Alerts Configuration
Configuration - JSON Structure
Alerts are stored as JSON configuration, in Ceptor's configuration as a property named "alerts_JSON_" in the abstract server configuration named "alerts" (the Ceptor Console will create it for you if it does not already exists - but if you need to change it using APIs, you need to know the naming).
Example alert actions
{"actions": [
{
"name": "Log the alert",
"type": "log",
"conditions": [],
"level": "WARN"
},
{
"name": "Alert Administrator",
"type": "sms",
"conditions": [],
"mobile": "+4526164023"
},
{
"name": "Send email to admin",
"type": "email",
"conditions": [],
"email": "kr@asseco.dk",
"email.prefix": "[Alert !!!]"
},
{
"name": "Create an action",
"type": "log",
"conditions": [{
"name": "Only server down",
"type": "server_down"
}],
"logger": "alerts",
"level": "ERROR"
},
{
"name": "Run a script",
"type": "script",
"conditions": [],
"script": "%{script}//\r\n// Example javascript that simply writes both the configuration and alerts to stdout\r\n//\r\n\r\nprint(context.configuration);\r\nprint(context.alert.getType());\r\nprint(context.alert.getID());\r\nprint(context.alert.getTitle() + ' - ' + context.alert.getMessage());\r\nprint(context.alert.toJSONString());"
}
]}
The "alerts_JSON_" property contains a JSON array called "actions", and each action looks like this:
| Key | Description |
|---|---|
| name | Name of the Alert Action |
| type | Type of action, must be one of:
|
| conditions | JSON Array of conditions - if empty, no conditions are defined, meaning Alert Action matches all alerts. |
| logger | Name of logger to log message to - only for actions of type "log" |
| level | Logger Level, either TRACE, DEBUG, INFO, WARN or ERROR - only for actions of type "log" |
| Email address - only for actions of type "email" | |
| email.prefix | Email subject prefix - only for actions of type "email" |
| mobile | Mobile phone number - only for actions of type "sms" |
| script | Script to execute - only for actions of type "script" |
For conditions, each condition is a JSON object within the conditions array in an Alert Action
| Key | Description |
|---|---|
| type | Type of alert to match, one of:
|
| subject | Pattern matching certificate Subject |
| issuer | Pattern matching certificate Issuer |
| destination | Pattern matching gateway destination name |
| gateway | Pattern matching gateway name |
| host | Pattern matching hostname |
| port | Port number |
| script | Script to execute to decide if this condition matches |
Configuration - Properties
In order to be able to send emails / SMS messages, some configuration is required - this configuration must be set for the Ceptor Configuration Server which processes the alert actions defined.
Example configuration:
<group name="alerts" description="Alert actions related configuration"> <property name="mail.from" value="" description=""/> <property name="mail.replyto" value="" description=""/> <property name="mail.smtp.host" value="" description=""/> <property name="mail.smtp.password" value="" description=""/> <property name="mail.smtp.port" value="25" description=""/> <property name="mail.smtp.protocol" value="smtps" description=""/> <property name="mail.smtp.user" value="" description=""/> <property name="sms.apikey" value="" description="For CPSMS, if present, sms.password is not used"/> <property name="sms.appnr" value="1231" description="For unwire, specify from phone number"/> <property name="sms.flashsms" value="false" description="If true, SMS is sent as flash SMS"/> <property name="sms.from" value="Ceptor" description="Max 11 characters from name or number"/> <property name="sms.httpProxyHost" value="" description="HTTP Proxy Server"/> <property name="sms.httpProxyPassword" value="" description="HTTP Proxy Password for proxy authentication"/> <property name="sms.httpProxyPort" value="8080" description="HTTP Proxy Port"/> <property name="sms.httpProxyUser" value="" description="HTTP