func newAuditEntrySink(st *state.State, logDir string) audit.AuditEntrySinkFn { persistFn := st.PutAuditEntryFn() fileSinkFn := audit.NewLogFileSink(logDir) return func(entry audit.AuditEntry) error { // We don't care about auditing anything but user actions. if _, err := names.ParseUserTag(entry.OriginName); err != nil { return nil } // TODO(wallyworld) - Pinger requests should not originate as a user action. if strings.HasPrefix(entry.Operation, "Pinger:") { return nil } persistErr := persistFn(entry) sinkErr := fileSinkFn(entry) if persistErr == nil { return errors.Annotate(sinkErr, "cannot save audit record to file") } if sinkErr == nil { return errors.Annotate(persistErr, "cannot save audit record to database") } return errors.Annotate(persistErr, "cannot save audit record to file or database") } }