Examples with AuditEvent - org.graylog2.audit.jersey.AuditEvent

Example 81 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class SystemJobResource method trigger.

@POST
@Timed
@ApiOperation(value = "Trigger new job")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiResponses(value = { @ApiResponse(code = 202, message = "Job accepted."), @ApiResponse(code = 400, message = "There is no such systemjob type."), @ApiResponse(code = 403, message = "Maximum concurrency level of this systemjob type reached.") })
@AuditEvent(type = AuditEventTypes.SYSTEM_JOB_START)
public Response trigger(@ApiParam(name = "JSON body", required = true) @Valid @NotNull TriggerRequest tr) {
    // TODO cleanup jobId vs jobName checking in permissions
    checkPermission(RestPermissions.SYSTEMJOBS_CREATE, tr.jobName());
    SystemJob job;
    try {
        job = systemJobFactory.build(tr.jobName());
    } catch (NoSuchJobException e) {
        LOG.error("Such a system job type does not exist. Returning HTTP 400.");
        throw new BadRequestException(e);
    }
    try {
        systemJobManager.submit(job);
    } catch (SystemJobConcurrencyException e) {
        LOG.error("Maximum concurrency level of this job reached. ", e);
        throw new ForbiddenException("Maximum concurrency level of this job reached", e);
    }
    return Response.accepted().entity(ImmutableMap.of("system_job_id", job.getId())).build();
}

Also used : SystemJob(org.graylog2.system.jobs.SystemJob) ForbiddenException(javax.ws.rs.ForbiddenException) NoSuchJobException(org.graylog2.system.jobs.NoSuchJobException) SystemJobConcurrencyException(org.graylog2.system.jobs.SystemJobConcurrencyException) BadRequestException(javax.ws.rs.BadRequestException) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 82 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class LdapResource method updateLdapSettings.

@PUT
@Timed
@RequiresPermissions(RestPermissions.LDAP_EDIT)
@ApiOperation("Update the LDAP configuration")
@Path("/settings")
@Consumes(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.LDAP_CONFIGURATION_UPDATE)
public void updateLdapSettings(@ApiParam(name = "JSON body", required = true) @Valid @NotNull LdapSettingsRequest request) throws ValidationException {
    // load the existing config, or create a new one. we only support having one, currently
    final LdapSettings ldapSettings = firstNonNull(ldapSettingsService.load(), ldapSettingsFactory.createEmpty());
    ldapSettings.setSystemUsername(request.systemUsername());
    ldapSettings.setSystemPassword(request.systemPassword());
    ldapSettings.setUri(request.ldapUri());
    ldapSettings.setUseStartTls(request.useStartTls());
    ldapSettings.setTrustAllCertificates(request.trustAllCertificates());
    ldapSettings.setActiveDirectory(request.activeDirectory());
    ldapSettings.setSearchPattern(request.searchPattern());
    ldapSettings.setSearchBase(request.searchBase());
    ldapSettings.setEnabled(request.enabled());
    ldapSettings.setDisplayNameAttribute(request.displayNameAttribute());
    ldapSettings.setDefaultGroup(request.defaultGroup());
    ldapSettings.setGroupMapping(request.groupMapping());
    ldapSettings.setGroupSearchBase(request.groupSearchBase());
    ldapSettings.setGroupIdAttribute(request.groupIdAttribute());
    ldapSettings.setGroupSearchPattern(request.groupSearchPattern());
    ldapSettings.setAdditionalDefaultGroups(request.additionalDefaultGroups());
    ldapSettingsService.save(ldapSettings);
}

Also used : LdapSettings(org.graylog2.shared.security.ldap.LdapSettings) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) Consumes(javax.ws.rs.Consumes) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT)

Example 83 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class IndexRangesResource method rebuildIndex.

