Alfresco 4.2 Audit Filter - filter

I'm trying to filter data in the build in alfresco-access audit application, but it's not working.
I want to audit only READ and DELETE actions and exclude one particular user called synchronizer, so in my alfresco-global.properties I put this:
# Audit
audit.enabled=true
audit.tagging.enabled=false
audit.alfresco-access.enabled=true
# audit access-filter
audit.filter.alfresco-access.default.enabled=false
audit.filter.alfresco-access.default.user=~System;~null;~synchronizer;.*
audit.filter.alfresco-access.default.type=cm:folder;cm:content
audit.filter.alfresco-access.default.path=/app:company_home/.*
audit.filter.alfresco-access.transaction.user=~System;~null;~synchronizer;.*
audit.filter.alfresco-access.transaction.action=READ;DELETE
audit.filter.alfresco-access.login.user=~System;~null;~synchronizer;.*
In the log I see that login from synchronizer user are stored in the audit tables:
2017-02-01 18:18:45,067 DEBUG [repo.audit.AuditComponentImpl] [http-bio-8881-exec-5]
Extracted audit data:
Application: AuditApplication[ name=alfresco-access, id=2, disabledPathsId=5694]
Values:
/alfresco-access/login=null
/alfresco-access/loginUser=synchronizer
New Data:
/alfresco-access/login/user=synchronizer
2017-02-01 18:18:45,070 DEBUG [repo.audit.AuditComponentImpl] [http-bio-8881-exec-5]
New audit entry:
Application ID: 2
Entry ID: 58797
Values:
/alfresco-access/login=null
/alfresco-access/loginUser=synchronizer
Audit Data:
/alfresco-access/login/user=synchronizer

http://docs.alfresco.com/5.2/concepts/audit-example-filter.html
Have a look at the "It is important to note that it is the data producer that is specified and not the name of the audit application.", I believe that's what's bugging you.

The problem is that the data generator is alfresco-api, not alfresco-access, so the correct filter is this:
audit.filter.alfresco-api.post.AuthenticationService.authenticate.args.userName=~System;~null;~synchronizer;.*
Also you have to look at alfresco-audit-access.xml to understand how to build the filter.
Thanks to Axel Faust. sorry, but I posted the same question also here, cause it was making me crazy :-) : alfresco-42-audit-filter

A couple of things to consider
Set the enabled property to true:
audit.filter.alfresco-access.default.enabled=true
Verify your properties file is in a location where it is being picked up and read by Alfresco.

Related

Discord.py Getting a number of messages deleted from audit log

I'm making a logging system with discord.py. For now, I'm trying to get the number of messages were deleted from a single audit log entry (since sometimes the audit logs updates an entry instead of creating a new one), so I tried with "entry.action.count". Here's my code
#client.command()
#commands.has_permissions(administrator=True)
async def deletecount(ctx):
async for entry in ctx.guild.audit_logs(limit=1, action=discord.AuditLogAction.message_delete):
print(entry.action.count)
But instead of printing the number of messages deleted, it just prints
<built-in method count of _EnumValue_AuditLogAction object at 0x000001FF9769C640>
From this screenshot, in this case the latest entry has 5 deleted messages. I'm trying to print out that "5". So how do I get the number of message deleted from the latest audit log entry? The documentation doesn't have further information on how to use the extra attribute for entry.action.
I should also add that I have asked someone about this, they suggested to try print(entry.action.count()), but I got
TypeError: tuple.count() takes exactly one argument (0 given)
What is the argument that should be given there? Thanks in advance.
It is possible, use the extra attribute and it will return a dict with the data you want (the docs don't give you a lot of information about it because the return value differs from the type of action):
async for entry in ctx.guild.audit_logs(limit=1, action=discord.AuditLogAction.message_bulk_delete):
count = entry.extra['count']
The return value of AuditLogEntry.extra varies depending on the type of event, the example above will only work with message_bulk_delete
PS: You were using the wrong action in the iterator, it should be AuditLogAction.message_bulk_delete not AuditLogAction.message_delete
References:
AuditLogEntry.extra

