001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2015-2016 ForgeRock AS.
015 */
016package org.forgerock.audit.handlers.syslog;
017
018import static java.util.Collections.unmodifiableMap;
019
020import java.util.ArrayList;
021import java.util.HashMap;
022import java.util.List;
023import java.util.Map;
024
025import org.forgerock.audit.events.handlers.EventHandlerConfiguration;
026
027import com.fasterxml.jackson.annotation.JsonProperty;
028import com.fasterxml.jackson.annotation.JsonPropertyDescription;
029
030/**
031 * Configuration object for the {@link SyslogAuditEventHandler}.
032 * <p>
033 * This configuration object can be created from JSON. Example of valid JSON configuration:
034 *
035 * <pre>
036    {
037      "protocol" : "TCP",
038      "host" : "https://forgerock.example.com",
039      "port" : 6514,
040      "connectTimeout" : 30000,
041      "facility" : "local0",
042      "severityFieldMappings": [{
043        "topic" : "system-status",
044        "field"  : "level",
045        "valueMappings" : {
046          "SEVERE" : "EMERGENCY",
047          "WARNING" : "WARNING",
048          "INFO" : "INFORMATIONAL"
049        },
050        "buffering" : {
051          "enabled" : "true"
052        }
053      }]
054    }
055   </pre>
056 */
057public class SyslogAuditEventHandlerConfiguration extends EventHandlerConfiguration {
058
059    @JsonProperty(required = true)
060    @JsonPropertyDescription("audit.handlers.syslog.transportProtocol")
061    private TransportProtocol protocol;
062
063    @JsonProperty(required = true)
064    @JsonPropertyDescription("audit.handlers.syslog.host")
065    private String host;
066
067    @JsonProperty(required = true)
068    @JsonPropertyDescription("audit.handlers.syslog.port")
069    private int port;
070
071    @JsonPropertyDescription("audit.handlers.syslog.connectTimeout")
072    private int connectTimeout;
073
074    @JsonProperty(required = true)
075    @JsonPropertyDescription("audit.handlers.syslog.facility")
076    private Facility facility;
077
078    @JsonProperty
079    @JsonPropertyDescription("audit.handlers.syslog.severityFieldMappings")
080    private List<SeverityFieldMapping> severityFieldMappings = new ArrayList<>();
081
082    /** Event buffering is disabled by default. */
083    @JsonPropertyDescription("audit.handlers.syslog.buffering")
084    protected EventBufferingConfiguration buffering = new EventBufferingConfiguration();
085
086    /**
087     * Returns the protocol over which messages transmitted to the Syslog daemon.
088     *
089     * @return the transport protocol.
090     */
091    public TransportProtocol getProtocol() {
092        return protocol;
093    }
094
095    /**
096     * Sets the protocol over which messages transmitted to the Syslog daemon.
097     *
098     * @param protocol
099     *          the transport protocol.
100     */
101    public void setProtocol(TransportProtocol protocol) {
102        this.protocol = protocol;
103    }
104
105    /**
106     * Returns the hostname of the Syslog daemon to which messages should be published.
107     *
108     * @return the hostname.
109     */
110    public String getHost() {
111        return host;
112    }
113
114    /**
115     * Sets the hostname of the Syslog daemon to which messages should be published.
116     *
117     * @param host
118     *          the hostname.
119     */
120    public void setHost(String host) {
121        this.host = host;
122    }
123
124    /**
125     * Returns the port of the Syslog daemon to which messages should be published.
126     *
127     * @return the port.
128     */
129    public int getPort() {
130        return port;
131    }
132
133    /**
134     * Sets the port of the Syslog daemon to which messages should be published.
135     *
136     * @param port
137     *          the port.
138     */
139    public void setPort(int port) {
140        this.port = port;
141    }
142
143    /**
144     * Returns the timeout after which attempts to connect to the Syslog daemon will be abandoned.
145     * <p/>
146     * Only applies when {@link TransportProtocol#TCP} is active.
147     *
148     * @return the connect timeout.
149     */
150    public int getConnectTimeout() {
151        return connectTimeout;
152    }
153
154    /**
155     * Sets the timeout after which attempts to connect to the Syslog daemon will be abandoned.
156     * <p/>
157     * Only applies when {@link TransportProtocol#TCP} is active.
158     *
159     * @param connectTimeout
160     *          the connect timeout.
161     */
162    public void setConnectTimeout(int connectTimeout) {
163        this.connectTimeout = connectTimeout;
164    }
165
166    /**
167     * Returns the facility constant that should be applied to all Syslog messages.
168     *
169     * @return the facility.
