Class TLSSyslogSenderImpl

All Implemented Interfaces:
AuditTransmissionProtocol

public class TLSSyslogSenderImpl extends RFC5425Protocol implements AuditTransmissionProtocol
Simple client implementation of RFC 5425 TLS syslog transport for sending audit messages to an Audit Record Repository that implements TLS syslog. Multiple messages may be sent over the same socket.

Designed to run in a standalone mode and is not dependent on any context or configuration.

Note that this implementation disobeys the ATNA specification saying, that the Secure Application, Secure Node, or Audit Record Forwarder is unable to send the message to the Audit Record Repository, then the actor shall store the audit record locally and send it when it is able.

Since:
3.5
Author:
Lawrence Tarbox, Derived from code written by Matthew Davis of IBM., Christian Ohr
  • Constructor Details

    • TLSSyslogSenderImpl

      public TLSSyslogSenderImpl()
      Constructor which uses default values for all parameters.
    • TLSSyslogSenderImpl

      public TLSSyslogSenderImpl(TLSSyslogSenderImpl.SocketTestPolicy socketTestPolicy)
    • TLSSyslogSenderImpl

      public TLSSyslogSenderImpl(TlsParameters tlsParameters)
    • TLSSyslogSenderImpl

      public TLSSyslogSenderImpl(SSLSocketFactory socketFactory, TLSSyslogSenderImpl.SocketTestPolicy socketTestPolicy)
      Parameters:
      socketFactory - SSL socket factory to be used for creating the TCP socket.
      socketTestPolicy - Determining if and when to test the socket for a connection close/reset
    • TLSSyslogSenderImpl

      public TLSSyslogSenderImpl(TlsParameters tlsParameters, TLSSyslogSenderImpl.SocketTestPolicy socketTestPolicy)
      Parameters:
      tlsParameters - TlsParameters to be used for creating the TCP socket.
      socketTestPolicy - Determining if and when to test the socket for a connection close/reset
  • Method Details

    • getTransportName

      public String getTransportName()
      Specified by:
      getTransportName in interface AuditTransmissionProtocol
      Returns:
      name of the AuditTransmissionProtocol
    • send

      public void send(AuditContext auditContext, AuditMetadataProvider auditMetadataProvider, String auditMessage) throws Exception
      Description copied from interface: AuditTransmissionProtocol
      Transmits the message
      Specified by:
      send in interface AuditTransmissionProtocol
      Parameters:
      auditContext - audit context that e.g. contains the destination
      auditMetadataProvider - dedicated (message-specific) audit metadata
      auditMessage - audit message strings
      Throws:
      Exception - thrown if sending the messages has failed
    • shutdown

      public void shutdown()
      Description copied from interface: AuditTransmissionProtocol
      May be implemented to clean up instances on shut down
      Specified by:
      shutdown in interface AuditTransmissionProtocol
    • setSocketOptions

      protected void setSocketOptions(Socket socket) throws SocketException
      Override this method to set any socket option. The default implementation sets SO_KEEPALIVE to true. The method is called once for every new socket instance that is created before the first ATNA record is sent over that socket connection.

      BEWARE: If your implementation specify any socket test policy other than TLSSyslogSenderImpl.SocketTestPolicy.DONT_TEST_POLICY, then SO_TIMEOUT will be set to 1 ms regardless of the value your implementation might set.

      Parameters:
      socket - Socket to configure
      Throws:
      SocketException - if setting keep alive failed