Class ESAuditBackend

All Implemented Interfaces:
AuditAdmin, AuditLogger, AuditReader, AuditStorage, Logs, AuditBackend

public class ESAuditBackend extends AbstractAuditBackend implements AuditBackend
Implementation of the AuditBackend interface using Elasticsearch persistence
Author:
tiry
  • Field Details

  • Constructor Details

  • Method Details

    • getClient

      protected ESClient getClient()
    • isMigrationDone

      protected boolean isMigrationDone()
    • getApplicationStartedOrder

      public int getApplicationStartedOrder()
      Specified by:
      getApplicationStartedOrder in interface AuditBackend
    • onApplicationStarted

      public void onApplicationStarted()
      Specified by:
      onApplicationStarted in interface AuditBackend
    • onApplicationStopped

      public void onApplicationStopped()
      Specified by:
      onApplicationStopped in interface AuditBackend
    • queryLogs

      public List<LogEntry> queryLogs(QueryBuilder builder)
      Description copied from interface: AuditReader
      Returns the logs given a collection of predicates and a default sort.
      Specified by:
      queryLogs in interface AuditReader
      Parameters:
      builder - the query builder to fetch log entries
      Returns:
      a list of log entries
    • createSearchRequestSource

      protected org.opensearch.search.builder.SearchSourceBuilder createSearchRequestSource(MultiExpression predicate, OrderByList orders)
    • createQueryBuilder

      protected org.opensearch.index.query.QueryBuilder createQueryBuilder(MultiExpression andPredicate)
    • buildLogEntries

      protected List<LogEntry> buildLogEntries(org.opensearch.action.search.SearchResponse searchResponse)
    • createSearchRequest

      protected org.opensearch.action.search.SearchRequest createSearchRequest()
    • getLogEntryByID

      public LogEntry getLogEntryByID(long id)
      Description copied from interface: AuditReader
      Returns a given log entry given its id.
      Specified by:
      getLogEntryByID in interface AuditReader
      Parameters:
      id - the log entry identifier
      Returns:
      a LogEntry instance
    • buildQuery

      public org.opensearch.action.search.SearchRequest buildQuery(String query, Map<String,Object> params)
    • createSearchSourceBuilder

      protected org.opensearch.search.builder.SearchSourceBuilder createSearchSourceBuilder(String query)
    • expandQueryVariables

      public String expandQueryVariables(String query, Object[] params)
    • expandQueryVariables

      public String expandQueryVariables(String query, Map<String,Object> params)
    • nativeQuery

      public List<?> nativeQuery(String query, Map<String,Object> params, int pageNb, int pageSize)
      Description copied from interface: AuditReader
      Returns a batched list of entries.
      Specified by:
      nativeQuery in interface AuditReader
      Parameters:
      query - a JPA query language query if implementation of audit backend is JPA (< 7.3 or audit.elasticsearch.enabled=false) and JSON if implementation is Elasticsearch
      params - parameters for the query
      pageNb - the page number (starts at 1)
      pageSize - the number of results per page
    • queryLogsByPage

      public List<LogEntry> queryLogsByPage(String[] eventIds, Date limit, String[] categories, String path, int pageNb, int pageSize)
      Specified by:
      queryLogsByPage in interface AuditReader
      Overrides:
      queryLogsByPage in class AbstractAuditBackend
    • addLogEntries

      public void addLogEntries(List<LogEntry> entries)
      Description copied from interface: AuditLogger
      Adds given log entries.
      Specified by:
      addLogEntries in interface AuditLogger
      Parameters:
      entries - the list of log entries.
    • getEventsCount

      public Long getEventsCount(String eventId)
      Specified by:
      getEventsCount in interface AuditAdmin
    • syncLogCreationEntries

      public long syncLogCreationEntries(String repoId, String path, Boolean recurs)
      Description copied from interface: AuditAdmin
      Forces log Synchronisation for a branch of the repository. This can be useful to add the create entries if DB was initialized from a bulk import.
      Specified by:
      syncLogCreationEntries in interface AuditAdmin
    • search

      public org.opensearch.action.search.SearchResponse search(org.opensearch.action.search.SearchRequest request)
    • buildFilter

      protected org.opensearch.index.query.QueryBuilder buildFilter(PredicateDefinition[] predicates, DocumentModel searchDocumentModel)
    • convertDate

      protected Object convertDate(Object o)
    • buildSearchQuery

      public org.opensearch.action.search.SearchRequest buildSearchQuery(String fixedPart, PredicateDefinition[] predicates, DocumentModel searchDocumentModel)
    • isNonNullParam

      protected boolean isNonNullParam(Object[] val)
    • migrate

      public String migrate(int batchSize)
    • logSearchResponse

      protected void logSearchResponse(org.opensearch.action.search.SearchResponse response)
    • logSearchRequest

      protected void logSearchRequest(org.opensearch.action.search.SearchRequest request)
    • ensureUIDSequencer

      protected void ensureUIDSequencer(ESClient esClient)
      Ensures the audit sequence returns an UID greater or equal than the maximum log entry id.
    • newExtendedInfo

      public ExtendedInfo newExtendedInfo(Serializable value)
      Description copied from interface: AuditLogger
      Create a new ExtendedInfo instance
      Specified by:
      newExtendedInfo in interface AuditLogger
      Specified by:
      newExtendedInfo in class AbstractAuditBackend
    • getESIndexName

      protected String getESIndexName()
    • append

      public void append(List<String> jsonEntries)
      Specified by:
      append in interface AuditStorage
    • scroll

      public ScrollResult<String> scroll(QueryBuilder builder, int batchSize, int keepAliveSeconds)
      Specified by:
      scroll in interface AuditStorage
    • scroll

      public ScrollResult<String> scroll(String scrollId)
      Specified by:
      scroll in interface AuditStorage
    • getLatestLogId

      public long getLatestLogId(String repositoryId, String... eventIds)
      Description copied from interface: AuditReader
      Returns the latest log id matching events and repository or 0 when no match found.
      Specified by:
      getLatestLogId in interface AuditReader
      Overrides:
      getLatestLogId in class AbstractAuditBackend
    • getLatestLogIdAfterDate

      protected String getLatestLogIdAfterDate()