cloudtrail: Added errorCode

[hamstah]

Hi,
I've run into issues trying this with graylog 3.1.2.

I get the SNAPSHOT.jar to build but when I load it into graylog the input is disabled.
I might be building it wrong, I had to hack around with webpack due to vendor manifests missing in graylog-web-interface.

mvn package worked but I couldn't do a release without having to do a release of the server one.

If you have suggestions on how to debug what the issue is I can confirm this works as expected.

Thanks

[CLAassistant]

All committers have signed the CLA.

[danotorrey]

@hamstah Can you please provide more information about how the input is appearing disabled (eg. greyed out, or not showing up).

To build Graylog, you will need a full checkout of the Graylog server sources including the following two directories:

/graylog-project
/graylog-project-repos <- All server and plugin sources will be within these two directories.

You will need the graylog-project cli binary installed (https://github.com/Graylog2/graylog-project). You can follow the bootstrap instructions to check out and initialize all sources (including the AWS plugin). Once this is done, you can run mvn clean package -Dmaven.javadoc.skip=true -DskipTests in the graylog-project directory to build all project jars.

Please let me know if you hit any issues.

[danotorrey]

Thanks for the change you made in this PR. We appreciate the contribution. It definitely fixes the missing errorCode issue.

Could you please also add a unit test for this PR? I would like the test to verify that a CloudTrail message with and without the errorCode field is parsed correctly (based on some samples).

Something like this would work (with some added assertions):

package org.graylog.aws.inputs.cloudtrail;

import org.graylog2.plugin.Message;
import org.graylog2.plugin.configuration.Configuration;
import org.graylog2.plugin.journal.RawMessage;
import org.graylog2.shared.bindings.providers.ObjectMapperProvider;
import org.junit.Assert;
import org.junit.Test;

public class CloudTrailCodecTest {

    @Test
    public void testCodec() {

        final CloudTrailCodec codec = new CloudTrailCodec(Configuration.EMPTY_CONFIGURATION,
                                                          new ObjectMapperProvider().get());

        // Decode message with error code
        final RawMessage rawMessage = new RawMessage(("{\n" +
                                                      "    \"eventVersion\": \"1.0\",\n" +
                                                      "    \"userIdentity\": {\n" +
                                                      "        \"type\": \"IAMUser\",\n" +
                                                      "        \"principalId\": \"EX_PRINCIPAL_ID\",\n" +
                                                      "        \"arn\": \"arn:aws:iam::123456789012:user/Alice\",\n" +
                                                      "        \"accountId\": \"123456789012\",\n" +
                                                      "        \"accessKeyId\": \"EXAMPLE_KEY_ID\",\n" +
                                                      "        \"userName\": \"Alice\"\n" +
                                                      "    },\n" +
                                                      "    \"eventTime\": \"2014-03-24T21:11:59Z\",\n" +
                                                      "    \"eventSource\": \"iam.amazonaws.com\",\n" +
                                                      "    \"eventName\": \"CreateUser\",\n" +
                                                      "    \"awsRegion\": \"us-east-2\",\n" +
                                                      "    \"sourceIPAddress\": \"127.0.0.1\",\n" +
                                                      "    \"userAgent\": \"aws-cli/1.3.2 Python/2.7.5 Windows/7\",\n" +
                                                      "    \"requestParameters\": {\"userName\": \"Bob\"},\n" +
                                                      "    \"responseElements\": {\"user\": {\n" +
                                                      "        \"createDate\": \"Mar 24, 2014 9:11:59 PM\",\n" +
                                                      "        \"userName\": \"Bob\",\n" +
                                                      "        \"arn\": \"arn:aws:iam::123456789012:user/Bob\",\n" +
                                                      "        \"path\": \"/\",\n" +
                                                      "        \"userId\": \"EXAMPLEUSERID\"\n" +
                                                      "    }}\n" +
                                                      "}").getBytes());
        final Message message = codec.decode(rawMessage);
        // TODO: Some assertions to verify message contents (and error code)

        final RawMessage noErrorRawMessage = new RawMessage(("{\n" +
                                                          "  \"eventVersion\": \"1.04\",\n" +
                                                          "  \"userIdentity\": {\n" +
                                                          "    \"type\": \"IAMUser\",\n" +
                                                          "    \"principalId\": \"EX_PRINCIPAL_ID\",\n" +
                                                          "    \"arn\": \"arn:aws:iam::123456789012:user/Alice\",\n" +
                                                          "    \"accountId\": \"123456789012\",\n" +
                                                          "    \"accessKeyId\": \"EXAMPLE_KEY_ID\",\n" +
                                                          "    \"userName\": \"Alice\"\n" +
                                                          "  },\n" +
                                                          "  \"eventTime\": \"2016-07-14T19:15:45Z\",\n" +
                                                          "  \"eventSource\": \"cloudtrail.amazonaws.com\",\n" +
                                                          "  \"eventName\": \"UpdateTrail\",\n" +
                                                          "  \"awsRegion\": \"us-east-2\",\n" +
                                                          "  \"sourceIPAddress\": \"205.251.233.182\",\n" +
                                                          "  \"userAgent\": \"aws-cli/1.10.32 Python/2.7.9 Windows/7 botocore/1.4.22\",\n" +
                                                          "  \"requestParameters\": {\n" +
                                                          "    \"name\": \"myTrail2\"\n" +
                                                          "  },\n" +
                                                          "  \"responseElements\": null,\n" +
                                                          "  \"requestID\": \"5d40662a-49f7-11e6-97e4-d9cb6ff7d6a3\",\n" +
                                                          "  \"eventID\": \"b7d4398e-b2f0-4faa-9c76-e2d316a8d67f\",\n" +
                                                          "  \"eventType\": \"AwsApiCall\",\n" +
                                                          "  \"recipientAccountId\": \"123456789012\"\n" +
                                                          "}").getBytes());
        final Message noErrorMessage = codec.decode(noErrorRawMessage);
        // TODO: Some assertions to verify message contents
    }
}