Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jwall.web.audit
Class ModSecurity

java.lang.Object
  extended by org.jwall.web.audit.ModSecurity

public abstract class ModSecurity
extends Object

This class defines the constants which are used in the whole web-audit library. These define the strings that are used within mod_security2.

As all other classes of the web-audit library this class is in no way officially connected to Breach Security.

Author:
Christian Bockermann <chris@jwall.org>

Field Summary
static String __UNDEFINED__
           
static String ARGS
           
static String ARGS_GET
           
static String ARGS_GET_NAMES
           
static String ARGS_NAMES
           
static String ARGS_POST
           
static String ARGS_POST_NAMES
           
static String ARGUMENT_SEPARATOR
          the regular expression that is used to split the uri and query-string
static String AUDIT_LOG_TRAILER
           
static String AUTH_TYPE
           
static String COLLECTION_SIZE_OPERATOR
          This is the prefix-string which denotes a collections element count rather than the collections values
static String[] COLLECTIONS
           
static String DATE
           
static String ENV
           
static String EVENT_ID
           
static String GEO
           
static String HIGHEST_SEVERITY
           
static String LOWEST_SEVERITY
           
static String PATH_INFO
           
static String PROTOCOL
           
static String QUERY_STRING
           
static String REMOTE_ADDR
           
static String REMOTE_HOST
           
static String REMOTE_PORT
           
static String REMOTE_USER
           
static String REQUEST_BASENAME
           
static String REQUEST_BODY
           
static String REQUEST_COOKIES
           
static String REQUEST_COOKIES_NAMES
           
static String REQUEST_FILENAME
           
static String REQUEST_HEADER
           
static String REQUEST_HEADERS
           
static String REQUEST_HEADERS_NAMES
           
static String REQUEST_LINE
           
static String REQUEST_METHOD
           
static String REQUEST_PATH
           
static String REQUEST_PROTOCOL
           
static String REQUEST_URI
           
static String REQUEST_URI_RAW
           
static String RESPONSE_BODY
           
static String RESPONSE_COOKIES
           
static String RESPONSE_COOKIES_NAMES
           
static String RESPONSE_HEADER
           
static String RESPONSE_HEADERS
           
static String RESPONSE_HEADERS_NAMES
           
static String RESPONSE_LINE
           
static String RESPONSE_PROTOCOL
           
static String RESPONSE_STATUS
           
static String RULE_DATA
           
static String RULE_FILE
           
static String RULE_ID
           
static String RULE_LINE
           
static String RULE_MSG
           
static String RULE_SEV
           
static String RULE_TAG
           
static String SCRIPT_BASENAME
           
static String SCRIPT_FILENAME
           
static String SCRIPT_GID
           
static String SCRIPT_GROUPNAME
           
static String SCRIPT_MODE
           
static String SCRIPT_UID
           
static String SCRIPT_USERNAME
           
static int SECTION_AUDIT_LOG_FOOTER
          The index of the audit-log footer.
static int SECTION_AUDIT_LOG_HEADER
          The index of the audit log header.
static int SECTION_AUDIT_TRAILER
          The index of the audit-log trailer.
static int SECTION_FINAL_RESPONSE_HEADER
          The index of the final response-header.
static int SECTION_FORM_DATA
          The index of the form-data string.
static int SECTION_META_INF
           
static String[] SECTION_NAMES
           
static int SECTION_REQUEST_BODY
          The index of the request-body.
static int SECTION_REQUEST_HEADER
          The index of the request-header.
static int SECTION_RESPONSE_BODY
          The index of the response-body.
static int SECTION_RULE_LOG
          This section holds a list of executed rules (since ModSecurity 2.5.x)
static int SECTION_TEST
           
static String SECTIONS
          A string holding all characters that refer to a specific section of an audit-event.
static String SERVER_ADDR
           
static String SERVER_NAME
           
static String SERVER_PORT
           
static String SESSION
           
static String SESSIONID
           
static String[] SEVERITIES
           
static int SEVERITY_NOT_SET
           
static int SEVERITY_UNKNOWN
           
static String TIME
           
static String TIME_DAY
           
static String TIME_HOUR
           
static String TIME_MIN
           
static String TIME_MONTH
           
static String TIME_SEC
           
static String TIME_WDAY
           
static String TIME_YEAR
           
static String TX
           
static String TX_ID
           
static String UNIQUE_ID
          Deprecated. Use TX_ID instead!
static String USERID
           
static String[] VARIABLES
           
static String WEBAPPID
           
 
Constructor Summary
ModSecurity()
           
 
Method Summary
static String getSeverity(int level)
           
static int getSeverity(String txt)
           
static boolean isCaseSensitive(String variable)
           
 boolean isCollection(String var)
          This method can be used to determine whether a given variable references a ModSecurity collection or not.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SECTIONS

public static final String SECTIONS
A string holding all characters that refer to a specific section of an audit-event.

See Also:
Constant Field Values

SECTION_AUDIT_LOG_HEADER

public static final int SECTION_AUDIT_LOG_HEADER
The index of the audit log header.