170     *
171     * @see <a href="https://tools.ietf.org/html/rfc5424#section-6.2.1">RFC-5424 section 6.2.1</a>
172     */
173    public Facility getFacility() {
174        return facility;
175    }
176
177    /**
178     * Sets the facility constant that should be applied to all Syslog messages.
179     *
180     * @param facility
181     *          the facility.
182     *
183     * @see <a href="https://tools.ietf.org/html/rfc5424#section-6.2.1">RFC-5424 section 6.2.1</a>
184     */
185    public void setFacility(Facility facility) {
186        this.facility = facility;
187    }
188
189    /**
190     * Returns the configurations for mapping audit event field values to Syslog severity values.
191     *
192     * @return the severity field mappings.
193     */
194    public List<SeverityFieldMapping> getSeverityFieldMappings() {
195        return severityFieldMappings;
196    }
197
198    /**
199     * Sets the configurations for mapping audit event field values to Syslog severity values.
200     *
201     * @param severityFieldMappings
202     *          the severity field mappings.
203     */
204    public void setSeverityFieldMappings(List<SeverityFieldMapping> severityFieldMappings) {
205        this.severityFieldMappings = severityFieldMappings;
206    }
207
208    /**
209     * Returns the configuration for events buffering.
210     *
211     * @return the configuration
212     */
213    public EventBufferingConfiguration getBuffering() {
214        return buffering;
215    }
216
217    /**
218     * Sets the configuration for events buffering.
219     *
220     * @param bufferingConfiguration
221     *            The configuration
222     */
223    public void setBufferingConfiguration(EventBufferingConfiguration bufferingConfiguration) {
224        this.buffering = bufferingConfiguration;
225    }
226
227    @Override
228    public boolean isUsableForQueries() {
229        return false;
230    }
231
232    /**
233     * Encapsulates configuration for mapping audit event field values to Syslog severity values.
234     */
235    public static final class SeverityFieldMapping {
236
237        @JsonProperty(required = true)
238        @JsonPropertyDescription("audit.handlers.syslog.severityFieldMapping.topic")
239        private String topic;
240
241        @JsonProperty(required = true)
242        @JsonPropertyDescription("audit.handlers.syslog.severityFieldMapping.field")
243        private String field;
244
245        @JsonProperty(required = true)
246        @JsonPropertyDescription("audit.handlers.syslog.severityFieldMapping.valueMappings")
247        private Map<String, Severity> valueMappings = new HashMap<>();
248
249        /**
250         * Returns the name of the event topic to which this mapping applies.
251         *
252         * @return the event topic name.
253         */
254        public String getTopic() {
255            return topic;
256        }
257
258        /**
259         * Sets the name of the event topic to which this mapping applies.
260         *
261         * @param topic
262         *          the event topic name.
263         */
264        public void setTopic(String topic) {
265            this.topic = topic;
266        }
267
268        /**
269         * Returns the name of the event topic field to which this mapping applies.
270         * <p/>
271         * If the chosen field is nested, JsonPointer notation should be used.
272         *
273         * @return the event topic field name.
274         */
275        public String getField() {
276            return field;
277        }
278
279        /**
280         * Sets the name of the event topic field to which this mapping applies.
281         *
282         * @param field
283         *          the event topic field name.
284         */
285        public void setField(String field) {
286            this.field = field;
287        }
288
289        /**
290         * Returns the mapping of audit event values to Syslog severity values.
291         *
292         * @return the value mappings.
293         */
294        public Map<String, Severity> getValueMappings() {
295            return unmodifiableMap(valueMappings);
296        }
297
298        /**
299         * Sets the mapping of audit event values to Syslog severity values.
300         *
301         * @param valueMappings
302         *          the value mappings.
303         */
304        public void setValueMappings(Map<String, Severity> valueMappings) {
305            this.valueMappings = new HashMap<>(valueMappings);
306        }
307    }
308
309    /**
310     * Configuration of event buffering.
311     */
312    public static class EventBufferingConfiguration {
313
314        @JsonPropertyDescription("audit.handlers.syslog.buffering.enabled")
315        private boolean enabled;
316
317        @JsonPropertyDescription("audit.handlers.syslog.buffering.maxSize")
318        private int maxSize = 5000;
319
320        /**
321         * Indicates if event buffering is enabled.
322         *
323         * @return {@code true} if buffering is enabled.
324         */
325        public boolean isEnabled() {
326            return enabled;
327        }
328
329        /**
330         * Sets the buffering status.
331         *
332         * @param enabled
333         *            Indicates if buffering is enabled.
334         */
335        public void setEnabled(boolean enabled) {
336            this.enabled = enabled;
337        }
338
339    }
340}