-
Notifications
You must be signed in to change notification settings - Fork 0
Websocket Event processing
This is a guide to how to use iland's Java SDK to connect a websocket for event processing.
To follow along with the Wiki git clone the project and cd into the web-socket-events directory.
Using a websocket is easy with iland's Java SDK as we provide you with the object WebSocketClient documented here.
After authenticating your API client and getting a company id and org uuid through the user's inventory, explanations for which can be found here and here.
Once we have a company id we can connect our WebSocketClient easily using the following code:
final WebSocketClient webSocketClient = apiClient.getEventWebSocket(COMPANY_ID);
Looking at the documentation for WebSocketClient we can see that we can consume events and tasks.
For this example, we will be consuming and processing events.
First, we must create a Consumer so that when an event comes through that we are interested in we can process the data in some meaningful way. For this example we just log some basic information about the info like this:
Consumer<EventResponse> vmEventConsumer = c -> log.info(String
.format("User %s initiated vm event %s for entity %s",
c.getInitiatedByUsername(), c.getType(), c.getEntityName())
To read more about Consumer in Java read the documentation here.
After creating a Consumer we can either consume all events or filter them in two different ways.
The first way to filter events is by their EventType, you must provide a Set of EventTypes for filtering. Here's an example of that code:
static EventType[] vmEventTypes =
new EventType[] {EventType.VM_ANTIMALWARE_EVENT, EventType.VM_DPI_EVENT,
EventType.VM_FIREWALL_EVENT, EventType.VM_INTEGRITY_EVENT,
EventType.VM_LOG_INSPECTION_EVENT, EventType.VM_WEB_REPUTATION_EVENT};
final Set<EventType> vmTypes = new HashSet<>(Arrays.asList(vmEventTypes));
final SocketSubscription vmSubscription =
webSocketClient.consumeEvents(vmEventConsumer, vmTypes);
The second way to filter events is by creating a custom EventFilter which is documented here.
Here is the following code example of how to filter for specific org event types and a specific org using its uuid.
final EventFilter orgEventFilter =
eventResponse -> orgTypes.contains(eventResponse.getType())
&& eventResponse.getEntityUuid().equals(ORG_UUID);
One last thing to note is that in the example code at the end there is a while loop that runs forever. This is to keep the process alive and allow the Websocket to consume and process events.
Also, an important thing to understand is that you can stop consuming events or tasks by unSubscribing the SocketSubscription that is returned when you use the SDK.