See Also:
Constant Field Values

SECTION_REQUEST_HEADER

public static final int SECTION_REQUEST_HEADER
The index of the request-header.

See Also:
Constant Field Values

SECTION_REQUEST_BODY

public static final int SECTION_REQUEST_BODY
The index of the request-body.

See Also:
Constant Field Values

SECTION_RESPONSE_BODY

public static final int SECTION_RESPONSE_BODY
The index of the response-body.

See Also:
Constant Field Values

SECTION_FINAL_RESPONSE_HEADER

public static final int SECTION_FINAL_RESPONSE_HEADER
The index of the final response-header.

See Also:
Constant Field Values

SECTION_AUDIT_TRAILER

public static final int SECTION_AUDIT_TRAILER
The index of the audit-log trailer.

See Also:
Constant Field Values

SECTION_FORM_DATA

public static final int SECTION_FORM_DATA
The index of the form-data string.

See Also:
Constant Field Values

SECTION_RULE_LOG

public static final int SECTION_RULE_LOG
This section holds a list of executed rules (since ModSecurity 2.5.x)

See Also:
Constant Field Values

SECTION_TEST

public static final int SECTION_TEST

SECTION_META_INF

public static final int SECTION_META_INF

SECTION_AUDIT_LOG_FOOTER

public static final int SECTION_AUDIT_LOG_FOOTER
The index of the audit-log footer. This is always the last one.

ARGUMENT_SEPARATOR

public static String ARGUMENT_SEPARATOR
the regular expression that is used to split the uri and query-string

COLLECTION_SIZE_OPERATOR

public static final String COLLECTION_SIZE_OPERATOR
This is the prefix-string which denotes a collections element count rather than the collections values

See Also:
Constant Field Values

SECTION_NAMES

public static final String[] SECTION_NAMES

AUDIT_LOG_TRAILER

public static final String AUDIT_LOG_TRAILER
See Also:
Constant Field Values

__UNDEFINED__

public static final String __UNDEFINED__
See Also:
Constant Field Values

ARGS

public static final String ARGS
See Also:
Constant Field Values

ARGS_NAMES

public static final String ARGS_NAMES
See Also:
Constant Field Values

ARGS_GET

public static final String ARGS_GET
See Also:
Constant Field Values

ARGS_GET_NAMES

public static final String ARGS_GET_NAMES
See Also:
Constant Field Values

ARGS_POST

public static final String ARGS_POST
See Also:
Constant Field Values

ARGS_POST_NAMES

public static final String ARGS_POST_NAMES
See Also:
Constant Field Values

REMOTE_HOST

public static final String REMOTE_HOST
See Also:
Constant Field Values

REMOTE_ADDR

public static final String REMOTE_ADDR
See Also:
Constant Field Values

REMOTE_PORT

public static final String REMOTE_PORT
See Also:
Constant Field Values

REMOTE_USER

public static final String REMOTE_USER
See Also:
Constant Field Values

PATH_INFO

public static final String PATH_INFO
See Also:
Constant Field Values

QUERY_STRING

public static final String QUERY_STRING
See Also:
Constant Field Values

AUTH_TYPE

public static final String AUTH_TYPE
See Also:
Constant Field Values

SERVER_NAME

public static final String SERVER_NAME
See Also:
Constant Field Values

SERVER_ADDR

public static final String SERVER_ADDR
See Also:
Constant Field Values

SERVER_PORT

public static final String SERVER_PORT
See Also:
Constant Field Values

TIME

public static final String TIME
See Also:
Constant Field Values

TIME_SEC

public static final String TIME_SEC
See Also:
Constant Field Values

TIME_MIN

public static final String TIME_MIN
See Also:
Constant Field Values

TIME_HOUR

public static final String TIME_HOUR
See Also:
Constant Field Values

TIME_DAY

public static final String TIME_DAY
See Also:
Constant Field Values

TIME_WDAY

public static final String TIME_WDAY
See Also:
Constant Field Values

TIME_MONTH

public static final String TIME_MONTH
See Also:
Constant Field Values

TIME_YEAR

public static final String TIME_YEAR
See Also:
Constant Field Values

UNIQUE_ID

public static final String UNIQUE_ID
Deprecated. Use TX_ID instead!
See Also:
Constant Field Values

