Audit.Mvc 27.2.0

There is a newer version of this package available.
See the version list below for details.
dotnet add package Audit.Mvc --version 27.2.0                
NuGet\Install-Package Audit.Mvc -Version 27.2.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Audit.Mvc" Version="27.2.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Audit.Mvc --version 27.2.0                
#r "nuget: Audit.Mvc, 27.2.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Audit.Mvc as a Cake Addin
#addin nuget:?package=Audit.Mvc&version=27.2.0

// Install Audit.Mvc as a Cake Tool
#tool nuget:?package=Audit.Mvc&version=27.2.0                

Audit.Mvc

MVC Actions Audit Extension for Audit.NET library. (An extensible framework to audit executing operations in .NET).

Generate Audit Trails for MVC actions. Supporting Asp NET Core Mvc.

Audit.Mvc / Audit.Mvc.Core provides the infrastructure to log interactions with MVC applications. It can record action methods calls to controllers and razor pages.

Install

NuGet Packages

NuGet Status NuGet Count

NuGet Status NuGet Count

To install the ASP.NET package run the following command on the Package Manager Console:

PM> Install-Package Audit.Mvc

To install the Asp Net Core package:

PM> Install-Package Audit.Mvc.Core

IMPORTANT NOTE

Previously, it was possible to employ the Audit.Mvc package for ASP.NET Core MVC or vice versa.

However, starting from version 23, the Audit.Mvc package is now exclusively designed for ASP.NET Framework MVC, whereas the Audit.Mvc.Core package is exclusively tailored for ASP.NET Core MVC.

Please upgrade your references accordingly.

Usage

MVC Controllers

Decorate the MVC Actions or Controllers you want to audit with [Audit] action filter.

For example:

public class HomeController : Controller
{
    [Audit]
    public ActionResult Index(int id, string name)
    {
      //...
      return View(new SomeViewModel() { Id = id, Name = name });
    }

    [Audit(EventType = "InsertOrderAction", IncludeHeaders = true, IncludeModel = true)]
    [HttpPost]
    public ActionResult TestPost(SomeViewModel model)
    {
      //...
    }
}

The [Audit] attribute cannot be used on razor pages, because action filters are not supported on razor pages.

Razor pages

To audit razor pages, include the AuditPageFilter on the filters collection on your startup code, for example:

public void ConfigureServices(IServiceCollection services)
{
    services.AddRazorPages()
        .AddMvcOptions(options =>
        {
            options.Filters.Add(new AuditPageFilter()
            {
                IncludeHeaders = true
            });
        });
}

Or you can apply the filter only to certain pages, for example for pages under /Movies path:

public void ConfigureServices(IServiceCollection services)
{
    services.AddRazorPages(options =>
    {
        options.Conventions.AddFolderApplicationModelConvention("/Movies", model => model.Filters.Add(new AuditPageFilter()
        {
            IncludeResponseBody = true
        }));
    });
}

Alternatively, if you want to setup the audit on a particular page and/or don't want to add the filter as a global filter, you can override the OnPageHandlerExecutionAsync on your page model and manually call the same method on an AuditPageFilter instance:

public class YourPageModel : PageModel
{
    private readonly AuditPageFilter _pageFilter = new AuditPageFilter() { IncludeHeaders = true };

    public override async Task OnPageHandlerExecutionAsync(PageHandlerExecutingContext context, PageHandlerExecutionDelegate next)
    {
        await _pageFilter.OnPageHandlerExecutionAsync(context, next);
    }
    // ...
}

Configuration

Output

The MVC audit events are stored using a Data Provider. You can use one of the available data providers or implement your own. Please refer to the data providers section on Audit.NET documentation.

