From d71ce1d1a62be7713cbee92b9c99574eb69d1bb5 Mon Sep 17 00:00:00 2001
From: Fabio Pistolesi <fabio.pistolesi@forgerock.com>
Date: Mon, 17 Oct 2016 17:09:22 +0000
Subject: [PATCH] OPENDJ-3394 Deliver example configuration files for CAUD handlers.
---
opendj-server-legacy/resource/config/audit-handlers/mysql_tables-example.sql | 99 +++
opendj-server-legacy/resource/config/audit-handlers/syslog-config.json-example | 29 +
opendj-server-legacy/resource/config/audit-handlers/elasticsearch-config.json-example | 36 +
opendj-server-legacy/resource/config/audit-handlers/elasticsearch-index-setup-example.json | 277 +++++++++++
opendj-server-legacy/resource/config/audit-handlers/jms-config.json-example | 41 +
opendj-server-legacy/resource/config/audit-handlers/oracle_tables-example.sql | 107 ++++
opendj-server-legacy/resource/config/audit-handlers/splunk-config.json-example | 28 +
opendj-server-legacy/resource/config/audit-handlers/jdbc-config.json-example | 119 ++++
opendj-server-legacy/src/main/resources/org/opends/server/loggers/audit-config.json | 714 ++++++++++++++--------------
9 files changed, 1,093 insertions(+), 357 deletions(-)
diff --git a/opendj-server-legacy/resource/config/audit-handlers/elasticsearch-config.json-example b/opendj-server-legacy/resource/config/audit-handlers/elasticsearch-config.json-example
new file mode 100644
index 0000000..c83e981
--- /dev/null
+++ b/opendj-server-legacy/resource/config/audit-handlers/elasticsearch-config.json-example
@@ -0,0 +1,36 @@
+//
+// Example configuration for Elastic Search handler.
+// Edit a copy of the file with your settings.
+// Strip comments before use with grep -v '^[ ]*//' < your-file.json
+//
+{
+ "class": "org.forgerock.audit.handlers.elasticsearch.ElasticsearchAuditEventHandler",
+ "config": {
+ // Buffering is optional. Once enabled, its fields are optional.
+ "buffering": {
+ "enabled": false,
+ "maxBatchedEvents": 500,
+ "maxSize": 10000,
+ "writeInterval": "100 millis"
+ },
+ // Optional
+ "connection": {
+ "host": "localhost",
+ "port": 9200,
+ "useSSL": false,
+ "username": "myUsername",
+ "password": "myPassword"
+ },
+ "enabled": false,
+ // Optional
+ "indexMapping": {
+ "indexName": "audit"
+ },
+ "name": "elasticsearch",
+ "topics": [
+ "ldap-access",
+ "http-access"
+ ]
+ }
+}
+
diff --git a/opendj-server-legacy/resource/config/audit-handlers/elasticsearch-index-setup-example.json b/opendj-server-legacy/resource/config/audit-handlers/elasticsearch-index-setup-example.json
new file mode 100644
index 0000000..388b174
--- /dev/null
+++ b/opendj-server-legacy/resource/config/audit-handlers/elasticsearch-index-setup-example.json
@@ -0,0 +1,277 @@
+{
+ "settings": {},
+ "mappings": {
+ "ldap-access": {
+ "_source": {
+ "enabled": true
+ },
+ "properties": {
+ "timestamp": {
+ "type": "date"
+ },
+ "eventName": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "transactionId": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "userId": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "server": {
+ "properties": {
+ "ip": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "port": {
+ "type": "integer"
+ }
+ }
+ },
+ "client": {
+ "properties": {
+ "ip": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "port": {
+ "type": "integer"
+ }
+ }
+ },
+ "request": {
+ "properties": {
+ "protocol": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "operation": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "connId": {
+ "type": "integer",
+ "index": "not_analyzed"
+ },
+ "msgId": {
+ "type": "integer"
+ },
+ "dn": {
+ "type": "string"
+ },
+ "scope": {
+ "type": "string"
+ },
+ "filter": {
+ "type": "string"
+ },
+ "attrs": {
+ "type": "string"
+ },
+ "authType": {
+ "type": "string"
+ },
+ "controls": {
+ "type": "string"
+ },
+ "attr": {
+ "type": "string"
+ },
+ "idToAbandon": {
+ "type": "integer"
+ },
+ "message": {
+ "type": "string"
+ },
+ "name": {
+ "type": "string"
+ },
+ "newRDN": {
+ "type": "string"
+ },
+ "newSup": {
+ "type": "string"
+ },
+ "deleteOldRDN": {
+ "type": "boolean"
+ },
+ "oid": {
+ "type": "string"
+ },
+ "version": {
+ "type": "string"
+ },
+ "opType": {
+ "type": "string"
+ }
+ }
+ },
+ "response": {
+ "properties": {
+ "status": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "statusCode": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "detail": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "elapsedTime": {
+ "type": "integer"
+ },
+ "elapsedTimeUnits": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "nentries": {
+ "type": "string"
+ },
+ "controls": {
+ "type": "string"
+ },
+ "additionalItems": {
+ "type": "string"
+ },
+ "failureReason": {
+ "type": "string"
+ },
+ "maskedResult": {
+ "type": "integer"
+ },
+ "maskedMessage": {
+ "type": "string"
+ },
+ "reason": {
+ "type": "string"
+ }
+ }
+ }
+ }
+ },
+ "http-access": {
+ "_source": {
+ "enabled": true
+ },
+ "properties": {
+ "timestamp": {
+ "type": "date"
+ },
+ "eventName": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "transactionId": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "userId": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "server": {
+ "properties": {
+ "ip": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "port": {
+ "type": "integer"
+ }
+ }
+ },
+ "client": {
+ "properties": {
+ "ip": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "port": {
+ "type": "integer"
+ }
+ }
+ },
+ "request": {
