Examples with AuditEvent - org.graylog2.audit.jersey.AuditEvent

Example 41 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class GrokResource method bulkUpdatePatterns.

@PUT
@Timed
@ApiOperation("Add a list of new patterns")
@AuditEvent(type = AuditEventTypes.GROK_PATTERN_IMPORT_CREATE)
public Response bulkUpdatePatterns(@ApiParam(name = "patterns", required = true) @NotNull GrokPatternList patternList, // deprecated. used to drop all existing patterns before import
@Deprecated @QueryParam("replace") @DefaultValue("false") boolean deprecatedDropAllExisting, @ApiParam(name = "import-strategy", value = "Strategy to apply when importing.") @QueryParam("import-strategy") ImportStrategy importStrategy) throws ValidationException {
    checkPermission(RestPermissions.INPUTS_CREATE);
    try {
        if (!grokPatternService.validateAll(patternList.patterns())) {
            throw new ValidationException("Invalid pattern contained. Did not save any patterns.");
        }
    } catch (GrokException | IllegalArgumentException e) {
        throw new ValidationException("Invalid pattern. Did not save any patterns\n" + e.getMessage());
    }
    ImportStrategy resolvedStrategy = importStrategy != null ? importStrategy : deprecatedDropAllExisting ? ImportStrategy.DROP_ALL_EXISTING : ImportStrategy.ABORT_ON_CONFLICT;
    grokPatternService.saveAll(patternList.patterns(), resolvedStrategy);
    return Response.accepted().build();
}

Also used : ImportStrategy(org.graylog2.grok.GrokPatternService.ImportStrategy) ValidationException(org.graylog2.plugin.database.ValidationException) GrokException(io.krakens.grok.api.exception.GrokException) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT)

Example 42 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class GrokResource method createPattern.

@POST
@Timed
@ApiOperation(value = "Add a new named pattern", response = GrokPattern.class)
@AuditEvent(type = AuditEventTypes.GROK_PATTERN_CREATE)
public Response createPattern(@ApiParam(name = "pattern", required = true) @Valid @NotNull GrokPattern pattern) throws ValidationException {
    checkPermission(RestPermissions.INPUTS_CREATE);
    // remove the ID from the pattern, this is only used to create new patterns
    final GrokPattern newPattern = grokPatternService.save(pattern.toBuilder().id(null).build());
    final URI patternUri = getUriBuilderToSelf().path(GrokResource.class, "listPattern").build(newPattern.id());
    return Response.created(patternUri).entity(newPattern).build();
}

Also used : GrokPattern(org.graylog2.grok.GrokPattern) URI(java.net.URI) POST(javax.ws.rs.POST) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Example 43 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class GrokResource method bulkUpdatePatternsFromTextFile.

@POST
@Consumes(MediaType.TEXT_PLAIN)
@Timed
@ApiOperation("Add a list of new patterns")
@AuditEvent(type = AuditEventTypes.GROK_PATTERN_IMPORT_CREATE)
public Response bulkUpdatePatternsFromTextFile(@ApiParam(name = "patterns", required = true) @NotNull InputStream patternsFile, // deprecated. used to drop all existing patterns before import
@Deprecated @QueryParam("replace") @DefaultValue("false") boolean deprecatedDropAllExisting, @ApiParam(name = "import-strategy", value = "Strategy to apply when importing.") @QueryParam("import-strategy") ImportStrategy importStrategy) throws ValidationException, IOException {
    checkPermission(RestPermissions.INPUTS_CREATE);
    final List<GrokPattern> grokPatterns = readGrokPatterns(patternsFile);
    if (!grokPatterns.isEmpty()) {
        try {
            if (!grokPatternService.validateAll(grokPatterns)) {
                throw new ValidationException("Invalid pattern contained. Did not save any patterns.");
            }
        } catch (GrokException | IllegalArgumentException e) {
            throw new ValidationException("Invalid pattern. Did not save any patterns\n" + e.getMessage());
        }
        ImportStrategy resolvedStrategy = importStrategy != null ? importStrategy : deprecatedDropAllExisting ? ImportStrategy.DROP_ALL_EXISTING : ImportStrategy.ABORT_ON_CONFLICT;
        grokPatternService.saveAll(grokPatterns, resolvedStrategy);
    }
    return Response.accepted().build();
}

Also used : ImportStrategy(org.graylog2.grok.GrokPatternService.ImportStrategy) ValidationException(org.graylog2.plugin.database.ValidationException) GrokPattern(org.graylog2.grok.GrokPattern) GrokException(io.krakens.grok.api.exception.GrokException) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Example 44 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class SessionsResource method terminateSession.

