soar_auditor_api 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9879b49a5a82d14cc2fe47b7ebddaf5c63d482c0
+  data.tar.gz: 6b5131d74480cd7d7a4c5f15f11dfdcbe87b77e5
+SHA512:
+  metadata.gz: a696ee6e0c1572c352e0990f3ee788a1d4929914287e5d59271863a66d82718c699168d411851af30b2be2232fda78822ee0ee76103f0ec4a52630ef2a579deb
+  data.tar.gz: 242caa4d8d79f6e521ceae3156885383b9227f5878be3f2c5028de8131f500fce233b3a26557553ef34186c8cc401a506666cce07281d39fab4ce41af3de5a63

data/.gitignore

@@ -0,0 +1,49 @@
+.byebug_history
+*tgz
+left
+test_tfa.sh
+test_production.sh
+iut-list
+juddi-distro-*
+*.swo
+*.zip
+*.tar.gz
+*.swp
+*.gem
+*.rbc
+/Gemfile.lock
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+.DS_Store
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalisation:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+# Gemfile.lock
+# .ruby-version
+# .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.ruby-gemset

@@ -0,0 +1 @@
+soar_auditor_api

data/.ruby-version

@@ -0,0 +1 @@
+ruby-2.2

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.2.2
+before_install: gem install bundler -v 1.11.2

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in soar_auditor_api.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Barney de Villiers
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,155 @@
+#TODO fix this file
+
+# SoarAuditorApi
+
+This gem provides the auditor api for the SOAR architecture.
+
+## State of the API
+
+
+
+## Installation
+
+Add this line to your auditor Gemfile:
+
+```ruby
+gem 'soar_auditor_api'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install soar_auditor_api
+
+## Testing
+
+Behavioural driven testing can be performed:
+
+    $ bundle exec rspec -cfd spec/*
+
+## Usage
+
+
+
+### Auditing Providers that utilize the SoarAuditorAPI as clients
+
+
+Note that the APIs (debug/info/warn/error/fatal) accept any object as a parameter. The object will be serialized using the .to_s method and therefore the object must implement the .to_s method (or already be a string that has the .to_s method).
+
+
+### Auditors that extend from the SoarAuditorAPI
+
+Extend from the SoarAuditorAPI as follow
+
+``` ruby
+class MyAuditor < SoarAuditorApi::SoarAuditorAPI
+end
+```
+
+The auditors that extend from this API must implement two methods: "audit" and "configuration_is_valid"
+
+The configuration_is_valid method provides the API with a way of ensuring that a configuration is valid for the auditor.
+```ruby
+def configuration_is_valid(configuration)
+  return configuration.include?("something_needed")
+end
+```
+
+The audit method will be called when the base API wants to publish an audit event after it has been formatted and filtered.
+```ruby
+def audit(data)
+  puts data
+end
+```
+
+The configuration is made available to the auditor through the @configuration attribute in the API.
+
+
+
+
+#TODO complete this section
+#TODO Extend the SoarAuditorApi::AuditingProviderAPI to create an auditing provider:
+
+
+
+Provide the required inversion of control method to configure (an) injected auditor(s):
+
+```
+def configure_auditor(configuration = nil)
+  @auditor.configure(configuration)
+end
+```
+
+Initialize the provider so:
+
+```
+auditor = MyAuditor.new
+auditor_configuration = { 'some' => 'configuration' }
+@iut = MyAuditingProvider.new(auditor, auditor_configuration)
+```
+
+Audit using the API methods, e.g.:
+
+```
+@iut.info("This is info")
+@iut.debug(some_debug_object)
+@iut.warn("Statistics show that dropped packets have increased to #{dropped}%")
+@iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate")
+@iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.")
+@iut << 'Rack::CommonLogger requires this'
+```
+
+The API also supports appending as below, enabling support, e.g. for Rack::CommonLogger, etc.:
+
+```
+<<
+```
+
+## Detailed example
+
+```
+require 'log4r'
+require 'soar_auditor_api'
+
+class Log4rAuditingProvider < SoarAuditorApi::AuditingProviderAPI
+  def configure_auditor(configuration = nil)
+    @auditor.outputters = configuration['outputter']
+  end
+end
+
+class Main
+  include Log4r
+
+  def test_sanity
+    auditor = Logger.new 'sanity'
+    auditor_configuration = { 'outputter' => Outputter.stdout }
+    @iut = Log4rAuditingProvider.new(auditor, auditor_configuration)
+
+    some_debug_object = 123
+    @iut.info("This is info")
+    @iut.debug(some_debug_object)
+    dropped = 95
+    @iut.warn("Statistics show that dropped packets have increased to #{dropped}%")
+    @iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate")
+    @iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.")
+  end
+end
+
+main = Main.new
+main.test_sanity
+```
+
+## Contributing
+
+Bug reports and feature requests are welcome by email to barney dot de dot villiers at hetzner dot co dot za. This gem is sponsored by Hetzner (Pty) Ltd (http://hetzner.co.za)
+
+## Notes
+
+Though out of scope for the provider, auditors should take into account encoding, serialization, and other NFRs.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "soar_auditor_api"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/soar_auditor_api/auditor_api.rb