Proxy Userid to use for authentication"/> <property name="sms.mediacode" value="" description="For unwire, specify mediacode"/> <property name="sms.password" value="" description="Password for SMS gateway"/> <property name="sms.provider" value="cpsms" description="cpsms or unwire depending on which SMS provider to use (locallogging for logging codes to log file)"/> <property name="sms.smsc" value="dk.tdc" description="For unwire, specify operator to use"/> <property name="sms.username" value="portalprotect" description="Username for SMS gateway"/> <property name="sms.verifysslhostname" value="true" description="Set to false to turn off hostname verification"/> <property name="sms.verifysslservercert" value="true" description="Set to false to turn SSL server certificate validation"/> </group>
The following properties exists for sending alerts via Email:
| Name | Default | Description |
|---|---|---|
| mail.smtp.host | Hostname of SMTP server | |
| mail.smtp.protocol | smtps | Email protocol, should be smtp or smtps |
| mail.smtp.port | 25 | Port number of SMTP server |
| mail.smtp.user | Userid for authenticating to SMTP server | |
| mail.smtp.password | Password for SMTP Server - see Encrypting or Obfuscating Passwords for info on encrypting it | |
| mail.from | Sender of the email | |
| mail.replyto | If present, the reply-to email header is set to this. |
And the following properties exists for sending alerts via SMS:
| Name | Default | Description |
|---|---|---|
| sms.httpProxyHost | HTTP Proxy hostname | |
| sms.httpProxyPort | HTTP Proxy port | |
| sms.httpProxyUser | HTTP Proxy username | |
| sms.httpProxyPassword | HTTP Proxy password | |
| sms.from | Ceptor | Name of Sender - shows up as SMS sender |
| sms.flashsms | false | True if SMS should be sent as flash SMS - flash SMS's are not saved in the history, and shown as popup. |
| sms.verifysslhostname | true | Set to false to turn off hostname validation of SMS server |
| sms.verifysslservercert | true | Set to false to turn off SSL certificate validation when calling the SMS server |
| sms.provider | cpsms | Name of SMS Provider, either cpsms or unwire |
| When SMS Provider is cpsms | ||
| sms.server | https://www.cpsms.dk | Server to use when sending SMS |
| sms.username | Username from CPSMS | |
| sms.password | Password | |
| sms.apikey | API Key - if specified, the API Key is used instead of password when authenticating to the SMS provider. | |
| When SMS provider is unwire | ||
| sms.server | https://gw.unwire.com | Unwire gateway Server URL. |
| sms.username | Userid for unwire account | |
| sms.password | Password for unwire account | |
| sms.smsc | dk.tcp | SMSC - contact unwire for info |
| sms.appnr | 1231 | Number to send via - contact unwire for info |
| sms.mediacode | Optional mediacode - contact unwire for info | |
Alerts - JSON Structure
Each Alert has its own JSON Structure
Example Alert
{
"type": "server_up",
"id": "63ba3e15-0275-4c8b-aa0f-b2340873cc1e",
"title": "Server api.worldbank.org:80 up",
"message": "Server worldbank_sandbox (api.worldbank.org@api.worldbank.org:80) is back up after 42 minutes",
"gateway": "gateway1",
"destination": "worldbank_sandbox",
"host": "api.worldbank.org",
"port": 80,
"duration": 2520512
}
This is a list of the keys / attributes that the alert can contain:
| Key | Description |
|---|---|
| type | Type of alert, one of:
|
| id | Unique ID of this alert |
| title | Alert title |
| message | Message body |
| source | For Certificates, the source, e.g. name of keystore or file it was loaded from. |
| owner | For Certificates, the name of the module that loaded the certificate, e.g. "sessionctrl1" |
| purpose | Purpose of the certificate, e.g. SAML Signing or JWT Validation |
| certificate | X.509 Base64 encoded version of the certificate |
| gateway | Gateway name |
| destination | Destination name |
| host | Hostname |
| port | Port number |
© Ceptor ApS. All Rights Reserved.