Package org.jwall.web.audit

Examples of org.jwall.web.audit.AuditEvent


  public void testIronBee() throws Exception {
    IronBeeAuditReader reader = new IronBeeAuditReader(
        RuleTagProcessorTest.class
            .getResourceAsStream("/IB-95ebd277-b4c4-4951-97da-f9530205da39.log"));

    AuditEvent evt = reader.readNext();

    log.info("Tagging event {}", evt.getEventId());
    pipeline.process(evt);

    String tagString = evt.get(AuditEvent.TAGS);
    log.info("Tags processed: {}", tagString);
  }
View Full Code Here


    try {
      URL url = ScoreBugTest.class.getResource("/score-bug-audit.log");
      AuditEventReader reader = new ModSecurity2AuditReader(
          url.openStream());

      AuditEvent evt = reader.readNext();

      PersistentCollectionExtractor coll = new PersistentCollectionExtractor();
      Map<String, String> scores = coll.extractScores(evt);
      for (String key : scores.keySet()) {
        log.info("Score for '{}' = {}", key, scores.get(key));
View Full Code Here

  @Test
  public void test() {

    try {
      AuditEvent event = reader.readNext();
      AuditEventMessage[] msgs = event.getEventMessages();
      log.info("Messages: {}", msgs);
      Assert.assertEquals(2, msgs.length);

    } catch (Exception e) {
      fail("Error: " + e.getMessage());
View Full Code Here

        .getResource("/sink-audit.log.gz");

    ModSecurity2AuditReader reader = new ModSecurity2AuditReader(
        new GZIPInputStream(url.openStream()));

    AuditEvent e = reader.readNext();
    while (e != null) {

      log.info("------------------------------------");
      log.info("AuditEvent  {}", e.get(ModSecurity.TX_ID));

      String p1 = e.get(ModSecurity.PERF_PHASE1);
      String p2 = e.get(ModSecurity.PERF_PHASE2);
      String p3 = e.get(ModSecurity.PERF_PHASE3);
      String p4 = e.get(ModSecurity.PERF_PHASE4);
      String p5 = e.get(ModSecurity.PERF_PHASE5);

      log.info("Phase1: {}ms", p1);
      log.info("Phase2: {}ms", p2);
      log.info("Phase3: {}ms", p3);
      log.info("Phase4: {}ms", p4);
      log.info("Phase5: {}ms", p5);

      for (String var : AuditEventParser.PERF_VARIABLES) {

        try {
          log.info("Value of '{}' is {}", var, new Long(e.get(var)));
          Assert.assertTrue("performance variable '" + var
              + "' missing!", p1 != null && !p1.trim().isEmpty());
        } catch (NumberFormatException nfe) {
          log.error("Failed to parse variable {} with value {}", var,
              e.get(var));
        }
      }

      log.info("------------------------------------");
      e = reader.readNext();
View Full Code Here

    @Test
    public void test() {
        try {
            AuditEvent event = reader.readNext();

            ConditionLT lt = new ConditionLT( ModSecurity.RULE_SEV, "3" );
           
            List<String> values = ValueExtractor.extractValues( ModSecurity.RULE_SEV, event );
            boolean matches = lt.matches( values );
View Full Code Here

    @Test
    public void test() {
        try {
            AuditEvent event = reader.readNext();

           
            List<String> values = ValueExtractor.extractValues( "&RULE_ID", event );
            log.info( "Extracted: {}", values );
           
View Full Code Here

    @Test
    public void testReadNext()
    {
        try {
            AuditEvent evt = reader.readNext();
            log.info( "ScriptEvent: {}" + evt.getEventId() );
            Assert.assertNotNull( evt );
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
View Full Code Here

    @Test
    public void testReadNext()
    {
        try {

            AuditEvent evt = reader.readNext();
            log.info( "ScriptEvent: {}", evt.getEventId() );
           
            Assert.assertNotNull( evt );

            log.info( "ARGS_NAMES = {}", evt.getAll( ModSecurity.ARGS_NAMES ) );

            expectedArgs.add( "version" );
            expectedArgs.add( "__FORM_TOKEN" );
            expectedArgs.add( "scroll_bar_pos" );
            expectedArgs.add( "action" );
            expectedArgs.add( "preview" );
            expectedArgs.add( "editrows" );
            expectedArgs.add( "text" );
            expectedArgs.add( "comment" );
           
            List<String> args = evt.getAll( ModSecurity.ARGS_NAMES );
            Assert.assertEquals( expectedArgs.size(), args.size() );

            for( int i = 0; i < args.size(); i++ )
                Assert.assertEquals( expectedArgs.get(i), args.get(i) );
           
            for( String arg : evt.getAll( ModSecurity.ARGS_NAMES ) ){
                log.info( "  ARGS:{} = {}", arg, evt.getAll( ModSecurity.ARGS + ":" + arg ) );
            }
           
        } catch (Exception e) {
            e.printStackTrace();
        }
View Full Code Here

    @Test
    public void testReadNext()
    {
        try {
           
            AuditEvent evt = reader.readNext();
            while( evt != null ){
                eventsRead++;

                log.info( "Completed {}%", 100 * ( eventsRead.doubleValue() / totalFiles.doubleValue() ) );
                try {
View Full Code Here

    @Test
    public void testReadNext()
    {
        try {

            AuditEvent evt = reader.readNext();
            log.info( "ScriptEvent: {}" + evt.getEventId() );
           
            Assert.assertNotNull( evt );

            evt = reader.readNext();
            log.info( "ScriptEvent: {}", evt.getEventId() );
           
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
View Full Code Here

TOP

Related Classes of org.jwall.web.audit.AuditEvent

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.