├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md └── dependabot.yml ├── .gitignore ├── .travis.yml ├── GETTING-STARTED.md ├── LICENSE ├── README.md ├── babel.config.js ├── build.config.js ├── changelog ├── 5.0.0 │ ├── issue-1054.toml │ └── issue-1096.toml ├── 5.1.0-rc.1 │ ├── .gitkeep │ ├── issue-1172.toml │ ├── issue-1318.toml │ ├── issue-1327.toml │ ├── issue-780.toml │ └── pr-1291.toml └── unreleased │ ├── .gitkeep │ ├── issue-1341.toml │ ├── pr-1340.toml │ └── pr-1348.toml ├── jenkins.groovy ├── jest.config.js ├── package.json ├── pom.xml ├── src ├── deb │ └── control │ │ └── control ├── main │ ├── java │ │ └── org │ │ │ └── graylog │ │ │ └── integrations │ │ │ ├── Integrations.java │ │ │ ├── IntegrationsMetaData.java │ │ │ ├── IntegrationsModule.java │ │ │ ├── IntegrationsPlugin.java │ │ │ ├── audit │ │ │ └── IntegrationsAuditEventTypes.java │ │ │ ├── aws │ │ │ ├── AWSAuthFactory.java │ │ │ ├── AWSClientBuilderUtil.java │ │ │ ├── AWSLogMessage.java │ │ │ ├── AWSMessageType.java │ │ │ ├── AWSPermissions.java │ │ │ ├── AWSPolicy.java │ │ │ ├── AWSPolicyStatement.java │ │ │ ├── cloudwatch │ │ │ │ ├── CloudWatchLogEvent.java │ │ │ │ ├── CloudWatchLogSubscriptionData.java │ │ │ │ ├── FlowLogMessage.java │ │ │ │ ├── IANAProtocolNumbers.java │ │ │ │ └── KinesisLogEntry.java │ │ │ ├── codecs │ │ │ │ ├── AWSCodec.java │ │ │ │ ├── AbstractKinesisCodec.java │ │ │ │ ├── KinesisCloudWatchFlowLogCodec.java │ │ │ │ └── KinesisRawLogCodec.java │ │ │ ├── inputs │ │ │ │ └── AWSInput.java │ │ │ ├── resources │ │ │ │ ├── AWSResource.java │ │ │ │ ├── KinesisSetupResource.java │ │ │ │ ├── requests │ │ │ │ │ ├── AWSInputCreateRequest.java │ │ │ │ │ ├── AWSRequest.java │ │ │ │ │ ├── AWSRequestImpl.java │ │ │ │ │ ├── CreateLogSubscriptionRequest.java │ │ │ │ │ ├── CreateRolePermissionRequest.java │ │ │ │ │ ├── KinesisFullSetupRequest.java │ │ │ │ │ ├── KinesisHealthCheckRequest.java │ │ │ │ │ └── KinesisNewStreamRequest.java │ │ │ │ └── responses │ │ │ │ │ ├── AWSRegion.java │ │ │ │ │ ├── AvailableService.java │ │ │ │ │ ├── AvailableServiceResponse.java │ │ │ │ │ ├── CreateLogSubscriptionResponse.java │ │ │ │ │ ├── CreateRolePermissionResponse.java │ │ │ │ │ ├── KinesisHealthCheckResponse.java │ │ │ │ │ ├── KinesisNewStreamResponse.java │ │ │ │ │ ├── KinesisPermissionsResponse.java │ │ │ │ │ ├── LogGroupsResponse.java │ │ │ │ │ ├── RegionsResponse.java │ │ │ │ │ └── StreamsResponse.java │ │ │ ├── service │ │ │ │ ├── AWSService.java │ │ │ │ ├── CloudWatchService.java │ │ │ │ └── KinesisService.java │ │ │ └── transports │ │ │ │ ├── AWSTransport.java │ │ │ │ ├── KinesisConsumer.java │ │ │ │ ├── KinesisPayloadDecoder.java │ │ │ │ ├── KinesisShardProcessorFactory.java │ │ │ │ ├── KinesisTransport.java │ │ │ │ └── KinesisTransportState.java │ │ │ ├── dataadapters │ │ │ ├── GreyNoiseCommunityIpLookupAdapter.java │ │ │ └── GreyNoiseQuickIPDataAdapter.java │ │ │ ├── inputs │ │ │ ├── paloalto │ │ │ │ ├── PaloAltoCodec.java │ │ │ │ ├── PaloAltoFieldTemplate.java │ │ │ │ ├── PaloAltoFieldType.java │ │ │ │ ├── PaloAltoMessageBase.java │ │ │ │ ├── PaloAltoMessageTemplate.java │ │ │ │ ├── PaloAltoMessageType.java │ │ │ │ ├── PaloAltoParser.java │ │ │ │ ├── PaloAltoTCPInput.java │ │ │ │ ├── PaloAltoTemplateDefaults.java │ │ │ │ ├── PaloAltoTemplates.java │ │ │ │ ├── PaloAltoTypeParser.java │ │ │ │ └── PaloAltoUtils.java │ │ │ └── paloalto9 │ │ │ │ ├── PaloAlto9xCodec.java │ │ │ │ ├── PaloAlto9xFields.java │ │ │ │ ├── PaloAlto9xInput.java │ │ │ │ ├── PaloAlto9xParser.java │ │ │ │ └── PaloAlto9xTemplates.java │ │ │ ├── ipfix │ │ │ ├── Flow.java │ │ │ ├── InformationElement.java │ │ │ ├── InformationElementDefinition.java │ │ │ ├── InformationElementDefinitions.java │ │ │ ├── InvalidMessageVersion.java │ │ │ ├── IpfixException.java │ │ │ ├── IpfixJournal.java │ │ │ ├── IpfixMessage.java │ │ │ ├── IpfixParser.java │ │ │ ├── MessageHeader.java │ │ │ ├── OptionsTemplateRecord.java │ │ │ ├── ShallowDataSet.java │ │ │ ├── ShallowOptionsTemplateSet.java │ │ │ ├── ShallowTemplateSet.java │ │ │ ├── TemplateRecord.java │ │ │ ├── codecs │ │ │ │ ├── IpfixAggregator.java │ │ │ │ ├── IpfixCodec.java │ │ │ │ └── TemplateKey.java │ │ │ ├── inputs │ │ │ │ └── IpfixUdpInput.java │ │ │ └── transports │ │ │ │ ├── IpfixMessageAggregationHandler.java │ │ │ │ └── IpfixUdpTransport.java │ │ │ ├── migrations │ │ │ ├── V20220622071600_MigratePagerDutyV1.java │ │ │ └── V20230522201200_NotificationForDeprecatedGreyNoiseCommunityDataAdapters.java │ │ │ ├── notifications │ │ │ └── types │ │ │ │ ├── SlackClient.java │ │ │ │ ├── SlackEventNotification.java │ │ │ │ ├── SlackEventNotificationConfig.java │ │ │ │ ├── SlackEventNotificationConfigEntity.java │ │ │ │ ├── SlackMessage.java │ │ │ │ ├── microsoftteams │ │ │ │ ├── TeamsEventNotification.java │ │ │ │ ├── TeamsEventNotificationConfig.java │ │ │ │ ├── TeamsEventNotificationConfigEntity.java │ │ │ │ └── TeamsMessage.java │ │ │ │ └── util │ │ │ │ └── RequestClient.java │ │ │ └── pagerduty │ │ │ ├── PagerDutyNotification.java │ │ │ ├── PagerDutyNotificationConfig.java │ │ │ ├── PagerDutyNotificationConfigEntity.java │ │ │ ├── client │ │ │ ├── MessageFactory.java │ │ │ └── PagerDutyClient.java │ │ │ └── dto │ │ │ ├── Link.java │ │ │ ├── PagerDutyMessage.java │ │ │ └── PagerDutyResponse.java │ └── resources │ │ ├── META-INF │ │ └── services │ │ │ └── org.graylog2.plugin.Plugin │ │ ├── ipfix-iana-elements.json │ │ ├── ipfix-information-elements.csv │ │ ├── ipfix_journal.proto │ │ └── org.graylog.plugins.graylog-plugin-integrations │ │ └── graylog-plugin.properties ├── test │ ├── java │ │ └── org │ │ │ └── graylog │ │ │ └── integrations │ │ │ ├── TestWithResources.java │ │ │ ├── aws │ │ │ ├── AWSAuthFactoryTest.java │ │ │ ├── AWSTestingUtils.java │ │ │ ├── AwsClientBuilderUtilTest.java │ │ │ ├── cloudwatch │ │ │ │ ├── CloudWatchServiceTest.java │ │ │ │ └── FlowLogMessageTest.java │ │ │ ├── codecs │ │ │ │ ├── AWSCodecTest.java │ │ │ │ └── CloudWatchFlowLogCodecTest.java │ │ │ ├── resources │ │ │ │ └── KinesisSetupResourceTest.java │ │ │ ├── service │ │ │ │ ├── AWSServiceTest.java │ │ │ │ └── KinesisServiceTest.java │ │ │ └── transports │ │ │ │ ├── AWSTransportTest.java │ │ │ │ ├── KinesisPayloadDecoderTest.java │ │ │ │ └── KinesisTransportTest.java │ │ │ ├── dataadapters │ │ │ ├── GreyNoiseCommunityIpLookupAdapterTest.java │ │ │ └── GreyNoiseDataAdapterTest.java │ │ │ ├── inputs │ │ │ ├── paloalto │ │ │ │ ├── PaloAltoCodecTest.java │ │ │ │ └── PaloAltoTemplateTest.java │ │ │ └── paloalto9 │ │ │ │ ├── PaloAlto9xCodecTest.java │ │ │ │ ├── PaloAlto9xParserTest.java │ │ │ │ └── PaloAlto9xTemplatesTest.java │ │ │ ├── ipfix │ │ │ ├── InformationElementDefinitionsTest.java │ │ │ ├── IpfixParserTest.java │ │ │ ├── Utils.java │ │ │ └── codecs │ │ │ │ ├── IpfixAggregatorTest.java │ │ │ │ └── IpfixCodecTest.java │ │ │ ├── notifications │ │ │ └── types │ │ │ │ ├── SlackClientTest.java │ │ │ │ ├── SlackEventNotificationConfigTest.java │ │ │ │ ├── SlackEventNotificationTest.java │ │ │ │ └── microsoftteams │ │ │ │ ├── TeamsEventNotificationConfigTest.java │ │ │ │ └── TeamsEventNotificationTest.java │ │ │ └── pagerduty │ │ │ ├── PagerDutyNotificationTest.java │ │ │ └── client │ │ │ └── PagerDutyClientTest.java │ ├── python │ │ └── send_syslog.py │ ├── resources │ │ ├── data-datatemplate.pcap │ │ ├── dataset-only.ipfix │ │ ├── ixflow.pcap │ │ ├── ixia-ied.json │ │ ├── ixia-multilist.ipfix │ │ ├── log4j2-test.xml │ │ ├── netflow-v9.dat │ │ ├── org │ │ │ └── graylog │ │ │ │ └── integrations │ │ │ │ └── dataadapters │ │ │ │ ├── GreyNoiseCommunityIpLookupAdapter_test-parse-404.json │ │ │ │ ├── GreyNoiseCommunityIpLookupAdapter_test-parse-LimitReached.json │ │ │ │ └── GreyNoiseCommunityIpLookupAdapter_test-parse-success.json │ │ └── templates-data.ipfix │ └── web │ │ ├── aws │ │ └── FormData.fixtures.js │ │ └── fileMock.js └── web │ ├── aws │ ├── AWSInputConfiguration.jsx │ ├── StepAuthorize.jsx │ ├── authentication │ │ ├── ARN.jsx │ │ ├── AWSAuthenticationTypes.jsx │ │ ├── AWSCustomEndpoints.jsx │ │ ├── Automatic.jsx │ │ └── KeySecret.jsx │ ├── cloudwatch │ │ ├── CloudWatch.jsx │ │ ├── CloudWatch.test.jsx │ │ ├── CloudWatchApp.jsx │ │ ├── EmbeddedCloudWatchApp.jsx │ │ ├── FormAdvancedOptions.jsx │ │ ├── SidebarPermissions.jsx │ │ ├── StepHealthCheck.jsx │ │ ├── StepKinesis.jsx │ │ ├── StepReview.jsx │ │ ├── StepReview.test.jsx │ │ ├── _initialFormData.js │ │ └── kinesis │ │ │ ├── ExistingStreams.jsx │ │ │ ├── SetupNewStream.jsx │ │ │ └── setup-steps │ │ │ ├── Agree.jsx │ │ │ ├── KinesisSetupStep.jsx │ │ │ ├── KinesisSetupSteps.jsx │ │ │ └── SetupModal.jsx │ ├── common │ │ ├── AdditionalFields.jsx │ │ ├── Countdown.jsx │ │ ├── FormWrap.jsx │ │ ├── MaskedInput.jsx │ │ ├── Options.jsx │ │ ├── Routes.js │ │ ├── SkipHealthCheck.jsx │ │ ├── ValidatedInput.jsx │ │ ├── constants.js │ │ ├── formDataAdapter.js │ │ ├── formDataAdapter.test.js │ │ ├── hooks │ │ │ └── useFetch.js │ │ └── sharedStyles.js │ ├── context │ │ ├── AdvancedOptions.jsx │ │ ├── Api.jsx │ │ ├── FormData.jsx │ │ ├── Sidebar.jsx │ │ └── Steps.jsx │ └── utils │ │ └── formValidation.js │ ├── dataadapters │ ├── GreyNoiseAdapterDocumentation.jsx │ ├── GreyNoiseAdapterFieldSet.jsx │ ├── GreyNoiseAdapterSummary.jsx │ └── GreyNoiseCommunityIpLookupAdapterDocumentation.jsx │ ├── event-notifications │ ├── event-notification-details │ │ ├── SlackNotificationDetails.tsx │ │ └── TeamsNotificationDetails.tsx │ ├── event-notification-types │ │ ├── SlackNotificationForm.tsx │ │ ├── SlackNotificationSummary.tsx │ │ ├── TeamsNotificationForm.tsx │ │ └── TeamsNotificationSummary.tsx │ └── types.ts │ ├── index.jsx │ ├── pager-duty │ ├── PagerDutyNotificationDetails.jsx │ ├── PagerDutyNotificationForm.jsx │ └── PagerDutyNotificationSummary.jsx │ └── webpack-entry.js ├── tsconfig.json ├── webpack.config.js └── yarn.lock /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | title: '' 5 | labels: bug 6 | assignees: '' 7 | 8 | --- 9 | 10 | ## Description 11 | 12 | ## Steps To Reproduce 13 | 14 | 1. 15 | 1. 16 | 1. 17 | 1. 18 | 19 | ## Environment 20 | 21 | - Graylog Version: 22 | - OpenSearch Version: 23 | - MongoDB Version: 24 | - Browser Version: 25 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | title: '' 5 | labels: feature 6 | assignees: '' 7 | 8 | --- 9 | 10 | # Description 11 | 12 | ## What 13 | 14 | ## Why 15 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: npm 4 | directory: "/" 5 | schedule: 6 | interval: daily 7 | time: "11:00" 8 | open-pull-requests-limit: 10 9 | rebase-strategy: "disabled" 10 | - package-ecosystem: maven 11 | directory: "/" 12 | schedule: 13 | interval: daily 14 | time: "11:00" 15 | open-pull-requests-limit: 10 16 | rebase-strategy: "disabled" 17 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .idea/ 2 | *.iml 3 | *.ipr 4 | *.iws 5 | .classpath 6 | .project 7 | .settings/ 8 | target/ 9 | dependency-reduced-pom.xml 10 | node_modules 11 | node 12 | build 13 | build.config.js.sample 14 | /cache/ 15 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | sudo: required 2 | dist: trusty 3 | language: java 4 | jdk: 5 | - oraclejdk8 6 | addons: 7 | apt: 8 | packages: 9 | - rpm 10 | before_deploy: 11 | - mvn jdeb:jdeb && export RELEASE_DEB_FILE=$(ls target/*.deb) 12 | - mvn rpm:rpm && export RELEASE_RPM_FILE=$(find target/ -name '*.rpm' | tail -1) 13 | - rm -f target/original-*.jar 14 | - export RELEASE_PKG_FILE=$(ls target/*.jar) 15 | - echo "Deploying release to GitHub releases" 16 | deploy: 17 | provider: releases 18 | api_key: 19 | secure: 20 | file: 21 | - "${RELEASE_PKG_FILE}" 22 | - "${RELEASE_DEB_FILE}" 23 | - "${RELEASE_RPM_FILE}" 24 | skip_cleanup: true 25 | on: 26 | tags: true 27 | jdk: oraclejdk8 28 | -------------------------------------------------------------------------------- /GETTING-STARTED.md: -------------------------------------------------------------------------------- 1 | Getting started with your new Graylog plugin 2 | ============================================ 3 | 4 | Welcome to your new Graylog plugin! 5 | 6 | Please refer to https://docs.graylog.org/en/latest/pages/plugins.html for documentation on how to write 7 | plugins for Graylog. 8 | 9 | Travis CI 10 | --------- 11 | 12 | There is a `.travis.yml` template in this project which is prepared to automatically 13 | deploy the plugin artifacts (JAR, DEB, RPM) to GitHub releases. 14 | 15 | You just have to add your encrypted GitHub access token to the `.travis.yml`. 16 | The token can be generated in your [GitHub personal access token settings](https://github.com/settings/tokens). 17 | 18 | Before Travis CI works, you have to enable it. Install the Travis CI command line 19 | application and execute `travis enable`. 20 | 21 | To encrypt your GitHub access token you can use `travis encrypt`. 22 | 23 | Alternatively you can use `travis setup -f releases` to automatically create a GitHub 24 | access token and add it to the `.travis.yml` file. **Attention:** doing this 25 | will replace some parts of the `.travis.yml` file and you have to restore previous 26 | settings. 27 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Integrations Plugin for Graylog 2 | 3 | Overview 4 | -------- 5 | 6 | Integrations are tools that help Graylog work with external systems. This plugin contains all open source integrations 7 | features. 8 | 9 | Please refer to the [documentation](https://docs.graylog.org/en/latest/pages/integrations.html) for additional details 10 | and setup instructions. 11 | -------------------------------------------------------------------------------- /babel.config.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | const coreBabelConfig = require('../graylog2-server/graylog2-web-interface/babel.config.js'); 18 | 19 | module.exports = { ...coreBabelConfig }; 20 | -------------------------------------------------------------------------------- /build.config.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | const path = require('path'); 18 | 19 | module.exports = { 20 | // Make sure that this is the correct path to the web interface part of the Graylog server repository. 21 | web_src_path: path.resolve(__dirname, '../graylog2-server', 'graylog2-web-interface'), 22 | }; 23 | -------------------------------------------------------------------------------- /changelog/5.0.0/issue-1054.toml: -------------------------------------------------------------------------------- 1 | type = "fixed" 2 | message = "Fixed bug where old PagerDuty notifications would fail to load." 3 | 4 | issues = ["1054"] 5 | pulls = ["1077"] -------------------------------------------------------------------------------- /changelog/5.0.0/issue-1096.toml: -------------------------------------------------------------------------------- 1 | type = "changed" 2 | message = "Modified how Microsoft Teams notification templates are processed." 3 | 4 | issues = ["1096", "1200"] 5 | pulls = ["1202"] 6 | 7 | details.user = """ 8 | The Microsoft Teams notification template used to rely on each line being a key-value pair with a colon delimiter. This 9 | led to any lines containing multiple colons being displayed incorrectly. The template is now processed as either HTML 10 | or Markup to allow more flexible formatting and to correctly display lines with multiple colons. This will break any 11 | existing notifications that use the old default template and likely any customized templates that rely on the old 12 | processing functionality. The new default template can be found in the linked PR. Customized templates will need to be 13 | modified to use either HTML or Markup before notifications will display properly in Teams. 14 | """ 15 | -------------------------------------------------------------------------------- /changelog/5.1.0-rc.1/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Graylog2/graylog-plugin-integrations/d0f637969418125106fe9d4b1dea3dcce4e5b6cd/changelog/5.1.0-rc.1/.gitkeep -------------------------------------------------------------------------------- /changelog/5.1.0-rc.1/issue-1172.toml: -------------------------------------------------------------------------------- 1 | type = "added" 2 | message = "Added option to omit title portion of Slack notifications to reduce clutter." 3 | 4 | issues = ["1172"] 5 | pulls = ["1320"] 6 | -------------------------------------------------------------------------------- /changelog/5.1.0-rc.1/issue-1318.toml: -------------------------------------------------------------------------------- 1 | type = "added" 2 | message = "Added support for timezones in Slack and Teams notifications." 3 | 4 | issues = ["1318"] 5 | pulls = ["1320"] 6 | -------------------------------------------------------------------------------- /changelog/5.1.0-rc.1/issue-1327.toml: -------------------------------------------------------------------------------- 1 | type = "fixed" 2 | message = "Fixed issue with Palo Alto Global Protect logs parsing last 5 fields incorrectly." 3 | 4 | issues = ["1327", "Graylog2/graylog2-server#14363"] 5 | pulls = ["1328"] 6 | 7 | contributors = ["@giveen"] -------------------------------------------------------------------------------- /changelog/5.1.0-rc.1/issue-780.toml: -------------------------------------------------------------------------------- 1 | type = "added" 2 | message = "Added option to notify @here in Slack notifications." 3 | 4 | issues = ["780"] 5 | pulls = ["1320"] 6 | -------------------------------------------------------------------------------- /changelog/5.1.0-rc.1/pr-1291.toml: -------------------------------------------------------------------------------- 1 | type = "changed" # One of: a(dded), c(hanged), d(eprecated), r(emoved), f(ixed), s(ecurity) 2 | message = "Consistent use of message identifiers in strings." 3 | 4 | issues = ["Graylog2/graylog2-server#13628"] 5 | pulls = ["1291"] 6 | -------------------------------------------------------------------------------- /changelog/unreleased/.gitkeep: -------------------------------------------------------------------------------- 1 | # Keep the directory in Git -------------------------------------------------------------------------------- /changelog/unreleased/issue-1341.toml: -------------------------------------------------------------------------------- 1 | type = "added" 2 | message = "Added event definition title as a summary to Microsoft Teams notifications." 3 | 4 | issues = ["1341"] 5 | pulls = ["1343"] -------------------------------------------------------------------------------- /changelog/unreleased/pr-1340.toml: -------------------------------------------------------------------------------- 1 | type = "d" 2 | message = "GreyNoise Data Adapter functionality has been limited to only use with non-community GreyNoise subscriptions." 3 | 4 | issues = ["Graylog2/graylog-plugin-enterprise#5157"] 5 | pulls = ["1340", "Graylog2/graylog-plugin-enterprise-integrations#1059", "Graylog2/graylog2-server#15592"] 6 | details.user = """ 7 | - GreyNoise Community IP Lookup Data Adapters have been marked as deprecated. Existing Data Adapters can no longer be 8 | started or lookups performed. 9 | - GreyNoise Full IP Lookup [Enterprise] Data Adapter can no longer be used with a free GreyNoise Community API tokens. 10 | - GreyNoise Quick IP Lookup Data Adapter can no longer be used with a free GreyNoise Community API tokens. 11 | """ 12 | -------------------------------------------------------------------------------- /changelog/unreleased/pr-1348.toml: -------------------------------------------------------------------------------- 1 | type = "a" 2 | message = "Include link to replay an alert in teams and slack notification template." 3 | 4 | issues = ["Graylog2/graylog-server#15678"] 5 | pulls = ["1348"] -------------------------------------------------------------------------------- /jenkins.groovy: -------------------------------------------------------------------------------- 1 | @Library('ci-pipeline-shared') _ 2 | 3 | buildSnapshot(jdk_version: '17') 4 | -------------------------------------------------------------------------------- /jest.config.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | const buildConfig = require('./build.config'); 18 | 19 | const webSrcPrefix = buildConfig.web_src_path; 20 | 21 | const jestConfig = { 22 | preset: 'jest-preset-graylog', 23 | setupFiles: [], 24 | setupFilesAfterEnv: [ 25 | 'jest-enzyme', 26 | ], 27 | moduleDirectories: [ 28 | 'src', 29 | 'test', 30 | 'node_modules', 31 | `${webSrcPrefix}/src`, 32 | `${webSrcPrefix}/test`, 33 | ], 34 | moduleNameMapper: { 35 | '^aws/(.+)$': 'web/aws/$1', 36 | 37 | '^react$': `${webSrcPrefix}/node_modules/react/index.js`, 38 | '^react-dom$': `${webSrcPrefix}/node_modules/react-dom/index.js`, 39 | '^styled-components$': `${webSrcPrefix}/node_modules/styled-components`, 40 | }, 41 | roots: [ 42 | 'src', 43 | ], 44 | transform: { 45 | '^.+\\.[tj]sx?$': 'babel-jest', 46 | }, 47 | }; 48 | module.exports = jestConfig; 49 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "graylog-plugin-integrations", 3 | "version": "5.2.0-SNAPSHOT", 4 | "description": "", 5 | "license": "SSPL-1.0", 6 | "repository": { 7 | "type": "git", 8 | "url": "git@github.com:Graylog2/graylog-plugin-integrations.git" 9 | }, 10 | "scripts": { 11 | "build": "webpack", 12 | "test": "jest --maxWorkers=50%", 13 | "lint": "eslint src", 14 | "lint:path": "eslint", 15 | "lint:styles": "stylelint './src/web/**/*.{js,jsx,ts,tsx}' --syntax css-in-js", 16 | "lint:styles:path": "stylelint --syntax css-in-js" 17 | }, 18 | "eslintConfig": { 19 | "extends": "graylog" 20 | }, 21 | "stylelint": { 22 | "extends": "stylelint-config-graylog" 23 | }, 24 | "keywords": [ 25 | "graylog" 26 | ], 27 | "author": "Graylog, Inc. ", 28 | "dependencies": { 29 | "buffer": "^6.0.3", 30 | "graylog-web-plugin": "file:../graylog2-server/graylog2-web-interface/packages/graylog-web-plugin", 31 | "urijs": "^1.19.10" 32 | }, 33 | "devDependencies": { 34 | "@babel/core": "7.18.2", 35 | "@babel/plugin-proposal-class-properties": "7.17.12", 36 | "@babel/plugin-syntax-dynamic-import": "7.8.3", 37 | "@babel/plugin-transform-runtime": "7.18.2", 38 | "@babel/preset-env": "7.18.2", 39 | "@babel/preset-react": "7.12.10", 40 | "@testing-library/user-event": "^14.2.0", 41 | "babel-plugin-add-module-exports": "1.0.4", 42 | "babel-plugin-dynamic-import-node": "2.3.3", 43 | "babel-plugin-styled-components": "1.11.1", 44 | "identity-obj-proxy": "^3.0.0" 45 | }, 46 | "private": true 47 | } 48 | -------------------------------------------------------------------------------- /src/deb/control/control: -------------------------------------------------------------------------------- 1 | Package: [[name]] 2 | Version: [[version]] 3 | Architecture: all 4 | Maintainer: Graylog, Inc. 5 | Section: web 6 | Priority: optional 7 | Depends: graylog-server | graylog-radio 8 | Description: [[description]] 9 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/Integrations.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations; 18 | 19 | /** 20 | * This is the plugin. Your class should implement one of the existing plugin 21 | * interfaces. (i.e. AlarmCallback, MessageInput, MessageOutput) 22 | */ 23 | public class Integrations { 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/IntegrationsMetaData.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations; 18 | 19 | import org.graylog2.plugin.PluginMetaData; 20 | import org.graylog2.plugin.ServerStatus; 21 | import org.graylog2.plugin.Version; 22 | 23 | import java.net.URI; 24 | import java.util.Collections; 25 | import java.util.Set; 26 | 27 | /** 28 | * Implement the PluginMetaData interface here. 29 | */ 30 | public class IntegrationsMetaData implements PluginMetaData { 31 | private static final String PLUGIN_PROPERTIES = "org.graylog.plugins.graylog-plugin-integrations/graylog-plugin.properties"; 32 | 33 | @Override 34 | public String getUniqueId() { 35 | return "org.graylog.integrations.IntegrationsPlugin"; 36 | } 37 | 38 | @Override 39 | public String getName() { 40 | return "Integrations"; 41 | } 42 | 43 | @Override 44 | public String getAuthor() { 45 | return "Graylog, Inc. "; 46 | } 47 | 48 | @Override 49 | public URI getURL() { 50 | return URI.create("https://github.com/Graylog2/graylog-plugin-integrations.git"); 51 | } 52 | 53 | @Override 54 | public Version getVersion() { 55 | return Version.fromPluginProperties(getClass(), PLUGIN_PROPERTIES, "version", Version.from(0, 0, 0, "unknown")); 56 | } 57 | 58 | @Override 59 | public String getDescription() { 60 | // TODO Insert correct plugin description 61 | return "A collection of plugins that integrate external systems with Graylog."; 62 | } 63 | 64 | @Override 65 | public Version getRequiredVersion() { 66 | return Version.fromPluginProperties(getClass(), PLUGIN_PROPERTIES, "graylog.version", Version.from(0, 0, 0, "unknown")); 67 | } 68 | 69 | @Override 70 | public Set getRequiredCapabilities() { 71 | return Collections.emptySet(); 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/IntegrationsPlugin.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations; 18 | 19 | import org.graylog2.plugin.Plugin; 20 | import org.graylog2.plugin.PluginMetaData; 21 | import org.graylog2.plugin.PluginModule; 22 | 23 | import java.util.Collection; 24 | import java.util.Collections; 25 | 26 | /** 27 | * Implement the Plugin interface here. 28 | */ 29 | public class IntegrationsPlugin implements Plugin { 30 | @Override 31 | public PluginMetaData metadata() { 32 | return new IntegrationsMetaData(); 33 | } 34 | 35 | @Override 36 | public Collection modules() { 37 | return Collections.singletonList(new IntegrationsModule()); 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/audit/IntegrationsAuditEventTypes.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.audit; 18 | 19 | import com.google.common.collect.ImmutableSet; 20 | import org.graylog2.audit.PluginAuditEventTypes; 21 | 22 | import java.util.Set; 23 | 24 | public class IntegrationsAuditEventTypes implements PluginAuditEventTypes { 25 | private static final String NAMESPACE = "integrations:"; 26 | 27 | public static final String KINESIS_INPUT_CREATE = NAMESPACE + "kinesis_input:create"; 28 | 29 | public static final String KINESIS_SETUP_CREATE_STREAM = NAMESPACE + "kinesis_auto_setup:create_stream"; 30 | public static final String KINESIS_SETUP_CREATE_POLICY = NAMESPACE + "kinesis_auto_setup:create_policy"; 31 | public static final String KINESIS_SETUP_CREATE_SUBSCRIPTION = NAMESPACE + "kinesis_auto_setup:create_subscription"; 32 | 33 | 34 | private static final Set EVENT_TYPES = ImmutableSet.builder() 35 | .add(KINESIS_INPUT_CREATE) 36 | .add(KINESIS_SETUP_CREATE_STREAM) 37 | .add(KINESIS_SETUP_CREATE_POLICY) 38 | .add(KINESIS_SETUP_CREATE_SUBSCRIPTION) 39 | .build(); 40 | 41 | @Override 42 | public Set auditEventTypes() { 43 | return EVENT_TYPES; 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/AWSLogMessage.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws; 18 | 19 | /** 20 | * A helper class that supports the ability to detect the type of AWS log message. 21 | */ 22 | public class AWSLogMessage { 23 | 24 | private String logMessage; 25 | 26 | public AWSLogMessage(String logMessage) { 27 | this.logMessage = logMessage; 28 | } 29 | 30 | /** 31 | * Detects the type of log message. 32 | * 33 | * @param compressed Indicates if the payload is compressed and probably from CloudWatch. 34 | * @return A {@code Type} indicating the which kind of log message has been detected. 35 | */ 36 | public AWSMessageType detectLogMessageType(boolean compressed) { 37 | 38 | // Compressed messages are always from CloudWatch. 39 | if (compressed) { 40 | if (isFlowLog()) { 41 | return AWSMessageType.KINESIS_CLOUDWATCH_FLOW_LOGS; 42 | } else { 43 | return AWSMessageType.KINESIS_CLOUDWATCH_RAW; 44 | } 45 | } 46 | 47 | return AWSMessageType.KINESIS_RAW; 48 | } 49 | 50 | /** 51 | * Flow logs are space-delimited messages. See https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html 52 | *

