Package org.jwall.web.audit.io

Examples of org.jwall.web.audit.io.AuditEventReader


 
  @Before
  public void setUp() throws Exception {
    URL url = ParserBugConsole8Test.class.getResource( "/CONSOLE-58-audit.log" );
        log.info( "Audit-ScriptEvent-Log: {}", url );
    AuditEventReader reader = new ModSecurity2AuditReader( url.openStream() );
    event = reader.readNext();
    Assert.assertNotNull( event );
  }
View Full Code Here


  @Test
  public void testRuleID2() throws Exception {
   
    File test = new File( "/Users/chris/audit/larry-bugs/rule-id-audit.log" );
    if( test.canRead() ){
      AuditEventReader reader = new ModSecurity2AuditReader( test );
      event = reader.readNext();
      log.info( "ScriptEvent is: {}", event.getEventId() );
      AuditEventRule rule = new AuditEventRule();
      rule.add( new ConditionEQ( "RULE_ID", "113" ) );
      rule.add( new MockAction() );
      Assert.assertTrue( rule.matches( event, null ) );
View Full Code Here

    this.port = port;
  }

  public static void main(String[] args) throws Exception {

    AuditEventReader reader = new ModSecurity2AuditReader(new File(
        "/Users/chris/audit/jwall-audit.log"));
    AuditEvent evt = reader.readNext();
    GELFSender sender = new GELFSender();
    sender.setAddress("127.0.0.1");
    sender.setPort(9105);

    sender.processEvent(evt, new HashMap<String, Object>());
View Full Code Here

    }

    public static AuditEventReader createReader( String f, boolean tail ) throws Exception {

        System.out.println("Creating AuditEventReader from " + f );
        AuditEventReader reader = null;

        File logFile = new File( f );
        int fmt = AuditFormat.guessFormat( logFile );

        if( fmt == AuditFormat.APACHE_ACCESS_LOG )
View Full Code Here

                System.setProperty( PROPERTY_LOG_FILE, ( new File( args[ args.length - 1 ] ) ).getAbsolutePath() );



            File logFile = new File( System.getProperty( PROPERTY_LOG_FILE ) );
            AuditEventReader reader = AuditFormat.createReader( logFile.getAbsolutePath(), false );

            if( reader == null )
                throw new Exception( "The log-file format is not supported!" );

            RFICollector col = new RFICollector( System.getProperties() );
View Full Code Here

        if( "true".equals( p.getProperty( Collector.COLLECTOR_SEND_COMPLETE_LOG ) ) ){
            System.err.println( "Sending all audit-log entries!" );
            tail = false;
        }

        AuditEventReader src = null;

        if( "stdin".equals( p.getProperty( COLLECTOR_SERIAL_LOG ) ) ){
            System.out.println( "Reading from standard input..." );
            src = new ModSecurity2AuditReader( System.in, true );
            return src;
View Full Code Here

            boolean ok = checkProperties(pf);
            if( ! ok ){
                log.info("Error in configuration.");
            }

            AuditEventReader src = createAuditEventReader();
            if( src == null ){
                log.info("  Error: No valid audit-event-source specified!");
                log.info("  Error: Please check your config and try again.");
                System.exit(-1);
            }
View Full Code Here

                auth = new SimplePasswordAuthenticator(users, new Properties() );
            }

            skip = 1;

            AuditEventReader r = null;
            int format = AuditFormat.guessFormat( auditFile );

            if( format == AuditFormat.APACHE_ACCESS_LOG )
                r = new AccessLogAuditReader( auditFile, skip > 0 );
View Full Code Here

TOP

Related Classes of org.jwall.web.audit.io.AuditEventReader

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.