Settings

The AuditAttribute can be configured with the following properties:

  • EventType: A string that identifies the event type. Can contain the following placeholders:
    • {controller}: replaced with the controller name (only for MVC).
    • {action}: replaced with the action method name (or the display name for razor pages).
    • {verb}: replaced with the HTTP verb used (GET, POST, etc).
    • {area}: replaced with the area name (only for razor pages).
    • {path}: replaced with the view path (only for razor pages).
  • IncludeHeaders: Boolean to indicate whether to include the Http Request Headers or not.
  • IncludeModel: Boolean to indicate whether to include the View Model or not.
  • IncludeRequestBody: Boolean to indicate whether to include or exclude the request body from the logs. Default is false. (Check following note)
  • IncludeResponseBody: Boolean to indicate whether to include response body or not. Default is false.
  • SerializeActionParameters: Boolean to indicate whether the action arguments should be pre-serialized to the audit event. Default is false.

To configure the output persistence mechanism please see Event Output Configuration.

NOTE

When IncludeRequestBody is set to true you may need to enable rewind on the request body stream, otherwise the controller won't be able to read the request body more than once (by default it's a forwand-only stream that can be read only once). You can enable rewind on your startup logic with the following startup code:

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    app.Use(async (context, next) => {
        context.Request.EnableBuffering();
        await next();
    });
}

Audit Ignore attribute

To selectively exclude certain controllers, action methods, action parameters or return values, you can decorate them with AuditIgnore attribute.

For example:

[Audit(IncludeHeaders = true, IncludeModel = true)]
public class AccountController : Controller
{
    [HttpGet]
    [AuditIgnore]
    public IEnumerable<string> GetAccounts()
    {
        // this action will not be audited
    }

    [HttpPost]
    public IEnumerable<string> PostAccount(string user, [AuditIgnore]string password)
    {
        // password argument will not be audited
    }

    [HttpGet]
    [return:AuditIgnore]
    public IEnumerable<string> GetSecrets(string user)
    {
        // the response body of this action will not be audited
    }
}

You can also decorate the razor pages classes, methods or arguments to be ignored on the audits:

public class IndexModel : PageModel
{
    [return:AuditIgnore]
    public IActionResult OnGet(string user)
    {
        // the response of this action will not be audited
    }

    [AuditIgnore]
    public void OnDelete(string user)
    {
        // this action will not be audited
    }

    public async Task<IActionResult> OnPostAsync([AuditIgnore]string password)
    {
        // password argument will not be audited
    }
}

Output details

The following table describes the Audit.Mvc output fields:

Field Name Type Description
TraceId string A unique identifier per request
HttpMethod string HTTP method (GET, POST, etc)
ControllerName string The controller name (or the area name for razor pages)
ActionName string The action name (or the display name for razor pages)
ViewName string The view name (if any)
ViewPath string View physical path (if any)
FormVariables Object Form-data input variables passed to the action
ActionParameters Object The action parameters passed
RequestBody BodyContent The request body (optional)
ResponseBody BodyContent The response body (optional)
UserName string Username on the HttpContext Identity
RequestUrl string URL of the request
IpAddress string Client IP address
ResponseStatusCode integer HTTP response status code
ResponseStatus string Response status description
Headers Object HTTP Headers (optional)
Model Object The model object returned by the controller (if any) (optional)
ModelStateValid boolean Boolean to indicate if the model is valid
ModelStateErrors string Error description when the model is invalid
RedirectLocation string The redirect location (if any)
Exception string The exception thrown details (if any)

BodyContent

Field Name Type Description
Type string The body type reported
Length long? The length of the body if reported
Value Object The body content

Customization

You can access the Audit Scope from the controller action by calling the Controller extension method GetCurrentAuditScope().

For example:

public class HomeController : Controller
{
    [Audit]
    public ActionResult Index(int id, string name)
    {
       //...
       var auditScope = this.GetCurrentAuditScope();
       auditScope.Comment("New comment from controller");
       auditScope.SetCustomField("TestField", Guid.NewGuid());
       //...
    }
}

See Audit.NET documentation about Custom Field and Comments for more information.

