ReporterMBean (Oracle Communications Services Gatekeeper 7.0.0.1 OAM Java API Reference)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Oracle Communications Services Gatekeeper OAM Java API Reference
7.0.0.1
E96580-01

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.ocsg.threat_protection
Interface ReporterMBean

public interface ReporterMBean

MBean for reporter.

Field Summary
`static java.lang.String`	`availableActions` Read only CSV list of available actions that can be taken on threat violations.
`static java.lang.String`	`availableEntities` Read only CSV list of available entities that can be tracked on threat violations.
`static java.lang.String`	`briefThreatsConfiguration` Brief description of all threats (Name, Action, Description).
`static java.lang.String`	`fullThreatsConfiguration` Full Reporter configuration in JSON format.
`static java.lang.String`	`INSTANCE_NAME`
`static java.lang.String`	`ipHttpHeader` When tracking violations based on originating IP the IP address will be taken from this HTTP header.
`static java.lang.String`	`KEY_IP_HTTP_HEADER`
`static java.lang.String`	`MBEAN_CONFIG_CHANNEL`
`static java.lang.String`	`MBEAN_CONFIG_EVENT`
`static java.lang.String`	`MBEAN_CONFIG_EVENT_REQUEST`
`static java.lang.String`	`SERVICE_NAME`
`static java.lang.String`	`SHARED_STORE`

Method Summary
`abstract java.lang.String`	`getAvailableActions()`
`abstract java.lang.String`	`getAvailableEntities()`
`abstract java.lang.String`	`getBriefThreatsConfiguration()`
`abstract java.lang.String`	`getFullThreatConfiguration(java.lang.String name)` Get full JSON configuration for one threat definition.
`abstract java.lang.String`	`getFullThreatsConfiguration()`
`abstract java.lang.String`	`getIpHttpHeader()`
`abstract void`	`setIpHttpHeader(java.lang.String header)`
`abstract void`	`updateThreatConfiguration(java.lang.String json)` Update the configuration for one threat in JSON format.

Field Detail

availableActions

public static final java.lang.String availableActions

Read only CSV list of available actions that can be taken on threat violations.

See Also:: Constant Field Values

availableEntities

public static final java.lang.String availableEntities

Read only CSV list of available entities that can be tracked on threat violations.

See Also:: Constant Field Values

briefThreatsConfiguration

public static final java.lang.String briefThreatsConfiguration

Brief description of all threats (Name, Action, Description).

See Also:: Constant Field Values

fullThreatsConfiguration

public static final java.lang.String fullThreatsConfiguration

Full Reporter configuration in JSON format.

See Also:: Constant Field Values

INSTANCE_NAME

public static final java.lang.String INSTANCE_NAME

See Also:: Constant Field Values

ipHttpHeader

public static final java.lang.String ipHttpHeader

When tracking violations based on originating IP the IP address will be taken from this HTTP header. If empty string is configured the ip address will be taken from HttpServletRequest.getRemoteAddr() Using a HTTP header can be suitable if there is a load balancer between applications and OCSG. Note! OCSG makes no processing of the supplied value in the HTTP header. eg, if we have X-Forwarded-For configured here and we get a request containing this X-Forwarded-For: 203.0.113.195, 70.41.3.18, 150.172.238.178 the full string (203...178) will be considered to be the offending "ip". This will be fine as long as subsequent messages travel the same route.

See Also:: Constant Field Values

KEY_IP_HTTP_HEADER

public static final java.lang.String KEY_IP_HTTP_HEADER

See Also:: Constant Field Values

MBEAN_CONFIG_CHANNEL

public static final java.lang.String MBEAN_CONFIG_CHANNEL

See Also:: Constant Field Values

MBEAN_CONFIG_EVENT

public static final java.lang.String MBEAN_CONFIG_EVENT

See Also:: Constant Field Values

MBEAN_CONFIG_EVENT_REQUEST

public static final java.lang.String MBEAN_CONFIG_EVENT_REQUEST

See Also:: Constant Field Values

SERVICE_NAME

public static final java.lang.String SERVICE_NAME

See Also:: Constant Field Values

SHARED_STORE

public static final java.lang.String SHARED_STORE

See Also:: Constant Field Values

Method Detail

getAvailableActions

public java.lang.String getAvailableActions()

getAvailableEntities

public java.lang.String getAvailableEntities()

getBriefThreatsConfiguration

public java.lang.String getBriefThreatsConfiguration()

getFullThreatConfiguration

public java.lang.String getFullThreatConfiguration(java.lang.String name)
                                            throws com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException

Get full JSON configuration for one threat definition.

Parameters:: name - The name of the threat.
Throws:: com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException

getFullThreatsConfiguration

public java.lang.String getFullThreatsConfiguration()

getIpHttpHeader

public java.lang.String getIpHttpHeader()
                                 throws com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException

Throws:: com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException

setIpHttpHeader

public void setIpHttpHeader(java.lang.String header)
                     throws com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException

Throws:: com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException

updateThreatConfiguration

public void updateThreatConfiguration(java.lang.String json)
                               throws com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException

Update the configuration for one threat in JSON format.

Scope: Cluster

Example JSON content: { "name":"AppKeyLoginFail", "actions":[ "ALARM", "BLOCK" ], "trackedEntities":[ "IP" ], "maxTrackedEntities":10000, "maxViolations":10, "violationClearTime":30, "description":"APPKEY login failure, only applicable for IP entity." } All the attributes in the JSON payload are mandatory, please see each attribute described below: name - The name of the threat, see getBriefThreatsConfiguration() to see which are available. actions - Empty array if no action should be taken. see getAvailableActions() to see which actions are available. trackedEntities - Empty array if no entities should be tracked (ie same effect as having no actions enabled) see getAvailableEntities() to see which entities are available maxTrackedEntities - Per tracked entity type, the maximum number of entities to track violations for. Each tracked entity reside in volatile memory on each AT server and is cleared on restart. If more violations are coming from more entities than we can track, the entity that has the oldest violation will be removed from tracked entity. maxViolations - The maximum allowed violations (eg failed APPKEY logins). If maximum allowed violations is reached, the next violation will trigger configured actions. violationClearTime - The number of seconds that need to elapse before an entity violations are cleared. This timer is reset each time a violation happens. description - Textual description of this configuration, eg explains what would cause this protection to trigger. Note! Violations can be cleared by time (violationClearTime), or other threat specific situation, for example APPKEY violations are cleared if a successful login is performed. Note! Once a block action has been triggered violations cannot be cleared by violationClearTime. Block will be in effect for as long as the shield is configured. Note! Violations are tracked separately on each server, but once shield is raised it is raised on all nodes. Note! The maxTrackedEntities isn't an exact value, real value can be bigger depending on internal purge algorithm. Note! All entities might not be supported for all threats, ie protections prior to authentication can not track APP_INST_ACCOUNT for example, as no account has been authenticated yet.

Parameters:: json - configuration in JSON format.
Throws:: com.bea.wlcp.wlng.api.storage.configuration.ConfigurationException - if there is an issue when storing.