+ "properties": {
+ "protocol": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "operation": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "detail": {
+ "type": "nested"
+ }
+ }
+ },
+ "http": {
+ "properties": {
+ "request": {
+ "properties": {
+ "secure": {
+ "type": "boolean"
+ },
+ "method": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "path": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "queryParameters": {
+ "type": "nested"
+ },
+ "headers": {
+ "type": "nested"
+ },
+ "cookies": {
+ "type": "nested"
+ }
+ }
+ },
+ "response": {
+ "properties": {
+ "headers": {
+ "type": "nested"
+ }
+ }
+ }
+ }
+ },
+ "response": {
+ "properties": {
+ "status": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "statusCode": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "detail": {
+ "type": "string",
+ "index": "not_analyzed"
+ },
+ "elapsedTime": {
+ "type": "integer"
+ },
+ "elapsedTimeUnits": {
+ "type": "string",
+ "index": "not_analyzed"
+ }
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/opendj-server-legacy/resource/config/audit-handlers/jdbc-config.json-example b/opendj-server-legacy/resource/config/audit-handlers/jdbc-config.json-example
new file mode 100644
index 0000000..54ccfdc
--- /dev/null
+++ b/opendj-server-legacy/resource/config/audit-handlers/jdbc-config.json-example
@@ -0,0 +1,119 @@
+//
+// Example configuration for JDBC handler.
+// Edit a copy of the file with your settings.
+// Strip comments before use with grep -v '^[ ]*//' < your-file.json
+//
+{
+ "class": "org.forgerock.audit.handlers.jdbc.JdbcAuditEventHandler",
+ "config": {
+ // buffering is optional; once enabled any other fields are optional
+ "buffering": {
+ "enabled": false,
+ "autoFlush": true,
+ "maxSize": 5000,
+ "interval": "disabled",
+ "writerThreads": 1,
+ "maxBatchedEvents": 100
+ },
+ "connectionPool": {
+ // Make sure the class is in your classpath
+ "dataSourceClassName": "com.mysql.jdbc.jdbc2.optional.MysqlDataSource",
+ // jdbcURL depends on the JDBC driver
+ "jdbcUrl": "jdbc:mysql://localhost:3306/audit?allowMultiQueries=true&characterEncoding=utf8",
+ "password": "auditAdminPassword",
+ "username": "auditAdmin",
+ // Following connectionPool fields are optional
+ "autoCommit": true,
+ "connectionTimeOut": 30000,
+ "idleTimeout": 600000,
+ "maxLifeTime": 1800000,
+ "minIdle": 10,
+ "maxPoolSize": 10,
+ "poolName": "audit",
+ "driverClassName": null
+ },
+ "databaseType": "mysql",
+ "enabled": false,
+ "name": "jdbc",
+ "tableMappings": [
+ {
+ "event": "ldap-access",
+ "fieldToColumn": {
+ "_id": "id",
+ "eventName": "eventname",
+ "runAs": "runAs",
+ "timestamp": "timestamp_",
+ "transactionId": "transactionid",
+ "userId": "userid",
+ "client/host": "client_host",
+ "client/ip": "client_ip",
+ "client/port": "client_port",
+ "server/ip": "server_ip",
+ "server/port": "server_port",
+ "request/attr": "request_attr",
+ "request/attrs": "request_attrs",
+ "request/authType": "request_authType",
+ "request/connId": "request_connId",
+ "request/controls": "request_controls",
+ "request/deleteOldRDN": "request_deleteOldRDN",
+ "request/dn": "request_dn",
+ "request/filter": "request_filter",
+ "request/idToAbandon": "request_idToAbandon",
+ "request/message": "request_message",
+ "request/msgId": "request_msgId",
+ "request/name": "request_name",
+ "request/newRDN": "request_newRDN",
+ "request/newSup": "request_newSup",
+ "request/oid": "request_oid",
+ "request/opType": "request_opType",
+ "request/operation": "request_operation",
+ "request/protocol": "request_protocol",
+ "request/scope": "request_scope",
+ "request/version": "request_version",
+ "response/additionalItems": "response_additionalItems",
+ "response/controls": "response_controls",
+ "response/failureReason": "response_failureReason",
+ "response/maskedMessage": "response_maskedMessage",
+ "response/maskedResult": "response_maskedResult",
+ "response/nentries": "response_nentries",
+ "response/reason": "response_reason"
+ },
+ "table": "ldapaccess"
+ },
+ {
+ "event": "http-access",
+ "fieldToColumn": {
+ "_id": "id",
+ "eventName": "eventname",
+ "timestamp": "timestamp_",
+ "transactionId": "transactionid",
+ "userId": "userid",
+ "client/host": "client_host",
+ "client/ip": "client_ip",
+ "client/port": "client_port",
+ "server/ip": "server_ip",
+ "server/port": "server_port",
+ "http/request/cookies": "request_cookies",
+ "http/request/headers": "request_headers",
+ "http/request/method": "request_method",
+ "http/request/path": "request_path",
+ "http/request/queryParameters": "request_queryparameters",
+ "http/request/secure": "request_secure",
+ "http/response/headers": "response_headers",
+ "request/operation": "request_operation",
+ "request/protocol": "request_protocol",
+ "response/elapsedTime": "response_elapsedtime",
+ "response/elapsedTimeUnits": "response_elapsedtimeunits",
+ "response/status": "response_status",
+ "response/statusCode": "response_statuscode"
+ },
+ "table": "httpaccess"
+ }
+ ],
+ "topics": [
+ "ldap-access",
+ "http-access"
+ ]
+ }
+}
+
diff --git a/opendj-server-legacy/resource/config/audit-handlers/jms-config.json-example b/opendj-server-legacy/resource/config/audit-handlers/jms-config.json-example
new file mode 100644
index 0000000..81d11a2
--- /dev/null
+++ b/opendj-server-legacy/resource/config/audit-handlers/jms-config.json-example
@@ -0,0 +1,41 @@
+//
+// Example configuration for splunk handler.
