Examples with AuditEvent - org.graylog2.audit.jersey.AuditEvent

Example 31 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class UsersResource method revokeToken.

@DELETE
@Path("{userId}/tokens/{idOrToken}")
@ApiOperation("Removes a token for a user")
@AuditEvent(type = AuditEventTypes.USER_ACCESS_TOKEN_DELETE)
public void revokeToken(@ApiParam(name = "userId", required = true) @PathParam("userId") String userId, @ApiParam(name = "idOrToken", required = true) @PathParam("idOrToken") String idOrToken) {
    final User user = loadUserById(userId);
    final String username = user.getName();
    if (!isPermitted(USERS_TOKENREMOVE, username)) {
        throw new ForbiddenException("Not allowed to remove tokens for user " + username);
    }
    // The endpoint supports both, deletion by token ID and deletion by using the token value itself.
    // The latter should not be used anymore because the plain text token will be part of the URL and URLs
    // will most probably be logged. We keep the old behavior for backwards compatibility.
    // TODO: Remove support for old behavior in 4.0
    final AccessToken accessToken = Optional.ofNullable(accessTokenService.loadById(idOrToken)).orElse(accessTokenService.load(idOrToken));
    if (accessToken != null) {
        accessTokenService.destroy(accessToken);
    } else {
        throw new NotFoundException("Couldn't find access token for user " + username);
    }
}

Also used : ForbiddenException(javax.ws.rs.ForbiddenException) User(org.graylog2.plugin.database.users.User) AccessToken(org.graylog2.security.AccessToken) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Example 32 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class StreamResource method create.

@POST
@Timed
@ApiOperation(value = "Create a stream")
@RequiresPermissions(RestPermissions.STREAMS_CREATE)
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.STREAM_CREATE)
public Response create(@ApiParam(name = "JSON body", required = true) final CreateStreamRequest cr, @Context UserContext userContext) throws ValidationException {
    // Create stream.
    final Stream stream = streamService.create(cr, getCurrentUser().getName());
    stream.setDisabled(true);
    final IndexSet indexSet = stream.getIndexSet();
    if (!indexSet.getConfig().isWritable()) {
        throw new BadRequestException("Assigned index set must be writable!");
    } else if (!indexSet.getConfig().isRegularIndex()) {
        throw new BadRequestException("Assigned index set is not usable");
    }
    final Set<StreamRule> streamRules = cr.rules().stream().map(streamRule -> streamRuleService.create(null, streamRule)).collect(Collectors.toSet());
    final String id = streamService.saveWithRulesAndOwnership(stream, streamRules, userContext.getUser());
    final Map<String, String> result = ImmutableMap.of("stream_id", id);
    final URI streamUri = getUriBuilderToSelf().path(StreamResource.class).path("{streamId}").build(id);
    return Response.created(streamUri).entity(result).build();
}

