public List<AuditEventRecord> getRecordsOfType(AuditEventType type) { List<AuditEventRecord> retval = new ArrayList<>(); for (AuditEventRecord record : records) { if (record.getEventType() == type) { retval.add(record); } } return retval; }
protected List<AuditEventRecord> filter(List<AuditEventRecord> records, AuditEventType type, AuditEventStage stage) { return records.stream() .filter(r -> r.getEventType() == type && r.getEventStage() == stage) .collect(Collectors.toList()); }
private void assertSingleBatch() { assert records.size() > 1 : "Expected at least two audit records but got "+records.size(); Iterator<AuditEventRecord> iterator = records.iterator(); AuditEventRecord requestRecord = iterator.next(); if (requestRecord.getEventType() == AuditEventType.CREATE_SESSION) { requestRecord = iterator.next(); } assert requestRecord.getEventStage() == AuditEventStage.REQUEST : "Expected first record to be request, it was "+requestRecord.getEventStage()+" instead: "+requestRecord; while (iterator.hasNext()) { AuditEventRecord executionRecord = iterator.next(); if (executionRecord.getEventType() == AuditEventType.TERMINATE_SESSION) { break; } assert executionRecord.getEventStage() == AuditEventStage.EXECUTION : "Expected following record to be execution, it was "+executionRecord.getEventStage()+" instead: "+executionRecord; } }
public void assertFailedLogin(String expectedChannel) { AuditEventRecord firstRecord = records.get(0); assertEquals("Wrong type of first audit record: "+firstRecord.getEventType(), AuditEventType.CREATE_SESSION, firstRecord.getEventType()); assertEquals("Wrong outcome of first audit record: "+firstRecord.getOutcome(), OperationResultStatus.FATAL_ERROR, firstRecord.getOutcome()); if (expectedChannel != null) { assertEquals("Wrong channel in first audit record", expectedChannel, firstRecord.getChannel()); } }
public void assertFailedProxyLogin(String expectedChannel) { AuditEventRecord firstRecord = records.get(0); assertEquals("Wrong type of first audit record (service authN): "+firstRecord.getEventType(), AuditEventType.CREATE_SESSION, firstRecord.getEventType()); assertEquals("Wrong outcome of first audit record (service authN): "+firstRecord.getOutcome(), OperationResultStatus.SUCCESS, firstRecord.getOutcome()); if (expectedChannel != null) { assertEquals("Wrong channel in first audit record", expectedChannel, firstRecord.getChannel()); } AuditEventRecord secondRecord = records.get(1); assertEquals("Wrong type of second audit record (proxy authN): "+secondRecord.getEventType(), AuditEventType.CREATE_SESSION, secondRecord.getEventType()); assertEquals("Wrong outcome of second audit record (proxy authN): "+secondRecord.getOutcome(), OperationResultStatus.FATAL_ERROR, secondRecord.getOutcome()); if (expectedChannel != null) { assertEquals("Wrong channel in second audit record (proxy authN)", expectedChannel, secondRecord.getChannel()); } }
/** * Checks that the first record is login and the last is logout. */ public void assertLoginLogout(String expectedChannel) { AuditEventRecord firstRecord = records.get(0); assertEquals("Wrong type of first audit record: "+firstRecord.getEventType(), AuditEventType.CREATE_SESSION, firstRecord.getEventType()); assertEquals("Wrong outcome of first audit record: "+firstRecord.getOutcome(), OperationResultStatus.SUCCESS, firstRecord.getOutcome()); AuditEventRecord lastRecord = records.get(records.size()-1); assertEquals("Wrong type of last audit record: "+lastRecord.getEventType(), AuditEventType.TERMINATE_SESSION, lastRecord.getEventType()); assertEquals("Wrong outcome of last audit record: "+lastRecord.getOutcome(), OperationResultStatus.SUCCESS, lastRecord.getOutcome()); assertEquals("Audit session ID does not match", firstRecord.getSessionIdentifier(), lastRecord.getSessionIdentifier()); assertFalse("Same login and logout event IDs", firstRecord.getEventIdentifier().equals(lastRecord.getEventIdentifier())); if (expectedChannel != null) { assertEquals("Wrong channel in first audit record", expectedChannel, firstRecord.getChannel()); assertEquals("Wrong channel in last audit record", expectedChannel, lastRecord.getChannel()); } }