+// Edit a copy of the file with your settings.
+// Strip comments before use with grep -v '^[ ]*//' < your-file.json
+//
+{
+ "class": "org.forgerock.audit.handlers.jms.JmsAuditEventHandler",
+ "config": {
+ "batch": {
+ "batchEnabled": false,
+ "capacity": 1,
+ "maxBatchedEvents": 1,
+ "threadCount": 1,
+ "insertTimeoutSec": 60,
+ "pollTimeoutSec": 10,
+ "shutdownTimeoutSec": 60
+ },
+ // Permitted values: NON_PERSISTENT, PERSISTENT
+ "deliveryMode": "NON_PERSISTENT",
+ "enabled": false,
+ // Optional
+ "topicName": "audit",
+ "jndi": {
+ // Optional
+ "connectionFactoryName": "connectionFactory",
+ "contextProperties": {
+ "java.naming.factory.initial": "org.apache.activemq.jndi.ActiveMQInitialContextFactory",
+ "java.naming.provider.url": "tcp://localhost:61616",
+ "topic.audit": "audit"
+ }
+ },
+ "name": "jms",
+ // Permitted values: AUTO, CLIENT, DUPS_OK
+ "sessionMode": "AUTO",
+ "topics": [
+ "ldap-access",
+ "http-access"
+ ]
+ }
+}
+
diff --git a/opendj-server-legacy/resource/config/audit-handlers/mysql_tables-example.sql b/opendj-server-legacy/resource/config/audit-handlers/mysql_tables-example.sql
new file mode 100644
index 0000000..116a0d6
--- /dev/null
+++ b/opendj-server-legacy/resource/config/audit-handlers/mysql_tables-example.sql
@@ -0,0 +1,99 @@
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+CREATE SCHEMA IF NOT EXISTS `audit` DEFAULT CHARACTER SET utf8 COLLATE utf8_bin ;
+USE `audit` ;
+-- -----------------------------------------------------
+-- Table `audit`.`ldapaccess`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `audit`.`ldapaccess` (
+ `id` VARCHAR(56) NOT NULL ,
+ `timestamp_` VARCHAR(29) NULL COMMENT 'Date format: 2011-09-09T14:58:17.654+02:00' ,
+ `transactionid` VARCHAR(255) NULL ,
+ `eventname` VARCHAR(255) ,
+ `userid` VARCHAR(255) NULL ,
+ `server_ip` VARCHAR(40) ,
+ `server_port` VARCHAR(5) ,
+ `client_host` VARCHAR(255) ,
+ `client_ip` VARCHAR(40) ,
+ `client_port` VARCHAR(5) ,
+ `request_protocol` VARCHAR(255) ,
+ `request_operation` VARCHAR(255) ,
+ `request_attr` VARCHAR(255) NULL,
+ `request_attrs` VARCHAR(255) NULL ,
+ `request_authType` VARCHAR(255) NULL ,
+ `request_connId` INTEGER ,
+ `request_msgId` INTEGER ,
+ `request_controls` VARCHAR(255) NULL ,
+ `request_deleteOldRDN` BOOLEAN NULL ,
+ `request_dn` VARCHAR(255) NULL ,
+ `request_filter` VARCHAR(255) NULL ,
+ `request_idToAbandon` VARCHAR(255) NULL ,
+ `request_message` VARCHAR(255) NULL ,
+ `request_name` VARCHAR(255) NULL ,
+ `request_newRDN` VARCHAR(255) NULL ,
+ `request_newSup` VARCHAR(255) NULL ,
+ `request_oid` VARCHAR(255) NULL ,
+ `request_opType` VARCHAR(255) NULL ,
+ `request_operation` VARCHAR(255) NULL ,
+ `request_protocol` VARCHAR(255) NULL ,
+ `request_scope` VARCHAR(255) NULL ,
+ `request_version` VARCHAR(255) NULL ,
+ `response_additionalItems` VARCHAR(255) NULL ,
+ `response_controls` VARCHAR(255) NULL ,
+ `response_failureReason` VARCHAR(255) NULL ,
+ `response_maskedMessage` VARCHAR(255) NULL ,
+ `response_maskedResult` VARCHAR(255) NULL ,
+ `response_nentries` INTEGER NULL ,
+ `response_reason` VARCHAR(255) NULL ,
+ `response_status` VARCHAR(10) NULL ,
+ `response_statuscode` VARCHAR(255) NULL ,
+ `response_elapsedtime` VARCHAR(255) NULL ,
+ `response_elapsedtimeunits` VARCHAR(255) NULL ,
+ PRIMARY KEY (`id`),
+ INDEX `idx_ldapaccess_dn` (`request_dn` ASC),
+ INDEX `idx_ldapaccess_userid` (`userid` ASC) )
