Package org.jwall.web.audit

Examples of org.jwall.web.audit.AuditEvent


      // the A-section is empty - it seems that the EOF has been reached
      //
      if(data[0].equals(""))
        return null;

      AuditEvent event = eventFactory.createAuditEvent( id, data, inputFile, offset, (long) bytesRead - offset, AuditEventType.ModSecurity2 );
      event.set( AuditEvent.SENSOR_NAME, sensor );
      return event;

    } catch ( EOFException eof ) {
      System.out.println( "End-of-file reached!" );
      eofReached = true;
View Full Code Here


  @Override
  public void run() {
    while( true ){
      try {
        AuditEvent event = readNext();
        listener.eventArrived( event );
      } catch (Exception e) {
        e.printStackTrace();
        //System.exit(0);
        return;
View Full Code Here

  public void run(){

    try {
      while( true ){

        AuditEvent evt = null;

        while( events.remainingCapacity() ==  0 )
          Thread.sleep( 256 );
         
        while( events.remainingCapacity() 0 ){
View Full Code Here

    while( ! finished  ){
     
      while( ! queue.isEmpty() ){
       
        try {
          AuditEvent evt = queue.poll();
          writer.writeEvent( evt );
        } catch ( Exception e ){
          e.printStackTrace();
        }
      }
View Full Code Here

            log.debug( "Removing buffers for key '{}'", line[0] );
            pending.remove( line[0] );
            log.debug( "{} buffers currently pending", pending.size() );
           
           
            AuditEvent event = eventFactory.createAuditEvent( pendingIDs.get( line[0] ), data, inputFile, offset, (long) bytesRead - offset, AuditEventType.ModSecurity2 );
            event.set( AuditEvent.SENSOR_NAME, sensorName );
            log.info( "{} lines read", lines );
            return event;
           
        } catch ( EOFException eof ) {
            log.warn( "End-of-file reached!" );
View Full Code Here

    @Override
  public void run() {
      while( true ){
        try {
          AuditEvent event = readNext();
          listener.eventArrived( event );
        } catch (Exception e) {
          e.printStackTrace();
          return;
        }
View Full Code Here

      log.info( "Starting event-stream from connection {}", socket.getInetAddress() );
      start = System.currentTimeMillis();
      InputStream in = socket.getInputStream();
      SyslogAuditEventStream reader = new SyslogAuditEventStream( in, this );
      AuditEvent evt = reader.readNext();
      while( running && evt != null && !socket.isClosed() ){
        eventArrived( evt );
        evt = reader.readNext();
      }
      log.info( "Connection closed." );
View Full Code Here

                }
               
                System.out.println( "ScriptEvent:\n" + eventData );

                ModSecurity2AuditReader reader = new ModSecurity2AuditReader( new StringReader( eventData.toString() ) );
                AuditEvent evt = reader.readNext();

                if( evt != null ){
                    System.out.println( "Sending 200 OK");
                    out.print( "HTTP/1.1 200 OK" + HttpHeader.CRLF );
                } else {
View Full Code Here

            try {

                while( true ) {

                    AuditEvent evt = readEvent();
                    while( evt == null ){
                        try {
                            System.out.println("Sleeping..." );
                            Thread.sleep( 1000 );
                        } catch (Exception e) {}
View Full Code Here

    Map<String, Object> ctx = new LinkedHashMap<String, Object>();

    RemoteAddressResolver resolver = new RemoteAddressResolver();
    try {
      AuditEvent evt = events.get(0);

      String before = evt.get(ModSecurity.REMOTE_ADDR);
      log.info("Remote address BEFORE processing is: {}", before);
      Assert.assertEquals("172.16.0.1", before);

      log.info("Applying event-processor...");
      evt = resolver.processEvent(events.get(0), ctx);

      String remoteAddress = evt.get(ModSecurity.REMOTE_ADDR);
      log.info("Remote address after processing is: {}", remoteAddress);

      Assert.assertEquals("1.2.3.4", remoteAddress);

    } catch (Exception e) {
View Full Code Here

TOP

Related Classes of org.jwall.web.audit.AuditEvent

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.