Output Sample for Get operation

HomeController.Index (GET) with params: id=1234567&name=test

{
    "EventType": "Home/Index (GET)",
    "Environment": {
        ...
    },
    "StartDate": "2016-08-22T18:31:14.6550924-05:00",
    "EndDate": "2016-08-22T18:31:23.1834012-05:00",
    "Duration": 8529,
    "Action": {
        "TraceId": "0HLFLQP4HGFAG_00000001",
        "HttpMethod": "GET",
        "ControllerName": "Home",
        "ActionName": "Index",
        "ViewName": "Index",
        "ViewPath": "~/Views/Home/Index.cshtml",
        "FormVariables": {},
        "ActionParameters": {
            "id": 1234567,
            "name": "test",
        },
        "UserName": "federico@mycompany.com",
        "RequestUrl": "/",
        "IpAddress": "127.0.0.1",
        "ResponseStatus": "200 OK",
        "ResponseStatusCode": 200,
        "ModelStateValid": true,
        "RedirectLocation": null
    }
}

Output Sample for Post operation

HomeController.TestPost (POST) with body: id=1234567&name=test

{
    "EventType": "InsertOrderAction",
    "Environment": {
        ...
    },
    "StartDate": "2016-08-22T18:31:00.0020036-05:00",
    "EndDate": "2016-08-22T18:31:15.1705128-05:00",
    "Duration": 15000,
    "Action": {
        "TraceId": "0HLFLQP4HGFAG_00000002",
        "HttpMethod": "POST",
        "ControllerName": "Home",
        "ActionName": "TestPost",
        "FormVariables": {
            "id": "1234567",
            "name": "test"
        },
        "ActionParameters": {
            "model": {
                "id": 1234567,
                "name": "test"
            }
        },
        "UserName": "federico@mycompany.com",
        "RequestUrl": "/Home/TestPost",
        "IpAddress": "::1",
        "ResponseStatus": "200 OK",
        "ResponseStatusCode": 200,
        "Headers": {
            "Cache-Control": "max-age=0",
            "Connection": "keep-alive",
            "Content-Length": "24",
            "Content-Type": "application/x-www-form-urlencoded",
            "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
            "Accept-Encoding": "gzip, deflate",
            "Accept-Language": "es-419,es;q=0.8",
            "Host": "localhost:37341",
            "Referer": "http://localhost:37341/",
            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743",
            "Origin": "http://localhost:37341",
            "Upgrade-Insecure-Requests": "1"
        },
        "ModelStateValid": false,
        "ModelStateErrors": {
            "Id": "The field Id must be between 0 and 9999."
        },
        "RedirectLocation": null
    }
}

MVC template (dotnet new)

If you are creating an ASP.NET Core MVC project from scratch, you can use the dotnet new template provided on the library Audit.Mvc.Template. This allows to quickly generate an audit-enabled MVC project that can be used as a starting point for your project or as a working example.

To install the template on your system, just type:

dotnet new -i Audit.Mvc.Template

Once you install the template, you should see it on the dotnet new templates list with the name mvcaudit as follows:

capture

You can now create a new project on the current folder by running:

dotnet new mvcaudit

This will create a new Asp.NET Core 2.1 project.

To get help about the options:

dotnet new mvcaudit -h

Contribute

If you like this project please contribute in any of the following ways:

  • Star this project on GitHub.
  • Request a new feature or expose any bug you found by creating a new issue.
  • Ask any questions about the library on StackOverflow.
  • Subscribe to and use the Gitter Audit.NET channel.
  • Support the project by becoming a Backer: Backer    
  • Spread the word by blogging about it, or sharing it on social networks: <p class="share-buttons"> <a href="https://www.facebook.com/sharer/sharer.php?u=https://nuget.org/packages/Audit.NET/&t=Check+out+Audit.NET" target="_blank"> <img width="24" height="24" alt="Share this package on Facebook" src="https://nuget.org/Content/gallery/img/facebook.svg" / > </a> <a href="https://twitter.com/intent/tweet?url=https://nuget.org/packages/Audit.NET/&text=Check+out+Audit.NET" target="_blank"> <img width="24" height="24" alt="Tweet this package" src="https://nuget.org/Content/gallery/img/twitter.svg" /> </a> </p>
  • Buy me a coffee via ko-fi: <br/>ko-fi
Product Compatible and additional computed target framework versions.
.NET Framework net462 is compatible.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on Audit.Mvc:

Package Downloads
BuildingBlocks.Logging

Componente para geração de logs.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
27.3.2 83 12/11/2024
27.3.1 73 12/10/2024
27.3.0 86 12/8/2024
27.2.0 104 11/23/2024
27.1.1 102 10/28/2024
27.1.0 96 10/24/2024
27.0.3 123 9/25/2024
27.0.2 100 9/19/2024
27.0.1 146 9/4/2024
27.0.0 116 9/3/2024
26.0.1 147 8/22/2024
26.0.0 142 7/19/2024
25.0.7 127 7/4/2024
25.0.6 121 6/24/2024
25.0.5 976 6/18/2024
25.0.4 195 3/24/2024
25.0.3 600 3/13/2024
25.0.2 121 3/12/2024
25.0.1 139 2/28/2024
25.0.0 128 2/16/2024
24.0.1 162 2/12/2024
24.0.0 142 2/12/2024
23.0.0 1,759 12/14/2023
22.1.0 26,603 12/9/2023
22.0.2 11,984 12/1/2023
22.0.1 242 11/16/2023
22.0.0 139 11/14/2023
21.1.0 622 10/9/2023
21.0.4 22,259 9/15/2023
21.0.3 13,318 7/9/2023
21.0.2 230 7/6/2023
21.0.1 23,339 5/27/2023
21.0.0 1,269 4/15/2023
20.2.4 396 3/27/2023
20.2.3 407 3/17/2023
20.2.2 386 3/14/2023
20.2.1 311 3/11/2023
20.2.0 329 3/7/2023
20.1.6 414 2/23/2023
20.1.5 18,820 2/9/2023
20.1.4 413 1/28/2023
20.1.3 1,656 12/21/2022
20.1.2 4,130 12/14/2022
20.1.1 404 12/12/2022
20.1.0 403 12/4/2022
20.0.4 406 11/30/2022
20.0.3 2,436 10/28/2022
20.0.2 512 10/26/2022
20.0.1 535 10/21/2022
20.0.0 11,253 10/1/2022
19.4.1 5,768 9/10/2022
19.4.0 2,125 9/2/2022
19.3.0 3,128 8/23/2022
19.2.2 1,443 8/11/2022
19.2.1 888 8/6/2022
19.2.0 1,101 7/24/2022
19.1.4 1,408 5/23/2022
19.1.3 609 5/22/2022
19.1.2 701 5/18/2022
19.1.1 1,137 4/28/2022
19.1.0 734 4/10/2022
19.0.7 1,651 3/13/2022
19.0.6 1,661 3/7/2022
19.0.5 1,164 1/28/2022
19.0.4 865 1/23/2022
19.0.3 5,868 12/14/2021
19.0.2 515 12/11/2021
19.0.1 948 11/20/2021
19.0.0 593 11/11/2021
19.0.0-rc.net60.2 181 9/26/2021
19.0.0-rc.net60.1 219 9/16/2021
18.1.6 13,592 9/26/2021
18.1.5 1,287 9/7/2021
18.1.4 654 9/6/2021
18.1.3 1,153 8/19/2021
18.1.2 742 8/8/2021
18.1.1 622 8/5/2021
18.1.0 706 8/1/2021
18.0.1 715 7/30/2021
18.0.0 801 7/26/2021
17.0.8 836 7/7/2021
17.0.7 1,259 6/16/2021
17.0.6 796 6/5/2021
17.0.5 2,923 5/28/2021
17.0.4 3,017 5/4/2021
17.0.3 643 5/1/2021
17.0.2 21,598 4/22/2021
17.0.1 647 4/18/2021
17.0.0 739 3/26/2021
16.5.6 685 3/25/2021
16.5.5 673 3/23/2021
16.5.4 817 3/9/2021
16.5.3 721 2/26/2021
16.5.2 660 2/23/2021
16.5.1 650 2/21/2021
16.5.0 3,080 2/17/2021