+ENGINE = InnoDB;
+
+-- -----------------------------------------------------
+-- Table `audit`.`httpaccess`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `audit`.`httpaccess` (
+ `id` VARCHAR(56) NOT NULL ,
+ `timestamp_` VARCHAR(29) NULL COMMENT 'Date format: 2011-09-09T14:58:17.654+02:00' ,
+ `transactionid` VARCHAR(255) NULL ,
+ `eventname` VARCHAR(255) ,
+ `userid` VARCHAR(255) NULL ,
+ `server_ip` VARCHAR(40) ,
+ `server_port` VARCHAR(5) ,
+ `client_host` VARCHAR(255) ,
+ `client_ip` VARCHAR(40) ,
+ `client_port` VARCHAR(5) ,
+ `request_protocol` VARCHAR(255) NULL ,
+ `request_operation` VARCHAR(255) NULL ,
+ `request_secure` BOOLEAN NULL ,
+ `request_method` VARCHAR(7) NULL ,
+ `request_path` VARCHAR(255) NULL ,
+ `request_queryparameters` MEDIUMTEXT NULL ,
+ `request_headers` MEDIUMTEXT NULL ,
+ `request_cookies` MEDIUMTEXT NULL ,
+ `response_headers` MEDIUMTEXT NULL ,
+ `response_status` VARCHAR(10) NULL ,
+ `response_statuscode` VARCHAR(255) NULL ,
+ `response_elapsedtime` VARCHAR(255) NULL ,
+ `response_elapsedtimeunits` VARCHAR(255) NULL ,
+ PRIMARY KEY (`id`),
+ INDEX `idx_httpaccess_userid` (`userid` ASC) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -------------------------------------------
+-- audit database user
+-- ------------------------------------------
+GRANT ALL PRIVILEGES on audit.* TO audit IDENTIFIED BY 'audit';
+GRANT ALL PRIVILEGES on audit.* TO audit@'%' IDENTIFIED BY 'audit';
+GRANT ALL PRIVILEGES on audit.* TO audit@localhost IDENTIFIED BY 'audit';
diff --git a/opendj-server-legacy/resource/config/audit-handlers/oracle_tables-example.sql b/opendj-server-legacy/resource/config/audit-handlers/oracle_tables-example.sql
new file mode 100644
index 0000000..bcb70e5
--- /dev/null
+++ b/opendj-server-legacy/resource/config/audit-handlers/oracle_tables-example.sql
@@ -0,0 +1,107 @@
+-- -----------------------------------------------------
+-- Table auditaccess
+-- -----------------------------------------------------
+PROMPT Creating Table httpaccess ...
+CREATE TABLE httpaccess (
+ id VARCHAR2(56 CHAR) NOT NULL,
+ timestamp_ VARCHAR2(29 CHAR) NOT NULL,
+ transactionid VARCHAR2(255 CHAR) NOT NULL,
+ eventname VARCHAR2(255 CHAR),
+ userid VARCHAR2(255 CHAR),
+ server_ip VARCHAR2(40 CHAR),
+ server_port VARCHAR2(5 CHAR),
+ client_host VARCHAR2(255 CHAR),
+ client_ip VARCHAR2(40 CHAR),
+ client_port VARCHAR2(5 CHAR),
+ request_protocol VARCHAR2(255 CHAR) NULL ,
+ request_operation VARCHAR2(255 CHAR) NULL ,
+ request_secure VARCHAR2(255 CHAR) NULL ,
+ request_method VARCHAR2(7 CHAR) NULL ,
+ request_path VARCHAR2(255 CHAR) NULL ,
+ request_queryparameters CLOB(2M) NULL ,
+ request_headers CLOB NULL ,
+ request_cookies CLOB NULL ,
+ response_headers CLOB NULL ,
+ response_status VARCHAR2(10 CHAR) NULL ,
+ response_statuscode VARCHAR2(255 CHAR) NULL ,
+ response_elapsedtime VARCHAR2(255 CHAR) NULL ,
+ response_elapsedtimeunits VARCHAR2(255 CHAR) NULL
+);
+
+
+COMMENT ON COLUMN httpaccess.timestamp IS 'Date format: 2011-09-09T14:58:17.654+02:00'
+;
+
+PROMPT Creating Primary Key Constraint PRIMARY_ACCESS on table httpaccess ...
+ALTER TABLE httpaccess
+ADD CONSTRAINT PRIMARY_ACCESS PRIMARY KEY
+(
+ id
+)
+ENABLE
+;
+
+-- -----------------------------------------------------
+-- Table auditauthentication
+-- -----------------------------------------------------
+PROMPT Creating TABLE ldapaccess ...