53 | * Sample: 2 123456789010 eni-abc123de 172.31.16.139 172.31.16.21 20641 22 6 20 4249 1418530010 1418530070 ACCEPT OK 54 | *

55 | * Match a message with exactly 13 spaces and either the word ACCEPT or REJECT. 56 | * Use simple if checks instead of regex to keep this simple. Performance should not be a concern, since 57 | * this is only called once during the healthcheck. 58 | * 59 | * @return true if message is a flow log. 60 | */ 61 | public boolean isFlowLog() { 62 | 63 | // Though unlikely, the message could be null. 64 | if (logMessage == null) { 65 | return false; 66 | } 67 | 68 | boolean hasAction = logMessage.contains("ACCEPT") || logMessage.contains("REJECT"); 69 | long spaceCount = logMessage.chars().filter(Character::isSpaceChar).count(); 70 | 71 | return hasAction && spaceCount == 13; 72 | } 73 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/AWSPermissions.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws; 18 | 19 | import com.google.common.collect.ImmutableSet; 20 | import org.graylog2.plugin.security.Permission; 21 | import org.graylog2.plugin.security.PluginPermissions; 22 | 23 | import java.util.Collections; 24 | import java.util.Set; 25 | import java.util.stream.Collectors; 26 | 27 | import static org.graylog2.plugin.security.Permission.create; 28 | 29 | public class AWSPermissions implements PluginPermissions { 30 | 31 | public static final String AWS_READ = "aws:read"; 32 | 33 | private final ImmutableSet permissions = ImmutableSet.of( 34 | create(AWS_READ, "Read access for AWS") 35 | ); 36 | 37 | @Override 38 | public Set permissions() { 39 | return permissions; 40 | } 41 | 42 | @Override 43 | public Set readerBasePermissions() { 44 | return Collections.emptySet(); 45 | } 46 | 47 | public Set allPermissions() { 48 | return new AWSPermissions().permissions().stream() 49 | .map(Permission::permission) 50 | .collect(Collectors.toSet()); 51 | } 52 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/AWSPolicy.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.fasterxml.jackson.annotation.JsonPropertyOrder; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | 25 | import java.util.List; 26 | 27 | @JsonAutoDetect 28 | @AutoValue 29 | @WithBeanGetter 30 | // Define a JSON field order matching AWS examples. This improves readability. 31 | @JsonPropertyOrder({AWSPolicy.VERSION, AWSPolicy.STATEMENT}) 32 | public abstract class AWSPolicy { 33 | 34 | public static final String VERSION = "Version"; 35 | public static final String STATEMENT = "Statement"; 36 | 37 | @JsonProperty(VERSION) 38 | public abstract String version(); 39 | 40 | @JsonProperty(STATEMENT) 41 | public abstract List statement(); 42 | 43 | public static AWSPolicy create(@JsonProperty(VERSION) String version, 44 | @JsonProperty(STATEMENT) List statement) { 45 | return new AutoValue_AWSPolicy(version, statement); 46 | } 47 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/AWSPolicyStatement.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.fasterxml.jackson.annotation.JsonPropertyOrder; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | 25 | import java.util.List; 26 | 27 | @JsonAutoDetect 28 | @AutoValue 29 | @WithBeanGetter 30 | @JsonPropertyOrder({AWSPolicyStatement.SID, AWSPolicyStatement.EFFECT, AWSPolicyStatement.ACTION, AWSPolicyStatement.RESOURCE}) 31 | public abstract class AWSPolicyStatement { 32 | 33 | static final String SID = "Sid"; 34 | static final String EFFECT = "Effect"; 35 | static final String ACTION = "Action"; 36 | static final String RESOURCE = "Resource"; 37 | 38 | @JsonProperty(SID) 39 | public abstract String sid(); 40 | 41 | @JsonProperty(EFFECT) 42 | public abstract String effect(); 43 | 44 | @JsonProperty(ACTION) 45 | public abstract List action(); 46 | 47 | @JsonProperty(RESOURCE) 48 | public abstract String resource(); 49 | 50 | public static AWSPolicyStatement create(@JsonProperty(SID) String sid, 51 | @JsonProperty(EFFECT) String effect, 52 | @JsonProperty(ACTION) List action, 53 | @JsonProperty(RESOURCE) String resource) { 54 | return new AutoValue_AWSPolicyStatement(sid, effect, action, resource); 55 | } 56 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/cloudwatch/CloudWatchLogEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.cloudwatch; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonCreator; 21 | import com.fasterxml.jackson.annotation.JsonProperty; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | 25 | /** 26 | * A single CloudWatch log event. 27 | *

