AuditEvent (web-audit Library 0.6.7 API)

All Superinterfaces:

Comparable<AuditEvent>, Event, Serializable

All Known Implementing Classes:

IronBeeAuditEvent, ModSecurityAuditEvent
```
public interface AuditEvent
extends Event, Serializable, Comparable<AuditEvent>
```
This interface defines an abstract audit-event. Specifying events as interface aims at several optimized implementations. A simple one can be found at AuditEventImpl.

This interface also defines several event properties, which are beyond the set of variables supported by.

Author:

Christian Bockermann <chris@jwall.org>

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`AGE` This is a special variable, which refers to the age of the event in milliseconds with regard to the moment the variable is accessed (i.e.
`static String`	`EVENT_ID`
`static String`	`EVENT_TAGS` The collection key for storing all tags for an event
`static String`	`EVENT_URL`
`static String`	`FILE` This variable holds the path where the event is stored
`static String`	`FILE_OFFSET` This variable indicates the offset (in bytes) from the beginning of the file where this event is stored
`static String`	`ID`
`static String`	`MESSAGE`
`static String`	`RECEIVED_AT` A key denoting the time an event has been received
`static String`	`SENSOR` This simply serves as alias for SENSOR_NAME
`static String`	`SENSOR_ADDR`
`static String`	`SENSOR_ID` This variable holds the ID of the sensor from which this event was received (if available)
`static String`	`SENSOR_NAME` This variable holds the name of the sensor from which this event was received (if available)
`static String`	`SENSOR_TYPE`
`static String`	`SESSION_ID`
`static String`	`SEVERITY`
`static String`	`SITE_ID` This variable denotes the site-id to which this event is mapped
`static String`	`SITE_NAME` This variable references the site-name to which this event is mapped
`static String`	`SIZE`
`static String`	`TAGS`
`static String[]`	`VARIABLES`

Fields inherited from interface org.jwall.audit.Event
TIMESTAMP, TYPE

Method Summary

Methods
Modifier and Type	Method and Description
`int`	`compareTo(AuditEvent o)`
`String`	`get(String var)` Returns the given variable as `String` or an empty string if the variable is not set.
`List<String>`	`getAll(String var)` This method returns the list of a collection which if referenced by the given variable `var`.
`AuditEventType`	`getAuditEventType()`
`Date`	`getDate()` Returns the date of this events birth.
`String`	`getEventId()` The unique ID, created by modsecurity.
`AuditEventMessage[]`	`getEventMessages()`
`String[]`	`getRawData()` Deprecated.
`String`	`getSection(int i)` Returns the string, which contains the whole section of this audit-event.
`String`	`getSessionId()` Deprecated. Use `get( "SESSION_ID" );` instead.
`List<String>`	`getVariables()` This method returns the list of all variables available in this event.
`boolean`	`isSet(String var)` Checks wether the given variable is set or not.
`void`	`set(String variable, String value)` This method can be used to modify/set properties of the event.
`void`	`setAll(String variable, List<String> values)` This method can be used to modify/set a collection of the event.
`void`	`setSessionId(String id)` Deprecated. Use `set( "SESSION_ID", id )` instead.

Methods inherited from interface org.jwall.audit.Event
getTimestamp, getType

- Field Detail
  - ID
```
static final String ID
```
    See Also:
    Constant Field Values
  - EVENT_ID
```
static final String EVENT_ID
```
    See Also:
    Constant Field Values
  - EVENT_TAGS
```
static final String EVENT_TAGS
```
    The collection key for storing all tags for an event
    
    See Also:
    Constant Field Values
  - RECEIVED_AT
```
static final String RECEIVED_AT
```
    A key denoting the time an event has been received
    
    See Also:
    Constant Field Values
  - AGE
```
static final String AGE
```
    This is a special variable, which refers to the age of the event in milliseconds with regard to the moment the variable is accessed (i.e. calculated on-time of extraction)
    
    See Also:
    Constant Field Values
  - SENSOR_ID
```
static final String SENSOR_ID
```
    This variable holds the ID of the sensor from which this event was received (if available)
    
    See Also:
    Constant Field Values
  - SENSOR_NAME
```
static final String SENSOR_NAME
```
    This variable holds the name of the sensor from which this event was received (if available)
    
    See Also:
    Constant Field Values
  - SENSOR
```
static final String SENSOR
```
    This simply serves as alias for SENSOR_NAME
    
    See Also:
    Constant Field Values
  - SENSOR_ADDR
```
static final String SENSOR_ADDR
```
    See Also:
    Constant Field Values
  - SENSOR_TYPE
```
static final String SENSOR_TYPE
```
    See Also:
    Constant Field Values
  - SITE_ID
```
static final String SITE_ID
```
    This variable denotes the site-id to which this event is mapped
    
    See Also:
    Constant Field Values
  - SITE_NAME
```
static final String SITE_NAME
```
    This variable references the site-name to which this event is mapped
    
