001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2015 ForgeRock AS.
015 */
016package org.forgerock.audit.handlers.syslog;
017
018import static java.util.Collections.unmodifiableMap;
019
020import com.fasterxml.jackson.annotation.JsonPropertyDescription;
021import org.forgerock.audit.events.handlers.EventHandlerConfiguration;
022
023import com.fasterxml.jackson.annotation.JsonProperty;
024import org.forgerock.util.Reject;
025
026import java.util.ArrayList;
027import java.util.HashMap;
028import java.util.List;
029import java.util.Map;
030
031/**
032 * Configuration object for the {@link SyslogAuditEventHandler}.
033 * <p>
034 * This configuration object can be created from JSON. Example of valid JSON configuration:
035 *
036 * <pre>
037    {
038      "protocol" : "TCP",
039      "host" : "https://forgerock.example.com",
040      "port" : 6514,
041      "connectTimeout" : 30000,
042      "facility" : "local0",
043      "severityFieldMappings": [{
044        "topic" : "system-status",
045        "field"  : "level",
046        "valueMappings" : {
047          "SEVERE" : "EMERGENCY",
048          "WARNING" : "WARNING",
049          "INFO" : "INFORMATIONAL"
050        },
051        "buffering" : {
052          "enabled" : "true"
053        }
054      }]
055    }
056   </pre>
057 */
058public class SyslogAuditEventHandlerConfiguration extends EventHandlerConfiguration {
059
060    @JsonProperty(required=true)
061    @JsonPropertyDescription("audit.handlers.syslog.transportProtocol")
062    private TransportProtocol protocol;
063
064    @JsonProperty(required=true)
065    @JsonPropertyDescription("audit.handlers.syslog.host")
066    private String host;
067
068    @JsonProperty(required=true)
069    @JsonPropertyDescription("audit.handlers.syslog.port")
070    private int port;
071
072    @JsonPropertyDescription("audit.handlers.syslog.connectTimeout")
073    private int connectTimeout;
074
075    @JsonProperty(required=true)
076    @JsonPropertyDescription("audit.handlers.syslog.facility")
077    private Facility facility;
078
079    @JsonProperty
080    @JsonPropertyDescription("audit.handlers.syslog.severityFieldMappings")
081    private List<SeverityFieldMapping> severityFieldMappings = new ArrayList<>();
082
083    /** Event buffering is disabled by default. */
084    @JsonPropertyDescription("audit.handlers.syslog.buffering")
085    protected EventBufferingConfiguration buffering = new EventBufferingConfiguration();
086
087    /**
088     * Returns the protocol over which messages transmitted to the Syslog daemon.
089     *
090     * @return the transport protocol.
091     */
092    public TransportProtocol getProtocol() {
093        return protocol;
094    }
095
096    /**
097     * Sets the protocol over which messages transmitted to the Syslog daemon.
098     *
099     * @param protocol
100     *          the transport protocol.
101     */
102    public void setProtocol(TransportProtocol protocol) {
103        this.protocol = protocol;
104    }
105
106    /**
107     * Returns the hostname of the Syslog daemon to which messages should be published.
108     *
109     * @return the hostname.
110     */
111    public String getHost() {
112        return host;
113    }
114
115    /**
116     * Sets the hostname of the Syslog daemon to which messages should be published.
117     *
118     * @param host
119     *          the hostname.
120     */
121    public void setHost(String host) {
122        this.host = host;
123    }
124
125    /**
126     * Returns the port of the Syslog daemon to which messages should be published.
127     *
128     * @return the port.
129     */
130    public int getPort() {
131        return port;
132    }
133
134    /**
135     * Sets the port of the Syslog daemon to which messages should be published.
136     *
137     * @param port
138     *          the port.
139     */
140    public void setPort(int port) {
141        this.port = port;
142    }
143
144    /**
145     * Returns the timeout after which attempts to connect to the Syslog daemon will be abandoned.
146     * <p/>
147     * Only applies when {@link TransportProtocol#TCP} is active.
148     *
149     * @return the connect timeout.
150     */
151    public int getConnectTimeout() {
152        return connectTimeout;
153    }
154
155    /**
156     * Sets the timeout after which attempts to connect to the Syslog daemon will be abandoned.
157     * <p/>
158     * Only applies when {@link TransportProtocol#TCP} is active.
159     *
160     * @param connectTimeout
161     *          the connect timeout.
162     */
163    public void setConnectTimeout(int connectTimeout) {
164        this.connectTimeout = connectTimeout;
165    }
166
167    /**
168     * Returns the facility constant that should be applied to all Syslog messages.