@@ -0,0 +1,65 @@
+module SoarAuditorApi
+  class SoarAuditorAPI
+    DEBUG_PREFIX = "debug:" unless defined? DEBUG_PREFIX; DEBUG_PREFIX.freeze
+    INFO_PREFIX  = "info:"  unless defined? INFO_PREFIX;  INFO_PREFIX.freeze
+    WARN_PREFIX  = "warn:"  unless defined? WARN_PREFIX;  WARN_PREFIX.freeze
+    ERROR_PREFIX = "error:" unless defined? ERROR_PREFIX; ERROR_PREFIX.freeze
+    FATAL_PREFIX = "fatal:" unless defined? FATAL_PREFIX; FATAL_PREFIX.freeze
+
+    def initialize
+      @configuration = nil
+      @minimum_audit_level = :info
+      @audit_levels  = [:debug, :info, :warn, :error, :fatal]
+    end
+
+    def configure(configuration = nil)
+      raise ArgumentError, "Invalid configuration provided" unless configuration_is_valid(configuration)
+      @configuration = configuration
+    end
+
+    def set_audit_level(minimum_audit_level)
+      raise ArgumentError, "Invalid audit level specified" unless @audit_levels.include?(minimum_audit_level)
+      @minimum_audit_level = minimum_audit_level
+    end
+
+    def debug(data)
+      audit(DEBUG_PREFIX + data.to_s) if audit_filtered(:debug)
+    end
+
+    def <<(data)
+      audit(INFO_PREFIX + data.to_s) if audit_filtered(:info)
+    end
+
+    def info(data)
+      audit(INFO_PREFIX + data.to_s) if audit_filtered(:info)
+    end
+
+    def warn(data)
+      audit(WARN_PREFIX + data.to_s) if audit_filtered(:warn)
+    end
+
+    def error(data)
+      audit(ERROR_PREFIX + data.to_s) if audit_filtered(:error)
+    end
+
+    def fatal(data)
+      audit(FATAL_PREFIX + data.to_s) if audit_filtered(:fatal)
+    end
+
+    #Safety to ensure that the Auditor that extends this API implements this IOC method
+    def configuration_is_valid(configuration)
+      raise NotImplementedError, "Method must implement configuration_is_valid method in Auditor extending the API"
+    end
+
+    #Safety to ensure that the Auditor that extends this API implements this IOC method
+    def audit(data)
+      raise NotImplementedError, "Method must implement audit method in Auditor extending the API"
+    end
+
+    private
+
+    def audit_filtered(audit_level)
+      return @audit_levels.index(@minimum_audit_level) <= @audit_levels.index(audit_level)
+    end
+  end
+end

data/lib/soar_auditor_api/version.rb

@@ -0,0 +1,3 @@
+module SoarAuditorApi
+  VERSION = "0.0.1"
+end

data/lib/soar_auditor_api.rb

@@ -0,0 +1,5 @@
+require 'soar_auditor_api/version'
+require 'soar_auditor_api/auditor_api'
+
+module SoarAuditorApi
+end

data/sanity/.ruby-gemset

@@ -0,0 +1 @@
+sanity

data/sanity/.ruby-version

@@ -0,0 +1 @@
+ruby-2.2

data/sanity/Gemfile

@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+gem 'log4r'
+gem 'byebug'
+gem 'soar_auditor_api', "~> 0.0.1"

data/sanity/sanity.rb

@@ -0,0 +1,31 @@
+require 'soar_auditor_api'
+require 'byebug'
+
+class SanityAuditor < SoarAuditorAPI
+  def configuration_is_valid(configuration)
+    return true
+  end
+
+  def audit(data)
+    puts data
+  end
+end
+
+class Main
+  def test_sanity
+    @iut = SanityAuditor.new
+    @iut.configure(nil)
+
+    some_debug_object = 123
+    @iut.info("This is info")
+    @iut.debug(some_debug_object)
+    dropped = 95
+    @iut.warn("Statistics show that dropped packets have increased to #{dropped}%")
+    @iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate")
+    @iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.")
+    @iut << 'Rack::CommonLogger requires this'
+  end
+end
+
+main = Main.new
+main.test_sanity

data/soar_auditor_api.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'soar_auditor_api/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "soar_auditor_api"
+  spec.version       = SoarAuditorApi::VERSION
+  spec.authors       = ["Barney de Villiers"]
+  spec.email         = ["barney.de.villiers@hetzner.co.za"]
+
+  spec.summary       = %q{SOAR auditor api}
+  spec.description   = %q{SOAR auditor api from which auditors will extend from}
+  spec.homepage      = "https://github.hetzner.co.za/hetznerZA/soar_auditor_api"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.11"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+  spec.add_development_dependency "byebug", "~> 9"
+
+end

metadata

@@ -0,0 +1,119 @@
+--- !ruby/object:Gem::Specification
+name: soar_auditor_api
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Barney de Villiers
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-05-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '9'
+description: SOAR auditor api from which auditors will extend from
+email:
+- barney.de.villiers@hetzner.co.za
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".ruby-gemset"
+- ".ruby-version"
+- ".travis.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/soar_auditor_api.rb
+- lib/soar_auditor_api/auditor_api.rb
+- lib/soar_auditor_api/version.rb
+- sanity/.ruby-gemset
+- sanity/.ruby-version
+- sanity/Gemfile
+- sanity/sanity.rb
+- soar_auditor_api.gemspec
+homepage: https://github.hetzner.co.za/hetznerZA/soar_auditor_api
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.8
+signing_key: 
+specification_version: 4
+summary: SOAR auditor api
+test_files: []