28 | * Example payload: 29 | * 

30 |  * {
31 |  *   "id": "33503748002479370955346306650196094071913271643270021120",
32 |  *   "timestamp": 1502360020000,
33 |  *   "message": "2 123456789 eni-aaaaaaaa 10.0.27.226 10.42.96.199 3604 17720 17 1 132 1502360020 1502360079 REJECT OK"
34 |  * }
35 |  *
36 | */ 37 | @JsonAutoDetect 38 | @AutoValue 39 | @WithBeanGetter 40 | public abstract class CloudWatchLogEvent { 41 | 42 | private static final String ID = "id"; 43 | private static final String TIMESTAMP = "timestamp"; 44 | private static final String MESSAGE = "message"; 45 | 46 | @JsonProperty(ID) 47 | public abstract String id(); // A very long sequence of digits stored as a String 48 | 49 | @JsonProperty(TIMESTAMP) 50 | public abstract long timestamp(); 51 | 52 | @JsonProperty(MESSAGE) 53 | public abstract String message(); 54 | 55 | @JsonCreator 56 | public static CloudWatchLogEvent create(@JsonProperty(ID) String id, 57 | @JsonProperty(TIMESTAMP) long timestamp, 58 | @JsonProperty(MESSAGE) String message) { 59 | return new AutoValue_CloudWatchLogEvent(id, timestamp, message); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/cloudwatch/KinesisLogEntry.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.cloudwatch; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonCreator; 21 | import com.fasterxml.jackson.annotation.JsonProperty; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | import org.joda.time.DateTime; 25 | 26 | @JsonAutoDetect 27 | @AutoValue 28 | @WithBeanGetter 29 | public abstract class KinesisLogEntry { 30 | 31 | private static final String KINESIS_STREAM = "kinesis_stream"; 32 | private static final String LOG_GROUP = "log_group"; 33 | private static final String LOG_STREAM = "log_stream"; 34 | private static final String TIMESTAMP = "timestamp"; 35 | private static final String MESSAGE = "message"; 36 | 37 | @JsonProperty(KINESIS_STREAM) 38 | public abstract String kinesisStream(); 39 | 40 | /** 41 | * CloudWatch Log Group and Log Stream are optional, since messages may have been written directly to Kinesis 42 | * without using CloudWatch. Only CloudWatch messages written VIA Kinesis CloudWatch subscriptions will 43 | * contain a log group and stream. 44 | */ 45 | @JsonProperty(LOG_GROUP) 46 | public abstract String logGroup(); 47 | 48 | @JsonProperty(LOG_STREAM) 49 | public abstract String logStream(); 50 | 51 | @JsonProperty(TIMESTAMP) 52 | public abstract DateTime timestamp(); 53 | 54 | @JsonProperty(MESSAGE) 55 | public abstract String message(); 56 | 57 | @JsonCreator 58 | public static KinesisLogEntry create(@JsonProperty(KINESIS_STREAM) String kinesisStream, 59 | @JsonProperty(LOG_GROUP) String logGroup, 60 | @JsonProperty(LOG_STREAM) String logStream, 61 | @JsonProperty(TIMESTAMP) DateTime timestamp, 62 | @JsonProperty(MESSAGE) String message) { 63 | return new AutoValue_KinesisLogEntry(kinesisStream, logGroup, logStream, timestamp, message); 64 | } 65 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/codecs/AbstractKinesisCodec.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.codecs; 18 | 19 | import com.fasterxml.jackson.databind.ObjectMapper; 20 | import org.graylog.integrations.aws.cloudwatch.KinesisLogEntry; 21 | import org.graylog2.plugin.Message; 22 | import org.graylog2.plugin.configuration.Configuration; 23 | import org.graylog2.plugin.inputs.codecs.AbstractCodec; 24 | import org.graylog2.plugin.inputs.codecs.CodecAggregator; 25 | import org.graylog2.plugin.journal.RawMessage; 26 | import org.slf4j.Logger; 27 | import org.slf4j.LoggerFactory; 28 | 29 | import javax.annotation.Nonnull; 30 | import javax.annotation.Nullable; 31 | import java.io.IOException; 32 | 33 | public abstract class AbstractKinesisCodec extends AbstractCodec { 34 | 35 | private static final Logger LOG = LoggerFactory.getLogger(AbstractKinesisCodec.class); 36 | 37 | static final String SOURCE_GROUP_IDENTIFIER = "aws_source"; 38 | static final String FIELD_KINESIS_STREAM = "aws_kinesis_stream"; 39 | static final String FIELD_LOG_GROUP = "aws_log_group"; 40 | static final String FIELD_LOG_STREAM = "aws_log_stream"; 41 | 42 | private final ObjectMapper objectMapper; 43 | 44 | AbstractKinesisCodec(Configuration configuration, ObjectMapper objectMapper) { 45 | super(configuration); 46 | this.objectMapper = objectMapper; 47 | } 48 | 49 | @Nullable 50 | @Override 51 | public Message decode(@Nonnull RawMessage rawMessage) { 52 | try { 53 | final KinesisLogEntry entry = objectMapper.readValue(rawMessage.getPayload(), KinesisLogEntry.class); 54 | 55 | try { 56 | return decodeLogData(entry); 57 | } catch (Exception e) { 58 | LOG.error("Couldn't decode log event <{}>", entry); 59 | 60 | // Message will be dropped when returning null 61 | return null; 62 | } 63 | } catch (IOException e) { 64 | throw new RuntimeException("Couldn't deserialize log data", e); 65 | } 66 | } 67 | 68 | @Nullable 69 | protected abstract Message decodeLogData(@Nonnull final KinesisLogEntry event); 70 | 71 | @Nonnull 72 | @Override 73 | public Configuration getConfiguration() { 74 | return configuration; 75 | } 76 | 77 | @Nullable 78 | @Override 79 | public CodecAggregator getAggregator() { 80 | return null; 81 | } 82 | } 83 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/codecs/KinesisRawLogCodec.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.codecs; 18 | 19 | import com.fasterxml.jackson.databind.ObjectMapper; 20 | import com.google.inject.assistedinject.Assisted; 21 | import org.graylog.integrations.aws.cloudwatch.KinesisLogEntry; 22 | import org.graylog2.plugin.Message; 23 | import org.graylog2.plugin.configuration.Configuration; 24 | import org.graylog2.plugin.inputs.annotations.ConfigClass; 25 | import org.graylog2.plugin.inputs.annotations.FactoryClass; 26 | import org.graylog2.plugin.inputs.codecs.AbstractCodec; 27 | import org.graylog2.plugin.inputs.codecs.Codec; 28 | import org.joda.time.DateTime; 29 | 30 | import javax.annotation.Nonnull; 31 | import javax.annotation.Nullable; 32 | import javax.inject.Inject; 33 | 34 | public class KinesisRawLogCodec extends AbstractKinesisCodec { 35 | public static final String NAME = "CloudWatchRawLog"; 36 | static final String SOURCE = "aws-kinesis-raw-logs"; 37 | 38 | @Inject 39 | public KinesisRawLogCodec(@Assisted Configuration configuration, ObjectMapper objectMapper) { 40 | super(configuration, objectMapper); 41 | } 42 | 43 | @Nullable 44 | @Override 45 | public Message decodeLogData(@Nonnull final KinesisLogEntry logEvent) { 46 | try { 47 | final String source = configuration.getString(KinesisCloudWatchFlowLogCodec.Config.CK_OVERRIDE_SOURCE, SOURCE); 48 | Message result = new Message( 49 | logEvent.message(), 50 | source, 51 | new DateTime(logEvent.timestamp()) 52 | ); 53 | result.addField(FIELD_KINESIS_STREAM, logEvent.kinesisStream()); 54 | result.addField(FIELD_LOG_GROUP, logEvent.logGroup()); 55 | result.addField(FIELD_LOG_STREAM, logEvent.logStream()); 56 | 57 | return result; 58 | } catch (Exception e) { 59 | throw new RuntimeException("Could not deserialize AWS FlowLog record.", e); 60 | } 61 | } 62 | 63 | @Override 64 | public String getName() { 65 | return NAME; 66 | } 67 | 68 | @FactoryClass 69 | public interface Factory extends Codec.Factory { 70 | @Override 71 | KinesisRawLogCodec create(Configuration configuration); 72 | 73 | @Override 74 | Config getConfig(); 75 | } 76 | 77 | @ConfigClass 78 | public static class Config extends AbstractCodec.Config { 79 | } 80 | } 81 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/requests/AWSRequest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.requests; 18 | 19 | import com.fasterxml.jackson.annotation.JsonProperty; 20 | import org.graylog2.security.encryption.EncryptedValue; 21 | 22 | import javax.annotation.Nullable; 23 | 24 | /** 25 | * All AWS API requests should implement this interface. 26 | * These three fields are needed for all requests. 27 | */ 28 | 29 | public interface AWSRequest { 30 | 31 | // Constants are defined here once for all classes. 32 | String REGION = "region"; 33 | String AWS_ACCESS_KEY_ID = "aws_access_key_id"; 34 | String AWS_SECRET_ACCESS_KEY = "aws_secret_access_key"; 35 | String ASSUME_ROLE_ARN = "assume_role_arn"; 36 | 37 | String CLOUDWATCH_ENDPOINT = "cloudwatch_endpoint"; 38 | String DYNAMODB_ENDPOINT = "dynamodb_endpoint"; 39 | String IAM_ENDPOINT = "iam_endpoint"; 40 | String KINESIS_ENDPOINT = "kinesis_endpoint"; 41 | 42 | @JsonProperty(REGION) 43 | String region(); 44 | 45 | @Nullable 46 | @JsonProperty(AWS_ACCESS_KEY_ID) 47 | String awsAccessKeyId(); 48 | 49 | @Nullable 50 | @JsonProperty(AWS_SECRET_ACCESS_KEY) 51 | EncryptedValue awsSecretAccessKey(); 52 | 53 | @Nullable 54 | @JsonProperty(ASSUME_ROLE_ARN) 55 | String assumeRoleArn(); 56 | 57 | @Nullable 58 | @JsonProperty(CLOUDWATCH_ENDPOINT) 59 | String cloudwatchEndpoint(); 60 | 61 | @Nullable 62 | @JsonProperty(DYNAMODB_ENDPOINT) 63 | String dynamodbEndpoint(); 64 | 65 | @Nullable 66 | @JsonProperty(IAM_ENDPOINT) 67 | String iamEndpoint(); 68 | 69 | @Nullable 70 | @JsonProperty(KINESIS_ENDPOINT) 71 | String kinesisEndpoint(); 72 | 73 | interface Builder { 74 | @JsonProperty(REGION) 75 | SELF region(String region); 76 | 77 | @JsonProperty(AWS_ACCESS_KEY_ID) 78 | SELF awsAccessKeyId(String awsAccessKeyId); 79 | 80 | @JsonProperty(AWS_SECRET_ACCESS_KEY) 81 | SELF awsSecretAccessKey(EncryptedValue awsSecretAccessKey); 82 | 83 | @JsonProperty(ASSUME_ROLE_ARN) 84 | SELF assumeRoleArn(String assumeRoleArn); 85 | 86 | @JsonProperty(CLOUDWATCH_ENDPOINT) 87 | SELF cloudwatchEndpoint(String cloudwatchEndpoint); 88 | 89 | @JsonProperty(DYNAMODB_ENDPOINT) 90 | SELF dynamodbEndpoint(String dynamodbEndpoint); 91 | 92 | @JsonProperty(IAM_ENDPOINT) 93 | SELF iamEndpoint(String iamEndpoint); 94 | 95 | @JsonProperty(KINESIS_ENDPOINT) 96 | SELF kinesisEndpoint(String kinesisEndpoint); 97 | } 98 | } 99 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/requests/AWSRequestImpl.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.requests; 18 | 19 | import com.fasterxml.jackson.annotation.JsonCreator; 20 | import com.fasterxml.jackson.databind.annotation.JsonDeserialize; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | /** 25 | * A common implementation on AWSRequest, which can be used for any AWS request that just needs region and credentials. 26 | */ 27 | @AutoValue 28 | @WithBeanGetter 29 | @JsonDeserialize(builder = AWSRequestImpl.Builder.class) 30 | public abstract class AWSRequestImpl implements AWSRequest { 31 | 32 | public static Builder builder() { 33 | return Builder.create(); 34 | } 35 | 36 | @AutoValue.Builder 37 | public static abstract class Builder implements AWSRequest.Builder { 38 | @JsonCreator 39 | public static Builder create() { 40 | return new AutoValue_AWSRequestImpl.Builder(); 41 | } 42 | 43 | public abstract AWSRequestImpl build(); 44 | } 45 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/requests/CreateRolePermissionRequest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.requests; 18 | 19 | import com.fasterxml.jackson.annotation.JsonCreator; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.fasterxml.jackson.databind.annotation.JsonDeserialize; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | 25 | @AutoValue 26 | @WithBeanGetter 27 | @JsonDeserialize(builder = CreateRolePermissionRequest.Builder.class) 28 | public abstract class CreateRolePermissionRequest implements AWSRequest { 29 | 30 | private static final String STREAM_NAME = "stream_name"; 31 | private static final String STREAM_ARN = "stream_arn"; 32 | 33 | @JsonProperty(STREAM_NAME) 34 | public abstract String streamName(); 35 | 36 | @JsonProperty(STREAM_ARN) 37 | public abstract String streamArn(); 38 | 39 | public static Builder builder() { 40 | return Builder.create(); 41 | } 42 | 43 | @AutoValue.Builder 44 | public static abstract class Builder implements AWSRequest.Builder { 45 | @JsonCreator 46 | public static Builder create() { 47 | return new AutoValue_CreateRolePermissionRequest.Builder(); 48 | } 49 | 50 | @JsonProperty(STREAM_NAME) 51 | public abstract Builder streamName(String streamName); 52 | 53 | @JsonProperty(STREAM_ARN) 54 | public abstract Builder streamArn(String streamArn); 55 | 56 | public abstract CreateRolePermissionRequest build(); 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/requests/KinesisFullSetupRequest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.requests; 18 | 19 | import com.fasterxml.jackson.annotation.JsonCreator; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.fasterxml.jackson.databind.annotation.JsonDeserialize; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | 25 | @AutoValue 26 | @WithBeanGetter 27 | @JsonDeserialize(builder = KinesisFullSetupRequest.Builder.class) 28 | public abstract class KinesisFullSetupRequest implements AWSRequest { 29 | 30 | private static final String LOG_GROUP_NAME = "log_group_name"; 31 | private static final String STREAM_NAME = "stream_name"; 32 | private static final String ROLE_POLICY_NAME = "role_policy_name"; 33 | private static final String FILTER_NAME = "filter_name"; 34 | private static final String FILTER_PATTERN = "filter_pattern"; 35 | 36 | @JsonProperty(LOG_GROUP_NAME) 37 | public abstract String getLogGroupName(); 38 | 39 | @JsonProperty(STREAM_NAME) 40 | public abstract String streamName(); 41 | 42 | @JsonProperty(ROLE_POLICY_NAME) 43 | public abstract String rolePolicyName(); 44 | 45 | @JsonProperty(FILTER_NAME) 46 | public abstract String filterName(); 47 | 48 | @JsonProperty(FILTER_PATTERN) 49 | public abstract String filterPattern(); 50 | 51 | public static Builder builder() { 52 | return Builder.create(); 53 | } 54 | 55 | @AutoValue.Builder 56 | public static abstract class Builder implements AWSRequest.Builder { 57 | @JsonCreator 58 | public static Builder create() { 59 | return new AutoValue_KinesisFullSetupRequest.Builder(); 60 | } 61 | 62 | @JsonProperty(LOG_GROUP_NAME) 63 | public abstract Builder getLogGroupName(String getLogGroupName); 64 | 65 | @JsonProperty(STREAM_NAME) 66 | public abstract Builder streamName(String streamName); 67 | 68 | @JsonProperty(ROLE_POLICY_NAME) 69 | public abstract Builder rolePolicyName(String rolePolicyName); 70 | 71 | @JsonProperty(FILTER_NAME) 72 | public abstract Builder filterName(String filterName); 73 | 74 | @JsonProperty(FILTER_PATTERN) 75 | public abstract Builder filterPattern(String filterPattern); 76 | 77 | public abstract KinesisFullSetupRequest build(); 78 | } 79 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/requests/KinesisHealthCheckRequest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.requests; 18 | 19 | import com.fasterxml.jackson.annotation.JsonCreator; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.fasterxml.jackson.databind.annotation.JsonDeserialize; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | 25 | @AutoValue 26 | @WithBeanGetter 27 | @JsonDeserialize(builder = KinesisHealthCheckRequest.Builder.class) 28 | public abstract class KinesisHealthCheckRequest implements AWSRequest { 29 | 30 | private static final String STREAM_NAME = "stream_name"; 31 | 32 | @JsonProperty(STREAM_NAME) 33 | public abstract String streamName(); 34 | 35 | public static Builder builder() { 36 | return Builder.create(); 37 | } 38 | 39 | @AutoValue.Builder 40 | public static abstract class Builder implements AWSRequest.Builder { 41 | @JsonCreator 42 | public static Builder create() { 43 | return new AutoValue_KinesisHealthCheckRequest.Builder(); 44 | } 45 | 46 | @JsonProperty(STREAM_NAME) 47 | public abstract Builder streamName(String streamName); 48 | 49 | public abstract KinesisHealthCheckRequest build(); 50 | } 51 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/requests/KinesisNewStreamRequest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.requests; 18 | 19 | import com.fasterxml.jackson.annotation.JsonCreator; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.fasterxml.jackson.databind.annotation.JsonDeserialize; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | 25 | @AutoValue 26 | @WithBeanGetter 27 | @JsonDeserialize(builder = KinesisNewStreamRequest.Builder.class) 28 | public abstract class KinesisNewStreamRequest implements AWSRequest { 29 | 30 | private static final String STREAM_NAME = "stream_name"; 31 | 32 | @JsonProperty(STREAM_NAME) 33 | public abstract String streamName(); 34 | 35 | public static Builder builder() { 36 | return Builder.create(); 37 | } 38 | 39 | @AutoValue.Builder 40 | public static abstract class Builder implements AWSRequest.Builder { 41 | @JsonCreator 42 | public static Builder create() { 43 | return new AutoValue_KinesisNewStreamRequest.Builder(); 44 | } 45 | 46 | @JsonProperty(STREAM_NAME) 47 | public abstract Builder streamName(String streamName); 48 | 49 | public abstract KinesisNewStreamRequest build(); 50 | } 51 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/AWSRegion.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | @JsonAutoDetect 25 | @AutoValue 26 | @WithBeanGetter 27 | public abstract class AWSRegion { 28 | 29 | private static final String VALUE = "value"; 30 | private static final String LABEL = "label"; 31 | 32 | // eu-west-2 33 | @JsonProperty(VALUE) 34 | public abstract String regionId(); 35 | 36 | // The combination of both the name and description for display in the UI: 37 | // EU (London): eu-west-2 38 | @JsonProperty(LABEL) 39 | public abstract String displayValue(); 40 | 41 | public static AWSRegion create(@JsonProperty(VALUE) String value, 42 | @JsonProperty(LABEL) String label) { 43 | return new AutoValue_AWSRegion(value, label); 44 | } 45 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/AvailableService.