Example 1 with LogExtracts
use of com.sun.identity.log.service.AgentLogParser.LogExtracts in project OpenAM by OpenRock.
the class LogRecWrite method auditAccessMessage.
private void auditAccessMessage(AuditEventPublisher auditEventPublisher, AuditEventFactory auditEventFactory, LogRecord record, String realm) {
AgentLogParser logParser = new AgentLogParser();
LogExtracts logExtracts = logParser.tryParse(record.getMessage());
if (logExtracts == null) {
// A message type of no interest
return;
}
@SuppressWarnings("unchecked") Map<String, String> info = record.getLogInfoMap();
String clientIp = info.get(LogConstants.IP_ADDR);
if (StringUtils.isEmpty(clientIp)) {
clientIp = info.get(LogConstants.HOST_NAME);
}
String contextId = info.get(LogConstants.CONTEXT_ID);
String clientId = info.get(LogConstants.LOGIN_ID);
String resourceUrl = logExtracts.getResourceUrl();
int queryStringIndex = resourceUrl.indexOf('?');
String queryString = queryStringIndex > -1 ? resourceUrl.substring(queryStringIndex) : "";
String path = resourceUrl.replace(queryString, "");
Map<String, List<String>> queryParameters = AMAuditEventBuilderUtils.getQueryParametersAsMap(queryString);
AuditEvent auditEvent = auditEventFactory.accessEvent(realm).transactionId(AuditRequestContext.getTransactionIdValue()).eventName(EventName.AM_ACCESS_OUTCOME).component(Component.POLICY_AGENT).userId(clientId).httpRequest(hasSecureScheme(resourceUrl), "UNKNOWN", path, queryParameters, Collections.<String, List<String>>emptyMap()).request("HTTP", "UNKNOWN").client(clientIp).trackingId(contextId).response(logExtracts.getStatus(), logExtracts.getStatusCode(), -1, MILLISECONDS).toEvent();
auditEventPublisher.tryPublish(AuditConstants.ACCESS_TOPIC, auditEvent);
}
Also used :
List(java.util.List)
AuditEvent(org.forgerock.audit.events.AuditEvent)
LogExtracts(com.sun.identity.log.service.AgentLogParser.LogExtracts)
Aggregations
LogExtracts (com.sun.identity.log.service.AgentLogParser.LogExtracts)1
List (java.util.List)1
AuditEvent (org.forgerock.audit.events.AuditEvent)1