+CREATE TABLE ldapaccess (
+ id VARCHAR2(56 CHAR) NOT NULL,
+ timestamp_ VARCHAR2(29 CHAR) NOT NULL,
+ transactionid VARCHAR2(255 CHAR) NOT NULL,
+ eventname VARCHAR2(255 CHAR),
+ userid VARCHAR2(255 CHAR),
+ server_ip VARCHAR2(40 CHAR),
+ server_port VARCHAR2(5 CHAR),
+ client_host VARCHAR2(255 CHAR),
+ client_ip VARCHAR2(40 CHAR),
+ client_port VARCHAR2(5 CHAR),
+ request_protocol VARCHAR(255) ,
+ request_operation VARCHAR(255) ,
+ request_attr VARCHAR(255) NULL,
+ request_attrs VARCHAR(255) NULL ,
+ request_authType VARCHAR(255) NULL ,
+ request_connId INTEGER ,
+ request_msgId INTEGER ,
+ request_controls VARCHAR(255) NULL ,
+ request_deleteOldRDN BOOLEAN NULL ,
+ request_dn VARCHAR(255) NULL ,
+ request_filter VARCHAR(255) NULL ,
+ request_idToAbandon VARCHAR(255) NULL ,
+ request_message VARCHAR(255) NULL ,
+ request_name VARCHAR(255) NULL ,
+ request_newRDN VARCHAR(255) NULL ,
+ request_newSup VARCHAR(255) NULL ,
+ request_oid VARCHAR(255) NULL ,
+ request_opType VARCHAR(255) NULL ,
+ request_operation VARCHAR(255) NULL ,
+ request_protocol VARCHAR(255) NULL ,
+ request_scope VARCHAR(255) NULL ,
+ request_version VARCHAR(255) NULL ,
+ response_additionalItems VARCHAR(255) NULL ,
+ response_controls VARCHAR(255) NULL ,
+ response_failureReason VARCHAR(255) NULL ,
+ response_maskedMessage VARCHAR(255) NULL ,
+ response_maskedResult VARCHAR(255) NULL ,
+ response_nentries INTEGER NULL ,
+ response_reason VARCHAR(255) NULL ,
+ response_status VARCHAR(10) NULL ,
+ response_statuscode VARCHAR(255) NULL ,
+ response_elapsedtime VARCHAR(255) NULL ,
+ response_elapsedtimeunits VARCHAR(255) NULL ,
+);
+
+COMMENT ON COLUMN ldapaccess.timestamp IS 'Date format: 2011-09-09T14:58:17.654+02:00'
+;
+
+PROMPT Creating PRIMARY KEY CONSTRAINT PRIMARY_AUTHENTICATION ON TABLE ldapaccess ...
+ALTER TABLE ldapaccess
+ADD CONSTRAINT PRIMARY_AUTHENTICATION PRIMARY KEY
+(
+ userid,
+ request_dn
+)
+ENABLE
+;
+
+COMMIT;
diff --git a/opendj-server-legacy/resource/config/audit-handlers/splunk-config.json-example b/opendj-server-legacy/resource/config/audit-handlers/splunk-config.json-example
new file mode 100644
index 0000000..52ad0e2
--- /dev/null
+++ b/opendj-server-legacy/resource/config/audit-handlers/splunk-config.json-example
@@ -0,0 +1,28 @@
+//
+// Example configuration for splunk handler.
+// Edit a copy of the file with your settings.
+// Strip comments before use with grep -v '^[ ]*//' < your-file.json
+//
+{
+ "class": "org.forgerock.audit.handlers.splunk.SplunkAuditEventHandler",
+ "config": {
+ "authzToken": "00000000-0000-0000-0000-000000000000",
+ "buffering": {
+ "maxBatchedEvents": 500,
+ "maxSize": 10000,
+ "writeInterval": "100 millis"
+ },
+ "connection": {
+ // Optional
+ "host": "localhost",
+ "port": 8088,
+ "useSSL": false
+ },
+ "enabled": false,
+ "name": "splunk",
+ "topics": [
+ "ldap-access",
+ "http-access"
+ ]
+ }
+}
diff --git a/opendj-server-legacy/resource/config/audit-handlers/syslog-config.json-example b/opendj-server-legacy/resource/config/audit-handlers/syslog-config.json-example
new file mode 100644
index 0000000..e1ce320
--- /dev/null
+++ b/opendj-server-legacy/resource/config/audit-handlers/syslog-config.json-example
@@ -0,0 +1,29 @@
+//
+// Example configuration for syslog handler.
+// Edit a copy of the file with your settings.
+// Strip comments before use with grep -v '^[ ]*//' < your-file.json
+//
+{
+ "class": "org.forgerock.audit.handlers.syslog.SyslogAuditEventHandler",
+ "config": {
+ // Optional
+ "buffering": {
+ "enabled": false,
+ "maxSize": 5000
+ },
+ "enabled": false,
+ "facility": "LOCAL0",
+ "host": "localhost",
+ "name": "syslog",
+ "port": 514,
+ // Permitted values: UDP, TCP
+ "transportProtocol": "TCP",
+ // Only applies to transportProtocol TCP, in which case it is mandatory
+ "connectionTimeout": "30",
+ "topics": [
+ "ldap-acces",
+ "http-access"
+ ]
+ }
+}
+
diff --git a/opendj-server-legacy/src/main/resources/org/opends/server/loggers/audit-config.json b/opendj-server-legacy/src/main/resources/org/opends/server/loggers/audit-config.json
index 8bc983e..02939dd 100644
--- a/opendj-server-legacy/src/main/resources/org/opends/server/loggers/audit-config.json
+++ b/opendj-server-legacy/src/main/resources/org/opends/server/loggers/audit-config.json
@@ -1,385 +1,385 @@
{
- "additionalTopics" : {
- "http-access": {
- "schema": {
- "$schema": "http://json-schema.org/draft-04/schema#",
- "id": "/",
- "type": "object",
- "properties": {
- "_id": {
- "description": "org.forgerock.audit.events.access.id",
+ "additionalTopics": {
+ "http-access": {
+ "schema": {
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "id": "/",
+ "type": "object",
+ "properties": {
+ "_id": {
+ "description": "org.forgerock.audit.events.access.id",
+ "type": "string"
+ },
+ "timestamp": {
+ "description": "org.forgerock.audit.events.access.timestamp",
+ "type": "string"
+ },
+ "eventName": {