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | @JsonAutoDetect 25 | @AutoValue 26 | @WithBeanGetter 27 | public abstract class AvailableService { 28 | 29 | private static final String NAME = "name"; 30 | private static final String DESCRIPTION = "description"; 31 | private static final String POLICY = "policy"; 32 | private static final String HELPER_TEXT = "helper_text"; 33 | private static final String LEARN_MORE_LINK = "learn_more_link"; 34 | 35 | @JsonProperty(NAME) 36 | public abstract String name(); 37 | 38 | @JsonProperty(DESCRIPTION) 39 | public abstract String description(); 40 | 41 | @JsonProperty(POLICY) 42 | public abstract String policy(); 43 | 44 | @JsonProperty(HELPER_TEXT) 45 | public abstract String helperText(); 46 | 47 | @JsonProperty(LEARN_MORE_LINK) 48 | public abstract String learnMoreLink(); 49 | 50 | public static AvailableService create(@JsonProperty(NAME) String name, 51 | @JsonProperty(DESCRIPTION) String description, 52 | @JsonProperty(POLICY) String policy, 53 | @JsonProperty(HELPER_TEXT) String helperText, 54 | @JsonProperty(LEARN_MORE_LINK) String learnMoreLink) { 55 | return new AutoValue_AvailableService(name, description, policy, helperText, learnMoreLink); 56 | } 57 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/AvailableServiceResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | import java.util.List; 25 | 26 | @JsonAutoDetect 27 | @AutoValue 28 | @WithBeanGetter 29 | public abstract class AvailableServiceResponse { 30 | 31 | private static final String SERVICES = "services"; 32 | private static final String TOTAL = "total"; 33 | 34 | @JsonProperty(SERVICES) 35 | public abstract List services(); 36 | 37 | @JsonProperty(TOTAL) 38 | public abstract long total(); 39 | 40 | public static AvailableServiceResponse create(@JsonProperty(SERVICES) List services, 41 | @JsonProperty(TOTAL) long total) { 42 | return new AutoValue_AvailableServiceResponse(services, total); 43 | } 44 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/CreateLogSubscriptionResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | @JsonAutoDetect 25 | @AutoValue 26 | @WithBeanGetter 27 | public abstract class CreateLogSubscriptionResponse { 28 | 29 | private static final String RESULT = "result"; 30 | 31 | @JsonProperty(RESULT) 32 | public abstract String result(); 33 | 34 | public static CreateLogSubscriptionResponse create(@JsonProperty(RESULT) String result) { 35 | return new AutoValue_CreateLogSubscriptionResponse(result); 36 | } 37 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/CreateRolePermissionResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | @JsonAutoDetect 25 | @AutoValue 26 | @WithBeanGetter 27 | public abstract class CreateRolePermissionResponse { 28 | private static final String RESULT = "result"; 29 | private static final String ROLE_ARN = "role_arn"; 30 | private static final String ROLE_NAME = "role_name"; 31 | 32 | @JsonProperty(RESULT) 33 | public abstract String result(); 34 | 35 | @JsonProperty(ROLE_ARN) 36 | public abstract String roleArn(); 37 | 38 | @JsonProperty(ROLE_NAME) 39 | public abstract String roleName(); 40 | 41 | public static CreateRolePermissionResponse create(@JsonProperty(RESULT) String result, 42 | @JsonProperty(ROLE_ARN) String roleArn, 43 | @JsonProperty(ROLE_NAME) String roleName) { 44 | return new AutoValue_CreateRolePermissionResponse(result, roleArn, roleName); 45 | } 46 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/KinesisHealthCheckResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | 20 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 21 | import com.fasterxml.jackson.annotation.JsonProperty; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | import org.graylog.integrations.aws.AWSMessageType; 25 | 26 | import java.util.Map; 27 | 28 | @JsonAutoDetect 29 | @AutoValue 30 | @WithBeanGetter 31 | public abstract class KinesisHealthCheckResponse { 32 | 33 | private static final String INPUT_TYPE = "input_type"; 34 | private static final String EXPLANATION = "explanation"; 35 | private static final String MESSAGE_FIELDS = "message_fields"; 36 | 37 | @JsonProperty(INPUT_TYPE) 38 | public abstract AWSMessageType inputType(); 39 | 40 | @JsonProperty(EXPLANATION) 41 | public abstract String explanation(); 42 | 43 | @JsonProperty(MESSAGE_FIELDS) 44 | public abstract Map messageFields(); 45 | 46 | public static KinesisHealthCheckResponse create(@JsonProperty(INPUT_TYPE) AWSMessageType inputType, 47 | @JsonProperty(EXPLANATION) String explanation, 48 | @JsonProperty(MESSAGE_FIELDS) Map messageFields) { 49 | return new AutoValue_KinesisHealthCheckResponse(inputType, explanation, messageFields); 50 | } 51 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/KinesisNewStreamResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | 20 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 21 | import com.fasterxml.jackson.annotation.JsonProperty; 22 | import com.google.auto.value.AutoValue; 23 | import org.graylog.autovalue.WithBeanGetter; 24 | 25 | @JsonAutoDetect 26 | @AutoValue 27 | @WithBeanGetter 28 | public abstract class KinesisNewStreamResponse { 29 | 30 | private static final String STREAM_NAME = "stream_name"; 31 | private static final String STREAM_ARN = "stream_arn"; 32 | private static final String RESULT = "result"; 33 | 34 | @JsonProperty(STREAM_NAME) 35 | public abstract String streamName(); 36 | 37 | @JsonProperty(STREAM_ARN) 38 | public abstract String streamArn(); 39 | 40 | @JsonProperty(RESULT) 41 | public abstract String result(); 42 | 43 | public static KinesisNewStreamResponse create(@JsonProperty(STREAM_NAME) String streamName, 44 | @JsonProperty(STREAM_ARN) String streamArn, 45 | @JsonProperty(RESULT) String result) { 46 | return new AutoValue_KinesisNewStreamResponse(streamName, streamArn, result); 47 | } 48 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/KinesisPermissionsResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | @JsonAutoDetect 25 | @AutoValue 26 | @WithBeanGetter 27 | public abstract class KinesisPermissionsResponse { 28 | 29 | private static final String SETUP_POLICY = "setup_policy"; 30 | private static final String AUTO_SETUP_POLICY = "auto_setup_policy"; 31 | 32 | @JsonProperty(SETUP_POLICY) 33 | public abstract String setupPolicy(); 34 | 35 | @JsonProperty(AUTO_SETUP_POLICY) 36 | public abstract String autoSetupPolicy(); 37 | 38 | public static KinesisPermissionsResponse create(@JsonProperty(SETUP_POLICY) String setupPolicy, 39 | @JsonProperty(AUTO_SETUP_POLICY) String autoSetupPolicy) { 40 | return new AutoValue_KinesisPermissionsResponse(setupPolicy, autoSetupPolicy); 41 | } 42 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/LogGroupsResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | import java.util.List; 25 | 26 | @JsonAutoDetect 27 | @AutoValue 28 | @WithBeanGetter 29 | public abstract class LogGroupsResponse { 30 | 31 | private static final String LOG_GROUPS = "log_groups"; 32 | private static final String TOTAL = "total"; 33 | 34 | @JsonProperty(LOG_GROUPS) 35 | public abstract List logGroups(); 36 | 37 | @JsonProperty(TOTAL) 38 | public abstract long total(); 39 | 40 | public static LogGroupsResponse create(@JsonProperty(LOG_GROUPS) List logGroups, 41 | @JsonProperty(TOTAL) long total) { 42 | return new AutoValue_LogGroupsResponse(logGroups, total); 43 | } 44 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/RegionsResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | import java.util.List; 25 | 26 | @JsonAutoDetect 27 | @AutoValue 28 | @WithBeanGetter 29 | public abstract class RegionsResponse { 30 | 31 | private static final String REGIONS = "regions"; 32 | private static final String TOTAL = "total"; 33 | 34 | @JsonProperty(REGIONS) 35 | public abstract List regions(); 36 | 37 | @JsonProperty(TOTAL) 38 | public abstract long total(); 39 | 40 | public static RegionsResponse create(@JsonProperty(REGIONS) List regions, 41 | @JsonProperty(TOTAL) long total) { 42 | return new AutoValue_RegionsResponse(regions, total); 43 | } 44 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/resources/responses/StreamsResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.resources.responses; 18 | 19 | import com.fasterxml.jackson.annotation.JsonAutoDetect; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import com.google.auto.value.AutoValue; 22 | import org.graylog.autovalue.WithBeanGetter; 23 | 24 | import java.util.List; 25 | 26 | @JsonAutoDetect 27 | @AutoValue 28 | @WithBeanGetter 29 | public abstract class StreamsResponse { 30 | 31 | private static final String STREAMS = "streams"; 32 | private static final String TOTAL = "total"; 33 | 34 | @JsonProperty(STREAMS) 35 | public abstract List streams(); 36 | 37 | @JsonProperty(TOTAL) 38 | public abstract long total(); 39 | 40 | public static StreamsResponse create(@JsonProperty(STREAMS) List streams, 41 | @JsonProperty(TOTAL) long total) { 42 | return new AutoValue_StreamsResponse(streams, total); 43 | } 44 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/aws/transports/KinesisTransportState.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.transports; 18 | 19 | public enum KinesisTransportState { 20 | STARTING, 21 | RUNNING, 22 | STOPPING, 23 | STOPPED 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/inputs/paloalto/PaloAltoFieldTemplate.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.inputs.paloalto; 18 | 19 | import com.google.auto.value.AutoValue; 20 | 21 | @AutoValue 22 | public abstract class PaloAltoFieldTemplate implements Comparable { 23 | public abstract int position(); 24 | 25 | public abstract String field(); 26 | 27 | public abstract PaloAltoFieldType fieldType(); 28 | 29 | public static PaloAltoFieldTemplate create(String field, int position, PaloAltoFieldType fieldType) { 30 | return new AutoValue_PaloAltoFieldTemplate(position, field, fieldType); 31 | } 32 | 33 | @Override 34 | public int compareTo(PaloAltoFieldTemplate other) { 35 | return position() - other.position(); 36 | } 37 | } -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/inputs/paloalto/PaloAltoFieldType.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.inputs.paloalto; 18 | 19 | public enum PaloAltoFieldType { 20 | STRING, LONG, BOOLEAN, TIMESTAMP 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/inputs/paloalto/PaloAltoMessageBase.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.inputs.paloalto; 18 | 19 | import com.google.auto.value.AutoValue; 20 | import com.google.common.collect.ImmutableList; 21 | import org.joda.time.DateTime; 22 | import org.slf4j.Logger; 23 | import org.slf4j.LoggerFactory; 24 | 25 | @AutoValue 26 | public abstract class PaloAltoMessageBase { 27 | 28 | private static final Logger LOG = LoggerFactory.getLogger(PaloAltoParser.class); 29 | 30 | public abstract String source(); 31 | public abstract DateTime timestamp(); 32 | public abstract String payload(); 33 | public abstract String panType(); 34 | public abstract ImmutableList fields(); 35 | 36 | public static PaloAltoMessageBase create(String source, DateTime timestamp, String payload, String panType, ImmutableList fields) { 37 | 38 | LOG.trace("Syslog header parsed successfully: " + 39 | "Source {} Timestamp {} Pan Type {} Payload {}", source, timestamp, panType, payload ); 40 | 41 | return builder() 42 | .source(source) 43 | .timestamp(timestamp) 44 | .payload(payload) 45 | .panType(panType) 46 | .fields(fields) 47 | .build(); 48 | } 49 | 50 | public static Builder builder() { 51 | return new AutoValue_PaloAltoMessageBase.Builder(); 52 | } 53 | 54 | @AutoValue.Builder 55 | public abstract static class Builder { 56 | public abstract Builder source(String source); 57 | 58 | public abstract Builder timestamp(DateTime timestamp); 59 | 60 | public abstract Builder payload(String payload); 61 | 62 | public abstract Builder panType(String panType); 63 | 64 | public abstract Builder fields(ImmutableList fields); 65 | 66 | public abstract PaloAltoMessageBase build(); 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/inputs/paloalto/PaloAltoMessageTemplate.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.inputs.paloalto; 18 | 19 | import java.util.ArrayList; 20 | import java.util.List; 21 | import java.util.SortedSet; 22 | import java.util.TreeSet; 23 | 24 | /** 25 | * An object representation of a PAN message template. Defines which fields to pick out from the PAN 26 | * message at a particular position. 27 | * 28 | * This was made configurable to allow for user-selected fields and support for old/newer versions 29 | * without a software change. 30 | * 31 | * @see https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields 32 | */ 33 | 34 | public class PaloAltoMessageTemplate { 35 | 36 | private SortedSet fields = new TreeSet<>(); 37 | 38 | private List parseErrors = new ArrayList<>(); 39 | 40 | public SortedSet getFields() { 41 | return fields; 42 | } 43 | 44 | public void setFields(SortedSet fields) { 45 | this.fields = fields; 46 | } 47 | 48 | public List getParseErrors() { 49 | return parseErrors; 50 | } 51 | 52 | public void addError(String error) { 53 | 54 | parseErrors.add(error); 55 | } 56 | 57 | public boolean hasErrors() { 58 | 59 | return !parseErrors.isEmpty(); 60 | } 61 | 62 | } 63 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/inputs/paloalto/PaloAltoMessageType.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.inputs.paloalto; 18 | 19 | public enum PaloAltoMessageType { 20 | 21 | SYSTEM, 22 | THREAT, 23 | TRAFFIC, 24 | CONFIG, 25 | CORRELATION, 26 | HIP, 27 | GLOBAL_PROTECT_PRE_9_1_3, 28 | GLOBAL_PROTECT_9_1_3, 29 | USERID 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/Flow.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | import com.google.common.collect.ImmutableMap; 21 | 22 | @AutoValue 23 | public abstract class Flow { 24 | 25 | public abstract ImmutableMap fields(); 26 | 27 | public static Flow create(ImmutableMap fields) { 28 | return new AutoValue_Flow(fields); 29 | } 30 | 31 | } 32 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/InformationElement.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | 21 | @AutoValue 22 | public abstract class InformationElement { 23 | public abstract int id(); 24 | 25 | public abstract int length(); 26 | 27 | public abstract long enterpriseNumber(); 28 | 29 | public static InformationElement create(int id, int length, long enterpriseNumber) { 30 | return new AutoValue_InformationElement(id, length, enterpriseNumber); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/InformationElementDefinition.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | 21 | import java.util.Locale; 22 | 23 | @AutoValue 24 | public abstract class InformationElementDefinition { 25 | public static InformationElementDefinition create(String dataType, String fieldName, int id) { 26 | final String cleanDataType = dataType.trim().toUpperCase(Locale.ENGLISH); 27 | return new AutoValue_InformationElementDefinition(DataType.valueOf(cleanDataType), fieldName, id); 28 | } 29 | 30 | public abstract DataType dataType(); 31 | 32 | public abstract String fieldName(); 33 | 34 | public abstract int id(); 35 | 36 | 37 | public enum DataType { 38 | UNSIGNED8, 39 | UNSIGNED16, 40 | UNSIGNED32, 41 | UNSIGNED64, 42 | SIGNED8, 43 | SIGNED16, 44 | SIGNED32, 45 | SIGNED64, 46 | FLOAT32, 47 | FLOAT64, 48 | MACADDRESS, 49 | IPV4ADDRESS, 50 | IPV6ADDRESS, 51 | BOOLEAN, 52 | STRING, 53 | OCTETARRAY, 54 | DATETIMESECONDS, 55 | DATETIMEMILLISECONDS, 56 | DATETIMEMICROSECONDS, 57 | DATETIMENANOSECONDS, 58 | BASICLIST, 59 | SUBTEMPLATELIST, 60 | SUBTEMPLATEMULTILIST, 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/InvalidMessageVersion.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | public class InvalidMessageVersion extends IpfixException { 20 | 21 | public InvalidMessageVersion(int foundVersion) { 22 | super("Not a valid IPFIX version: " + foundVersion); 23 | } 24 | 25 | } 26 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/IpfixException.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | public class IpfixException extends RuntimeException { 20 | public IpfixException(String message) { 21 | super(message); 22 | } 23 | 24 | public IpfixException() { 25 | } 26 | 27 | public IpfixException(String message, Throwable e) { 28 | super(message, e); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/IpfixMessage.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | import com.google.common.collect.ImmutableList; 21 | 22 | import java.util.Set; 23 | 24 | @AutoValue 25 | public abstract class IpfixMessage { 26 | 27 | public static Builder builder() { 28 | return new AutoValue_IpfixMessage.Builder(); 29 | } 30 | 31 | public abstract ImmutableList templateRecords(); 32 | 33 | public abstract ImmutableList optionsTemplateRecords(); 34 | 35 | public abstract ImmutableList flows(); 36 | 37 | @AutoValue.Builder 38 | public abstract static class Builder { 39 | public abstract Builder templateRecords(ImmutableList templateRecords); 40 | 41 | public abstract ImmutableList.Builder templateRecordsBuilder(); 42 | 43 | public abstract Builder optionsTemplateRecords(ImmutableList optionsTemplateRecords); 44 | 45 | public abstract ImmutableList.Builder optionsTemplateRecordsBuilder(); 46 | 47 | public abstract Builder flows(ImmutableList flows); 48 | 49 | public abstract ImmutableList.Builder flowsBuilder(); 50 | 51 | public abstract IpfixMessage build(); 52 | 53 | public Builder addAllTemplates(Set templateRecords) { 54 | templateRecordsBuilder().addAll(templateRecords); 55 | return this; 56 | } 57 | 58 | public Builder addAllOptionsTemplateSet(Set optionsTemplateRecords) { 59 | optionsTemplateRecordsBuilder().addAll(optionsTemplateRecords); 60 | return this; 61 | } 62 | 63 | public Builder addAllFlows(Set flows) { 64 | flowsBuilder().addAll(flows); 65 | return this; 66 | } 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/MessageHeader.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | 21 | import java.time.ZonedDateTime; 22 | 23 | @AutoValue 24 | public abstract class MessageHeader { 25 | /** 26 | * Known size of an IPFIX message header 27 | */ 28 | public static final int LENGTH = 16; 29 | 30 | public abstract int length(); 31 | 32 | public abstract ZonedDateTime exportTime(); 33 | 34 | public abstract long sequenceNumber(); 35 | 36 | public abstract long observationDomainId(); 37 | 38 | public static MessageHeader create(int length, ZonedDateTime exportTime, long sequenceNumber, long observationDomainId) { 39 | return new AutoValue_MessageHeader(length, exportTime, sequenceNumber, observationDomainId); 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/OptionsTemplateRecord.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | import com.google.common.collect.ImmutableList; 21 | 22 | @AutoValue 23 | public abstract class OptionsTemplateRecord { 24 | 25 | public abstract int templateId(); 26 | 27 | public abstract ImmutableList scopeFields(); 28 | 29 | public abstract ImmutableList optionFields(); 30 | 31 | public static Builder builder() { 32 | return new AutoValue_OptionsTemplateRecord.Builder(); 33 | } 34 | 35 | @AutoValue.Builder 36 | public abstract static class Builder { 37 | public abstract Builder templateId(int templateId); 38 | 39 | public abstract Builder scopeFields(ImmutableList scopeFields); 40 | 41 | public abstract ImmutableList.Builder scopeFieldsBuilder(); 42 | 43 | public abstract Builder optionFields(ImmutableList optionFields); 44 | 45 | public abstract ImmutableList.Builder optionFieldsBuilder(); 46 | 47 | public abstract OptionsTemplateRecord build(); 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/ShallowDataSet.