@POST
@Timed
@Path("/{index: [a-z_0-9-]+}/rebuild")
@ApiOperation(value = "Rebuild/sync index range information.", notes = "This triggers a system job that scans an index and stores meta information " + "about what indices contain messages in what time ranges. It atomically overwrites " + "already existing meta information.")
@ApiResponses(value = { @ApiResponse(code = 202, message = "Rebuild/sync system job triggered.") })
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.ES_INDEX_RANGE_UPDATE_JOB)
public Response rebuildIndex(@ApiParam(name = "index", value = "The name of the Graylog-managed Elasticsearch index", required = true) @PathParam("index") @NotEmpty String index) {
    if (!indexSetRegistry.isManagedIndex(index)) {
        throw new BadRequestException(index + " is not a Graylog-managed Elasticsearch index.");
    }
    checkPermission(RestPermissions.INDEXRANGES_REBUILD, index);
    final SystemJob rebuildJob = singleIndexRangeJobFactory.create(indexSetRegistry.getAll(), index);
    try {
        this.systemJobManager.submit(rebuildJob);
    } catch (SystemJobConcurrencyException e) {
        final String msg = "Concurrency level of this job reached: " + e.getMessage();
        LOG.error(msg);
        throw new ForbiddenException(msg, e);
    }
    return Response.accepted().build();
}

Also used : SystemJob(org.graylog2.system.jobs.SystemJob) ForbiddenException(javax.ws.rs.ForbiddenException) SystemJobConcurrencyException(org.graylog2.system.jobs.SystemJobConcurrencyException) BadRequestException(javax.ws.rs.BadRequestException) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 84 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class MessageProcessorsResource method updateConfig.

@PUT
@Timed
@ApiOperation(value = "Update message processor configuration")
@Path("config")
@AuditEvent(type = AuditEventTypes.MESSAGE_PROCESSOR_CONFIGURATION_UPDATE)
public MessageProcessorsConfigWithDescriptors updateConfig(@ApiParam(name = "config", required = true) final MessageProcessorsConfigWithDescriptors configWithDescriptors) {
    checkPermission(RestPermissions.CLUSTER_CONFIG_ENTRY_EDIT);
    final MessageProcessorsConfig config = configWithDescriptors.toConfig();
    clusterConfigService.write(config.withProcessors(processorClassNames));
    return configWithDescriptors;
}

Also used : MessageProcessorsConfig(org.graylog2.messageprocessors.MessageProcessorsConfig) Path(javax.ws.rs.Path) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT)

Example 85 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class NotificationsResource method deleteNotification.

@DELETE
@Timed
@Path("/{notificationType}")
@ApiOperation(value = "Delete a notification")
@Produces(MediaType.APPLICATION_JSON)
@ApiResponses(value = { @ApiResponse(code = 404, message = "No such notification type.") })
@AuditEvent(type = AuditEventTypes.SYSTEM_NOTIFICATION_DELETE)
public void deleteNotification(@ApiParam(name = "notificationType") @PathParam("notificationType") String notificationType) {
    Notification.Type type;
    checkPermission(RestPermissions.NOTIFICATIONS_DELETE, notificationType);
    try {
        type = Notification.Type.valueOf(notificationType.toUpperCase(Locale.ENGLISH));
    } catch (IllegalArgumentException e) {
        LOG.warn("No such notification type: [" + notificationType + "]");
        throw new BadRequestException(e);
    }
    notificationService.destroyAllByType(type);
}

Also used : BadRequestException(javax.ws.rs.BadRequestException) Notification(org.graylog2.notifications.Notification) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

AuditEvent (org.graylog2.audit.jersey.AuditEvent)93 ApiOperation (io.swagger.annotations.ApiOperation)92 Timed (com.codahale.metrics.annotation.Timed)76 Path (javax.ws.rs.Path)70 ApiResponses (io.swagger.annotations.ApiResponses)56 PUT (javax.ws.rs.PUT)36 Produces (javax.ws.rs.Produces)34 POST (javax.ws.rs.POST)33 BadRequestException (javax.ws.rs.BadRequestException)31 Consumes (javax.ws.rs.Consumes)29 DELETE (javax.ws.rs.DELETE)26 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)22 URI (java.net.URI)19 Stream (org.graylog2.plugin.streams.Stream)16 NotFoundException (javax.ws.rs.NotFoundException)15 NotFoundException (org.graylog2.database.NotFoundException)14 ValidationException (org.graylog2.plugin.database.ValidationException)13 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)12 Dashboard (org.graylog2.dashboards.Dashboard)9 Input (org.graylog2.inputs.Input)9