+ "description": "org.forgerock.audit.events.access.eventName",
+ "type": "string"
+ },
+ "transactionId": {
+ "description": "org.forgerock.audit.events.access.transactionId",
+ "type": "string"
+ },
+ "userId": {
+ "description": "org.forgerock.audit.events.access.userId",
+ "type": "string"
+ },
+ "trackingIds": {
+ "description": "org.forgerock.audit.events.access.trackingIds",
+ "type": "array",
+ "items": {
+ "id": "0",
"type": "string"
- },
- "timestamp": {
- "description": "org.forgerock.audit.events.access.timestamp",
- "type": "string"
- },
- "eventName": {
- "description": "org.forgerock.audit.events.access.eventName",
- "type": "string"
- },
- "transactionId": {
- "description": "org.forgerock.audit.events.access.transactionId",
- "type": "string"
- },
- "userId": {
- "description": "org.forgerock.audit.events.access.userId",
- "type": "string"
- },
- "trackingIds": {
- "description": "org.forgerock.audit.events.access.trackingIds",
- "type": "array",
- "items": {
- "id": "0",
+ }
+ },
+ "server": {
+ "type": "object",
+ "properties": {
+ "ip": {
+ "description": "org.forgerock.audit.events.access.server.ip",
+ "type": "string"
+ },
+ "port": {
+ "description": "org.forgerock.audit.events.access.server.port",
"type": "string"
}
- },
- "server": {
- "type": "object",
- "properties": {
- "ip": {
- "description": "org.forgerock.audit.events.access.server.ip",
- "type": "string"
- },
- "port": {
- "description": "org.forgerock.audit.events.access.server.port",
- "type": "string"
- }
+ }
+ },
+ "client": {
+ "type": "object",
+ "properties": {
+ "host": {
+ "description": "org.forgerock.audit.events.access.client.host",
+ "type": "string"
+ },
+ "ip": {
+ "description": "org.forgerock.audit.events.access.client.ip",
+ "type": "string"
+ },
+ "port": {
+ "description": "org.forgerock.audit.events.access.client.port",
+ "type": "string"
}
- },
- "client": {
- "type": "object",
- "properties": {
- "host": {
- "description": "org.forgerock.audit.events.access.client.host",
- "type": "string"
- },
- "ip": {
- "description": "org.forgerock.audit.events.access.client.ip",
- "type": "string"
- },
- "port": {
- "description": "org.forgerock.audit.events.access.client.port",
- "type": "string"
- }
+ }
+ },
+ "request": {
+ "type": "object",
+ "properties": {
+ "protocol": {
+ "description": "org.forgerock.audit.events.access.request.protocol",
+ "type": "string"
+ },
+ "operation": {
+ "description": "org.forgerock.audit.events.access.request.operation",
+ "type": "string"
+ },
+ "detail": {
+ "description": "org.forgerock.audit.events.access.request.detail",
+ "type": "object"
}
- },
- "request": {
- "type": "object",
- "properties": {
- "protocol": {
- "description": "org.forgerock.audit.events.access.request.protocol",
- "type": "string"
- },
- "operation": {
- "description": "org.forgerock.audit.events.access.request.operation",
- "type": "string"
- },
- "detail": {
- "description": "org.forgerock.audit.events.access.request.detail",
- "type": "object"
- }
- }
- },
- "http": {
- "type": "object",
- "properties": {
- "request": {
- "description": "org.forgerock.audit.events.access.http.request",
- "type": "object",
- "properties": {
- "secure": {
- "description": "org.forgerock.audit.events.access.http.secure",
- "type": "boolean"
- },
- "method": {
- "description": "org.forgerock.audit.events.access.http.method",
- "type": "string"
- },
- "path": {
- "description": "org.forgerock.audit.events.access.http.path",
- "type": "string"
- },
- "queryParameters": {
- "description": "org.forgerock.audit.events.access.http.queryParameters",
- "type": "object",
- "additionalProperties": {
- "type": "array",
- "items": {
- "type": "string"
- }
+ }
+ },
+ "http": {
+ "type": "object",
+ "properties": {
+ "request": {
+ "description": "org.forgerock.audit.events.access.http.request",
+ "type": "object",
+ "properties": {
+ "secure": {
+ "description": "org.forgerock.audit.events.access.http.secure",
+ "type": "boolean"
+ },
+ "method": {
+ "description": "org.forgerock.audit.events.access.http.method",
+ "type": "string"
+ },
+ "path": {
+ "description": "org.forgerock.audit.events.access.http.path",
+ "type": "string"
+ },
+ "queryParameters": {
+ "description": "org.forgerock.audit.events.access.http.queryParameters",
+ "type": "object",
+ "additionalProperties": {
+ "type": "array",
+ "items": {
+ "type": "string"
}
- },
- "headers": {
- "description": "org.forgerock.audit.events.access.http.headers",
- "type": "object",
- "additionalProperties": {
- "type": "array",
- "items": {
- "type": "string"
- }
+ }
+ },
+ "headers": {
+ "description": "org.forgerock.audit.events.access.http.headers",
+ "type": "object",
+ "additionalProperties": {
+ "type": "array",
+ "items": {
+ "type": "string"
}
- },
- "cookies": {
- "description": "org.forgerock.audit.events.access.http.cookies",
- "type": "object",
- "additionalProperties": {
+ }
+ },
+ "cookies": {