Also used : DateTimeZone(org.joda.time.DateTimeZone) Arrays(java.util.Arrays) Produces(javax.ws.rs.Produces) Tools(org.graylog2.plugin.Tools) UserContext(org.graylog.security.UserContext) LoggerFactory(org.slf4j.LoggerFactory) Path(javax.ws.rs.Path) ApiParam(io.swagger.annotations.ApiParam) AlarmCallbackConfiguration(org.graylog2.alarmcallbacks.AlarmCallbackConfiguration) AlertService(org.graylog2.alerts.AlertService) StreamRule(org.graylog2.plugin.streams.StreamRule) NotEmpty(javax.validation.constraints.NotEmpty) Valid(javax.validation.Valid) ApiOperation(io.swagger.annotations.ApiOperation) PaginatedList(org.graylog2.database.PaginatedList) MediaType(javax.ws.rs.core.MediaType) QueryParam(javax.ws.rs.QueryParam) Consumes(javax.ws.rs.Consumes) SearchQueryField(org.graylog2.search.SearchQueryField) AlertConditionSummary(org.graylog2.rest.models.streams.alerts.AlertConditionSummary) StreamImpl(org.graylog2.streams.StreamImpl) StreamRuleService(org.graylog2.streams.StreamRuleService) Map(java.util.Map) DefaultValue(javax.ws.rs.DefaultValue) BadRequestException(javax.ws.rs.BadRequestException) IndexSet(org.graylog2.indexer.IndexSet) URI(java.net.URI) DELETE(javax.ws.rs.DELETE) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) StreamRouterEngine(org.graylog2.streams.StreamRouterEngine) ISODateTimeFormat(org.joda.time.format.ISODateTimeFormat) ImmutableSet(com.google.common.collect.ImmutableSet) Context(javax.ws.rs.core.Context) ImmutableMap(com.google.common.collect.ImmutableMap) Predicate(java.util.function.Predicate) Collection(java.util.Collection) Set(java.util.Set) NotNull(javax.validation.constraints.NotNull) Collectors(java.util.stream.Collectors) Executors(java.util.concurrent.Executors) Timed(com.codahale.metrics.annotation.Timed) CreateStreamRequest(org.graylog2.rest.resources.streams.requests.CreateStreamRequest) CreateAlarmCallbackRequest(org.graylog2.rest.models.alarmcallbacks.requests.CreateAlarmCallbackRequest) List(java.util.List) Response(javax.ws.rs.core.Response) Stream(org.graylog2.plugin.streams.Stream) AuditEventTypes(org.graylog2.audit.AuditEventTypes) StreamService(org.graylog2.streams.StreamService) AlertCondition(org.graylog2.plugin.alarms.AlertCondition) AlertReceivers(org.graylog2.rest.models.alarmcallbacks.requests.AlertReceivers) StreamDTO(org.graylog2.streams.StreamDTO) CreateConditionRequest(org.graylog2.rest.models.streams.alerts.requests.CreateConditionRequest) Optional(java.util.Optional) MoreObjects.firstNonNull(com.google.common.base.MoreObjects.firstNonNull) RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication) ThreadFactoryBuilder(com.google.common.util.concurrent.ThreadFactoryBuilder) PathParam(javax.ws.rs.PathParam) PaginatedStreamService(org.graylog2.streams.PaginatedStreamService) CloneStreamRequest(org.graylog2.rest.resources.streams.requests.CloneStreamRequest) SearchQueryParser(org.graylog2.search.SearchQueryParser) GET(javax.ws.rs.GET) TestMatchResponse(org.graylog2.rest.resources.streams.responses.TestMatchResponse) StreamPageListResponse(org.graylog2.rest.resources.streams.responses.StreamPageListResponse) HashMap(java.util.HashMap) ApiResponses(io.swagger.annotations.ApiResponses) StreamListResponse(org.graylog2.rest.resources.streams.responses.StreamListResponse) ArrayList(java.util.ArrayList) Inject(javax.inject.Inject) Strings(com.google.common.base.Strings) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) UpdateStreamRequest(org.graylog2.rest.models.streams.requests.UpdateStreamRequest) Lists(com.google.common.collect.Lists) ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException) AuditEvent(org.graylog2.audit.jersey.AuditEvent) Api(io.swagger.annotations.Api) SearchQuery(org.graylog2.search.SearchQuery) NotFoundException(org.graylog2.database.NotFoundException) IndexSetRegistry(org.graylog2.indexer.IndexSetRegistry) ExecutorService(java.util.concurrent.ExecutorService) Logger(org.slf4j.Logger) POST(javax.ws.rs.POST) DateTime(org.joda.time.DateTime) RestResource(org.graylog2.shared.rest.resources.RestResource) OutputSummary(org.graylog2.rest.models.system.outputs.responses.OutputSummary) Maps(com.google.common.collect.Maps) AlarmCallbackConfigurationService(org.graylog2.alarmcallbacks.AlarmCallbackConfigurationService) Output(org.graylog2.plugin.streams.Output) ApiResponse(io.swagger.annotations.ApiResponse) ValidationException(org.graylog2.plugin.database.ValidationException) RestPermissions(org.graylog2.shared.security.RestPermissions) StreamResponse(org.graylog2.rest.resources.streams.responses.StreamResponse) ObjectId(org.bson.types.ObjectId) PUT(javax.ws.rs.PUT) StreamRuleImpl(org.graylog2.streams.StreamRuleImpl) Message(org.graylog2.plugin.Message) Collections(java.util.Collections) StreamRule(org.graylog2.plugin.streams.StreamRule) BadRequestException(javax.ws.rs.BadRequestException) Stream(org.graylog2.plugin.streams.Stream) URI(java.net.URI) IndexSet(org.graylog2.indexer.IndexSet) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Example 33 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class StreamResource method resume.