16.4.5 634 2/15/2021
16.4.4 996 2/5/2021
16.4.3 1,122 1/27/2021
16.4.2 744 1/22/2021
16.4.1 761 1/21/2021
16.4.0 2,170 1/11/2021
16.3.3 688 1/8/2021
16.3.2 679 1/3/2021
16.3.1 673 12/31/2020
16.3.0 728 12/30/2020
16.2.1 742 12/27/2020
16.2.0 1,616 10/13/2020
16.1.5 823 10/4/2020
16.1.4 896 9/17/2020
16.1.3 853 9/13/2020
16.1.2 2,176 9/9/2020
16.1.1 808 9/3/2020
16.1.0 1,556 8/19/2020
16.0.3 859 8/15/2020
16.0.2 805 8/9/2020
16.0.1 901 8/8/2020
16.0.0 760 8/7/2020
15.3.0 63,204 7/23/2020
15.2.3 1,438 7/14/2020
15.2.2 3,392 5/19/2020
15.2.1 6,966 5/12/2020
15.2.0 862 5/9/2020
15.1.1 1,706 5/4/2020
15.1.0 970 4/13/2020
15.0.5 1,406 3/18/2020
15.0.4 1,078 2/28/2020
15.0.3 844 2/26/2020
15.0.2 3,424 1/20/2020
15.0.1 1,012 1/10/2020
15.0.0 1,345 12/17/2019
14.9.1 1,046 11/30/2019
14.9.0 849 11/29/2019
14.8.1 799 11/26/2019
14.8.0 901 11/20/2019
14.7.0 41,953 10/9/2019
14.6.6 852 10/8/2019
14.6.5 919 9/27/2019
14.6.4 968 9/21/2019
14.6.3 1,983 8/12/2019
14.6.2 981 8/3/2019
14.6.1 856 8/3/2019
14.6.0 913 7/26/2019
14.5.7 2,332 7/18/2019
14.5.6 1,524 7/10/2019
14.5.5 1,220 7/1/2019
14.5.4 1,121 6/17/2019
14.5.3 1,226 6/5/2019
14.5.2 886 5/30/2019
14.5.1 852 5/28/2019
14.5.0 974 5/24/2019
14.4.0 937 5/22/2019
14.3.4 5,187 5/14/2019
14.3.3 888 5/9/2019
14.3.2 1,131 4/30/2019
14.3.1 1,577 4/27/2019
14.3.0 5,799 4/24/2019
14.2.3 1,122 4/17/2019
14.2.2 1,148 4/10/2019
14.2.1 971 4/5/2019
14.2.0 1,402 3/16/2019
14.1.1 1,179 3/8/2019
14.1.0 1,461 2/11/2019
14.0.4 1,144 1/31/2019
14.0.3 1,127 1/22/2019
14.0.2 2,027 12/15/2018
14.0.1 1,224 11/29/2018
14.0.0 1,152 11/19/2018
13.3.0 1,250 11/16/2018
13.2.2 1,194 11/15/2018
13.2.1 1,833 11/13/2018
13.2.0 1,156 10/31/2018
13.1.5 1,156 10/31/2018
13.1.4 1,334 10/25/2018
13.1.3 1,218 10/18/2018
13.1.2 8,285 9/12/2018
13.1.1 1,236 9/11/2018
13.1.0 1,221 9/11/2018
13.0.0 8,709 8/29/2018
12.3.6 1,283 8/29/2018
12.3.5 1,243 8/22/2018
12.3.4 1,181 8/21/2018
12.3.3 26,009 8/21/2018
12.3.2 1,220 8/20/2018
12.3.1 1,276 8/20/2018
12.3.0 1,245 8/20/2018
12.2.2 1,402 8/15/2018
12.2.1 1,316 8/9/2018
12.2.0 1,289 8/8/2018
12.1.11 2,372 7/30/2018
12.1.10 1,252 7/20/2018
12.1.9 1,396 7/10/2018
12.1.8 1,290 7/2/2018
12.1.7 7,946 6/7/2018
12.1.6 2,794 6/4/2018
12.1.5 1,386 6/2/2018