REQUEST_URI

public static final String REQUEST_URI
See Also:
Constant Field Values

REQUEST_URI_RAW

public static final String REQUEST_URI_RAW
See Also:
Constant Field Values

REQUEST_PATH

public static final String REQUEST_PATH
See Also:
Constant Field Values

REQUEST_LINE

public static final String REQUEST_LINE
See Also:
Constant Field Values

REQUEST_METHOD

public static final String REQUEST_METHOD
See Also:
Constant Field Values

REQUEST_PROTOCOL

public static final String REQUEST_PROTOCOL
See Also:
Constant Field Values

REQUEST_FILENAME

public static final String REQUEST_FILENAME
See Also:
Constant Field Values

REQUEST_BASENAME

public static final String REQUEST_BASENAME
See Also:
Constant Field Values

SCRIPT_FILENAME

public static final String SCRIPT_FILENAME
See Also:
Constant Field Values

SCRIPT_BASENAME

public static final String SCRIPT_BASENAME
See Also:
Constant Field Values

SCRIPT_UID

public static final String SCRIPT_UID
See Also:
Constant Field Values

SCRIPT_GID

public static final String SCRIPT_GID
See Also:
Constant Field Values

SCRIPT_USERNAME

public static final String SCRIPT_USERNAME
See Also:
Constant Field Values

SCRIPT_GROUPNAME

public static final String SCRIPT_GROUPNAME
See Also:
Constant Field Values

SCRIPT_MODE

public static final String SCRIPT_MODE
See Also:
Constant Field Values

ENV

public static final String ENV
See Also:
Constant Field Values

REQUEST_HEADER

public static final String REQUEST_HEADER
See Also:
Constant Field Values

REQUEST_HEADERS

public static final String REQUEST_HEADERS
See Also:
Constant Field Values

REQUEST_HEADERS_NAMES

public static final String REQUEST_HEADERS_NAMES
See Also:
Constant Field Values

REQUEST_COOKIES

public static final String REQUEST_COOKIES
See Also:
Constant Field Values

REQUEST_COOKIES_NAMES

public static final String REQUEST_COOKIES_NAMES
See Also:
Constant Field Values

REQUEST_BODY

public static final String REQUEST_BODY
See Also:
Constant Field Values

PROTOCOL

public static final String PROTOCOL
See Also:
Constant Field Values

RESPONSE_LINE

public static final String RESPONSE_LINE
See Also:
Constant Field Values

RESPONSE_STATUS

public static final String RESPONSE_STATUS
See Also:
Constant Field Values

RESPONSE_PROTOCOL

public static final String RESPONSE_PROTOCOL
See Also:
Constant Field Values

RESPONSE_HEADER

public static final String RESPONSE_HEADER
See Also:
Constant Field Values

RESPONSE_HEADERS

public static final String RESPONSE_HEADERS
See Also:
Constant Field Values

RESPONSE_HEADERS_NAMES

public static final String RESPONSE_HEADERS_NAMES
See Also:
Constant Field Values

RESPONSE_BODY

public static final String RESPONSE_BODY
See Also:
Constant Field Values

RESPONSE_COOKIES

public static final String RESPONSE_COOKIES
See Also:
Constant Field Values

RESPONSE_COOKIES_NAMES

public static final String RESPONSE_COOKIES_NAMES
See Also:
Constant Field Values

TX

public static final String TX
See Also:
Constant Field Values

TX_ID

public static final String TX_ID
See Also:
Constant Field Values

SESSION

public static final String SESSION
See Also:
Constant Field Values

WEBAPPID

public static final String WEBAPPID
See Also:
Constant Field Values

SESSIONID

public static final String SESSIONID
See Also:
Constant Field Values

USERID

public static final String USERID
See Also:
Constant Field Values

GEO

public static final String GEO
See Also:
Constant Field Values

EVENT_ID

public static final String EVENT_ID
See Also:
Constant Field Values

RULE_ID

public static final String RULE_ID
See Also:
Constant Field Values

RULE_FILE

public static final String RULE_FILE
See Also:
Constant Field Values

RULE_LINE

public static final String RULE_LINE
See Also:
Constant Field Values

RULE_MSG

public static final String RULE_MSG
See Also:
Constant Field Values

RULE_TAG

public static final String RULE_TAG
See Also:
Constant Field Values

RULE_SEV

public static final String RULE_SEV
See Also:
Constant Field Values

RULE_DATA

public static final String RULE_DATA
See Also:
Constant Field Values

DATE

public static final String DATE
See Also:
Constant Field Values

HIGHEST_SEVERITY

public static final String HIGHEST_SEVERITY
See Also:
Constant Field Values

LOWEST_SEVERITY

public static final String LOWEST_SEVERITY
See Also:
Constant Field Values

VARIABLES

public static final String[] VARIABLES

COLLECTIONS

public static final String[] COLLECTIONS

SEVERITIES

public static final String[] SEVERITIES

SEVERITY_NOT_SET

public static final int SEVERITY_NOT_SET
See Also:
Constant Field Values

SEVERITY_UNKNOWN

public static final int SEVERITY_UNKNOWN
See Also:
Constant Field Values
Constructor Detail

ModSecurity

public ModSecurity()
Method Detail

isCollection

public boolean isCollection(String var)
This method can be used to determine whether a given variable references a ModSecurity collection or not.

Parameters:
var - The variable (name) to check.
Returns:
true, if the name references a collection.

getSeverity

public static int getSeverity(String txt)

getSeverity

public static String getSeverity(int level)

isCaseSensitive

public static boolean isCaseSensitive(String variable)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2012 jwall.org. All Rights Reserved.