How to set up and use python audit hooks

Question

Python 3.8 introduces PEP 578 -- Python Runtime Audit Hooks which promises to "make actions taken by the Python runtime visible to auditing tools."

This pep provides a handful of usecases which seem mostly pertinent to system admins, security professionals, and testing framework contributors. However, from what I can tell, this requires some custom options on the python implementation of choice. However, I can't find too much information online documenting how to set up these options or which options are available to implement in which implementation.

How do I get started using these hooks in cpython? Where is a complete list of all the hooks currently available (and not suggested for implementation)?

Answer 1

Where is a complete list of all the hooks currently available?

https://docs.python.org/3/library/audit_events.html

How do I get started using these hooks in cpython?

You can start by writing your own hooks and investigate some functions. Here's an audit to a dynamic initialization of code (code.__new event) inspired by Dev life blog article Feel free to manipulate it to your own needs.

def audit(event, args):
    if event == 'code.__new__':
        print(f'audit: {event} with args={args}')
sys.addaudithook(audit)