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | 21 | @AutoValue 22 | public abstract class ShallowDataSet { 23 | 24 | public abstract int templateId(); 25 | 26 | public abstract long epochSeconds(); 27 | 28 | @SuppressWarnings("mutable") 29 | public abstract byte[] content(); 30 | 31 | public static ShallowDataSet create(int templateId, long epochSeconds, byte[] content) { 32 | return new AutoValue_ShallowDataSet(templateId, epochSeconds, content); 33 | } 34 | 35 | } 36 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/ShallowOptionsTemplateSet.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | import com.google.common.collect.ImmutableList; 21 | 22 | @AutoValue 23 | public abstract class ShallowOptionsTemplateSet { 24 | public static ShallowOptionsTemplateSet create(ImmutableList records) { 25 | return new AutoValue_ShallowOptionsTemplateSet(records); 26 | } 27 | 28 | public abstract ImmutableList records(); 29 | 30 | public static class Record { 31 | private final int templateId; 32 | private final byte[] recordBytes; 33 | 34 | public Record(int templateId, byte[] recordBytes) { 35 | 36 | this.templateId = templateId; 37 | this.recordBytes = recordBytes; 38 | } 39 | 40 | public int getTemplateId() { 41 | return templateId; 42 | } 43 | 44 | public byte[] getRecordBytes() { 45 | return recordBytes; 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/ShallowTemplateSet.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | import com.google.common.collect.ImmutableList; 21 | 22 | @AutoValue 23 | public abstract class ShallowTemplateSet { 24 | 25 | public abstract ImmutableList records(); 26 | 27 | public static ShallowTemplateSet create(ImmutableList records) { 28 | return new AutoValue_ShallowTemplateSet(records); 29 | } 30 | 31 | public static class Record { 32 | private final int templateId; 33 | private final byte[] recordBytes; 34 | 35 | public Record(int templateId, byte[] recordBytes) { 36 | this.templateId = templateId; 37 | this.recordBytes = recordBytes; 38 | } 39 | 40 | public int getTemplateId() { 41 | return templateId; 42 | } 43 | 44 | public byte[] getRecordBytes() { 45 | return recordBytes; 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/TemplateRecord.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import com.google.auto.value.AutoValue; 20 | import com.google.common.collect.ImmutableList; 21 | 22 | @AutoValue 23 | public abstract class TemplateRecord { 24 | 25 | public abstract int templateId(); 26 | 27 | public abstract ImmutableList informationElements(); 28 | 29 | public static Builder builder() { 30 | return new AutoValue_TemplateRecord.Builder(); 31 | } 32 | 33 | 34 | @AutoValue.Builder 35 | public abstract static class Builder { 36 | public abstract Builder templateId(int templateId); 37 | 38 | public abstract Builder informationElements(ImmutableList informationElements); 39 | 40 | public abstract ImmutableList.Builder informationElementsBuilder(); 41 | 42 | public Builder addInformationElement(InformationElement informationElement) { 43 | informationElementsBuilder().add(informationElement); 44 | return this; 45 | } 46 | 47 | public abstract TemplateRecord build(); 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/inputs/IpfixUdpInput.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix.inputs; 18 | 19 | import com.codahale.metrics.MetricRegistry; 20 | import com.google.inject.assistedinject.Assisted; 21 | import org.graylog.integrations.ipfix.codecs.IpfixCodec; 22 | import org.graylog.integrations.ipfix.transports.IpfixUdpTransport; 23 | import org.graylog2.plugin.DocsHelper; 24 | import org.graylog2.plugin.LocalMetricRegistry; 25 | import org.graylog2.plugin.ServerStatus; 26 | import org.graylog2.plugin.configuration.Configuration; 27 | import org.graylog2.plugin.inputs.MessageInput; 28 | import org.graylog2.plugin.inputs.annotations.ConfigClass; 29 | import org.graylog2.plugin.inputs.annotations.FactoryClass; 30 | 31 | import javax.inject.Inject; 32 | 33 | public class IpfixUdpInput extends MessageInput { 34 | private static final String NAME = "IPFIX UDP"; 35 | 36 | @Inject 37 | public IpfixUdpInput(MetricRegistry metricRegistry, 38 | @Assisted Configuration configuration, 39 | IpfixUdpTransport transport, 40 | LocalMetricRegistry localRegistry, 41 | IpfixCodec codec, 42 | Config config, 43 | Descriptor descriptor, 44 | ServerStatus serverStatus) { 45 | super(metricRegistry, configuration, transport, localRegistry, codec, config, descriptor, serverStatus); 46 | } 47 | 48 | @FactoryClass 49 | public interface Factory extends MessageInput.Factory { 50 | @Override 51 | IpfixUdpInput create(Configuration configuration); 52 | 53 | @Override 54 | Config getConfig(); 55 | 56 | @Override 57 | Descriptor getDescriptor(); 58 | } 59 | 60 | public static class Descriptor extends MessageInput.Descriptor { 61 | @Inject 62 | public Descriptor() { 63 | super(NAME, false, DocsHelper.PAGE_SENDING_IPFIXPATH.toString()); 64 | } 65 | } 66 | 67 | @ConfigClass 68 | public static class Config extends MessageInput.Config { 69 | @Inject 70 | public Config(IpfixUdpTransport.Factory transport, IpfixCodec.Factory codec) { 71 | super(transport.getConfig(), codec.getConfig()); 72 | } 73 | } 74 | 75 | } 76 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/ipfix/transports/IpfixMessageAggregationHandler.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix.transports; 18 | 19 | import com.codahale.metrics.Meter; 20 | import com.codahale.metrics.MetricRegistry; 21 | import com.codahale.metrics.Timer; 22 | import io.netty.buffer.ByteBuf; 23 | import io.netty.channel.ChannelHandlerContext; 24 | import io.netty.channel.SimpleChannelInboundHandler; 25 | import io.netty.channel.socket.DatagramPacket; 26 | import org.graylog.plugins.netflow.codecs.RemoteAddressCodecAggregator; 27 | import org.graylog2.inputs.transports.netty.SenderEnvelope; 28 | import org.graylog2.plugin.inputs.codecs.CodecAggregator; 29 | import org.slf4j.Logger; 30 | import org.slf4j.LoggerFactory; 31 | 32 | import java.net.InetSocketAddress; 33 | 34 | public class IpfixMessageAggregationHandler extends SimpleChannelInboundHandler { 35 | private static final Logger LOG = LoggerFactory.getLogger(IpfixMessageAggregationHandler.class); 36 | 37 | private final RemoteAddressCodecAggregator aggregator; 38 | private final Timer aggregationTimer; 39 | private final Meter invalidChunksMeter; 40 | 41 | public IpfixMessageAggregationHandler(RemoteAddressCodecAggregator aggregator, MetricRegistry metricRegistry) { 42 | this.aggregator = aggregator; 43 | aggregationTimer = metricRegistry.timer("aggregationTime"); 44 | invalidChunksMeter = metricRegistry.meter("invalidMessages"); 45 | } 46 | 47 | @Override 48 | protected void channelRead0(ChannelHandlerContext ctx, DatagramPacket msg) throws Exception { 49 | final InetSocketAddress remoteAddress = msg.sender(); 50 | final CodecAggregator.Result result; 51 | try (Timer.Context ignored = aggregationTimer.time()) { 52 | result = aggregator.addChunk(msg.content(), remoteAddress); 53 | } 54 | final ByteBuf completeMessage = result.getMessage(); 55 | if (completeMessage != null) { 56 | LOG.debug("Message aggregation completion, forwarding [{}]", completeMessage); 57 | ctx.fireChannelRead(SenderEnvelope.of(completeMessage, remoteAddress)); 58 | } else if (result.isValid()) { 59 | LOG.debug("More chunks necessary to complete this message"); 60 | } else { 61 | invalidChunksMeter.mark(); 62 | LOG.debug("Message chunk was not valid and discarded."); 63 | } 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/notifications/types/util/RequestClient.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.notifications.types.util; 18 | 19 | import okhttp3.MediaType; 20 | import okhttp3.OkHttpClient; 21 | import okhttp3.Request; 22 | import okhttp3.RequestBody; 23 | import okhttp3.Response; 24 | import org.graylog.events.notifications.PermanentEventNotificationException; 25 | import org.graylog.events.notifications.TemporaryEventNotificationException; 26 | import org.slf4j.Logger; 27 | import org.slf4j.LoggerFactory; 28 | 29 | import javax.inject.Inject; 30 | import java.io.IOException; 31 | 32 | import static javax.ws.rs.core.MediaType.APPLICATION_JSON; 33 | 34 | public class RequestClient { 35 | private static final Logger LOG = LoggerFactory.getLogger(RequestClient.class); 36 | private final OkHttpClient httpClient; 37 | 38 | @Inject 39 | public RequestClient(OkHttpClient httpClient) { 40 | this.httpClient = httpClient; 41 | } 42 | 43 | /** 44 | * @param message 45 | * @param webhookUrl 46 | * @throws TemporaryEventNotificationException - thrown for network or timeout type issues 47 | * @throws PermanentEventNotificationException - thrown with bad webhook url, authentication error type issues 48 | */ 49 | public void send(String message, String webhookUrl) throws TemporaryEventNotificationException, PermanentEventNotificationException { 50 | 51 | final Request request = new Request.Builder() 52 | .url(webhookUrl) 53 | .post(RequestBody.create(MediaType.parse(APPLICATION_JSON), message)) 54 | .build(); 55 | 56 | LOG.debug("Posting to webhook url <{}> the payload is <{}>", 57 | webhookUrl, 58 | message); 59 | 60 | try (final Response r = httpClient.newCall(request).execute()) { 61 | if (!r.isSuccessful()) { 62 | throw new PermanentEventNotificationException( 63 | "Expected successful HTTP response [2xx] but got [" + r.code() + "]. " + webhookUrl); 64 | } 65 | } catch (IOException e) { 66 | throw new TemporaryEventNotificationException("Unable to send the Message. " + e.getMessage()); 67 | } 68 | } 69 | } 70 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/pagerduty/dto/Link.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.pagerduty.dto; 18 | 19 | import com.fasterxml.jackson.annotation.JsonProperty; 20 | import java.net.URL; 21 | 22 | /** 23 | * @author Edgar Molina 24 | * 25 | */ 26 | public class Link { 27 | @JsonProperty("href") 28 | private final URL href; 29 | @JsonProperty("text") 30 | private final String text; 31 | 32 | public Link(URL href, String text) { 33 | this.href = href; 34 | this.text = text; 35 | } 36 | 37 | public URL getHref() { 38 | return href; 39 | } 40 | 41 | public String getText() { 42 | return text; 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/pagerduty/dto/PagerDutyMessage.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.pagerduty.dto; 18 | 19 | import com.fasterxml.jackson.annotation.JsonInclude; 20 | import com.fasterxml.jackson.annotation.JsonProperty; 21 | import java.util.List; 22 | import java.util.Map; 23 | 24 | /** 25 | * @author Edgar Molina 26 | * 27 | */ 28 | @JsonInclude(JsonInclude.Include.NON_EMPTY) 29 | public class PagerDutyMessage { 30 | @JsonProperty("routing_key") 31 | private final String routingKey; 32 | @JsonProperty("event_action") 33 | private final String eventAction; 34 | @JsonProperty("dedup_key") 35 | private final String dedupKey; 36 | @JsonProperty("client") 37 | private final String client; 38 | @JsonProperty("client_url") 39 | private final String clientUrl; 40 | @JsonProperty("links") 41 | private final List links; 42 | @JsonProperty("payload") 43 | private final Map payload; 44 | 45 | public PagerDutyMessage( 46 | String routingKey, 47 | String eventAction, 48 | String dedupKey, 49 | String client, 50 | String clientUrl, 51 | List links, 52 | Map payload) { 53 | this.routingKey = routingKey; 54 | this.eventAction = eventAction; 55 | this.dedupKey = dedupKey; 56 | this.client = client; 57 | this.clientUrl = clientUrl; 58 | this.links = links; 59 | this.payload = payload; 60 | } 61 | 62 | public String getRoutingKey() { 63 | return routingKey; 64 | } 65 | 66 | public String getEventAction() { 67 | return eventAction; 68 | } 69 | 70 | public String getDedupKey() { 71 | return dedupKey; 72 | } 73 | 74 | public String getClient() { 75 | return client; 76 | } 77 | 78 | public String getClientUrl() { 79 | return clientUrl; 80 | } 81 | 82 | public List getLinks() { 83 | return links; 84 | } 85 | 86 | public Map getPayload() { 87 | return payload; 88 | } 89 | } 90 | -------------------------------------------------------------------------------- /src/main/java/org/graylog/integrations/pagerduty/dto/PagerDutyResponse.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.pagerduty.dto; 18 | 19 | import com.fasterxml.jackson.annotation.JsonProperty; 20 | import java.util.List; 21 | 22 | /** 23 | * @author Edgar Molina 24 | * 25 | */ 26 | public class PagerDutyResponse { 27 | @JsonProperty("status") 28 | private String status; 29 | @JsonProperty("message") 30 | private String message; 31 | @JsonProperty("dedup_key") 32 | private String dedupKey; 33 | @JsonProperty("errors") 34 | private List errors; 35 | 36 | public String getStatus() { 37 | return status; 38 | } 39 | 40 | public String getMessage() { 41 | return message; 42 | } 43 | 44 | public String getDedupKey() { 45 | return dedupKey; 46 | } 47 | 48 | public List getErrors() { 49 | return errors; 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /src/main/resources/META-INF/services/org.graylog2.plugin.Plugin: -------------------------------------------------------------------------------- 1 | org.graylog.integrations.IntegrationsPlugin -------------------------------------------------------------------------------- /src/main/resources/ipfix_journal.proto: -------------------------------------------------------------------------------- 1 | syntax = "proto2"; 2 | 3 | package org.graylog.integrations.ipfix; 4 | 5 | // to regenerate: 6 | // install protobuf compiler (this was generated with 3.0.0, be careful with newer versions due to API changes in the runtime) 7 | // protoc --java_out=src/main/java src/main/resources/ipfix_journal.proto 8 | 9 | option java_package = "org.graylog.integrations.ipfix"; 10 | option java_outer_classname = "IpfixJournal"; 11 | 12 | message RawIpfix { 13 | // all applicable templates that are referenced by the data sets 14 | map templates = 1; 15 | // all applicable options templates that are references by the data sets 16 | map optionTemplates = 2; 17 | repeated DataSet dataSets = 3; 18 | } 19 | 20 | message DataSet { 21 | required uint64 timestampEpochSeconds = 1; 22 | required uint32 templateId = 2; 23 | required bytes dataRecords = 3; 24 | 25 | } 26 | -------------------------------------------------------------------------------- /src/main/resources/org.graylog.plugins.graylog-plugin-integrations/graylog-plugin.properties: -------------------------------------------------------------------------------- 1 | # The plugin version 2 | version=${project.version} 3 | 4 | # The required Graylog server version 5 | graylog.version=${graylog.version} 6 | 7 | # When set to true (the default) the plugin gets a separate class loader 8 | # when loading the plugin. When set to false, the plugin shares a class loader 9 | # with other plugins that have isolated=false. 10 | # 11 | # Do not disable this unless this plugin depends on another plugin! 12 | isolated=true 13 | -------------------------------------------------------------------------------- /src/test/java/org/graylog/integrations/aws/AWSAuthFactoryTest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws; 18 | 19 | 20 | import org.junit.Test; 21 | import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; 22 | import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider; 23 | import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider; 24 | 25 | import static org.assertj.core.api.AssertionsForClassTypes.assertThat; 26 | import static org.assertj.core.api.AssertionsForClassTypes.assertThatExceptionOfType; 27 | 28 | public class AWSAuthFactoryTest { 29 | 30 | @Test 31 | public void testAutomaticAuth() { 32 | assertThat(AWSAuthFactory.create(false, null, null, null, null)) 33 | .isExactlyInstanceOf(DefaultCredentialsProvider.class); 34 | } 35 | 36 | @Test 37 | public void testAutomaticAuthIsFailingInCloudWithInvalidAccessKey() { 38 | assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> 39 | AWSAuthFactory.create(true, null, null, "secret", null)) 40 | .withMessageContaining("Access key"); 41 | } 42 | 43 | @Test 44 | public void testAutomaticAuthIsFailingInCloudWithInvalidSecretKey() { 45 | assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> 46 | AWSAuthFactory.create(true, null, "key", null, null)) 47 | .withMessageContaining("Secret key"); 48 | } 49 | 50 | 51 | @Test 52 | public void testKeySecret() { 53 | final AwsCredentialsProvider awsCredentialsProvider = AWSAuthFactory.create(false, null, "key", "secret", null); 54 | assertThat(awsCredentialsProvider).isExactlyInstanceOf(StaticCredentialsProvider.class); 55 | assertThat("key").isEqualTo(awsCredentialsProvider.resolveCredentials().accessKeyId()); 56 | assertThat("secret").isEqualTo(awsCredentialsProvider.resolveCredentials().secretAccessKey()); 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /src/test/java/org/graylog/integrations/aws/cloudwatch/FlowLogMessageTest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.cloudwatch; 18 | 19 | import org.joda.time.DateTime; 20 | import org.joda.time.DateTimeZone; 21 | import org.junit.Test; 22 | 23 | import static org.junit.Assert.assertEquals; 24 | 25 | public class FlowLogMessageTest { 26 | 27 | @Test 28 | public void testFromPartsDoesNotFailWithMissingIntegerFields() { 29 | final String[] strings = { 30 | "-", 31 | "foo", 32 | "eth0", 33 | "127.0.0.1", 34 | "127.0.0.1", 35 | "-", 36 | "-", 37 | "-", 38 | "100", 39 | "100", 40 | "0", 41 | "0", 42 | "ACCEPT", 43 | "OK" 44 | }; 45 | 46 | final KinesisLogEntry logEvent = KinesisLogEntry.create("kinesisStream", "helloGroup", "helloStream", 47 | DateTime.now(DateTimeZone.UTC), 48 | String.join(" ", strings)); 49 | final FlowLogMessage m = FlowLogMessage.fromLogEvent(logEvent); 50 | 51 | assertEquals(m.getDestinationPort(), 0); 52 | assertEquals(m.getSourcePort(), 0); 53 | assertEquals(m.getVersion(), 0); 54 | assertEquals(m.getProtocolNumber(), 0); 55 | } 56 | 57 | @Test 58 | public void testFromPartsDoesNotFailWithMissingLongFields() { 59 | final String[] strings = { 60 | "1", 61 | "foo", 62 | "eth0", 63 | "127.0.0.1", 64 | "127.0.0.1", 65 | "80", 66 | "80", 67 | "1", 68 | "-", 69 | "-", 70 | "0", 71 | "0", 72 | "ACCEPT", 73 | "OK" 74 | }; 75 | 76 | final KinesisLogEntry logEvent = KinesisLogEntry.create("kinesisStream", "helloGroup", "helloStream", 77 | DateTime.now(DateTimeZone.UTC), 78 | String.join(" ", strings)); 79 | final FlowLogMessage m = FlowLogMessage.fromLogEvent(logEvent); 80 | 81 | assertEquals(m.getBytes(), 0); 82 | assertEquals(m.getPackets(), 0); 83 | } 84 | } -------------------------------------------------------------------------------- /src/test/java/org/graylog/integrations/aws/transports/KinesisTransportTest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.aws.transports; 18 | 19 | import org.graylog2.plugin.inputs.MisfireException; 20 | import org.junit.Test; 21 | 22 | import static org.assertj.core.api.AssertionsForClassTypes.assertThatThrownBy; 23 | 24 | public class KinesisTransportTest { 25 | 26 | @Test 27 | public void testValidateEndpoint() throws MisfireException { 28 | 29 | // Validate that no exception occurs for valid URI. 30 | KinesisTransport.validateEndpoint("https://graylog.org", "Graylog"); 31 | 32 | // Validate that no exception occurs for blank and null URL. 33 | KinesisTransport.validateEndpoint("", "Blank"); 34 | KinesisTransport.validateEndpoint(null, "Null"); 35 | 36 | // Verify exception occurs for invalid URI. 37 | assertThatThrownBy(() -> KinesisTransport.validateEndpoint("haha not a url", "Bad URI")) 38 | .isExactlyInstanceOf(MisfireException.class) 39 | .hasMessageContaining("Override Endpoint") 40 | .hasMessageContaining("is invalid"); 41 | } 42 | } -------------------------------------------------------------------------------- /src/test/java/org/graylog/integrations/dataadapters/GreyNoiseDataAdapterTest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.dataadapters; 18 | 19 | import okhttp3.MediaType; 20 | import okhttp3.Protocol; 21 | import okhttp3.Request; 22 | import okhttp3.Response; 23 | import okhttp3.ResponseBody; 24 | import org.assertj.core.api.Assertions; 25 | import org.graylog2.plugin.lookup.LookupResult; 26 | import org.junit.Before; 27 | import org.junit.Test; 28 | 29 | import static org.hamcrest.CoreMatchers.notNullValue; 30 | import static org.hamcrest.MatcherAssert.assertThat; 31 | 32 | public class GreyNoiseDataAdapterTest { 33 | 34 | Request mockRequest; 35 | Response mockResponse; 36 | String stringResponse; 37 | 38 | @Before 39 | public void setUp() throws Exception { 40 | 41 | stringResponse = "{\"ip\":\"192.168.1.1\",\"noise\":true,\"code\":\"0x01\"}"; 42 | 43 | mockRequest = new Request.Builder() 44 | .url("https://api.greynoise.io/v2/noise/quick/") 45 | .build(); 46 | } 47 | 48 | private void getvalidResponse() { 49 | mockResponse = new Response.Builder() 50 | .request(mockRequest) 51 | .protocol(Protocol.HTTP_2) 52 | .code(200) 53 | .message("") 54 | .body(ResponseBody.create(MediaType.get("application/json"), stringResponse)) 55 | .build(); 56 | } 57 | 58 | @Test 59 | public void parseBodyWithMultiValue(){ 60 | getvalidResponse(); 61 | 62 | final LookupResult result = GreyNoiseQuickIPDataAdapter.parseResponse(mockResponse); 63 | assertThat(result, notNullValue()); 64 | Assertions.assertThat(result.isEmpty()).isFalse(); 65 | Assertions.assertThat(result.hasError()).isFalse(); 66 | Assertions.assertThat(result.singleValue()).isEqualTo(null); 67 | Assertions.assertThat(result.multiValue()).isNotNull(); 68 | Assertions.assertThat(result.multiValue().containsValue("192.168.1.1")).isTrue(); 69 | Assertions.assertThat(result.multiValue().containsValue("0x01")).isTrue(); 70 | Assertions.assertThat(result.multiValue().containsValue(true)).isTrue(); 71 | } 72 | 73 | } 74 | -------------------------------------------------------------------------------- /src/test/java/org/graylog/integrations/inputs/paloalto/PaloAltoTemplateTest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.inputs.paloalto; 18 | 19 | import org.junit.Test; 20 | 21 | import static junit.framework.TestCase.assertTrue; 22 | import static org.junit.Assert.assertEquals; 23 | 24 | /** 25 | * Test parsing of raw PAN message templates. 26 | */ 27 | public class PaloAltoTemplateTest { 28 | 29 | public static final String DEFAULT_HEADER = "field,position,type"; 30 | 31 | @Test 32 | public void parseTest() throws Exception { 33 | 34 | PaloAltoTemplates builder = PaloAltoTemplates.newInstance(PaloAltoTemplateDefaults.SYSTEM_TEMPLATE, 35 | PaloAltoTemplateDefaults.THREAT_TEMPLATE, 36 | PaloAltoTemplateDefaults.TRAFFIC_TEMPLATE); 37 | 38 | // Verify that the correct number of fields were parsed. 39 | assertEquals(22, builder.getSystemMessageTemplate().getFields().size()); 40 | assertEquals(74, builder.getThreatMessageTemplate().getFields().size()); 41 | assertEquals(64, builder.getTrafficMessageTemplate().getFields().size()); 42 | } 43 | 44 | @Test 45 | public void verifyCSVValidation() { 46 | 47 | // Verify header checking. 48 | PaloAltoTemplates templates = PaloAltoTemplates.newInstance("badheader", 49 | DEFAULT_HEADER, 50 | DEFAULT_HEADER); 51 | assertEquals(3, templates.getAllErrors().size()); 52 | templates.getAllErrors().forEach(error -> { 53 | assertTrue(error.contains("The header row is invalid")); 54 | }); 55 | 56 | // Verify that invalid value messages returned for invalid values. 57 | templates = PaloAltoTemplates.newInstance("field,position,type\n" + 58 | "badvalue", 59 | DEFAULT_HEADER, 60 | DEFAULT_HEADER); 61 | 62 | templates.getAllErrors().forEach(error -> { 63 | assertTrue(error.contains("[] is not a valid")); 64 | }); 65 | } 66 | } -------------------------------------------------------------------------------- /src/test/java/org/graylog/integrations/ipfix/Utils.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | package org.graylog.integrations.ipfix; 18 | 19 | import io.netty.buffer.ByteBuf; 20 | import io.netty.buffer.Unpooled; 21 | 22 | import java.io.IOException; 23 | 24 | import static com.google.common.io.Resources.getResource; 25 | import static com.google.common.io.Resources.toByteArray; 26 | 27 | public class Utils { 28 | public static ByteBuf readPacket(String resourceName) throws IOException { 29 | return Unpooled.wrappedBuffer(toByteArray(getResource(resourceName))); 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /src/test/resources/data-datatemplate.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Graylog2/graylog-plugin-integrations/d0f637969418125106fe9d4b1dea3dcce4e5b6cd/src/test/resources/data-datatemplate.pcap -------------------------------------------------------------------------------- /src/test/resources/dataset-only.ipfix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Graylog2/graylog-plugin-integrations/d0f637969418125106fe9d4b1dea3dcce4e5b6cd/src/test/resources/dataset-only.ipfix -------------------------------------------------------------------------------- /src/test/resources/ixflow.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Graylog2/graylog-plugin-integrations/d0f637969418125106fe9d4b1dea3dcce4e5b6cd/src/test/resources/ixflow.pcap -------------------------------------------------------------------------------- /src/test/resources/ixia-multilist.ipfix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Graylog2/graylog-plugin-integrations/d0f637969418125106fe9d4b1dea3dcce4e5b6cd/src/test/resources/ixia-multilist.ipfix -------------------------------------------------------------------------------- /src/test/resources/log4j2-test.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /src/test/resources/netflow-v9.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Graylog2/graylog-plugin-integrations/d0f637969418125106fe9d4b1dea3dcce4e5b6cd/src/test/resources/netflow-v9.dat -------------------------------------------------------------------------------- /src/test/resources/org/graylog/integrations/dataadapters/GreyNoiseCommunityIpLookupAdapter_test-parse-404.json: -------------------------------------------------------------------------------- 1 | { 2 | "ip": "1.2.3.4", 3 | "noise": false, 4 | "riot": false, 5 | "message": "IP not observed scanning the internet or contained in RIOT data set." 6 | } -------------------------------------------------------------------------------- /src/test/resources/org/graylog/integrations/dataadapters/GreyNoiseCommunityIpLookupAdapter_test-parse-LimitReached.json: -------------------------------------------------------------------------------- 1 | { 2 | "plan": "unauthenticated", 3 | "rate-limit": "100-lookups/day", 4 | "plan_url": "https://greynoise.io/pricing", 5 | "message": "You have hit your daily rate limit of 100 requests per day. Please create a free account or upgrade your plan at https://greynoise.io/pricing." 6 | } -------------------------------------------------------------------------------- /src/test/resources/org/graylog/integrations/dataadapters/GreyNoiseCommunityIpLookupAdapter_test-parse-success.json: -------------------------------------------------------------------------------- 1 | { 2 | "ip": "1.2.3.4", 3 | "noise": false, 4 | "riot": true, 5 | "classification": "benign", 6 | "name": "Cloudflare", 7 | "link": "https://viz.greynoise.io/riot/1.2.3.4", 8 | "last_seen": "2020-01-01", 9 | "message": "Success" 10 | } -------------------------------------------------------------------------------- /src/test/resources/templates-data.ipfix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Graylog2/graylog-plugin-integrations/d0f637969418125106fe9d4b1dea3dcce4e5b6cd/src/test/resources/templates-data.ipfix -------------------------------------------------------------------------------- /src/test/web/aws/FormData.fixtures.js: -------------------------------------------------------------------------------- 1 | // eslint-disable-next-line import/prefer-default-export 2 | import { AWS_AUTH_TYPES, DEFAULT_KINESIS_LOG_TYPE } from 'aws/common/constants'; 3 | 4 | export const exampleFormDataWithKeySecretAuth = { 5 | awsAuthenticationType: { value: AWS_AUTH_TYPES.keysecret }, 6 | awsCloudWatchAddFlowLogPrefix: { value: true }, 7 | awsCloudWatchAssumeARN: { value: '' }, 8 | awsCloudWatchAwsKey: { value: 'mykey' }, 9 | awsCloudWatchAwsRegion: { value: 'us-east-1' }, 10 | awsCloudWatchBatchSize: { value: 10000 }, 11 | awsEndpointCloudWatch: { value: undefined }, 12 | awsCloudWatchKinesisInputType: { value: DEFAULT_KINESIS_LOG_TYPE }, 13 | awsCloudWatchKinesisStream: { value: 'my-stream' }, 14 | awsCloudWatchName: { value: 'My Input' }, 15 | awsCloudWatchThrottleEnabled: { value: false }, 16 | awsEndpointDynamoDB: { value: undefined }, 17 | awsEndpointIAM: { value: undefined }, 18 | awsEndpointKinesis: { value: undefined }, 19 | awsCloudWatchAwsSecret: { value: 'mysecret' }, 20 | }; 21 | 22 | export const exampleFormDataWithAutomaticAuth = { 23 | awsAuthenticationType: { value: AWS_AUTH_TYPES.automatic }, 24 | awsCloudWatchAddFlowLogPrefix: { value: true }, 25 | awsCloudWatchAssumeARN: { value: '' }, 26 | awsCloudWatchAwsRegion: { value: 'us-east-1' }, 27 | awsCloudWatchBatchSize: { value: 10000 }, 28 | awsEndpointCloudWatch: { value: undefined }, 29 | awsCloudWatchKinesisInputType: { value: DEFAULT_KINESIS_LOG_TYPE }, 30 | awsCloudWatchKinesisStream: { value: 'my-stream' }, 31 | awsCloudWatchName: { value: 'My Input' }, 32 | awsCloudWatchThrottleEnabled: { value: false }, 33 | awsEndpointDynamoDB: { value: undefined }, 34 | awsEndpointIAM: { value: undefined }, 35 | awsEndpointKinesis: { value: undefined }, 36 | key: 'mykey', 37 | secret: 'mysecret', 38 | }; 39 | -------------------------------------------------------------------------------- /src/test/web/fileMock.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | module.exports = 'test-file-stub'; 18 | -------------------------------------------------------------------------------- /src/web/aws/AWSInputConfiguration.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import { useEffect } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | import { useNavigate } from 'react-router-dom'; 20 | 21 | import Routes from 'aws/common/Routes.js'; 22 | 23 | const AWSInputConfiguration = ({ url }) => { 24 | const navigate = useNavigate(); 25 | 26 | useEffect(() => { 27 | navigate(url); 28 | }, [url, navigate]); 29 | 30 | return null; 31 | }; 32 | 33 | AWSInputConfiguration.propTypes = { 34 | url: PropTypes.string, 35 | }; 36 | 37 | AWSInputConfiguration.defaultProps = { 38 | url: Routes.INTEGRATIONS.AWS.CLOUDWATCH.index, 39 | }; 40 | 41 | export default AWSInputConfiguration; 42 | -------------------------------------------------------------------------------- /src/web/aws/authentication/ARN.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | import { Input } from 'components/bootstrap'; 21 | 22 | const ARN = ({ awsARN, onChange }) => { 23 | return ( 24 | 32 | ); 33 | }; 34 | 35 | ARN.propTypes = { 36 | awsARN: PropTypes.shape({ 37 | value: PropTypes.string, 38 | }), 39 | onChange: PropTypes.func.isRequired, 40 | }; 41 | 42 | ARN.defaultProps = { 43 | awsARN: { 44 | value: '', 45 | }, 46 | }; 47 | 48 | export default ARN; 49 | -------------------------------------------------------------------------------- /src/web/aws/authentication/Automatic.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import styled from 'styled-components'; 19 | import { Table } from 'components/bootstrap'; 20 | import { Icon } from 'components/common'; 21 | 22 | import { SectionTitle, SectionNote } from 'aws/common/sharedStyles'; 23 | 24 | const StyledTable = styled(Table)` 25 | margin: 0; 26 | `; 27 | 28 | const Automatic = () => { 29 | return ( 30 | 31 | 32 | 33 | 34 | Automatic authentication will attempt each of the following in the listed order. 35 | 36 | 37 | 38 | 39 | 40 | 41 | Environment variables 42 | AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY 43 | 44 | 45 | Java system properties 46 | aws.accessKeyId and aws.secretKey 47 | 48 | 49 | Default credential profiles file 50 | Typically located at ~/.aws/credentials 51 | 52 | 53 | Amazon ECS container credentials 54 | Loaded from the Amazon ECS if the environment variable AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is set 55 | 56 | 57 | Instance profile credentials 58 | Used on EC2 instances, and delivered through the Amazon EC2 metadata service 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | For more information, check out the AWS Credential Configuration Documentation 67 | 68 | 69 | 70 | 71 | 72 | ); 73 | }; 74 | 75 | export default Automatic; 76 | -------------------------------------------------------------------------------- /src/web/aws/authentication/KeySecret.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | import styled from 'styled-components'; 20 | 21 | import ValidatedInput from 'aws/common/ValidatedInput'; 22 | import MaskedInput from 'aws/common/MaskedInput'; 23 | 24 | const KeySecret = ({ onChange, awsKey, awsSecret }) => { 25 | return ( 26 | <> 27 | 37 | 38 | 47 | 48 | ); 49 | }; 50 | 51 | const StyledMaskedInput = styled(MaskedInput)` 52 | margin-bottom: 0; 53 | `; 54 | 55 | KeySecret.propTypes = { 56 | onChange: PropTypes.func.isRequired, 57 | awsKey: PropTypes.object, 58 | awsSecret: PropTypes.object, 59 | }; 60 | 61 | KeySecret.defaultProps = { 62 | awsKey: undefined, 63 | awsSecret: undefined, 64 | }; 65 | 66 | export default KeySecret; 67 | -------------------------------------------------------------------------------- /src/web/aws/cloudwatch/CloudWatchApp.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | 19 | import PageHeader from 'components/common/PageHeader'; 20 | 21 | import EmbeddedCloudWatchApp from './EmbeddedCloudWatchApp'; 22 | 23 | const CloudWatchApp = () => { 24 | return ( 25 | <> 26 | 27 | This feature retrieves log messages from various AWS sources. 28 | 29 | 30 | 31 | ); 32 | }; 33 | 34 | CloudWatchApp.propTypes = {}; 35 | 36 | export default CloudWatchApp; 37 | -------------------------------------------------------------------------------- /src/web/aws/cloudwatch/EmbeddedCloudWatchApp.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | import { SidebarProvider } from 'aws/context/Sidebar'; 21 | import { FormDataProvider } from 'aws/context/FormData'; 22 | import { StepsProvider } from 'aws/context/Steps'; 23 | import { ApiProvider } from 'aws/context/Api'; 24 | import { AdvancedOptionsProvider } from 'aws/context/AdvancedOptions'; 25 | import { toGenericInputCreateRequest } from 'aws/common/formDataAdapter'; 26 | 27 | import CloudWatch from './CloudWatch'; 28 | import INITIAL_FORMDATA from './_initialFormData'; 29 | 30 | const EmbeddedCloudWatchApp = ({ onSubmit }) => { 31 | const handleSubmit = (formData) => { 32 | if (!onSubmit) { 33 | return; 34 | } 35 | 36 | onSubmit(toGenericInputCreateRequest(formData)); 37 | }; 38 | 39 | return ( 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | ); 52 | }; 53 | 54 | EmbeddedCloudWatchApp.propTypes = { 55 | onSubmit: PropTypes.func, 56 | }; 57 | 58 | EmbeddedCloudWatchApp.defaultProps = { 59 | onSubmit: undefined, 60 | }; 61 | 62 | export default EmbeddedCloudWatchApp; 63 | -------------------------------------------------------------------------------- /src/web/aws/cloudwatch/StepKinesis.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { useState } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | import ExistingStreams from './kinesis/ExistingStreams'; 21 | import SetupNewStream from './kinesis/SetupNewStream'; 22 | 23 | const StepKinesis = ({ hasStreams, ...restProps }) => { 24 | const [renderStreams, toggleRenderStreams] = useState(hasStreams); 25 | 26 | return ( 27 | <> 28 | { renderStreams 29 | ? toggleRenderStreams(false)} /> 30 | : toggleRenderStreams(true) : null} />} 31 | 32 | ); 33 | }; 34 | 35 | StepKinesis.propTypes = { 36 | hasStreams: PropTypes.bool, 37 | onChange: PropTypes.func.isRequired, 38 | onSubmit: PropTypes.func.isRequired, 39 | }; 40 | 41 | StepKinesis.defaultProps = { 42 | hasStreams: false, 43 | }; 44 | 45 | export default StepKinesis; 46 | -------------------------------------------------------------------------------- /src/web/aws/cloudwatch/_initialFormData.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | const DEFAULT_SETTINGS = { 18 | /* 19 | fieldId: { // Same ID as supplied to 20 | value: '', 21 | defaultValue: '', // Update StepReview.jsx & relevant step(s) if you need to output 22 | } 23 | */ 24 | 25 | /* Default Advanced Settings */ 26 | awsCloudWatchBatchSize: { 27 | defaultValue: '10000', 28 | }, 29 | awsCloudWatchThrottleEnabled: { 30 | value: true, // We want to default to true on render, but never compare the default 31 | }, 32 | awsCloudWatchAddFlowLogPrefix: { 33 | value: true, // We want to default to true on render, but never compare the default 34 | }, 35 | }; 36 | 37 | export default DEFAULT_SETTINGS; 38 | -------------------------------------------------------------------------------- /src/web/aws/cloudwatch/kinesis/setup-steps/Agree.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | const Agree = ({ groupName, streamName }) => { 21 | return ( 22 | <> 23 |