@DELETE
@ApiOperation(value = "Terminate an existing session", notes = "Destroys the session with the given ID: the equivalent of logging out.")
@Path("/{sessionId}")
@RequiresAuthentication
@AuditEvent(type = AuditEventTypes.SESSION_DELETE)
public void terminateSession(@ApiParam(name = "sessionId", required = true) @PathParam("sessionId") String sessionId) {
    final Subject subject = getSubject();
    securityManager.logout(subject);
}

Also used : Subject(org.apache.shiro.subject.Subject) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Example 45 with AuditEvent

use of org.graylog2.audit.jersey.AuditEvent in project graylog2-server by Graylog2.

the class ContentPackResource method deleteContentPackInstallationById.

@DELETE
@Path("{contentPackId}/installations/{installationId}")
@Timed
@ApiOperation(value = "Uninstall a content pack installation")
@ApiResponses(value = { @ApiResponse(code = 500, message = "Error loading content packs") })
@AuditEvent(type = AuditEventTypes.CONTENT_PACK_UNINSTALL)
@JsonView(ContentPackView.HttpView.class)
public Response deleteContentPackInstallationById(@ApiParam(name = "contentPackId", value = "Content pack ID", required = true) @PathParam("contentPackId") ModelId contentPackId, @ApiParam(name = "installationId", value = "Installation ID", required = true) @PathParam("installationId") String installationId) {
    checkPermission(RestPermissions.CONTENT_PACK_UNINSTALL, contentPackId.toString());
    final ContentPackInstallation installation = contentPackInstallationPersistenceService.findById(new ObjectId(installationId)).orElseThrow(() -> new NotFoundException("Couldn't find installation " + installationId));
    final ContentPack contentPack = contentPackPersistenceService.findByIdAndRevision(installation.contentPackId(), installation.contentPackRevision()).orElseThrow(() -> new NotFoundException("Couldn't find content pack " + installation.contentPackId() + " rev " + installation.contentPackRevision()));
    final ContentPackUninstallation removedInstallation = contentPackService.uninstallContentPack(contentPack, installation);
    return Response.ok(ImmutableMap.of("content_pack", contentPack, "uninstalled", removedInstallation)).build();
}

Also used : ContentPackInstallation(org.graylog2.contentpacks.model.ContentPackInstallation) ObjectId(org.bson.types.ObjectId) ContentPackUninstallation(org.graylog2.contentpacks.model.ContentPackUninstallation) ContentPack(org.graylog2.contentpacks.model.ContentPack) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) JsonView(com.fasterxml.jackson.annotation.JsonView) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

AuditEvent (org.graylog2.audit.jersey.AuditEvent)134 ApiOperation (io.swagger.annotations.ApiOperation)132 Path (javax.ws.rs.Path)100 Timed (com.codahale.metrics.annotation.Timed)87 ApiResponses (io.swagger.annotations.ApiResponses)64 PUT (javax.ws.rs.PUT)55 POST (javax.ws.rs.POST)52 Produces (javax.ws.rs.Produces)48 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)47 BadRequestException (javax.ws.rs.BadRequestException)46 Consumes (javax.ws.rs.Consumes)38 DELETE (javax.ws.rs.DELETE)34 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)33 NotFoundException (javax.ws.rs.NotFoundException)24 URI (java.net.URI)22 ValidationException (org.graylog2.plugin.database.ValidationException)16 Stream (org.graylog2.plugin.streams.Stream)16 NotFoundException (org.graylog2.database.NotFoundException)15 User (org.graylog2.plugin.database.users.User)14 ValidationResult (org.graylog2.plugin.rest.ValidationResult)12