Zapier CLI Trigger - How to use defined sample data when no results returned during setup

I am trying to prototype a trigger using the Zapier CLI and I am running to an issue with the 'Pull In Samples' section when setting up the trigger in the UI.
This tries to pull in a live sample of data to use, however the documentation states that if no results are returned it will use the sample data that is configured for the trigger.
In most cases there will be no live data and so ideally would actually prefer the sample data to be used in the first instance, however my trigger does not seem to ever use the sample and I have not been able to find a concrete example of a 'no results' response.
The API I am using returns XML so I am manipulating the result into JSON which works fine if there is data.
If there are no results so far I have tried returning '[]', but that just hangs and if I check the zapier http logs it's looping http requests until I cancel the sample check.
Returning '[{}]' returns an error that I need an 'id' field.
The definition I am using is:
module.exports = {
key: 'getsmsinbound',
noun: 'GetSMSInbound',
display: {
label: 'Get Inbound SMS',
description: 'Check for inbound SMS'
},
operation: {
inputFields: [
{ key: 'number', required: true, type: 'string', helpText: 'Enter the inbound number' },
{ key: 'keyword', required: false, type: 'string', helpText: 'Optional if you have configured a keyword and you wish to check for specific keyword messages.' },
],
perform: getsmsinbound,
sample: {
id: 1,
originator: '+447980123456',
destination: '+447781484146',
keyword: '',
date: '2009-07-08',
time: '10:38:55',
body: 'hello world',
network: 'Orange'
}
}
};
I'm hoping it's something obvious as on scouring the web and Zapier documentation I've not had any luck!
Sample data must be provided from your app and the sample payload is not used for this poll specifically. From the docs:
Sample results will NOT be used for a user's Zap testing step. That
step requires data to be received by an event or returned from a
polling URL. If a user chooses to "Skip Test", then the sample result,
if provided, will be used.
Personally, I have never seen "Skip Test" show up. A while back I asked support about this:
That's a great question! It's definitely one of those "chicken and
egg" situations when using REST Hooks - if there isn't a sample
available, then everything just stalls.
When the Zap editor tries to obtain a "sample result", there are three
places where it's going to look:
The Polling endpoint (in Step #3 of your trigger's setup) is invoked for the current user. If that returns "nothing", then the Zap
editor will try the next step.
The "most recent record/data" in the Zap's history. Since this is a brand new Zap, there won't be anything present.
The Sample result (in Step #4 of your trigger's setup). The Zap editor will tell the user that there's "nothing to show", and will
give the user the option to "skip test and continue", which will use
the sample JSON that you've provided here.
In reality, it will just continue to retry the request over and over and never provide the user with a "skip test and continue" option. I just emailed again asking if anything has changed since then, but it looks like existing sample data is a requirement.
Perhaps create a record in your API by default and hide it from normal use and just send back that one?
Or send back dummy data even though Zapier says not to. Not sure, but I don't know how people can set up a zap when no data has been created yet (and Zapier says not many of their apps have this issue, but nearly every trigger I've created and ever use case for other applications would hint to me otherwise).

How to log MDC with Spring Sleuth?