+ "description": "org.forgerock.audit.events.access.http.cookies",
+ "type": "object",
+ "additionalProperties": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "response": {
+ "description": "org.forgerock.audit.events.access.http.response",
+ "type": "object",
+ "properties": {
+ "headers": {
+ "description": "org.forgerock.audit.events.access.http.request.headers",
+ "type": "object",
+ "additionalProperties": {
+ "type": "array",
+ "items": {
"type": "string"
}
}
}
- },
- "response": {
- "description": "org.forgerock.audit.events.access.http.response",
- "type": "object",
- "properties": {
- "headers": {
- "description": "org.forgerock.audit.events.access.http.request.headers",
- "type": "object",
- "additionalProperties": {
- "type": "array",
- "items": {
- "type": "string"
- }
- }
- }
- }
}
}
- },
- "response": {
- "type": "object",
- "properties": {
- "status": {
- "description": "org.forgerock.audit.events.access.response.status",
- "type": "string"
- },
- "statusCode": {
- "description": "org.forgerock.audit.events.access.response.statusCode",
- "type": "string"
- },
- "detail": {
- "description": "org.forgerock.audit.events.access.response.detail",
- "type": "string"
- },
- "elapsedTime": {
- "description": "org.forgerock.audit.events.access.response.elapsedTime",
- "type": "integer"
- },
- "elapsedTimeUnits": {
- "description": "org.forgerock.audit.events.access.response.elapsedTimeUnits",
- "type": "string"
- }
+ }
+ },
+ "response": {
+ "type": "object",
+ "properties": {
+ "status": {
+ "description": "org.forgerock.audit.events.access.response.status",
+ "type": "string"
+ },
+ "statusCode": {
+ "description": "org.forgerock.audit.events.access.response.statusCode",
+ "type": "string"
+ },
+ "detail": {
+ "description": "org.forgerock.audit.events.access.response.detail",
+ "type": "string"
+ },
+ "elapsedTime": {
+ "description": "org.forgerock.audit.events.access.response.elapsedTime",
+ "type": "integer"
+ },
+ "elapsedTimeUnits": {
+ "description": "org.forgerock.audit.events.access.response.elapsedTimeUnits",
+ "type": "string"
}
}
}
}
- },
- "ldap-access": {
- "schema": {
- "$schema": "http://json-schema.org/draft-04/schema#",
- "id": "/",
- "type": "object",
- "properties": {
- "_id": {
- "description": "org.forgerock.audit.events.access.id",
- "type": "string"
- },
- "timestamp": {
- "description": "org.forgerock.audit.events.access.timestamp",
- "type": "string"
- },
- "eventName": {
- "description": "org.forgerock.audit.events.access.eventName",
- "type": "string"
- },
- "transactionId": {
- "description": "org.forgerock.audit.events.access.transactionId",
- "type": "string"
- },
- "userId": {
- "description": "org.forgerock.audit.events.access.userId",
- "type": "string"
- },
- "runAs": {
- "description": "org.forgerock.audit.events.activity.runAs",
- "type": "string"
- },
- "server": {
- "type": "object",
- "properties": {
- "ip": {
- "description": "org.forgerock.audit.events.access.server.ip",
- "type": "string"
- },
- "port": {
- "description": "org.forgerock.audit.events.access.server.port",
- "type": "string"
- }
+ }
+ },
+ "ldap-access": {
+ "schema": {
+ "$schema": "http://json-schema.org/draft-04/schema#",
+ "id": "/",
+ "type": "object",
+ "properties": {
+ "_id": {
+ "description": "org.forgerock.audit.events.access.id",
+ "type": "string"
+ },
+ "timestamp": {
+ "description": "org.forgerock.audit.events.access.timestamp",
+ "type": "string"
+ },
+ "eventName": {
+ "description": "org.forgerock.audit.events.access.eventName",
+ "type": "string"
+ },
+ "transactionId": {
+ "description": "org.forgerock.audit.events.access.transactionId",
+ "type": "string"
+ },
+ "userId": {
+ "description": "org.forgerock.audit.events.access.userId",
+ "type": "string"
+ },
+ "runAs": {
+ "description": "org.forgerock.audit.events.activity.runAs",
+ "type": "string"
+ },
+ "server": {
+ "type": "object",
+ "properties": {
+ "ip": {
+ "description": "org.forgerock.audit.events.access.server.ip",
+ "type": "string"
+ },
+ "port": {
+ "description": "org.forgerock.audit.events.access.server.port",
+ "type": "string"
}
- },
- "client": {
- "type": "object",
- "properties": {
- "host": {
- "description": "org.forgerock.audit.events.access.client.host",
- "type": "string"
- },
- "ip": {
- "description": "org.forgerock.audit.events.access.client.ip",
- "type": "string"
- },
- "port": {
- "description": "org.forgerock.audit.events.access.client.port",
- "type": "string"
- }
+ }
+ },
+ "client": {
+ "type": "object",
+ "properties": {
+ "host": {
+ "description": "org.forgerock.audit.events.access.client.host",
+ "type": "string"
+ },
+ "ip": {
+ "description": "org.forgerock.audit.events.access.client.ip",
+ "type": "string"
+ },
+ "port": {
+ "description": "org.forgerock.audit.events.access.client.port",
+ "type": "string"
}
- },
- "request": {
- "type": "object",
- "properties": {
- "protocol": {
