use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.
the class BlacklistSourceResource method update.
@PUT
@Timed
@Path("/{filterId}")
@ApiOperation(value = "Update an existing blacklist filter", notes = "It can take up to a second until the change is applied")
@Consumes(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.BLACKLIST_FILTER_UPDATE)
public void update(@ApiParam(name = "filterId", required = true) @PathParam("filterId") String filterId, @ApiParam(name = "filterEntry", required = true) FilterDescription filterEntry) throws org.graylog2.database.NotFoundException, ValidationException {
FilterDescription filter = filterService.load(filterId);
// did the filter type change?
if (!filter.getClass().equals(filterEntry.getClass())) {
// copy the relevant fields from the saved filter and then use the new class
filterEntry._id = filter._id;
filterEntry.createdAt = filter.createdAt;
filterEntry.creatorUserId = filter.creatorUserId;
filter = filterEntry;
} else {
// just copy the changable fields
filter.description = filterEntry.description;
filter.fieldName = filterEntry.fieldName;
filter.name = filterEntry.name;
filter.pattern = filterEntry.pattern;
}
filterService.save(filter);
clusterEventBus.post(FilterDescriptionUpdateEvent.create(filterId));
}
use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.
the class LdapResource method updateGroupMappingSettings.
@PUT
@RequiresPermissions(value = { RestPermissions.LDAPGROUPS_EDIT, RestPermissions.LDAP_EDIT }, logical = OR)
@ApiOperation(value = "Update the LDAP group to Graylog role mapping", notes = "Corresponds directly to the output of GET /system/ldap/settings/groups")
@Path("/settings/groups")
@Consumes(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.LDAP_GROUP_MAPPING_UPDATE)
public Response updateGroupMappingSettings(@ApiParam(name = "JSON body", required = true, value = "A hash in which the keys are the LDAP group names and values is the Graylog role name.") @NotNull Map<String, String> groupMapping) throws ValidationException {
final LdapSettings ldapSettings = firstNonNull(ldapSettingsService.load(), ldapSettingsFactory.createEmpty());
ldapSettings.setGroupMapping(groupMapping);
ldapSettingsService.save(ldapSettings);
return Response.noContent().build();
}
use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.
the class RotationStrategyResource method config.
@PUT
@Path("config")
@Consumes(MediaType.APPLICATION_JSON)
@Timed
@ApiOperation(value = "Configuration of the current rotation strategy", notes = "This resource stores the configuration of the currently used rotation strategy.")
@AuditEvent(type = AuditEventTypes.ES_INDEX_ROTATION_STRATEGY_UPDATE)
public RotationStrategySummary config(@ApiParam(value = "The description of the rotation strategy and its configuration", required = true) @Valid @NotNull RotationStrategySummary rotationStrategySummary) {
if (!rotationStrategies.containsKey(rotationStrategySummary.strategy())) {
throw new NotFoundException("Couldn't find rotation strategy for given type " + rotationStrategySummary.strategy());
}
final IndexManagementConfig oldConfig = clusterConfigService.get(IndexManagementConfig.class);
if (oldConfig == null) {
throw new InternalServerErrorException("Couldn't retrieve index management configuration");
}
final IndexManagementConfig indexManagementConfig = IndexManagementConfig.create(rotationStrategySummary.strategy(), oldConfig.retentionStrategy());
clusterConfigService.write(rotationStrategySummary.config());
clusterConfigService.write(indexManagementConfig);
return rotationStrategySummary;
}
use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.
the class GrokResource method bulkUpdatePatterns.
@PUT
@Timed
@ApiOperation("Add a list of new patterns")
@AuditEvent(type = AuditEventTypes.GROK_PATTERN_IMPORT_CREATE)
public Response bulkUpdatePatterns(@ApiParam(name = "patterns", required = true) @NotNull GrokPatternList patternList, @ApiParam(name = "replace", value = "Replace all patterns with the new ones.") @QueryParam("replace") @DefaultValue("false") boolean replace) throws ValidationException {
checkPermission(RestPermissions.INPUTS_CREATE);
final Set<String> updatedPatternNames = Sets.newHashSet();
for (final GrokPattern pattern : patternList.patterns()) {
updatedPatternNames.add(pattern.name());
if (!grokPatternService.validate(pattern)) {
throw new ValidationException("Invalid pattern " + pattern + ". Did not save any patterns.");
}
}
grokPatternService.saveAll(patternList.patterns(), replace);
clusterBus.post(GrokPatternsChangedEvent.create(Collections.emptySet(), updatedPatternNames));
return Response.accepted().build();
}
use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.
the class GrokResource method removePattern.
@DELETE
@Timed
@Path("/{patternId}")
@ApiOperation("Remove an existing pattern by id")
@AuditEvent(type = AuditEventTypes.GROK_PATTERN_DELETE)
public void removePattern(@ApiParam(name = "patternId", required = true) @PathParam("patternId") String patternId) throws NotFoundException {
checkPermission(RestPermissions.INPUTS_EDIT);
final GrokPattern pattern = grokPatternService.load(patternId);
clusterBus.post(GrokPatternsChangedEvent.create(Sets.newHashSet(pattern.name()), Collections.emptySet()));
if (grokPatternService.delete(patternId) == 0) {
throw new javax.ws.rs.NotFoundException("Couldn't remove Grok pattern with ID " + patternId);
}
}
Aggregations