Examples with Version org.graylog2.plugin.Version used on opensource projects

Example 51 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class CmdLineTool method loadPlugins.

protected Set<Plugin> loadPlugins(Path pluginPath, ChainingClassLoader chainingClassLoader) {
    final Set<Plugin> plugins = new HashSet<>();
    final PluginLoader pluginLoader = new PluginLoader(pluginPath.toFile(), chainingClassLoader, coreConfigInjector);
    for (Plugin plugin : pluginLoader.loadPlugins()) {
        final PluginMetaData metadata = plugin.metadata();
        if (capabilities().containsAll(metadata.getRequiredCapabilities())) {
            if (version.sameOrHigher(metadata.getRequiredVersion())) {
                LOG.info("Loaded plugin: {}", plugin);
                plugins.add(plugin);
            } else {
                LOG.error("Plugin \"" + metadata.getName() + "\" requires version " + metadata.getRequiredVersion() + " - not loading!");
            }
        } else {
            LOG.debug("Skipping plugin \"{}\" because some capabilities are missing ({}).", metadata.getName(), Sets.difference(plugin.metadata().getRequiredCapabilities(), capabilities()));
        }
    }
    return plugins;
}

Example 52 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class UrlWhitelistFacade method createNativeEntity.

@Override
public NativeEntity<WhitelistEntry> createNativeEntity(Entity entity, Map<String, ValueReference> parameters, Map<EntityDescriptor, Object> nativeEntities, String username) {
    if (!(entity instanceof EntityV1)) {
        throw new IllegalArgumentException("Unsupported entity version: " + entity.getClass());
    }
    final WhitelistEntry whitelistEntry = objectMapper.convertValue(((EntityV1) entity).data(), WhitelistEntry.class);
    urlWhitelistService.addEntry(whitelistEntry);
    return NativeEntity.create(entity.id(), whitelistEntry.id(), TYPE_V1, createTitle(whitelistEntry), whitelistEntry);
}

Example 53 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class IndexMappingFactory method createIndexMapping.

@Nonnull
public IndexMappingTemplate createIndexMapping(@Nonnull IndexSetConfig indexSetConfig) throws IgnoreIndexTemplate {
    final SearchVersion elasticsearchVersion = node.getVersion().orElseThrow(() -> new ElasticsearchException("Unable to retrieve Elasticsearch version."));
    final String templateType = indexSetConfig.indexTemplateType().orElse(IndexSetConfig.DEFAULT_INDEX_TEMPLATE_TYPE);
    return resolveIndexMappingTemplateProvider(templateType).create(elasticsearchVersion, indexSetConfig);
}

Example 54 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class GelfCodec method decode.

@Nullable
@Override
public Message decode(@Nonnull final RawMessage rawMessage) {
    final GELFMessage gelfMessage = new GELFMessage(rawMessage.getPayload(), rawMessage.getRemoteAddress());
    final String json = gelfMessage.getJSON(decompressSizeLimit);
    final JsonNode node;
    try {
        node = objectMapper.readTree(json);
        if (node == null) {
            throw new IOException("null result");
        }
    } catch (final Exception e) {
        log.error("Could not parse JSON, first 400 characters: " + StringUtils.abbreviate(json, 403), e);
        throw new IllegalStateException("JSON is null/could not be parsed (invalid JSON)", e);
    }
    try {
        validateGELFMessage(node, rawMessage.getId(), rawMessage.getRemoteAddress());
    } catch (IllegalArgumentException e) {
        log.trace("Invalid GELF message <{}>", node);
        throw e;
    }
    // Timestamp.
    final double messageTimestamp = timestampValue(node);
    final DateTime timestamp;
    if (messageTimestamp <= 0) {
        timestamp = rawMessage.getTimestamp();
    } else {
        // we treat this as a unix timestamp
        timestamp = Tools.dateTimeFromDouble(messageTimestamp);
    }
    final Message message = new Message(stringValue(node, "short_message"), stringValue(node, "host"), timestamp);
    message.addField(Message.FIELD_FULL_MESSAGE, stringValue(node, "full_message"));
    final String file = stringValue(node, "file");
    if (file != null && !file.isEmpty()) {
        message.addField("file", file);
    }
    final long line = longValue(node, "line");
    if (line > -1) {
        message.addField("line", line);
    }
    // Level is set by server if not specified by client.
    final int level = intValue(node, "level");
    if (level > -1) {
        message.addField("level", level);
    }
    // Facility is set by server if not specified by client.
    final String facility = stringValue(node, "facility");
    if (facility != null && !facility.isEmpty()) {
        message.addField("facility", facility);
    }
    // Add additional data if there is some.
    final Iterator<Map.Entry<String, JsonNode>> fields = node.fields();
    while (fields.hasNext()) {
        final Map.Entry<String, JsonNode> entry = fields.next();
        String key = entry.getKey();
        // Do not index useless GELF "version" field.
        if ("version".equals(key)) {
            continue;
        }
        // Don't include GELF syntax underscore in message field key.
        if (key.startsWith("_") && key.length() > 1) {
            key = key.substring(1);
        }
        // We already set short_message and host as message and source. Do not add as fields again.
        if ("short_message".equals(key) || "host".equals(key)) {
            continue;
        }
        // Skip standard or already set fields.
        if (message.getField(key) != null || Message.RESERVED_FIELDS.contains(key) && !Message.RESERVED_SETTABLE_FIELDS.contains(key)) {
            continue;
        }
        // Convert JSON containers to Strings, and pick a suitable number representation.
        final JsonNode value = entry.getValue();
        final Object fieldValue;
        if (value.isContainerNode()) {
            fieldValue = value.toString();
        } else if (value.isFloatingPointNumber()) {
            fieldValue = value.asDouble();
        } else if (value.isIntegralNumber()) {
            fieldValue = value.asLong();
        } else if (value.isNull()) {
            log.debug("Field [{}] is NULL. Skipping.", key);
            continue;
        } else if (value.isTextual()) {
            fieldValue = value.asText();
        } else {
            log.debug("Field [{}] has unknown value type. Skipping.", key);
            continue;
        }
        message.addField(key, fieldValue);
    }
    return message;
}