- "description": "org.forgerock.audit.events.access.request.protocol",
- "type": "string"
- },
- "operation": {
- "description": "org.forgerock.audit.events.access.request.operation",
- "type": "string"
- },
- "connId": {
- "id": "connId",
- "type": "string"
- },
- "msgId": {
- "id": "msgId",
- "type": "string"
- },
- "dn": {
- "id": "dn",
- "type": "string"
- },
- "scope": {
- "id": "scope",
- "type": "string"
- },
- "filter": {
- "id": "filter",
- "type": "string"
- },
- "attrs": {
- "id": "attrs",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "authType": {
- "id": "authType",
- "type": "string"
- },
- "controls": {
- "id": "controls",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "attr" : {
- "id" : "attr",
- "type" : "string"
- },
- "idToAbandon" : {
- "id" : "idToAbandon",
- "type" : "integer"
- },
- "message" : {
- "id" : "message",
- "type" : "string"
- },
- "name" : {
- "id" : "name",
- "type" : "string"
- },
- "newRDN" : {
- "id" : "newRDN",
- "type" : "string"
- },
- "newSup" : {
- "id" : "newSup",
- "type" : "string"
- },
- "deleteOldRDN" : {
- "id" : "deleteOldRDN",
- "type" : "boolean"
- },
- "oid" : {
- "id" : "oid",
- "type" : "string"
- },
- "version" : {
- "id" : "version",
- "type" : "string"
- },
- "opType": {
- "id": "opType",
+ }
+ },
+ "request": {
+ "type": "object",
+ "properties": {
+ "protocol": {
+ "description": "org.forgerock.audit.events.access.request.protocol",
+ "type": "string"
+ },
+ "operation": {
+ "description": "org.forgerock.audit.events.access.request.operation",
+ "type": "string"
+ },
+ "connId": {
+ "id": "connId",
+ "type": "string"
+ },
+ "msgId": {
+ "id": "msgId",
+ "type": "string"
+ },
+ "dn": {
+ "id": "dn",
+ "type": "string"
+ },
+ "scope": {
+ "id": "scope",
+ "type": "string"
+ },
+ "filter": {
+ "id": "filter",
+ "type": "string"
+ },
+ "attrs": {
+ "id": "attrs",
+ "type": "array",
+ "items": {
"type": "string"
}
+ },
+ "authType": {
+ "id": "authType",
+ "type": "string"
+ },
+ "controls": {
+ "id": "controls",
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "attr": {
+ "id": "attr",
+ "type": "string"
+ },
+ "idToAbandon": {
+ "id": "idToAbandon",
+ "type": "integer"
+ },
+ "message": {
+ "id": "message",
+ "type": "string"
+ },
+ "name": {
+ "id": "name",
+ "type": "string"
+ },
+ "newRDN": {
+ "id": "newRDN",
+ "type": "string"
+ },
+ "newSup": {
+ "id": "newSup",
+ "type": "string"
+ },
+ "deleteOldRDN": {
+ "id": "deleteOldRDN",
+ "type": "boolean"
+ },
+ "oid": {
+ "id": "oid",
+ "type": "string"
+ },
+ "version": {
+ "id": "version",
+ "type": "string"
+ },
+ "opType": {
+ "id": "opType",
+ "type": "string"
}
- },
- "response": {
- "type": "object",
- "properties": {
- "status": {
- "description": "org.forgerock.audit.events.access.response.status",
+ }
+ },
+ "response": {
+ "type": "object",
+ "properties": {
+ "status": {
+ "description": "org.forgerock.audit.events.access.response.status",
+ "type": "string"
+ },
+ "statusCode": {
+ "description": "org.forgerock.audit.events.access.response.statusCode",
+ "type": "string"
+ },
+ "detail": {
+ "description": "org.forgerock.audit.events.access.response.detail",
+ "type": "string"
+ },
+ "elapsedTime": {
+ "description": "org.forgerock.audit.events.access.response.elapsedTime",
+ "type": "integer"
+ },
+ "elapsedTimeUnits": {
+ "description": "org.forgerock.audit.events.access.response.elapsedTimeUnits",
+ "type": "string"
+ },
+ "nentries": {
+ "id": "nentries",
+ "type": "string"
+ },
+ "controls": {
+ "id": "controls",
+ "type": "array",
+ "items": {
"type": "string"
- },
- "statusCode": {
- "description": "org.forgerock.audit.events.access.response.statusCode",
- "type": "string"
- },
- "detail": {
- "description": "org.forgerock.audit.events.access.response.detail",
- "type": "string"
- },
- "elapsedTime": {
- "description": "org.forgerock.audit.events.access.response.elapsedTime",
- "type": "integer"
- },
- "elapsedTimeUnits": {
- "description": "org.forgerock.audit.events.access.response.elapsedTimeUnits",
- "type": "string"
- },
- "nentries": {
- "id": "nentries",
- "type": "string"
- },
- "controls": {
- "id": "controls",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "additionalItems" : {
- "id" : "additionalItems",
- "type" : "string"
- },
- "failureReason" : {
- "id" : "failureReason",
- "type" : "string"
- },
- "maskedResult" : {
- "id" : "maskedResult",
- "type" : "integer"
- },
- "maskedMessage" : {
- "id" : "maskedMessage",
- "type" : "string"
- },
- "reason" : {
- "id" : "reason",
- "type" : "string"
}
+ },
+ "additionalItems": {
+ "id": "additionalItems",
+ "type": "string"
+ },
+ "failureReason": {
+ "id": "failureReason",
+ "type": "string"
+ },
+ "maskedResult": {
+ "id": "maskedResult",
+ "type": "integer"
+ },
+ "maskedMessage": {
+ "id": "maskedMessage",
+ "type": "string"
+ },
+ "reason": {
+ "id": "reason",
+ "type": "string"
+ }
}
}
}
--
Gitblit v1.10.0