configures the list of users of an AuditLogRulesInfo object.
[Expand]
Inherited Methods
From class java.lang.Object
From interface android.os.Parcelable

Constants

public static final int AUDIT_LOG_OUTCOME_ALL

Since: API level 17

Use this constant to configure AuditLogRulesInfo Outcome value to All.

Since
API level 17
KNOX 2.5
Constant Value: 2 (0x00000002)

public static final int AUDIT_LOG_OUTCOME_FAILURE

Since: API level 17

Use this constant to configure AuditLogRulesInfo Outcome value to Failure.

Since
API level 17
KNOX 2.5
Constant Value: 0 (0x00000000)

public static final int AUDIT_LOG_OUTCOME_SUCCESS

Since: API level 17

Use this constant to configure AuditLogRulesInfo Outcome value to Success.

Since
API level 17
KNOX 2.5
Constant Value: 1 (0x00000001)

Public Constructors

public AuditLogRulesInfo ()

Since: API level 17

This constructor is used to instantiate an AuditLogRulesInfo object with the most permissive values and kernel messages disabled.

Usage
The Default values are:

Severity: AUDIT_LOG_SEVERITY_NOTICE
Outcome: AUDIT_LOG_OUTCOME_ALL
Groups: a null value.
Kernel: false(Kernel originated messages disabled).
Users: a null value. 


 

 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();
Since
API level 17
KNOX 2.5
See Also

public AuditLogRulesInfo (int severityRule, int outcomeRule, List<Integer> groupsRule, boolean enableKernel, List<Integer> userRule)

Since: API level 17

This constructor is used to instantiate an AuditLogRulesInfo object with parameters defined by the administrator.

Parameters
severityRule Defined value for severity.
outcomeRule Defined value for outcome
groupsRule Defined list with Module Groups
enableKernel Enable or disable kernel originated messages.
userRule Defined filter by user (only available to Owner)
Usage
Administrator must inform the parameter values to use this API. 


 List<Integer> mGroups = new ArrayList<Integer>();

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_SECURITY);

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_SYSTEM);

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_NETWORK);

 List<Integer> mUsers = new ArrayList<Integer>();

 mUsers.add(0);

 mUsers.add(100);

 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo(

         AuditLog.AUDIT_LOG_SEVERITY_NOTICE,

         AUDIT_LOG_OUTCOME_RULES_ALL, mGroups, false, mUsers);
Since
API level 17
KNOX 2.5
See Also

Public Methods

public List<Integer> getGroupsRule ()

Since: API level 17

This API retrieves the list of group modules of an AuditLogRulesInfo object.

Returns
  • Returns the list of Groups.
Usage
Administrator may use this API to retrieve the list of group modules configured for an AuditLogRulesInfo. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 List mGroups = mAuditLogRulesInfo.getGroupsRule();
Since
API level 17
KNOX 2.5
See Also

public int getOutcomeRule ()

Since: API level 17

This API retrieves the value set as outcome for an AuditLogRulesInfo object.

Returns
  • Returns the value set as Outcome.
Usage
Administrator may use this API to retrieve the outcome set for an AuditLogRulesInfo object 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 int outComerule = mAuditLogRulesInfo.getOutcomeRule();
Since
API level 17
KNOX 2.5
See Also

public int getSeverityRule ()

Since: API level 17

This API retrieves the value set as severity for an AuditLogRulesInfo object.

Returns
  • Returns the value set as Severity.
Usage
Administrator may use this API to get the severity value set for an AuditLogRulesInfo object. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 int severityRule = mAuditLogRulesInfo.getSeverityRule();
Since
API level 17
KNOX 2.5
See Also

public List<Integer> getUsersRule ()

Since: API level 17

This API retrieves the list of users of an AuditLogRulesInfo object.

Returns
  • Returns the list of Users.
Usage
Administrator may use this API to retrieve the list of users configured for an AuditLogRulesInfo. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 List mUsers = mAuditLogRulesInfo.getUsersRule();
Since
API level 17
KNOX 2.5
See Also

public boolean isKernelLogsEnabled ()

Since: API level 17

Deprecated in API level 35
NOTE: This API is not available since Android 12.

This API retrieves the value of kernel logging configuration on AuditLogRulesInfo object.

Returns
  • Returns true if kernel logs selection is enabled and false otherwise.
Usage
Administrator may use this API to retrieve kernel logging status of an AuditLogRulesInfo object. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 boolean ret = mAuditLogRulesInfo.isKernelLogsEnabled();
Since
API level 17
KNOX 2.5
See Also

public void setGroupsRule (List<Integer> groupsRule)

Since: API level 17

This API configures the list of group modules of an AuditLogRulesInfo object.

Parameters
groupsRule A list containing a set of selected module groups.
Usage
Administrator may use this API to set the group modules for an AuditLogRulesInfo. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 List mGroups = new ArrayList();

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_SECURITY);

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_SYSTEM);

 mGroups.add(AuditLog.AUDIT_LOG_GROUP_NETWORK);

 mAuditLogRulesInfo.setGroupsRule(mGroups);
Since
API level 17
KNOX 2.5
See Also

public void setKernelLogsEnabled (boolean enableKernel)

Since: API level 17

Deprecated in API level 35
NOTE: This API is not available since Android 12.

This API configures kernel logging status AuditLogRulesInfo object.
It is recommended to leave kernel messages logging off, in order to preserve storage allocation with unnecessary information.

Parameters
enableKernel Enable or disable kernel originated messages.
Usage
Administrator may use this API to configure kernel logging of an AuditLogRulesInfo. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 mAuditLogRulesInfo.setKernelLogsEnabled(true);
Since
API level 17
KNOX 2.5
See Also

public void setOutcomeRule (int outcomeRule)

Since: API level 17

This API configures an outcome level for AuditLogRulesInfo object.

Parameters
outcomeRule Defined value for outcome
Usage
Administrator may use this API to configure Outcome value for an AuditLogRulesInfo. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 mAuditLogRulesInfo.setOutcomeRule(AUDIT_LOG_OUTCOME_FAILURE);
Since
API level 17
KNOX 2.5
See Also

public void setSeverityRule (int severityRule)

Since: API level 17

This API configures a severity level of an AuditLogRulesInfo object.

Parameters
severityRule Defined value for severity.
Usage
Administrator may use this API to configure severity level for an AuditLogRulesInfo. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 mAuditLogRulesInfo.setSeverityRule(AuditLog.AUDIT_LOG_SEVERITY_NOTICE);
Since
API level 17
KNOX 2.5
See Also

public void setUsersRule (List<Integer> userRule)

Since: API level 17

This API configures the list of users of an AuditLogRulesInfo object.

Parameters
userRule A list containing a set of selected users.
Usage
Administrator may use this API to configure users for an AuditLogRulesInfo.


NOTE: Only owner (User 0) administrator is able to filter audit events by user. 


 AuditLogRulesInfo mAuditLogRulesInfo = new AuditLogRulesInfo();

 List mUsers = new ArrayList();

 mUsers.add(0);

 mUsers.add(100);

 mAuditLogRulesInfo.setUsersRule(mUsers);
Since
API level 17
KNOX 2.5
See Also