Configuration - JSON Structure
Alerts are stored as JSON configuration, in Ceptor's configuration as a property named "alerts_JSON_" in the abstract server configuration named "alerts" (the Ceptor Console will create it for you if it does not already exists - but if you need to change it using APIs, you need to know the naming).
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
{"actions": [
{
"name": "Log the alert",
"type": "log",
"conditions": [],
"level": "WARN"
},
{
"name": "Alert Administrator",
"type": "sms",
"conditions": [],
"mobile": "+4526164023"
},
{
"name": "Send email to admin",
"type": "email",
"conditions": [],
"email": "kr@asseco.dk",
"email.prefix": "[Alert !!!]"
},
{
"name": "Create an action",
"type": "log",
"conditions": [{
"name": "Only server down",
"type": "server_down"
}],
"logger": "alerts",
"level": "ERROR"
},
{
"name": "Run a script",
"type": "script",
"conditions": [],
"script": "%{script}//\r\n// Example javascript that simply writes both the configuration and alerts to stdout\r\n//\r\n\r\nprint(context.configuration);\r\nprint(context.alert.getType());\r\nprint(context.alert.getID());\r\nprint(context.alert.getTitle() + ' - ' + context.alert.getMessage());\r\nprint(context.alert.toJSONString());"
}
]} |
The "alerts_JSON_" property contains a JSON array called "actions", and each action looks like this:
Key | Description |
---|---|
name | Name of the Alert Action |
type | Type of action, must be one of:
|
conditions | JSON Array of conditions - if empty, no conditions are defined, meaning Alert Action matches all alerts. |
logger | Name of logger to log message to - only for actions of type "log" |
level | Logger Level, either TRACE, DEBUG, INFO, WARN or ERROR - only for actions of type "log" |
Email address - only for actions of type "email" | |
email.prefix | Email subject prefix - only for actions of type "email" |
mobile | Mobile phone number - only for actions of type "sms" |
script | Script to execute - only for actions of type "script" |
For conditions, each condition is a JSON object within the conditions array in an Alert Action
Key | Description |
---|---|
type | Type of alert to match, one of:
|
subject | Pattern matching certificate Subject |
issuer | Pattern matching certificate Issuer |
destination | Pattern matching gateway destination name |
gateway | Pattern matching gateway name |
host | Pattern matching hostname |
port | Port number |
script | Script to execute to decide if this condition matches |
Configuration - Properties
In order to be able to send emails / SMS messages, some configuration is required - this configuration must be set for the Ceptor Configuration Server which processes the alert actions defined.
Example configuration:
Code Block |
---|
<group name="alerts" description="Alert actions related configuration">
<property name="mail.from" value="" description=""/>
<property name="mail.replyto" value="" description=""/>
<property name="mail.smtp.host" value="" description=""/>
<property name="mail.smtp.password" value="" description=""/>
<property name="mail.smtp.port" value="25" description=""/>
<property name="mail.smtp.protocol" value="smtps" description=""/>
<property name="mail.smtp.user" value="" description=""/>
<property name="sms.apikey" value="" description="For CPSMS, if present, sms.password is not used"/>
<property name="sms.appnr" value="1231" description="For unwire, specify from phone number"/>
<property name="sms.flashsms" value="false" description="If true, SMS is sent as flash SMS"/>
<property name="sms.from" value="Ceptor" description="Max 11 characters from name or number"/>
<property name="sms.httpProxyHost" value="" description="HTTP Proxy Server"/>
<property name="sms.httpProxyPassword" value="" description="HTTP Proxy Password for proxy authentication"/>
<property name="sms.httpProxyPort" value="8080" description="HTTP Proxy Port"/>
<property name="sms.httpProxyUser" value="" description="HTTP Proxy Userid to use for authentication"/>
<property name="sms.mediacode" value="" description="For unwire, specify mediacode"/>
<property name="sms.password" value="" description="Password for SMS gateway"/>
<property name="sms.provider" value="cpsms" description="cpsms or unwire depending on which SMS provider to use (locallogging for logging codes to log file)"/>
<property name="sms.smsc" value="dk.tdc" description="For unwire, specify operator to use"/>
<property name="sms.username" value="portalprotect" description="Username for SMS gateway"/>
<property name="sms.verifysslhostname" value="true" description="Set to false to turn off hostname verification"/>
<property name="sms.verifysslservercert" value="true" description="Set to false to turn SSL server certificate validation"/>
</group> |
The following properties exists for sending alerts via Email:
Name | Default | Description |
---|---|---|
mail.smtp.host | Hostname of SMTP server | |
mail.smtp.protocol | smtps | Email protocol, should be smtp or smtps |
mail.smtp.port | 25 | Port number of SMTP server |
mail.smtp.user | Userid for authenticating to SMTP server | |
mail.smtp.password | Password for SMTP Server - see Encrypting or Obfuscating Passwords for info on encrypting it | |
mail.from | Sender of the email | |
mail.replyto | If present, the reply-to email header is set to this. |
And the following properties exists for sending alerts via SMS:
Name | Default | Description |
---|---|---|
sms.httpProxyHost | HTTP Proxy hostname | |
sms.httpProxyPort | HTTP Proxy port | |
sms.httpProxyUser | HTTP Proxy username | |
sms.httpProxyPassword | HTTP Proxy password | |
sms.from | Ceptor | Name of Sender - shows up as SMS sender |
sms.flashsms | false | True if SMS should be sent as flash SMS - flash SMS's are not saved in the history, and shown as popup. |
sms.verifysslhostname | true | Set to false to turn off hostname validation of SMS server |
sms.verifysslservercert | true | Set to false to turn off SSL certificate validation when calling the SMS server |
sms.provider | cpsms | Name of SMS Provider, either cpsms or unwire |
When SMS Provider is cpsms | ||
sms.server | https://www.cpsms.dk | Server to use when sending SMS |
sms.username | Username from CPSMS | |
sms.password | Password | |
sms.apikey | API Key - if specified, the API Key is used instead of password when authenticating to the SMS provider. | |
When SMS provider is unwire | ||
sms.server | https://gw.unwire.com | Unwire gateway Server URL. |
sms.username | Userid for unwire account | |
sms.password | Password for unwire account | |
sms.smsc | dk.tcp | SMSC - contact unwire for info |
sms.appnr | 1231 | Number to send via - contact unwire for info |
sms.mediacode | Optional mediacode - contact unwire for info |
Alerts - JSON Structure
Each Alert has its own JSON Structure
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
{
"type": "server_up",
"id": "63ba3e15-0275-4c8b-aa0f-b2340873cc1e",
"title": "Server api.worldbank.org:80 up",
"message": "Server worldbank_sandbox (api.worldbank.org@api.worldbank.org:80) is back up after 42 minutes",
"gateway": "gateway1",
"destination": "worldbank_sandbox",
"host": "api.worldbank.org",
"port": 80,
"duration": 2520512
} |
This is a list of the keys / attributes that the alert can contain:
Key | Description |
---|---|
type | Type of alert, one of:
|
id | Unique ID of this alert |
title | Alert title |
message | Message body |
source | For Certificates, the source, e.g. name of keystore or file it was loaded from. |
owner | For Certificates, the name of the module that loaded the certificate, e.g. "sessionctrl1" |
purpose | Purpose of the certificate, e.g. SAML Signing or JWT Validation |
certificate | X.509 Base64 encoded version of the certificate |
gateway | Gateway name |
destination | Destination name |
host | Hostname |
port | Port number |