Search in sources :

Example 6 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class BlacklistSourceResource method update.

@PUT
@Timed
@Path("/{filterId}")
@ApiOperation(value = "Update an existing blacklist filter", notes = "It can take up to a second until the change is applied")
@Consumes(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.BLACKLIST_FILTER_UPDATE)
public void update(@ApiParam(name = "filterId", required = true) @PathParam("filterId") String filterId, @ApiParam(name = "filterEntry", required = true) FilterDescription filterEntry) throws org.graylog2.database.NotFoundException, ValidationException {
    FilterDescription filter = filterService.load(filterId);
    // did the filter type change?
    if (!filter.getClass().equals(filterEntry.getClass())) {
        // copy the relevant fields from the saved filter and then use the new class
        filterEntry._id = filter._id;
        filterEntry.createdAt = filter.createdAt;
        filterEntry.creatorUserId = filter.creatorUserId;
        filter = filterEntry;
    } else {
        // just copy the changable fields
        filter.description = filterEntry.description;
        filter.fieldName = filterEntry.fieldName;
        filter.name = filterEntry.name;
        filter.pattern = filterEntry.pattern;
    }
    filterService.save(filter);
    clusterEventBus.post(FilterDescriptionUpdateEvent.create(filterId));
}
Also used : FilterDescription(org.graylog2.filters.blacklist.FilterDescription) Path(javax.ws.rs.Path) Consumes(javax.ws.rs.Consumes) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT)

Example 7 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class LdapResource method updateGroupMappingSettings.

@PUT
@RequiresPermissions(value = { RestPermissions.LDAPGROUPS_EDIT, RestPermissions.LDAP_EDIT }, logical = OR)
@ApiOperation(value = "Update the LDAP group to Graylog role mapping", notes = "Corresponds directly to the output of GET /system/ldap/settings/groups")
@Path("/settings/groups")
@Consumes(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.LDAP_GROUP_MAPPING_UPDATE)
public Response updateGroupMappingSettings(@ApiParam(name = "JSON body", required = true, value = "A hash in which the keys are the LDAP group names and values is the Graylog role name.") @NotNull Map<String, String> groupMapping) throws ValidationException {
    final LdapSettings ldapSettings = firstNonNull(ldapSettingsService.load(), ldapSettingsFactory.createEmpty());
    ldapSettings.setGroupMapping(groupMapping);
    ldapSettingsService.save(ldapSettings);
    return Response.noContent().build();
}
Also used : LdapSettings(org.graylog2.shared.security.ldap.LdapSettings) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) Consumes(javax.ws.rs.Consumes) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT)

Example 8 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class RotationStrategyResource method config.

@PUT
@Path("config")
@Consumes(MediaType.APPLICATION_JSON)
@Timed
@ApiOperation(value = "Configuration of the current rotation strategy", notes = "This resource stores the configuration of the currently used rotation strategy.")
@AuditEvent(type = AuditEventTypes.ES_INDEX_ROTATION_STRATEGY_UPDATE)
public RotationStrategySummary config(@ApiParam(value = "The description of the rotation strategy and its configuration", required = true) @Valid @NotNull RotationStrategySummary rotationStrategySummary) {
    if (!rotationStrategies.containsKey(rotationStrategySummary.strategy())) {
        throw new NotFoundException("Couldn't find rotation strategy for given type " + rotationStrategySummary.strategy());
    }
    final IndexManagementConfig oldConfig = clusterConfigService.get(IndexManagementConfig.class);
    if (oldConfig == null) {
        throw new InternalServerErrorException("Couldn't retrieve index management configuration");
    }
    final IndexManagementConfig indexManagementConfig = IndexManagementConfig.create(rotationStrategySummary.strategy(), oldConfig.retentionStrategy());
    clusterConfigService.write(rotationStrategySummary.config());
    clusterConfigService.write(indexManagementConfig);
    return rotationStrategySummary;
}
Also used : NotFoundException(javax.ws.rs.NotFoundException) InternalServerErrorException(javax.ws.rs.InternalServerErrorException) IndexManagementConfig(org.graylog2.indexer.management.IndexManagementConfig) Path(javax.ws.rs.Path) Consumes(javax.ws.rs.Consumes) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT)

Example 9 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class GrokResource method bulkUpdatePatterns.

@PUT
@Timed
@ApiOperation("Add a list of new patterns")
@AuditEvent(type = AuditEventTypes.GROK_PATTERN_IMPORT_CREATE)
public Response bulkUpdatePatterns(@ApiParam(name = "patterns", required = true) @NotNull GrokPatternList patternList, @ApiParam(name = "replace", value = "Replace all patterns with the new ones.") @QueryParam("replace") @DefaultValue("false") boolean replace) throws ValidationException {
    checkPermission(RestPermissions.INPUTS_CREATE);
    final Set<String> updatedPatternNames = Sets.newHashSet();
    for (final GrokPattern pattern : patternList.patterns()) {
        updatedPatternNames.add(pattern.name());
        if (!grokPatternService.validate(pattern)) {
            throw new ValidationException("Invalid pattern " + pattern + ". Did not save any patterns.");
        }
    }
    grokPatternService.saveAll(patternList.patterns(), replace);
    clusterBus.post(GrokPatternsChangedEvent.create(Collections.emptySet(), updatedPatternNames));
    return Response.accepted().build();
}
Also used : ValidationException(org.graylog2.plugin.database.ValidationException) GrokPattern(org.graylog2.grok.GrokPattern) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT)

Example 10 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class GrokResource method removePattern.

@DELETE
@Timed
@Path("/{patternId}")
@ApiOperation("Remove an existing pattern by id")
@AuditEvent(type = AuditEventTypes.GROK_PATTERN_DELETE)
public void removePattern(@ApiParam(name = "patternId", required = true) @PathParam("patternId") String patternId) throws NotFoundException {
    checkPermission(RestPermissions.INPUTS_EDIT);
    final GrokPattern pattern = grokPatternService.load(patternId);
    clusterBus.post(GrokPatternsChangedEvent.create(Sets.newHashSet(pattern.name()), Collections.emptySet()));
    if (grokPatternService.delete(patternId) == 0) {
        throw new javax.ws.rs.NotFoundException("Couldn't remove Grok pattern with ID " + patternId);
    }
}
Also used : GrokPattern(org.graylog2.grok.GrokPattern) NotFoundException(org.graylog2.database.NotFoundException) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Aggregations

AuditEvent (org.graylog2.audit.jersey.AuditEvent)134 ApiOperation (io.swagger.annotations.ApiOperation)132 Path (javax.ws.rs.Path)100 Timed (com.codahale.metrics.annotation.Timed)87 ApiResponses (io.swagger.annotations.ApiResponses)64 PUT (javax.ws.rs.PUT)55 POST (javax.ws.rs.POST)52 Produces (javax.ws.rs.Produces)48 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)47 BadRequestException (javax.ws.rs.BadRequestException)46 Consumes (javax.ws.rs.Consumes)38 DELETE (javax.ws.rs.DELETE)34 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)33 NotFoundException (javax.ws.rs.NotFoundException)24 URI (java.net.URI)22 ValidationException (org.graylog2.plugin.database.ValidationException)16 Stream (org.graylog2.plugin.streams.Stream)16 NotFoundException (org.graylog2.database.NotFoundException)15 User (org.graylog2.plugin.database.users.User)14 ValidationResult (org.graylog2.plugin.rest.ValidationResult)12