Examples with AuditEvent org.graylog2.audit.jersey.AuditEvent used on opensource projects

Example 36 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class StreamAlertConditionResource method get.

@GET
@Timed
@Path("{conditionId}")
@ApiOperation(value = "Get an alert condition")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid ObjectId.") })
@AuditEvent(type = AuditEventTypes.ALERT_CONDITION_DELETE)
public AlertConditionSummary get(@ApiParam(name = "streamId", value = "The stream id this alert condition belongs to.", required = true) @PathParam("streamId") String streamId, @ApiParam(name = "conditionId", value = "The alert condition id to be fetched", required = true) @PathParam("conditionId") String conditionId) throws NotFoundException {
    checkPermission(RestPermissions.STREAMS_READ, streamId);
    final Stream stream = streamService.load(streamId);
    final AlertCondition condition = streamService.getAlertCondition(stream, conditionId);
    return AlertConditionSummary.create(condition.getId(), condition.getType(), condition.getCreatorUserId(), condition.getCreatedAt().toDate(), condition.getParameters(), alertService.inGracePeriod(condition), condition.getTitle());
}

Example 37 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class ExtractorsResource method create.

@POST
@Timed
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Add an extractor to an input", response = ExtractorCreated.class)
@ApiResponses(value = { @ApiResponse(code = 404, message = "No such input on this node."), @ApiResponse(code = 400, message = "No such extractor type."), @ApiResponse(code = 400, message = "Field the extractor should write on is reserved."), @ApiResponse(code = 400, message = "Missing or invalid configuration.") })
@AuditEvent(type = AuditEventTypes.EXTRACTOR_CREATE)
public Response create(@ApiParam(name = "inputId", required = true) @PathParam("inputId") String inputId, @ApiParam(name = "JSON body", required = true) @Valid @NotNull CreateExtractorRequest cer) throws NotFoundException {
    checkPermission(RestPermissions.INPUTS_EDIT, inputId);
    final Input mongoInput = inputService.find(inputId);
    final String id = new com.eaio.uuid.UUID().toString();
    final Extractor extractor = buildExtractorFromRequest(cer, id);
    try {
        inputService.addExtractor(mongoInput, extractor);
    } catch (ValidationException e) {
        final String msg = "Extractor persist validation failed.";
        LOG.error(msg, e);
        throw new BadRequestException(msg, e);
    }
    final String msg = "Added extractor <" + id + "> of type [" + cer.extractorType() + "] to input <" + inputId + ">.";
    LOG.info(msg);
    activityWriter.write(new Activity(msg, ExtractorsResource.class));
    final ExtractorCreated result = ExtractorCreated.create(id);
    final URI extractorUri = getUriBuilderToSelf().path(ExtractorsResource.class).path("{inputId}").build(mongoInput.getId());
    return Response.created(extractorUri).entity(result).build();
}

Example 38 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class ExtractorsResource method terminate.

@DELETE
@Timed
@ApiOperation(value = "Delete an extractor")
@Path("/{extractorId}")
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid request."), @ApiResponse(code = 404, message = "Input not found."), @ApiResponse(code = 404, message = "Extractor not found.") })
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.EXTRACTOR_DELETE)
public void terminate(@ApiParam(name = "inputId", required = true) @PathParam("inputId") String inputId, @ApiParam(name = "extractorId", required = true) @PathParam("extractorId") String extractorId) throws NotFoundException {
    checkPermission(RestPermissions.INPUTS_EDIT, inputId);
    final MessageInput input = persistedInputs.get(inputId);
    if (input == null) {
        LOG.error("Input <{}> not found.", inputId);
        throw new javax.ws.rs.NotFoundException("Couldn't find input " + inputId);
    }
    // Remove from Mongo.
    final Input mongoInput = inputService.find(input.getPersistId());
    final Extractor extractor = inputService.getExtractor(mongoInput, extractorId);
    inputService.removeExtractor(mongoInput, extractor.getId());
    final String msg = "Deleted extractor <" + extractorId + "> of type [" + extractor.getType() + "] " + "from input <" + inputId + ">.";
    LOG.info(msg);
    activityWriter.write(new Activity(msg, InputsResource.class));
}

Example 39 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class StreamRuleResource method update.

@PUT
@Path("/{streamRuleId}")
@Timed
@ApiOperation(value = "Update a stream rule")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream or stream rule not found."), @ApiResponse(code = 400, message = "Invalid JSON Body.") })
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.STREAM_RULE_UPDATE)
public SingleStreamRuleSummaryResponse update(@ApiParam(name = "streamid", value = "The stream id this rule belongs to.", required = true) @PathParam("streamid") String streamid, @ApiParam(name = "streamRuleId", value = "The stream rule id we are updating", required = true) @PathParam("streamRuleId") String streamRuleId, @ApiParam(name = "JSON body", required = true) @Valid @NotNull CreateStreamRuleRequest cr) throws NotFoundException, ValidationException {
    checkPermission(RestPermissions.STREAMS_EDIT, streamid);
    checkNotEditable(streamid, "Cannot update stream rules on non-editable streams.");
    final StreamRule streamRule;
    streamRule = streamRuleService.load(streamRuleId);
    if (!streamRule.getStreamId().equals(streamid)) {
        throw new NotFoundException("Couldn't update stream rule " + streamRuleId + "in stream " + streamid);
    }
    final StreamRuleType streamRuleType = StreamRuleType.fromInteger(cr.type());
    if (null == streamRuleType) {
        throw new BadRequestException("Unknown stream rule type " + cr.type());
    }
    streamRule.setField(cr.field());
    streamRule.setType(streamRuleType);
    streamRule.setInverted(cr.inverted());
    streamRule.setValue(cr.value());
    streamRule.setDescription(cr.description());
    streamRuleService.save(streamRule);
    return SingleStreamRuleSummaryResponse.create(streamRule.getId());
}

Example 40 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class StreamRuleResource method create.

@POST
@Timed
@ApiOperation(value = "Create a stream rule")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.STREAM_RULE_CREATE)
public Response create(@ApiParam(name = "streamid", value = "The stream id this new rule belongs to.", required = true) @PathParam("streamid") String streamId, @ApiParam(name = "JSON body", required = true) @Valid @NotNull CreateStreamRuleRequest cr) throws NotFoundException, ValidationException {
    checkPermission(RestPermissions.STREAMS_EDIT, streamId);
    checkNotEditable(streamId, "Cannot add stream rules to non-editable streams.");
    // Check if stream exists
    streamService.load(streamId);
    final StreamRule streamRule = streamRuleService.create(streamId, cr);
    final String id = streamRuleService.save(streamRule);
    final SingleStreamRuleSummaryResponse response = SingleStreamRuleSummaryResponse.create(id);
    final URI streamRuleUri = getUriBuilderToSelf().path(StreamRuleResource.class).path("{streamRuleId}").build(streamId, id);
    return Response.created(streamRuleUri).entity(response).build();
}