How to override filters

Many of the standard services (e.g. audit and archiver) separate the code used to perform the service (the handler) from the code used to determine whether the service should be used at all (the filter). The reason for this separation is that administrators may want to override the filter, allowing them to set new criteria for when a service should process a record.

For example, an administrator may only be interested in creating audit trail records for records that have been changed (that is insertions, updates and deletions), however they would not only like to archive changes but searches as well.

In order to provide the correct XML audit records both the change and search audit levels are required. To generate the correct XML audit records from the database manager, run:

emuaudit -o change,search

eaccessionlots            search,change

ebibliography             search,change

ecatalogue                search,change

econdition                search,change

econservation             search,change

edocuments                search,change

eevents                   search,change

efieldhelp                search,change

egroups                   search,change

einsurance                search,change

einternal                 search,change

eloans                    search,change

elocations                search,change

emovements                search,change

emultimedia               search,change

enarratives               search,change

eparties                  search,change

eregistry                 search,change

erights                   search,change

etemplate                 search,change

ethesaurus                search,change

evaluations               search,change

The next step is to write a LocalFilter() that determines whether the XML audit record should be processed. In this case we need to check whether the audit operation was "insert", "update" or "delete".

The LocalFilter() function must exist in local/etc/audit/filters/audit.pl as it is overriding the standard filter found in etc/audit/filters/audit.pl. If a standard filter does not exist, a local filter can still be defined by adding a file to local/etc/audit/filters where the file name is the same name as the audit service file.

The code below could be used to implement the local filter:

#!/usr/bin/perl

use     strict;

use     warnings 'all';

#

#  Get definition for the "standard" filter function.

#

require "$ENV{emuPATH}/etc/audit/filters/audit.pl";

my $AuditFilter = \&Filter;

#

#  Only allow insertions, updates and deletions to be audited.

#

sub

LocalFilter

{

        my $tree = shift;

        my $columns = shift;

        my $xml = shift;

        my $operation;

        #

        #  Check whether the "standard" filter will allow the record

        #  to be processed.

        #

        return(1) if ($AuditFilter->($tree, $columns, $xml) != 0);

        #

        #  Check for "insert", "update" and "delete".

        #

        $operation = $tree->{op}->{content};

        return($operation ne "insert" && $operation ne "update" &&

            $operation ne "delete");

}

1;

Notice that the standard filter Filter() should be called from within your LocalFilter() if you want standard filtering to apply. The arguments to the Filter() and LocalFilter() functions are the same as for the Audit() function defined for an audit service.