This auto setup will create the following AWS resources. Click below to acknowledge that you understand that these resources will be created and that you are solely responsible for any associated AWS fees incurred from them. Note that all resources must be manually deleted by you if they are not needed.

24 | 25 |
    26 |
  1. Create a Kinesis stream with 1 shard.
    2. 27 |
  2. Create an IAM Role and Policy to allow the specified CloudWatch group {groupName} to publish log messages to the Kinesis stream {streamName}
    3. 28 |
  3. Create a CloudWatch Subscription, which publishes log messages to the Kinesis stream.
    4. 29 |
30 | 31 | ); 32 | }; 33 | 34 | Agree.propTypes = { 35 | groupName: PropTypes.string.isRequired, 36 | streamName: PropTypes.string.isRequired, 37 | }; 38 | 39 | export default Agree; 40 | -------------------------------------------------------------------------------- /src/web/aws/cloudwatch/kinesis/setup-steps/KinesisSetupStep.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | import styled from 'styled-components'; 20 | 21 | const KinesisSetupStep = ({ label, progress }) => { 22 | const { data, error, loading } = progress; 23 | 24 | const waitingText = !data && !loading && !error && 'Waiting...'; 25 | const loadingText = loading ? `Creating ${label}` : waitingText; 26 | const successText = data ? data.result : loadingText; 27 | const defaultText = error || successText; 28 | 29 | return ( 30 | 31 | 32 | {!data && !loading && !error && } 33 | {loading && } 34 | {data && } 35 | {error && } 36 | 37 | 38 | 39 | Create {label} 40 | 41 | 42 | {defaultText} 43 | 44 | 45 | 46 | ); 47 | }; 48 | 49 | KinesisSetupStep.propTypes = { 50 | progress: PropTypes.shape({ 51 | data: PropTypes.object, 52 | error: PropTypes.object, 53 | loading: PropTypes.bool, 54 | }).isRequired, 55 | label: PropTypes.string.isRequired, 56 | }; 57 | 58 | const StepItem = styled.li` 59 | display: flex; 60 | margin: 0 0 12px; 61 | `; 62 | 63 | const IconWrap = styled.div` 64 | min-width: 36px; 65 | `; 66 | 67 | const Content = styled.div` 68 | flex-grow: 1; 69 | `; 70 | 71 | const StepHeader = styled.span` 72 | font-size: 18px; 73 | `; 74 | 75 | const StepDetails = styled.p` 76 | margin: 3px 0 0; 77 | `; 78 | 79 | export default KinesisSetupStep; 80 | -------------------------------------------------------------------------------- /src/web/aws/common/AdditionalFields.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { useState } from 'react'; 18 | import styled from 'styled-components'; 19 | import PropTypes from 'prop-types'; 20 | 21 | import { Icon } from 'components/common'; 22 | import { Button } from 'components/bootstrap'; 23 | 24 | const AdditionalFields = ({ children, className, onToggle, title, visible }) => { 25 | const [fieldsVisible, setFieldsVisible] = useState(visible); 26 | 27 | const handleToggle = () => { 28 | setFieldsVisible(!fieldsVisible); 29 | onToggle(!fieldsVisible); 30 | }; 31 | 32 | return ( 33 |
34 | 35 | {title} 36 | 37 | 38 | 39 | {children} 40 | 41 |
42 | ); 43 | }; 44 | 45 | AdditionalFields.propTypes = { 46 | children: PropTypes.any.isRequired, 47 | title: PropTypes.string.isRequired, 48 | onToggle: PropTypes.func, 49 | visible: PropTypes.bool, 50 | className: PropTypes.string, 51 | }; 52 | 53 | AdditionalFields.defaultProps = { 54 | onToggle: () => {}, 55 | visible: false, 56 | className: undefined, 57 | }; 58 | 59 | const AdditionalFieldsContent = styled.div` 60 | display: ${(props) => (props.visible ? 'block' : 'none')}; 61 | padding: 0 100px 0 25px; 62 | `; 63 | 64 | const ToggleAdditionalFields = styled(Button)` 65 | border: 0; 66 | display: block; 67 | font-size: 14px; 68 | 69 | &:hover { 70 | text-decoration: underline; 71 | } 72 | `; 73 | 74 | export default AdditionalFields; 75 | -------------------------------------------------------------------------------- /src/web/aws/common/Countdown.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { useEffect, useState } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | import { duration } from 'moment'; 20 | 21 | function Countdown({ callback, className, timeInSeconds, paused }) { 22 | let tickTock = timeInSeconds; 23 | let logInterval; 24 | 25 | const defaultDuration = duration(timeInSeconds, 'seconds').format('mm:ss'); 26 | const [currentTime, setCurrentTime] = useState(defaultDuration); 27 | 28 | const startCountdown = () => { 29 | logInterval = setInterval(() => { 30 | tickTock -= 1; 31 | 32 | const currentDuration = duration(tickTock, 'seconds').format('mm:ss', { trim: false }); 33 | 34 | if (tickTock < 0) { 35 | tickTock = timeInSeconds; 36 | setCurrentTime(defaultDuration); 37 | clearInterval(logInterval); 38 | callback(); 39 | } else { 40 | setCurrentTime(currentDuration); 41 | } 42 | }, 1000); 43 | }; 44 | 45 | useEffect(() => { 46 | if (paused) { 47 | clearInterval(logInterval); 48 | } else { 49 | startCountdown(); 50 | } 51 | 52 | return () => { 53 | clearInterval(logInterval); 54 | }; 55 | }, [paused]); 56 | 57 | return ( 58 | {currentTime} 59 | ); 60 | } 61 | 62 | Countdown.propTypes = { 63 | timeInSeconds: PropTypes.number.isRequired, 64 | callback: PropTypes.func, 65 | className: PropTypes.string, 66 | paused: PropTypes.bool, 67 | }; 68 | 69 | Countdown.defaultProps = { 70 | callback: () => {}, 71 | className: '', 72 | paused: false, 73 | }; 74 | 75 | export default Countdown; 76 | -------------------------------------------------------------------------------- /src/web/aws/common/MaskedInput.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { useState } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | import styled from 'styled-components'; 20 | 21 | import { Icon } from 'components/common'; 22 | 23 | import ValidatedInput from './ValidatedInput'; 24 | 25 | const MaskedInput = ({ className, label, ...props }) => { 26 | const [masked, setMasked] = useState(true); 27 | const toggleLabel = ( 28 | 29 | {label} 30 | setMasked(!masked)} ariaDescription={`Toggle ${label} field input`}> 31 | 32 | 33 | 34 | ); 35 | 36 | return ( 37 | 38 | ); 39 | }; 40 | 41 | MaskedInput.propTypes = { 42 | label: PropTypes.oneOfType([ 43 | PropTypes.string, 44 | PropTypes.node, 45 | ]).isRequired, 46 | className: PropTypes.string, 47 | }; 48 | 49 | MaskedInput.defaultProps = { 50 | className: undefined, 51 | }; 52 | 53 | const LabelWrapper = styled.span` 54 | display: flex; 55 | align-items: center; 56 | `; 57 | 58 | const ToggleMask = styled.button` 59 | border: 0; 60 | background: none; 61 | padding: 0; 62 | margin: 0 0 0 12px; 63 | `; 64 | 65 | export default MaskedInput; 66 | -------------------------------------------------------------------------------- /src/web/aws/common/Options.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | function Options({ value, label }) { 21 | return ( 22 | 23 | ); 24 | } 25 | 26 | const renderOptions = (options = [], label = 'Choose One', loading = false) => { 27 | if (loading) { 28 | return Options({ value: '', label: 'Loading...' }); 29 | } 30 | 31 | return ( 32 | <> 33 | 34 | {options.map((option) => Options({ value: option.value, label: option.label }))} 35 | 36 | ); 37 | }; 38 | 39 | Options.propTypes = { 40 | value: PropTypes.string.isRequired, 41 | label: PropTypes.string.isRequired, 42 | }; 43 | 44 | export default Options; 45 | 46 | export { renderOptions }; 47 | -------------------------------------------------------------------------------- /src/web/aws/common/Routes.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | const Routes = { 18 | INTEGRATIONS: { 19 | AWS: { 20 | CLOUDWATCH: { 21 | index: '/integrations/aws/cloudwatch', 22 | }, 23 | }, 24 | }, 25 | }; 26 | 27 | const ApiRoutes = { 28 | INTEGRATIONS: { 29 | AWS: { 30 | PERMISSIONS: '/plugins/org.graylog.integrations/aws/permissions', 31 | REGIONS: '/plugins/org.graylog.integrations/aws/regions', 32 | CLOUDWATCH: { 33 | GROUPS: '/plugins/org.graylog.integrations/aws/cloudwatch/log_groups', 34 | }, 35 | KINESIS: { 36 | HEALTH_CHECK: '/plugins/org.graylog.integrations/aws/kinesis/health_check', 37 | STREAMS: '/plugins/org.graylog.integrations/aws/kinesis/streams', 38 | SAVE: '/plugins/org.graylog.integrations/aws/inputs', 39 | }, 40 | KINESIS_AUTO_SETUP: { 41 | CREATE_STREAM: '/plugins/org.graylog.integrations/aws/kinesis/auto_setup/create_stream', 42 | CREATE_SUBSCRIPTION_POLICY: '/plugins/org.graylog.integrations/aws/kinesis/auto_setup/create_subscription_policy', 43 | CREATE_SUBSCRIPTION: '/plugins/org.graylog.integrations/aws/kinesis/auto_setup/create_subscription', 44 | }, 45 | }, 46 | }, 47 | }; 48 | 49 | const DocsRoutes = { 50 | INTEGRATIONS: { 51 | AWS: { 52 | AWS_KINESIS_CLOUDWATCH_INPUTS: 'aws-kinesiscloudwatch-input', 53 | }, 54 | }, 55 | }; 56 | 57 | export default Routes; 58 | 59 | export { ApiRoutes, DocsRoutes }; 60 | -------------------------------------------------------------------------------- /src/web/aws/common/SkipHealthCheck.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { useContext } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | import styled from 'styled-components'; 20 | 21 | import FormWrap from 'aws/common/FormWrap'; 22 | import AdditionalFields from 'aws/common/AdditionalFields'; 23 | import { renderOptions } from 'aws/common/Options'; 24 | import ValidatedInput from 'aws/common/ValidatedInput'; 25 | import { KINESIS_LOG_TYPES } from 'aws/common/constants'; 26 | import { FormDataContext } from 'aws/context/FormData'; 27 | 28 | const SkipHealthCheck = ({ onChange, onSubmit }) => { 29 | const { formData } = useContext(FormDataContext); 30 | 31 | return ( 32 | 33 | If you're sure of the data contained within your new {formData.awsCloudWatchKinesisStream.value} stream, then choose your option below to skip our automated check.

39 | )}> 40 | 41 | 47 | {renderOptions(KINESIS_LOG_TYPES, 'Choose Log Type')} 48 | 49 | 50 | 51 | ); 52 | }; 53 | 54 | SkipHealthCheck.propTypes = { 55 | onSubmit: PropTypes.func.isRequired, 56 | onChange: PropTypes.func.isRequired, 57 | }; 58 | 59 | const StyledFormWrap = styled(FormWrap)` 60 | padding-top: 25px; 61 | `; 62 | 63 | export default SkipHealthCheck; 64 | -------------------------------------------------------------------------------- /src/web/aws/common/ValidatedInput.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | import styled from 'styled-components'; 20 | 21 | import { Input } from 'components/bootstrap'; 22 | import formValidation from 'aws/utils/formValidation'; 23 | 24 | const Label = ({ label, error }) => { 25 | if (error) { 26 | return ( 27 | 28 | {label} 29 | {error} 30 | 31 | ); 32 | } 33 | 34 | return label; 35 | }; 36 | 37 | const ValidatedInput = ({ className, help, onChange, id, label, fieldData, type, ...restProps }) => { 38 | const { dirty, error, value } = fieldData; 39 | 40 | const checkValidity = (event) => { 41 | if (dirty) { 42 | const errorOutput = formValidation.checkInputValidity(event.target); 43 | 44 | onChange(event, { error: errorOutput }); 45 | } 46 | }; 47 | 48 | return ( 49 | } 59 | help={help} /> 60 | ); 61 | }; 62 | 63 | ValidatedInput.propTypes = { 64 | className: PropTypes.string, 65 | fieldData: PropTypes.shape({ 66 | error: PropTypes.string, 67 | dirty: PropTypes.bool, 68 | value: PropTypes.string, 69 | }), 70 | help: PropTypes.string, 71 | label: PropTypes.oneOfType([ 72 | PropTypes.string, 73 | PropTypes.node, 74 | ]).isRequired, 75 | id: PropTypes.string.isRequired, 76 | onChange: PropTypes.func, 77 | required: PropTypes.bool, 78 | type: PropTypes.string.isRequired, 79 | }; 80 | 81 | ValidatedInput.defaultProps = { 82 | className: undefined, 83 | onChange: () => {}, 84 | required: false, 85 | help: '', 86 | fieldData: { 87 | dirty: false, 88 | error: undefined, 89 | value: undefined, 90 | }, 91 | }; 92 | 93 | const Error = styled.span` 94 | display: block; 95 | font-weight: normal; 96 | padding-left: 15px; 97 | font-size: 0.85em; 98 | `; 99 | 100 | const ErrorContainer = styled.span` 101 | display: flex; 102 | align-items: center; 103 | `; 104 | 105 | export default ValidatedInput; 106 | -------------------------------------------------------------------------------- /src/web/aws/common/constants.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | const KINESIS_LOG_TYPES = [ 18 | { value: 'KINESIS_CLOUDWATCH_FLOW_LOGS', label: 'Kinesis CloudWatch Flow Logs' }, 19 | { value: 'KINESIS_CLOUDWATCH_RAW', label: 'Kinesis CloudWatch Raw' }, 20 | { value: 'KINESIS_RAW', label: 'Kinesis Raw' }, 21 | ]; 22 | 23 | const DEFAULT_KINESIS_LOG_TYPE = 'KINESIS_CLOUDWATCH_FLOW_LOGS'; 24 | 25 | const AWS_AUTH_TYPES = { 26 | automatic: 'Automatic', 27 | keysecret: 'Key & Secret', 28 | }; 29 | 30 | export { 31 | AWS_AUTH_TYPES, 32 | KINESIS_LOG_TYPES, 33 | DEFAULT_KINESIS_LOG_TYPE, 34 | }; 35 | -------------------------------------------------------------------------------- /src/web/aws/common/sharedStyles.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import styled from 'styled-components'; 18 | 19 | export const SectionTitle = styled.p` 20 | font-weight: bold; 21 | font-size: 1.2em; 22 | margin: 0 0 12px; 23 | `; 24 | 25 | export const SectionNote = styled.p` 26 | font-style: italic; 27 | margin: 3px 0 0; 28 | `; 29 | -------------------------------------------------------------------------------- /src/web/aws/context/AdvancedOptions.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { createContext, useState } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | export const AdvancedOptionsContext = createContext(); 21 | 22 | export const AdvancedOptionsProvider = ({ children }) => { 23 | const [isAdvancedOptionsVisible, setAdvancedOptionsVisibility] = useState(false); 24 | const [isAWSCustomEndpointsVisible, setAWSCustomEndpointsVisibility] = useState(false); 25 | 26 | return ( 27 | 33 | {children} 34 | 35 | ); 36 | }; 37 | 38 | AdvancedOptionsProvider.propTypes = { 39 | children: PropTypes.any.isRequired, 40 | }; 41 | -------------------------------------------------------------------------------- /src/web/aws/context/Api.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { createContext, useState } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | export const ApiContext = createContext(); 21 | 22 | export const ApiProvider = ({ children }) => { 23 | const [availableRegions, setRegionsState] = useState([]); 24 | const [availableStreams, setStreamsState] = useState([]); 25 | const [availableGroups, setGroupsState] = useState([]); 26 | const [logData, setLogDataState] = useState(null); 27 | 28 | const setRegions = (results) => setRegionsState(results.regions); 29 | 30 | const setGroups = (results) => { 31 | const groups = results.log_groups.map((group) => ({ value: group, label: group })); 32 | setGroupsState(groups); 33 | }; 34 | 35 | const setStreams = (results) => { 36 | const streams = results.streams.map((stream) => ({ value: stream, label: stream })); 37 | setStreamsState(streams); 38 | }; 39 | 40 | const setLogData = (response) => { 41 | setLogDataState({ 42 | message: JSON.stringify(response.message_fields, null, 2), 43 | type: response.input_type, 44 | additional: response.explanation, 45 | }); 46 | }; 47 | 48 | const clearLogData = () => { 49 | setLogDataState(null); 50 | }; 51 | 52 | return ( 53 | 64 | {children} 65 | 66 | ); 67 | }; 68 | 69 | ApiProvider.propTypes = { 70 | children: PropTypes.any.isRequired, 71 | }; 72 | -------------------------------------------------------------------------------- /src/web/aws/context/FormData.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { createContext, useState } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | export const FormDataContext = createContext(); 21 | 22 | export const FormDataProvider = ({ initialFormData, children }) => { 23 | const [formData, updateState] = useState(initialFormData); 24 | 25 | const setFormData = (id, fieldData) => { 26 | updateState({ 27 | ...formData, 28 | [id]: { 29 | ...formData[id], 30 | ...fieldData, 31 | dirty: true, 32 | }, 33 | }); 34 | }; 35 | 36 | const clearField = (id) => { 37 | if (Object.keys(formData).find((field) => field === id)) { 38 | delete formData[id]; 39 | updateState(formData); 40 | } 41 | }; 42 | 43 | return ( 44 | 45 | {children} 46 | 47 | ); 48 | }; 49 | 50 | FormDataProvider.propTypes = { 51 | children: PropTypes.any.isRequired, 52 | initialFormData: PropTypes.object, 53 | }; 54 | 55 | FormDataProvider.defaultProps = { 56 | initialFormData: {}, 57 | }; 58 | 59 | export default FormDataProvider; 60 | -------------------------------------------------------------------------------- /src/web/aws/context/Sidebar.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { createContext, useState } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | export const SidebarContext = createContext(); 21 | 22 | export const SidebarProvider = ({ children }) => { 23 | const [sidebar, setSidebar] = useState(<>); 24 | 25 | const clearSidebar = () => { 26 | setSidebar(<>); 27 | }; 28 | 29 | return ( 30 | 31 | {children} 32 | 33 | ); 34 | }; 35 | 36 | SidebarProvider.propTypes = { 37 | children: PropTypes.any.isRequired, 38 | }; 39 | -------------------------------------------------------------------------------- /src/web/aws/context/Steps.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React, { createContext, useState } from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | export const StepsContext = createContext(); 21 | 22 | export const StepsProvider = ({ children }) => { 23 | const [currentStep, setCurrentStep] = useState('authorize'); 24 | const [enabledSteps, enableStep] = useState(['authorize']); 25 | const [availableSteps, setAvailableStep] = useState([]); 26 | 27 | const isDisabledStep = (step) => { 28 | if (!enabledSteps || enabledSteps.length === 0) { 29 | return true; 30 | } 31 | 32 | return !enabledSteps.includes(step); 33 | }; 34 | 35 | const setEnabledStep = (step) => { 36 | enableStep([...enabledSteps, step]); 37 | }; 38 | 39 | return ( 40 | 49 | {children} 50 | 51 | ); 52 | }; 53 | 54 | StepsProvider.propTypes = { 55 | children: PropTypes.any.isRequired, 56 | }; 57 | -------------------------------------------------------------------------------- /src/web/aws/utils/formValidation.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | const formValidation = { 18 | checkInputValidity: (input, customErrorMessage) => { 19 | const { validity } = input; 20 | const isValid = validity.valid; 21 | const providedMessage = input.getAttribute('title'); 22 | 23 | if (isValid) { 24 | return undefined; 25 | } 26 | 27 | const isEmpty = validity.valueMissing; 28 | const isIncorrectType = validity.typeMismatch; 29 | const isIncorrectPattern = validity.patternMismatch; 30 | const isTooLong = validity.tooLong || validity.rangeOverflow; 31 | const isTooShort = validity.rangeUnderflow; 32 | const isInvalidStep = validity.stepMismatch; 33 | 34 | const possibleErrors = [ 35 | { invalid: isEmpty, message: providedMessage || 'A value is required.' }, 36 | { invalid: isIncorrectType, message: providedMessage || 'Please verify that your input is the expected type (ie: email address).' }, 37 | { invalid: isIncorrectPattern, message: providedMessage || 'This input does not match the expected value.' }, 38 | { invalid: isTooLong, message: providedMessage || 'Your input is too long.' }, 39 | { invalid: isTooShort, message: providedMessage || 'Your input is too short.' }, 40 | { invalid: isInvalidStep, message: providedMessage || 'Unexpected value.' }, 41 | ]; 42 | 43 | const errorOutput = possibleErrors.find((error) => error.invalid); 44 | 45 | return customErrorMessage || errorOutput.message; 46 | }, 47 | 48 | isFormValid: (requiredFields, context) => { 49 | return !!requiredFields.find((field) => (!context[field] || !context[field].value || context[field].error)); 50 | }, 51 | }; 52 | 53 | export default formValidation; 54 | -------------------------------------------------------------------------------- /src/web/dataadapters/GreyNoiseAdapterDocumentation.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | /* eslint-disable react/no-unescaped-entities, no-template-curly-in-string */ 18 | import React from 'react'; 19 | 20 | import { ExternalLink } from 'components/common'; 21 | 22 | class GreyNoiseAdapterDocumentation extends React.Component { 23 | render() { 24 | const style = { marginBottom: 10 }; 25 | return ( 26 |
27 |