I have a Spring boot + sleuth based application. All works as expected. I have for now logs like this:
2017-05-04 17:55:52.226 INFO [alert,692d0eeca479e216,c3c8b680dc29ad02,false] 17292 --- [cTaskExecutor-1] c.k.a.b.s.alert.impl.AlertServiceImpl : Alert state to process: xxx
Now, I want to add custom MDC to my log like the contract reference for example. I want to have logs like this:
2017-05-04 17:55:52.226 INFO [alert,692d0eeca479e216,c3c8b680dc29ad02,false] [CONTRACT_REF] 17292 --- [cTaskExecutor-1] c.k.a.b.s.alert.impl.AlertServiceImpl : Alert state to process: xxx
I tried various things with no success:
Use the Spring Sleuth Tracer to add a tag;
Add logging.pattern.level=%5p %mdc to my application.properties file with MDC.put(xxx, xxx)
How can I add custom MDC/tags to my log?
For versions before 2.x, You have to create your own implementation of a SpanLogger. The easiest way will be to extend the Slf4jSpanLogger and provide your own code to add / update and remove the entries from MDC context. Then you can change your logging pattern and that way your logs will contain what they need.
I was able to add data to the MDC fairly easily by doing MDC.put("yourCoolKey", "your cool value") (see MDC.put JavaDoc).
Once you put the value into the MDC, you can use the sequence %X{yourCoolKey} in your logging pattern (in my case, the value of logging.pattern.console) to print the string "your cool value" as part of each log statement.
Optionally, you can specify a default value in the pattern string by adding :-<defaultValue> after the key, such as %X{yourCoolKey:-N/A}, which will print the string "N/A" whenever the MDC does not have an entry for "yourCoolKey". The default, if not specified, is a blank string ("")

No signature of method: groovy.lang.MissingMethodException.makeKey()

I've installed titan-0.5.0-hadoop2 with hbase and elasticsearch support
I've loaded the graph with
g = TitanFactory.open('conf/titan-hbase-es.properties')
==>titangraph[hbase:[127.0.0.1]]
and a then I loaded the test application
GraphOfTheGodsFactory.load(g)
Now when I'm trying to create a new index key with:
g.makeKey('userId').dataType(String.class).indexed(Vertex.class).unique().make()
and I got this error:
No signature of method: groovy.lang.MissingMethodException.makeKey() is applicable for argument types: () values: []
Possible solutions: every(), any()
Display stack trace? [yN]
Can someone help me with this ?
when I want to see the indexed keys I see this
g.getIndexedKeys(Vertex.class)
==>reason
==>age
==>name
==>place
I'm not completely following what you are trying to do. It appears that you loaded Graph of the Gods to g and then you want to add userId as a new property to the schema. If that's right, then i think your syntax is wrong, given the Titan 0.5 API. The method for managing the schema is very different from previous versions. Changes to the schema are performed through the ManagementSystem interface which you can get an instance of through:
mgmt = g.getManagementSystem()
The syntax for adding a property then looks something like:
birthDate = mgmt.makePropertyKey('birthDate').dataType(Long.class).cardinality(Cardinality.SINGLE).make()
mgmt.commit()
Note that g.getIndexKeys(Class) is not the appropriate way to get schema information either. You should use the ManagementSystem for that too.
Please see the documentation here for more information.

How to add comments to requests with ActiveRecord?

I want to add a comment to every request send by active record in order to found source in mysql slow query. How can I modify the request before ActiveRecord sends it?
For example i want to have this in my central mysql slow query log.
SELECT * FROM articles
-- File: refresh-article.rb
ActiveRecord already logs db requests with timing information to your app log.
I solve the problem with monkey patch
ActiveRecord::ConnectionAdapters::Mysql2Adapter.class_eval do
def execute_with_log(sql, name=nil)
sql = "-- Script: #{$0}\n#{sql}"
execute_without_log(sql, name)
end
alias_method_chain :execute, :log
end
In your rails app, you can see your queries with timing in log/(production|development).log.
However if you want anything more than that, I suggest checking out NewRelic in development mode. It is free, and it shows your the source of where that query was executed(which looks like what you want). It really is one of the best logging/performance analyzer out there.
I found a solution by monkey patch MySQL2::execute
ActiveRecord 6 allows queries to be annotated
User.annotate("selecting user names").select(:name)
# SELECT "users"."name" FROM "users" /* selecting user names */
User.annotate("selecting", "user", "names").select(:name)
# SELECT "users"."name" FROM "users" /* selecting */ /* user */ /* names */
https://api.rubyonrails.org/classes/ActiveRecord/QueryMethods.html#method-i-annotate
You could combine this with the caller_locations kernel method:
User.annotate("#{caller_locations(1,1).first}").select(:name)
https://www.rubydoc.info/stdlib/core/2.0.0/Kernel:caller_locations

Resources