    See Also:
    Constant Field Values
  - FILE
```
static final String FILE
```
    This variable holds the path where the event is stored
    
    See Also:
    Constant Field Values
  - EVENT_URL
```
static final String EVENT_URL
```
    See Also:
    Constant Field Values
  - FILE_OFFSET
```
static final String FILE_OFFSET
```
    This variable indicates the offset (in bytes) from the beginning of the file where this event is stored
    
    See Also:
    Constant Field Values
  - SIZE
```
static final String SIZE
```
    See Also:
    Constant Field Values
  - TAGS
```
static final String TAGS
```
    See Also:
    Constant Field Values
  - SEVERITY
```
static final String SEVERITY
```
    See Also:
    Constant Field Values
  - MESSAGE
```
static final String MESSAGE
```
    See Also:
    Constant Field Values
  - SESSION_ID
```
static final String SESSION_ID
```
    See Also:
    Constant Field Values
  - VARIABLES
```
static final String[] VARIABLES
```
- Method Detail
  - getEventId
```
String getEventId()
```
    The unique ID, created by modsecurity.
    
    Returns:
    A unique event id.
  - getSection
```
String getSection(int i)
```
    Returns the string, which contains the whole section of this audit-event. The available sections are defined in ModSecurity.java.
    
    Parameters:
    i - Index of the section as defined by ModSecurity.SECTION_*.
    
    Returns:
    The string value of the appopriate section of this event.
  - getDate
```
Date getDate()
```
    Returns the date of this events birth. The value of this date is parsed from the audit-event entry.
    
    Returns:
    The date when this event was created.
  - getSessionId
```
String getSessionId()
```
    Deprecated. Use get( "SESSION_ID" ); instead.
    
    The session-id of this request or an empty string, if no session-id has been set.
    
    Returns:
    The session id.
  - setSessionId
```
void setSessionId(String id)
```
    Deprecated. Use set( "SESSION_ID", id ) instead.
    
    This method sets the session-id of this event. Its primary use is to group several events by external session-trackers.
    
    Parameters:
    id - The id of the session with which this event is associated.
  - isSet
```
boolean isSet(String var)
```
    Checks wether the given variable is set or not.
    
    Parameters:
    var - The name of the variable that is checked.
    
    Returns:
    true iff the variable is set.
  - get
```
String get(String var)
```
    Returns the given variable as String or an empty string if the variable is not set. If the given variable is referring to a collection the first value of that collection is returned. To test if a variable has been set, use isSet(String variable).
    
    Specified by:
    
    get in interface Event
    
    Parameters:
    var - The name of the variable.
    
    Returns:
    The value of this variable.
  - getAll
```
List<String> getAll(String var)
```
    This method returns the list of a collection which if referenced by the given variable var.
    
    Parameters:
    var - The variable name of the collection. May also be a non-collection variable in which case a single-item list will returned if the variable has a value.
    
    Returns:
    The list of values for the variable, of NULL if no collection is found by that variable name.
  - set
```
void set(String variable,
       String value)
```
    This method can be used to modify/set properties of the event. There is a distinction between request and event properties. The request properties are parsed from the incoming request and are immutable. The event properties may be changed.
    
    Specified by:
    
    set in interface Event
    
    Parameters:
    variable -
    value -
  - setAll
```
void setAll(String variable,
          List<String> values)
```
    This method can be used to modify/set a collection of the event. There is a distinction between request and event properties. The request properties are parsed from the incoming request and are immutable. The event properties may be changed.
    
    Parameters:
    variable -
    values -
  - getVariables
```
List<String> getVariables()
```
    This method returns the list of all variables available in this event.
    
    Returns:
    The list of variable names (single variables AND collections) which may be accessed from this event.
  - compareTo
```
int compareTo(AuditEvent o)
```
    Specified by:
    
    compareTo in interface Comparable<AuditEvent>
  - getRawData
```
String[] getRawData()
```
    Deprecated.
    
    This method returns an array of strings that contain the section-data of the appopriate audit-log entry of this event.
    
    Returns:
    The list of section-strings.
  - getEventMessages
```
AuditEventMessage[] getEventMessages()
```
  - getAuditEventType
```
AuditEventType getAuditEventType()
```

Interface AuditEvent

Field Summary

Fields inherited from interface org.jwall.audit.Event

Method Summary

Methods inherited from interface org.jwall.audit.Event

Field Detail

ID

EVENT_ID

EVENT_TAGS

RECEIVED_AT

AGE

SENSOR_ID

SENSOR_NAME

SENSOR

SENSOR_ADDR

SENSOR_TYPE

SITE_ID

SITE_NAME

FILE

EVENT_URL

FILE_OFFSET

SIZE

TAGS

SEVERITY

MESSAGE

SESSION_ID

VARIABLES

Method Detail

getEventId

getSection

getDate

getSessionId

setSessionId

isSet

get

getAll

set

setAll

getVariables

compareTo

getRawData

getEventMessages

getAuditEventType