169     *
170     * @return the facility.
171     *
172     * @see <a href="https://tools.ietf.org/html/rfc5424#section-6.2.1">RFC-5424 section 6.2.1</a>
173     */
174    public Facility getFacility() {
175        return facility;
176    }
177
178    /**
179     * Sets the facility constant that should be applied to all Syslog messages.
180     *
181     * @param facility
182     *          the facility.
183     *
184     * @see <a href="https://tools.ietf.org/html/rfc5424#section-6.2.1">RFC-5424 section 6.2.1</a>
185     */
186    public void setFacility(Facility facility) {
187        this.facility = facility;
188    }
189
190    /**
191     * Returns the configurations for mapping audit event field values to Syslog severity values.
192     *
193     * @return the severity field mappings.
194     */
195    public List<SeverityFieldMapping> getSeverityFieldMappings() {
196        return severityFieldMappings;
197    }
198
199    /**
200     * Sets the configurations for mapping audit event field values to Syslog severity values.
201     *
202     * @param severityFieldMappings
203     *          the severity field mappings.
204     */
205    public void setSeverityFieldMappings(List<SeverityFieldMapping> severityFieldMappings) {
206        this.severityFieldMappings = severityFieldMappings;
207    }
208
209    /**
210     * Returns the configuration for events buffering.
211     *
212     * @return the configuration
213     */
214    public EventBufferingConfiguration getBuffering() {
215        return buffering;
216    }
217
218    /**
219     * Sets the configuration for events buffering.
220     *
221     * @param bufferingConfiguration
222     *            The configuration
223     */
224    public void setBufferingConfiguration(EventBufferingConfiguration bufferingConfiguration) {
225        this.buffering = bufferingConfiguration;
226    }
227
228    /**
229     * Encapsulates configuration for mapping audit event field values to Syslog severity values.
230     */
231    public static final class SeverityFieldMapping {
232
233        @JsonProperty(required=true)
234        @JsonPropertyDescription("audit.handlers.syslog.severityFieldMapping.topic")
235        private String topic;
236
237        @JsonProperty(required=true)
238        @JsonPropertyDescription("audit.handlers.syslog.severityFieldMapping.field")
239        private String field;
240
241        @JsonProperty(required=true)
242        @JsonPropertyDescription("audit.handlers.syslog.severityFieldMapping.valueMappings")
243        private Map<String, Severity> valueMappings = new HashMap<>();
244
245        /**
246         * Returns the name of the event topic to which this mapping applies.
247         *
248         * @return the event topic name.
249         */
250        public String getTopic() {
251            return topic;
252        }
253
254        /**
255         * Sets the name of the event topic to which this mapping applies.
256         *
257         * @param topic
258         *          the event topic name.
259         */
260        public void setTopic(String topic) {
261            this.topic = topic;
262        }
263
264        /**
265         * Returns the name of the event topic field to which this mapping applies.
266         * <p/>
267         * If the chosen field is nested, JsonPointer notation should be used.
268         *
269         * @return the event topic field name.
270         */
271        public String getField() {
272            return field;
273        }
274
275        /**
276         * Sets the name of the event topic field to which this mapping applies.
277         *
278         * @param field
279         *          the event topic field name.
280         */
281        public void setField(String field) {
282            this.field = field;
283        }
284
285        /**
286         * Returns the mapping of audit event values to Syslog severity values.
287         *
288         * @return the value mappings.
289         */
290        public Map<String, Severity> getValueMappings() {
291            return unmodifiableMap(valueMappings);
292        }
293
294        /**
295         * Sets the mapping of audit event values to Syslog severity values.
296         *
297         * @param valueMappings
298         *          the value mappings.
299         */
300        public void setValueMappings(Map<String, Severity> valueMappings) {
301            this.valueMappings = new HashMap<>(valueMappings);
302        }
303    }
304
305    /**
306     * Configuration of event buffering.
307     */
308    public static class EventBufferingConfiguration {
309
310        @JsonPropertyDescription("audit.handlers.syslog.buffering.enabled")
311        private boolean enabled;
312
313        @JsonPropertyDescription("audit.handlers.syslog.buffering.maxSize")
314        private int maxSize = 5000;
315
316        /**
317         * Indicates if event buffering is enabled.
318         *
319         * @return {@code true} if buffering is enabled.
320         */
321        public boolean isEnabled() {
322            return enabled;
323        }
324
325        /**
326         * Sets the buffering status.
327         *
328         * @param enabled
329         *            Indicates if buffering is enabled.
330         */
331        public void setEnabled(boolean enabled) {
332            this.enabled = enabled;
333        }
334
335    }
336}