Package org.jwall.web.audit.io

Examples of org.jwall.web.audit.io.ModSecurity2AuditReader


  @Test
  public void testRuleID2() throws Exception {
   
    File test = new File( "/Users/chris/audit/larry-bugs/rule-id-audit.log" );
    if( test.canRead() ){
      AuditEventReader reader = new ModSecurity2AuditReader( test );
      event = reader.readNext();
      log.info( "ScriptEvent is: {}", event.getEventId() );
      AuditEventRule rule = new AuditEventRule();
      rule.add( new ConditionEQ( "RULE_ID", "113" ) );
      rule.add( new MockAction() );
      Assert.assertTrue( rule.matches( event, null ) );
View Full Code Here


    @Before
    public void setUp() throws Exception
    {
        URL url = ParserBugConsole8Test.class.getResource( "/CONSOLE-8-bug-audit.log" );
        log.info( "Audit-ScriptEvent-Log: {}", url );
        reader = new ModSecurity2AuditReader( url.openStream() );
    }
View Full Code Here

    @Before
    public void setUp() throws Exception
    {
        URL url = ParserArgsTest.class.getResource( "/parse-args-audit.log" );
        log.info( "Audit-ScriptEvent-Log: {}", url );
        reader = new ModSecurity2AuditReader( url.openStream() );
    }
View Full Code Here

    @Before
    public void setUp() throws Exception
    {
        URL url = ParserBugConsole8Test.class.getResource( "/date-parser-bug-audit.log" );
        log.info( "Audit-ScriptEvent-Log: {}", url );
        reader = new ModSecurity2AuditReader( url.openStream() );
    }
View Full Code Here

    @Before
    public void setUp() throws Exception
    {
        URL url = ParserBugNeilTest.class.getResource( "/neil-bug-audit.log" );
        log.info( "Audit-ScriptEvent-Log: {}", url );
        reader = new ModSecurity2AuditReader( url.openStream() );
    }
View Full Code Here

    this.port = port;
  }

  public static void main(String[] args) throws Exception {

    AuditEventReader reader = new ModSecurity2AuditReader(new File(
        "/Users/chris/audit/jwall-audit.log"));
    AuditEvent evt = reader.readNext();
    GELFSender sender = new GELFSender();
    sender.setAddress("127.0.0.1");
    sender.setPort(9105);

    sender.processEvent(evt, new HashMap<String, Object>());
View Full Code Here

    AuditEventReader reader;
    Socket socket;

    public AuditEventReaderThread( Socket sock ) throws Exception {
      this.socket = sock;
      reader = new ModSecurity2AuditReader( sock.getInputStream() );
    }
View Full Code Here

        if( fmt == AuditFormat.MOD_SECURITY_1_X_SERIAL_LOG )
            reader = new ModSecurityAuditReader( logFile, tail );

        if( fmt == AuditFormat.MOD_SECURITY_2_X_SERIAL_LOG )
            reader = new ModSecurity2AuditReader( logFile, tail );

        if( reader == null )
            throw new Exception( "The log-file format is not supported!" );

        return reader;
View Full Code Here

  public void testProcessEvent() {

    log.info( "Running resolver-test..." );
    try {
      URL url = XForwardedForResolverTest.class.getResource( "/test-audit.log" );
      ModSecurity2AuditReader reader = new ModSecurity2AuditReader( url.openStream() );
      event = reader.readNext();
    } catch (Exception e) {
      Assert.fail( e.getMessage() );
    }
   
    Assert.assertNotNull( event );
View Full Code Here

    List<AuditEvent> list = new ArrayList<AuditEvent>();
   
    try {
      int i = 0;
      URL url = EventList.class.getResource( resource );
      ModSecurity2AuditReader reader = new ModSecurity2AuditReader( url.openStream() );
      AuditEvent event = reader.readNext();
      while( event != null && i < num ){
        list.add( event );
        event = reader.readNext();
      }

     
    } catch (Exception e) {
     
View Full Code Here

TOP

Related Classes of org.jwall.web.audit.io.ModSecurity2AuditReader

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.