@POST
@Path("/{streamId}/resume")
@Timed
@ApiOperation(value = "Resume a stream")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid or missing Stream id.") })
@AuditEvent(type = AuditEventTypes.STREAM_START)
public void resume(@ApiParam(name = "streamId", required = true) @PathParam("streamId") @NotEmpty String streamId) throws NotFoundException, ValidationException {
    checkAnyPermission(new String[] { RestPermissions.STREAMS_CHANGESTATE, RestPermissions.STREAMS_EDIT }, streamId);
    checkNotEditableStream(streamId, "The stream cannot be resumed.");
    final Stream stream = streamService.load(streamId);
    streamService.resume(stream);
}

Also used : Stream(org.graylog2.plugin.streams.Stream) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 34 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class StreamAlertConditionResource method delete.

@DELETE
@Timed
@Path("{conditionId}")
@ApiOperation(value = "Delete an alert condition")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid ObjectId.") })
@AuditEvent(type = AuditEventTypes.ALERT_CONDITION_DELETE)
public void delete(@ApiParam(name = "streamId", value = "The stream id this alert condition belongs to.", required = true) @PathParam("streamId") String streamid, @ApiParam(name = "conditionId", value = "The alert condition id to be deleted", required = true) @PathParam("conditionId") String conditionId) throws NotFoundException {
    checkPermission(RestPermissions.STREAMS_EDIT, streamid);
    final Stream stream = streamService.load(streamid);
    streamService.removeAlertCondition(stream, conditionId);
}

Also used : Stream(org.graylog2.plugin.streams.Stream) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 35 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class StreamAlertConditionResource method update.

@PUT
@Timed
@Path("{conditionId}")
@ApiOperation(value = "Modify an alert condition")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid ObjectId.") })
@AuditEvent(type = AuditEventTypes.ALERT_CONDITION_UPDATE)
public void update(@ApiParam(name = "streamId", value = "The stream id the alert condition belongs to.", required = true) @PathParam("streamId") String streamid, @ApiParam(name = "conditionId", value = "The alert condition id.", required = true) @PathParam("conditionId") String conditionid, @ApiParam(name = "JSON body", required = true) @Valid @NotNull CreateConditionRequest ccr) throws NotFoundException, ValidationException {
    checkPermission(RestPermissions.STREAMS_EDIT, streamid);
    final Stream stream = streamService.load(streamid);
    AlertCondition alertCondition = streamService.getAlertCondition(stream, conditionid);
    try {
        final AlertCondition updatedCondition = alertService.updateFromRequest(alertCondition, convertConfigurationInRequest(ccr));
        streamService.updateAlertCondition(stream, updatedCondition);
    } catch (ConfigurationException e) {
        throw new BadRequestException("Invalid alert condition parameters", e);
    }
}

Also used : ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException) AlertCondition(org.graylog2.plugin.alarms.AlertCondition) BadRequestException(javax.ws.rs.BadRequestException) Stream(org.graylog2.plugin.streams.Stream) Path(javax.ws.rs.Path) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

AuditEvent (org.graylog2.audit.jersey.AuditEvent)134 ApiOperation (io.swagger.annotations.ApiOperation)132 Path (javax.ws.rs.Path)100 Timed (com.codahale.metrics.annotation.Timed)87 ApiResponses (io.swagger.annotations.ApiResponses)64 PUT (javax.ws.rs.PUT)55 POST (javax.ws.rs.POST)52 Produces (javax.ws.rs.Produces)48 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)47 BadRequestException (javax.ws.rs.BadRequestException)46 Consumes (javax.ws.rs.Consumes)38 DELETE (javax.ws.rs.DELETE)34 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)33 NotFoundException (javax.ws.rs.NotFoundException)24 URI (java.net.URI)22 ValidationException (org.graylog2.plugin.database.ValidationException)16 Stream (org.graylog2.plugin.streams.Stream)16 NotFoundException (org.graylog2.database.NotFoundException)15 User (org.graylog2.plugin.database.users.User)14 ValidationResult (org.graylog2.plugin.rest.ValidationResult)12