Example 55 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class SyslogCodec method parse.

private Message parse(String msg, InetAddress remoteAddress, DateTime receivedTimestamp) {
    /*
         * ZOMG funny 80s neckbeard protocols. We are now deciding if to parse
         * structured (RFC5424) or unstructured (classic BSD, RFC3164) syslog
         * by checking if there is a VERSION after the PRI. Sorry.
         *
         *                            ._.                                  _
         *    R-O-F-L-R-O-F-L-R-O-F-L-IOI-R-O-F-L-R-O-F-L-R-O-F-L         / l
         *                ___________/LOL\____                           /: ]
         *            .__/°         °\___/°   \                         / ::\
         *           /^^ \            °  °     \_______.__________.____/: OO:\
         *      .__./     j      ________             _________________ ::OO::|
         *    ./ ^^ j____/°     [\______/]      .____/                 \__:__/
         *  ._|____/°    °       <{(OMG{<       /                         ::
         * /  °    °              (OMFG{       /
         * |°  loooooooooooooooooooooooooooooooool
         *         °L|                   L|
         *          ()                   ()
         *
         *
         *  http://open.spotify.com/track/2ZtQKBB8wDTtPPqDZhy7xZ
         *
         */
    final SyslogServerEventIF e;
    if (STRUCTURED_SYSLOG_PATTERN.matcher(msg).matches()) {
        e = new StructuredSyslogServerEvent(msg, remoteAddress);
    } else if (CISCO_WITH_SEQUENCE_NUMBERS_PATTERN.matcher(msg).matches()) {
        e = new CiscoSyslogServerEvent(msg, remoteAddress);
    } else if (FORTIGATE_PATTERN.matcher(msg).matches()) {
        e = new FortiGateSyslogEvent(msg);
    } else {
        e = new SyslogServerEvent(msg, remoteAddress);
    }
    // If the message is a structured one, we do not want the message ID and the structured data in the
    // message string. See: https://github.com/Graylog2/graylog2-server/issues/845#issuecomment-69499719
    final String syslogMessage;
    if (e instanceof StructuredSyslogServerEvent) {
        final String structMessage = ((StructuredSyslogServerEvent) e).getStructuredMessage().getMessage();
        syslogMessage = isNullOrEmpty(structMessage) ? e.getMessage() : structMessage;
    } else {
        syslogMessage = e.getMessage();
    }
    final Message m = new Message(syslogMessage, parseHost(e, remoteAddress), parseDate(e, receivedTimestamp));
    m.addField("facility", Tools.syslogFacilityToReadable(e.getFacility()));
    m.addField("level", e.getLevel());
    m.addField("facility_num", e.getFacility());
    // I can haz pattern matching?
    if (e instanceof CiscoSyslogServerEvent) {
        m.addField("sequence_number", ((CiscoSyslogServerEvent) e).getSequenceNumber());
    }
    if (e instanceof FortiGateSyslogEvent) {
        final HashMap<String, Object> fields = new HashMap<>(((FortiGateSyslogEvent) e).getFields());
        // The FortiGate "level" field is a string, Graylog requires a numeric value.
        fields.remove("level");
        m.addFields(fields);
    }
    // Store full message if configured.
    if (configuration.getBoolean(CK_STORE_FULL_MESSAGE)) {
        m.addField("full_message", new String(e.getRaw(), StandardCharsets.UTF_8));
    }
    final boolean expandStructuredData = configuration.getBoolean(CK_EXPAND_STRUCTURED_DATA);
    m.addFields(parseAdditionalData(e, expandStructuredData));
    return m;
}