28 | The GreyNoise Quick IP Lookup data adapter uses the Greynoise API to 29 | lookup indicators for the given key and returns the values for the IP Quick Context endpoint. 30 | See IP Quick Context 31 |

32 |
33 | ) 34 | ; 35 | } 36 | } 37 | 38 | export default GreyNoiseAdapterDocumentation; 39 | -------------------------------------------------------------------------------- /src/web/dataadapters/GreyNoiseAdapterSummary.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | // eslint-disable-next-line react/prefer-stateless-function 18 | import React from 'react'; 19 | import PropTypes from 'prop-types'; 20 | 21 | import { Alert } from 'components/bootstrap'; 22 | 23 | class GreyNoiseAdapterSummary extends React.Component { 24 | static propTypes = { 25 | dataAdapter: PropTypes.shape({ 26 | config: PropTypes.shape({ 27 | }).isRequired, 28 | updateConfig: PropTypes.func.isRequired, 29 | handleFormEvent: PropTypes.func.isRequired, 30 | validationState: PropTypes.func.isRequired, 31 | validationMessage: PropTypes.func.isRequired, 32 | }), 33 | }; 34 | 35 | render() { 36 | return ( 37 |
38 |
39 |
API Token
40 |
******
41 |
42 | 43 |

Deprecation Warning

44 |

The GreyNoise Community IP Lookup Data Adapter is no longer supported. This Data Adapter should not be used.

45 | 46 |
47 | ); 48 | } 49 | } 50 | 51 | export default GreyNoiseAdapterSummary; 52 | -------------------------------------------------------------------------------- /src/web/dataadapters/GreyNoiseCommunityIpLookupAdapterDocumentation.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | /* eslint-disable react/no-unescaped-entities, no-template-curly-in-string */ 18 | import React from 'react'; 19 | 20 | import { Alert } from 'components/bootstrap'; 21 | 22 | class GreyNoiseCommunityIpLookupAdapterDocumentation extends React.Component { 23 | render() { 24 | return ( 25 |
26 | 27 |

Deprecation Warning

28 |

The GreyNoise Community IP Lookup Data Adapter is no longer supported. This Data Adapter should not be used.

29 | 30 |
31 | ) 32 | ; 33 | } 34 | } 35 | 36 | export default GreyNoiseCommunityIpLookupAdapterDocumentation; 37 | -------------------------------------------------------------------------------- /src/web/event-notifications/event-notification-details/SlackNotificationDetails.tsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import * as React from 'react'; 18 | import styled, { css } from 'styled-components'; 19 | 20 | import { ReadOnlyFormGroup } from 'components/common'; 21 | import { Well } from 'components/bootstrap'; 22 | import type { SlackNotificationSummaryType } from 'event-notifications/types'; 23 | 24 | const NewExampleWell = styled(Well)(({ theme }) => css` 25 | margin-bottom: 5px; 26 | font-family: ${theme.fonts.family.monospace}; 27 | font-size: ${theme.fonts.size.body}; 28 | white-space: pre-wrap; 29 | word-wrap: break-word; 30 | `); 31 | 32 | const SlackNotificationDetails: React.FC = ({ notification }) => ( 33 | <> 34 | 35 | 36 | 39 | {notification.config.custom_message || Empty body} 40 | 41 | )} /> 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | ); 52 | 53 | export default SlackNotificationDetails; 54 | -------------------------------------------------------------------------------- /src/web/event-notifications/event-notification-details/TeamsNotificationDetails.tsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import * as React from 'react'; 18 | import styled, { css } from 'styled-components'; 19 | 20 | import { ReadOnlyFormGroup } from 'components/common'; 21 | import { Well } from 'components/bootstrap'; 22 | 23 | import type { TeamsNotificationSummaryType } from '../types'; 24 | 25 | const NewExampleWell = styled(Well)(({ theme }) => css` 26 | margin-bottom: 5px; 27 | font-family: ${theme.fonts.family.monospace}; 28 | font-size: ${theme.fonts.size.body}; 29 | white-space: pre-wrap; 30 | word-wrap: break-word; 31 | `); 32 | 33 | const TeamsNotificationDetails: React.FC = ({ notification }) => ( 34 | <> 35 | 36 | 39 | {notification.config.custom_message || Empty body} 40 | 41 | )} /> 42 | 43 | 44 | 45 | 46 | ); 47 | 48 | export default TeamsNotificationDetails; 49 | -------------------------------------------------------------------------------- /src/web/event-notifications/event-notification-types/SlackNotificationSummary.tsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | 19 | import CommonNotificationSummary from 'components/event-notifications/event-notification-types/CommonNotificationSummary'; 20 | import type { SlackNotificationSummaryType } from 'event-notifications/types'; 21 | 22 | function SlackNotificationSummary({ notification, ...restProps }: SlackNotificationSummaryType) { 23 | return ( 24 | 25 | 26 | Color 27 | {notification?.config?.color} 28 | 29 | 30 | Webhook URL 31 | {notification.config.webhook_url} 32 | 33 | 34 | Channel 35 | {notification.config.channel} 36 | 37 | 38 | Include Title 39 | {notification.config.include_title} 40 | 41 | 42 | Custom Message 43 | {notification.config.custom_message} 44 | 45 | 46 | Time Zone 47 | {notification.config.time_zone} 48 | 49 | 50 | Message Backlog Limit 51 | {notification.config.backlog_size} 52 | 53 | 54 | User Name 55 | {notification.config.user_name} 56 | 57 | 58 | Notify Channel 59 | {notification.config.notify_channel ? 'Yes' : 'No'} 60 | 61 | 62 | Link Names 63 | {notification.config.link_names ? 'Yes' : 'No'} 64 | 65 | 66 | Icon URL 67 | {notification.config.icon_url} 68 | 69 | 70 | Icon Emoji 71 | {notification.config.icon_emoji} 72 | 73 | 74 | ); 75 | } 76 | 77 | SlackNotificationSummary.defaultProps = { 78 | notification: {}, 79 | }; 80 | 81 | export default SlackNotificationSummary; 82 | -------------------------------------------------------------------------------- /src/web/event-notifications/event-notification-types/TeamsNotificationSummary.tsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | 19 | import CommonNotificationSummary from 'components/event-notifications/event-notification-types/CommonNotificationSummary'; 20 | 21 | import type { TeamsNotificationSummaryType } from '../types'; 22 | 23 | function TeamsNotificationSummary({ notification, ...restProps }: TeamsNotificationSummaryType) { 24 | return ( 25 | 26 | 27 | Color 28 | {notification?.config?.color} 29 | 30 | 31 | Webhook URL 32 | {notification.config.webhook_url} 33 | 34 | 35 | 36 | Custom Message 37 | {notification.config.custom_message} 38 | 39 | 40 | Time Zone 41 | {notification.config.time_zone} 42 | 43 | 44 | Message Backlog Limit 45 | {notification.config.backlog_size} 46 | 47 | 48 | Icon URL 49 | {notification.config.icon_url} 50 | 51 | 52 | ); 53 | } 54 | 55 | TeamsNotificationSummary.defaultProps = { 56 | notification: {}, 57 | }; 58 | 59 | export default TeamsNotificationSummary; 60 | -------------------------------------------------------------------------------- /src/web/event-notifications/types.ts: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | export type TeamsNotificationSummaryType = { 18 | type: string, 19 | notification: NotificationType, 20 | } 21 | 22 | export type NotificationType = { 23 | config: ConfigType, 24 | } 25 | 26 | export interface ConfigType { 27 | defaultValue?: any, 28 | icon_url?: string, 29 | backlog_size?: number, 30 | custom_message: string, 31 | webhook_url?: string, 32 | color?: string, 33 | time_zone?: string, 34 | } 35 | 36 | export type ValidationType = { 37 | failed?: boolean, 38 | errors?: ErrorType, 39 | } 40 | 41 | export interface ErrorType { 42 | webhook_url: string[], 43 | color: string[], 44 | icon_url: string, 45 | backlog_size: number, 46 | custom_message: string, 47 | } 48 | 49 | export type SlackNotificationSummaryType = { 50 | type: string, 51 | notification: SlackNotificationType, 52 | definitionNotification: any, 53 | } 54 | 55 | export type SlackNotificationType = { 56 | config: SlackConfigType, 57 | } 58 | 59 | export interface SlackConfigType { 60 | icon_emoji?: string, 61 | icon_url?: string, 62 | link_names: string, 63 | notify_channel: boolean, 64 | notify_here: boolean, 65 | backlog_size: number, 66 | user_name?: string, 67 | custom_message: string, 68 | channel: string, 69 | webhook_url: string, 70 | color: string, 71 | time_zone: string, 72 | include_title: boolean, 73 | } 74 | 75 | export type SlackValidationType = { 76 | failed: boolean, 77 | errors?: SlackErrorType, 78 | error_context?: any 79 | } 80 | 81 | export interface SlackErrorType { 82 | icon_emoji?: string, 83 | icon_url?: string, 84 | link_names: string, 85 | notify_channel: string, 86 | notify_here: string, 87 | backlog_size: number, 88 | user_name?: string, 89 | custom_message: string, 90 | channel: string, 91 | webhook_url: string, 92 | color: string, 93 | time_zone: string, 94 | include_title?: string, 95 | } 96 | -------------------------------------------------------------------------------- /src/web/pager-duty/PagerDutyNotificationDetails.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import * as React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | import { ReadOnlyFormGroup } from 'components/common'; 21 | 22 | const PagerDutyNotificationDetails = ({ notification }) => { 23 | return ( 24 | <> 25 | 26 | 27 | 28 | 29 | 30 | 31 | ); 32 | }; 33 | 34 | PagerDutyNotificationDetails.propTypes = { 35 | notification: PropTypes.shape({ 36 | config: PropTypes.shape({ 37 | routing_key: PropTypes.string, 38 | custom_incident: PropTypes.bool, 39 | key_prefix: PropTypes.string, 40 | client_name: PropTypes.string, 41 | client_url: PropTypes.string, 42 | }).isRequired, 43 | }).isRequired, 44 | }; 45 | 46 | export default PagerDutyNotificationDetails; 47 | -------------------------------------------------------------------------------- /src/web/pager-duty/PagerDutyNotificationSummary.jsx: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import React from 'react'; 18 | import PropTypes from 'prop-types'; 19 | 20 | import CommonNotificationSummary from 'components/event-notifications/event-notification-types/CommonNotificationSummary'; 21 | 22 | function PagerDutyNotificationSummary({ notification, ...restProps }) { 23 | return ( 24 | 25 | 26 | Routing Key 27 | {notification?.config?.routing_key} 28 | 29 | 30 | Use Custom Incident Key 31 | {notification?.config?.custom_incident ? 'Yes' : 'No'} 32 | 33 | 34 | Incident Key Prefix 35 | {notification?.config?.key_prefix} 36 | 37 | 38 | Client Name 39 | {notification?.config?.client_name} 40 | 41 | 42 | Client URL 43 | {notification?.config?.client_url} 44 | 45 | 46 | ); 47 | } 48 | 49 | PagerDutyNotificationSummary.propTypes = { 50 | type: PropTypes.string.isRequired, 51 | notification: PropTypes.shape({ 52 | config: PropTypes.shape({ 53 | routing_key: PropTypes.string, 54 | custom_incident: PropTypes.bool, 55 | key_prefix: PropTypes.string, 56 | client_name: PropTypes.string, 57 | client_url: PropTypes.string, 58 | }).isRequired, 59 | }).isRequired, 60 | definitionNotification: PropTypes.shape.isRequired, 61 | }; 62 | 63 | export default PagerDutyNotificationSummary; 64 | -------------------------------------------------------------------------------- /src/web/webpack-entry.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | import URI from 'urijs'; 18 | 19 | import AppConfig from 'util/AppConfig'; 20 | 21 | // The webpack-dev-server serves the assets from "/" 22 | const assetPrefix = AppConfig.gl2DevMode() ? '/' : '/assets/plugin/org.graylog.integrations.IntegrationsPlugin/'; 23 | 24 | // If app prefix was not set, we need to tell webpack to load chunks from root instead of the relative URL path 25 | __webpack_public_path__ = URI.joinPaths(AppConfig.gl2AppPathPrefix(), assetPrefix).path() || assetPrefix; 26 | -------------------------------------------------------------------------------- /tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "target": "es5", 4 | "lib": [ 5 | "dom", 6 | "dom.iterable", 7 | "esnext" 8 | ], 9 | "allowJs": false, 10 | "downlevelIteration": true, 11 | "skipLibCheck": true, 12 | "esModuleInterop": true, 13 | "allowSyntheticDefaultImports": true, 14 | "strict": false, 15 | "forceConsistentCasingInFileNames": true, 16 | "module": "esnext", 17 | "moduleResolution": "node", 18 | "resolveJsonModule": true, 19 | "isolatedModules": true, 20 | "noEmit": true, 21 | "jsx": "react", 22 | "baseUrl": ".", 23 | "paths": { 24 | "*": [ 25 | "*", 26 | "./src/web/*", 27 | "./test/web/*", 28 | "../graylog2-server/graylog2-web-interface/src/*", 29 | "../graylog2-server/graylog2-web-interface/test/*", 30 | ] 31 | } 32 | }, 33 | "include": [ 34 | "src", 35 | "../graylog2-server/graylog2-web-interface/src/@types/**/*", 36 | "../graylog2-server/graylog2-web-interface/src/**/*.d.ts" 37 | ] 38 | } 39 | -------------------------------------------------------------------------------- /webpack.config.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2020 Graylog, Inc. 3 | * 4 | * This program is free software: you can redistribute it and/or modify 5 | * it under the terms of the Server Side Public License, version 1, 6 | * as published by MongoDB, Inc. 7 | * 8 | * This program is distributed in the hope that it will be useful, 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 | * Server Side Public License for more details. 12 | * 13 | * You should have received a copy of the Server Side Public License 14 | * along with this program. If not, see 15 | * . 16 | */ 17 | const { PluginWebpackConfig } = require('graylog-web-plugin'); 18 | const { loadBuildConfig } = require('graylog-web-plugin'); 19 | const path = require('path'); 20 | 21 | // Remember to use the same name here and in `getUniqueId()` in the java MetaData class 22 | module.exports = new PluginWebpackConfig(__dirname, 'org.graylog.integrations.IntegrationsPlugin', loadBuildConfig(path.resolve(__dirname, './build.config')), { 23 | // Here goes your additional webpack configuration. 24 | }); 25 | --------------------------------------------------------------------------------