Package org.jwall.web.audit

Examples of org.jwall.web.audit.AuditEvent

241
242
243
244
245
246
247
248
249
250
251
252
      // the A-section is empty - it seems that the EOF has been reached
      //
      if(data[0].equals(""))
        return null;

      AuditEvent event = eventFactory.createAuditEvent( id, data, inputFile, offset, (long) bytesRead - offset, AuditEventType.ModSecurity2 );
      event.set( AuditEvent.SENSOR_NAME, sensor );
      return event;

    } catch ( EOFException eof ) {
      System.out.println( "End-of-file reached!" );
      eofReached = true;
View Full Code Here
318
319
320
321
322
323
324
325
326
327
328
  @Override
  public void run() {
    while( true ){
      try {
        AuditEvent event = readNext();
        listener.eventArrived( event );
      } catch (Exception e) {
        e.printStackTrace();
        //System.exit(0);
        return;
View Full Code Here
99
100
101
102
103
104
105
106
107
108
109
  public void run(){

    try {
      while( true ){

        AuditEvent evt = null;

        while( events.remainingCapacity() ==  0 )
          Thread.sleep( 256 );
         
        while( events.remainingCapacity() 0 ){
View Full Code Here
77
78
79
80
81
82
83
84
85
86
87
    while( ! finished  ){
     
      while( ! queue.isEmpty() ){
       
        try {
          AuditEvent evt = queue.poll();
          writer.writeEvent( evt );
        } catch ( Exception e ){
          e.printStackTrace();
        }
      }
View Full Code Here
200
201
202
203
204
205
206
207
208
209
210
211
            log.debug( "Removing buffers for key '{}'", line[0] );
            pending.remove( line[0] );
            log.debug( "{} buffers currently pending", pending.size() );
           
           
            AuditEvent event = eventFactory.createAuditEvent( pendingIDs.get( line[0] ), data, inputFile, offset, (long) bytesRead - offset, AuditEventType.ModSecurity2 );
            event.set( AuditEvent.SENSOR_NAME, sensorName );
            log.info( "{} lines read", lines );
            return event;
           
        } catch ( EOFException eof ) {
            log.warn( "End-of-file reached!" );
View Full Code Here
282
283
284
285
286
287
288
289
290
291
292
    @Override
  public void run() {
      while( true ){
        try {
          AuditEvent event = readNext();
          listener.eventArrived( event );
        } catch (Exception e) {
          e.printStackTrace();
          return;
        }
View Full Code Here
71
72
73
74
75
76
77
78
79
80
81
      log.info( "Starting event-stream from connection {}", socket.getInetAddress() );
      start = System.currentTimeMillis();
      InputStream in = socket.getInputStream();
      SyslogAuditEventStream reader = new SyslogAuditEventStream( in, this );
      AuditEvent evt = reader.readNext();
      while( running && evt != null && !socket.isClosed() ){
        eventArrived( evt );
        evt = reader.readNext();
      }
      log.info( "Connection closed." );
View Full Code Here
211
212
213
214
215
216
217
218
219
220
221
                }
               
                System.out.println( "ScriptEvent:\n" + eventData );

                ModSecurity2AuditReader reader = new ModSecurity2AuditReader( new StringReader( eventData.toString() ) );
                AuditEvent evt = reader.readNext();

                if( evt != null ){
                    System.out.println( "Sending 200 OK");
                    out.print( "HTTP/1.1 200 OK" + HttpHeader.CRLF );
                } else {
View Full Code Here
243
244
245
246
247
248
249
250
251
252
253
            try {

                while( true ) {

                    AuditEvent evt = readEvent();
                    while( evt == null ){
                        try {
                            System.out.println("Sleeping..." );
                            Thread.sleep( 1000 );
                        } catch (Exception e) {}
View Full Code Here
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
    Map<String, Object> ctx = new LinkedHashMap<String, Object>();

    RemoteAddressResolver resolver = new RemoteAddressResolver();
    try {
      AuditEvent evt = events.get(0);

      String before = evt.get(ModSecurity.REMOTE_ADDR);
      log.info("Remote address BEFORE processing is: {}", before);
      Assert.assertEquals("172.16.0.1", before);

      log.info("Applying event-processor...");
      evt = resolver.processEvent(events.get(0), ctx);

      String remoteAddress = evt.get(ModSecurity.REMOTE_ADDR);
      log.info("Remote address after processing is: {}", remoteAddress);

      Assert.assertEquals("1.2.3.4", remoteAddress);

    } catch (Exception e) {
View Full Code Here
TOP

Related Classes of org.jwall.web.audit.AuditEvent

  • org.jwall.audit.script.LazyEventListTest
  • org.jwall.audit.script.ListIteratorTest
  • org.jwall.audit.server.AuditEventStreamHandler
  • org.jwall.audit.server.ModSecurity2AuditStream
  • org.jwall.event.processor.XForwardedForResolverTest
  • org.jwall.event.test.EventList
  • org.jwall.web.audit.io.AuditEventIterator
  • org.jwall.web.audit.io.AuditFormat
  • org.jwall.web.audit.io.AuditLogFileWriter
  • org.jwall.web.audit.io.BufferedAuditEventSource
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.