12.1.4 1,566 5/25/2018
12.1.3 2,973 5/16/2018
12.1.2 1,390 5/15/2018
12.1.1 1,448 5/14/2018
12.1.0 1,404 5/9/2018
12.0.7 1,421 5/5/2018
12.0.6 1,518 5/4/2018
12.0.5 1,402 5/3/2018
12.0.4 1,466 4/30/2018
12.0.3 1,491 4/30/2018
12.0.2 1,308 4/27/2018
12.0.1 1,396 4/25/2018
12.0.0 1,349 4/22/2018
11.2.0 1,413 4/11/2018
11.1.0 2,000 4/8/2018
11.0.8 1,507 3/26/2018
11.0.7 1,397 3/20/2018
11.0.6 1,469 3/7/2018
11.0.5 8,552 2/22/2018
11.0.4 2,644 2/14/2018
11.0.3 1,494 2/12/2018
11.0.2 1,389 2/9/2018
11.0.1 1,456 1/29/2018
11.0.0 1,539 1/15/2018
10.0.3 1,559 12/29/2017
10.0.2 1,358 12/26/2017
10.0.1 1,311 12/18/2017
10.0.0 1,300 12/18/2017
9.3.0 1,427 12/17/2017
9.2.0 1,351 12/17/2017
9.1.3 1,350 12/5/2017
9.1.2 1,335 11/27/2017
9.1.1 1,355 11/21/2017
9.1.0 1,302 11/21/2017
9.0.1 1,287 11/11/2017
9.0.0 1,266 11/10/2017
8.7.0 1,444 11/9/2017
8.6.0 1,336 11/9/2017
8.5.0 4,219 10/3/2017
8.4.0 1,293 10/3/2017
8.3.1 1,459 9/8/2017
8.3.0 1,341 9/8/2017
8.2.0 1,308 9/4/2017
8.1.0 1,372 8/22/2017
8.0.0 1,457 8/19/2017
7.1.3 1,499 8/14/2017
7.1.2 1,370 8/2/2017
7.1.1 1,408 7/26/2017
7.1.0 3,814 7/5/2017
7.0.9 1,390 6/28/2017
7.0.8 1,419 6/19/2017
7.0.6 4,274 4/7/2017
7.0.5 1,607 3/21/2017
7.0.4 1,382 3/21/2017
7.0.3 1,396 3/20/2017
7.0.2 1,474 3/13/2017
7.0.0 1,491 3/1/2017
6.2.0 3,544 2/25/2017
6.1.0 1,412 2/14/2017
6.0.0 1,467 2/9/2017
5.3.0 1,290 2/5/2017
5.2.0 1,269 1/26/2017
5.1.0 1,415 1/19/2017
5.0.0 1,434 1/7/2017
4.11.0 1,370 1/5/2017
4.10.0 1,271 12/31/2016
4.9.0 1,268 12/26/2016
4.8.0 1,332 12/17/2016
4.7.0 1,358 12/8/2016
4.6.5 1,283 12/4/2016
4.6.4 1,321 11/25/2016
4.6.2 1,321 11/18/2016
4.6.1 1,280 11/15/2016
4.6.0 1,284 11/11/2016
4.5.9 1,522 11/2/2016
4.5.8 1,325 11/2/2016
4.5.7 1,315 10/26/2016
4.5.6 1,570 10/6/2016
4.5.5 1,302 10/3/2016
4.5.4 1,251 10/2/2016
4.5.3 1,272 9/30/2016
4.5.2 1,309 9/28/2016
4.5.1 1,290 9/28/2016
4.5.0 1,346 9/28/2016
4.4.0 1,444 9/23/2016
4.3.0 1,336 9/22/2016
4.2.0 1,515 9/19/2016
4.1.0 1,259 9/13/2016
4.0.1 1,266 9/9/2016
4.0.0 1,295 9/9/2016
3.6.0 1,294 9/7/2016
3.4.0 1,301 9/7/2016
3.3.0 1,240 9/4/2016
3.2.0 1,265 9/3/2016
3.1.0 1,265 9/2/2016
3.0.0 1,590 8/31/2016
2.5.0 1,298 8/27/2016
2.4.0 1,862 8/26/2016
2.3.0 1,277 8/23/2016
2.1.0 1,739 8/22/2016