Class: Smplkit::Management::ForwardersNamespace

Inherits:
Object
  • Object
show all
Defined in:
lib/smplkit/management/audit.rb

Overview

mgmt.audit.forwarders.* — manage the customer’s configured SIEM forwarders.

The active-record entry point is #new_forwarder: instantiate a draft, mutate fields, then call Audit::Forwarder#save. The namespace exposes #list, #get, and #delete directly; the _create_forwarder / _update_forwarder helpers are private and invoked by Audit::Forwarder#save.

Instance Method Summary collapse

Constructor Details

#initialize(api) ⇒ ForwardersNamespace

Returns a new instance of ForwardersNamespace.



30
31
32
 
# File 'lib/smplkit/management/audit.rb', line 30

def initialize(api)
  @api = api
end

Instance Method Details

#_create_forwarder(forwarder) ⇒ Object 



120
121
122
123
 
# File 'lib/smplkit/management/audit.rb', line 120

def _create_forwarder(forwarder)
  resp = Smplkit::Audit.call_api { @api.create_forwarder(build_body(forwarder)) }
  Smplkit::Audit::Forwarder.from_resource(resp.data, client: self)
end

#_update_forwarder(forwarder) ⇒ Object

Header values must be re-supplied as plaintext; the GET path redacts them, so a PUT body containing “<redacted>” would persist that literal. Track real header values client-side and round-trip them.

Raises:

  • (ArgumentError) 


132
133
134
135
136
137
 
# File 'lib/smplkit/management/audit.rb', line 132

def _update_forwarder(forwarder)
  raise ArgumentError, "cannot update a Forwarder with no id" if forwarder.id.nil?

  resp = Smplkit::Audit.call_api { @api.update_forwarder(forwarder.id, build_body(forwarder)) }
  Smplkit::Audit::Forwarder.from_resource(resp.data, client: self)
end

#delete(forwarder_id) ⇒ nil

Soft-delete a forwarder.

Parameters:

  • forwarder_id (String)

Returns:

  • (nil) 


113
114
115
116
 
# File 'lib/smplkit/management/audit.rb', line 113

def delete(forwarder_id)
  Smplkit::Audit.call_api { @api.delete_forwarder(forwarder_id) }
  nil
end

#get(forwarder_id) ⇒ Smplkit::Audit::Forwarder

Fetch a single forwarder by id. The returned instance is bound to this namespace, so forwarder.save and forwarder.delete work.

Parameters:

  • forwarder_id (String)

Returns:



104
105
106
107
 
# File 'lib/smplkit/management/audit.rb', line 104

def get(forwarder_id)
  resp = Smplkit::Audit.call_api { @api.get_forwarder(forwarder_id) }
  Smplkit::Audit::Forwarder.from_resource(resp.data, client: self)
end

#list(forwarder_type: nil, enabled: nil, page_number: nil, page_size: nil, meta_total: nil) ⇒ ForwarderListPage

List forwarders for the authenticated account.

Offset paginated per ADR-014: pass page_number (1-based) and page_size (default 1000, max 1000). Pass meta_total: true to populate total and total_pages in the returned pagination block (costs an extra COUNT query server-side).

Returns:



84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/smplkit/management/audit.rb', line 84

def list(forwarder_type: nil, enabled: nil, page_number: nil, page_size: nil, meta_total: nil)
  opts = {}
  opts[:filter_forwarder_type] = Smplkit::Audit::ForwarderType.coerce(forwarder_type) if forwarder_type
  opts[:filter_enabled] = enabled unless enabled.nil?
  opts[:page_number] = page_number if page_number
  opts[:page_size] = page_size if page_size
  opts[:meta_total] = meta_total unless meta_total.nil?

  resp = Smplkit::Audit.call_api { @api.list_forwarders(opts) }
  forwarders = (resp.data || []).map do |r|
    Smplkit::Audit::Forwarder.from_resource(r, client: self)
  end
  ForwarderListPage.new(forwarders, Smplkit::Audit.extract_pagination(resp.meta))
end

#new_forwarder(name:, forwarder_type:, configuration:, enabled: true, description: nil, filter: nil, transform: nil, transform_type: nil) ⇒ Smplkit::Audit::Forwarder

Construct an unsaved Audit::Forwarder bound to this namespace. Call #save on the returned instance to persist.

Parameters:

  • name (String)

    Display name.

  • forwarder_type (String)

    One of Audit::ForwarderType::VALUES.

  • configuration (Smplkit::Audit::HttpConfiguration)

    Destination request configuration. Headers carry credentials and are encrypted at rest server-side; reads return them redacted.

  • enabled (Boolean) (defaults to: true)

    Whether the forwarder is active. Defaults true.

  • description (String, nil) (defaults to: nil)

    Optional free-text description.

  • filter (Hash, nil) (defaults to: nil)

    Optional JSON Logic filter; events that don’t match are recorded as filtered_out deliveries.

  • transform (Object, nil) (defaults to: nil)

    Optional template applied to each event before delivery. Free-form by default — the audit service passes the value verbatim to the engine named by transform_type. Must be paired with a non-nil transform_type; when transform_type is TransformType::JSONATA, transform must be a String (the JSONata expression).

  • transform_type (String, nil) (defaults to: nil)

    Engine that evaluates transform —one of Audit::TransformType::VALUES. Must be paired with a non-nil transform.

Returns:

Raises:

  • (ArgumentError)

    when transform and transform_type are not both nil or both set, or when transform_type is JSONATA and transform is not a String.



59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
# File 'lib/smplkit/management/audit.rb', line 59

def new_forwarder(name:, forwarder_type:, configuration:,
                  enabled: true, description: nil,
                  filter: nil, transform: nil, transform_type: nil)
  Smplkit::Audit::Forwarder.send(:validate_transform_pair!, transform, transform_type)
  Smplkit::Audit::Forwarder.new(
    self,
    name: name,
    forwarder_type: forwarder_type,
    configuration: configuration,
    enabled: enabled,
    description: description,
    filter: filter,
    transform: transform,
    transform_type: transform_type
  )
end