while (i < (auditRecords.size() - 1)) { AuditEventRecord reconStartRecord = auditRecords.get(i); if (reconStartRecord.getEventType() == AuditEventType.EXECUTE_CHANGES_RAW) { i++; continue; assertEquals("Wrong type in reconStartRecord audit record: "+reconStartRecord, AuditEventType.RECONCILIATION, reconStartRecord.getEventType()); assertTrue("Unexpected delta in reconStartRecord audit record "+reconStartRecord, reconStartRecord.getDeltas() == null || reconStartRecord.getDeltas().isEmpty()); i++; assertNotNull("No request audit record ("+i+")", requestRecord); if (requestRecord.getEventStage() == AuditEventStage.EXECUTION && requestRecord.getEventType() == AuditEventType.RECONCILIATION) { if (nextRecord.getEventStage() == AuditEventStage.EXECUTION && nextRecord.getEventType() == requestRecord.getEventType()) { assertNotNull("No reconStopRecord audit record", reconStopRecord); assertEquals("Wrong stage in reconStopRecord audit record: "+reconStopRecord, AuditEventStage.EXECUTION, reconStopRecord.getEventStage()); assertEquals("Wrong type in reconStopRecord audit record: "+reconStopRecord, AuditEventType.RECONCILIATION, reconStopRecord.getEventType()); assertTrue("Unexpected delta in reconStopRecord audit record "+reconStopRecord, reconStopRecord.getDeltas() == null || reconStopRecord.getDeltas().isEmpty());
while (i < (auditRecords.size() - 1)) { AuditEventRecord reconStartRecord = auditRecords.get(i); if (reconStartRecord.getEventType() == AuditEventType.EXECUTE_CHANGES_RAW) { i++; continue; assertEquals("Wrong type in reconStartRecord audit record: "+reconStartRecord, AuditEventType.RECONCILIATION, reconStartRecord.getEventType()); assertTrue("Unexpected delta in reconStartRecord audit record "+reconStartRecord, reconStartRecord.getDeltas() == null || reconStartRecord.getDeltas().isEmpty()); i++; i++; if (record.getEventStage() == AuditEventStage.EXECUTION && record.getEventType() == AuditEventType.RECONCILIATION) { assertNotNull("No reconStopRecord audit record", reconStopRecord); assertEquals("Wrong stage in reconStopRecord audit record: "+reconStopRecord, AuditEventStage.EXECUTION, reconStopRecord.getEventStage()); assertEquals("Wrong type in reconStopRecord audit record: "+reconStopRecord, AuditEventType.RECONCILIATION, reconStopRecord.getEventType()); assertTrue("Unexpected delta in reconStopRecord audit record "+reconStopRecord, reconStopRecord.getDeltas() == null || reconStopRecord.getDeltas().isEmpty());
repo.setEventType(RAuditEventType.toRepo(record.getEventType())); repo.setSessionIdentifier(record.getSessionIdentifier()); repo.setEventIdentifier(record.getEventIdentifier());
private String toSummary(AuditEventRecord record) { return formatTimestamp(record.getTimestamp()) + " eid=" + record.getEventIdentifier() + ", et=" + record.getEventType() + ", es=" + record.getEventStage() + ", sid=" + record.getSessionIdentifier() + ", tid=" + record.getTaskIdentifier() + ", toid=" + record.getTaskOID() + ", hid=" + record.getHostIdentifier() + ", nid=" + record.getNodeIdentifier() + ", raddr=" + record.getRemoteHostAddress() + ", I=" + formatObject(record.getInitiator()) + ", T=" + formatReference(record.getTarget()) + ", TO=" + formatObject(record.getTargetOwner()) + ", D=" + formatDeltaSummary(record.getDeltas()) + ", ch=" + record.getChannel() + ", o=" + record.getOutcome() + ", p=" + record.getParameter() + ", m=" + record.getMessage(); }