Normalized (secops-beam 0.19.2 API)

java.lang.Object
- com.mozilla.secops.parser.Normalized

All Implemented Interfaces:

Serializable
```
public class Normalized
extends Object
implements Serializable
```
Normalized event data

See Also:

Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`static class`	`Normalized.StatusTag` Status tags is used to track processing state, for example if an event needs additional analysis after the parsing step
`static class`	`Normalized.Type` Normalized event types

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`addStatusTag(Normalized.StatusTag st)` Add a StatusTag to a normalized event
`void`	`addType(Normalized.Type t)` Add a type flag to normalized type
`Integer`	`eventIntegerValue(EventFilterPayload.IntegerProperty property)` Return a given normalized payload field based on the supplied field identifier
`String`	`eventStringValue(EventFilterPayload.StringProperty property)` Return a given normalized payload field based on the supplied field identifier
`String`	`getObject()` Get object field
`String`	`getReferenceID()` Get the reference ID (identifier from the event source)
`String`	`getRequestMethod()` Get request method field
`Integer`	`getRequestStatus()` Get request status
`String`	`getRequestUrl()` Get request URL field
`String`	`getSourceAddress()` Get source address field
`Integer`	`getSourceAddressAsn()` Get source address ASN
`String`	`getSourceAddressAsOrg()` Get source address AS organization
`String`	`getSourceAddressCity()` Get source address city field
`String`	`getSourceAddressCountry()` Get source address country field
`Boolean`	`getSourceAddressIsAnonymous()` Get source address isanonymous
`Boolean`	`getSourceAddressIsAnonymousVpn()` Get source address isanonymousvpn
`Boolean`	`getSourceAddressIsHostingProvider()` Get source address ishostingprovider
`Boolean`	`getSourceAddressIsLegitimateProxy()` Get source address islegitimateproxy
`String`	`getSourceAddressIsp()` Get source address ISP
`Boolean`	`getSourceAddressIsPublicProxy()` Get source address ispublicproxy
`Boolean`	`getSourceAddressIsTorExitNode()` Get source address istorexitnode
`Double`	`getSourceAddressLatitude()` Get source address latitude
`Double`	`getSourceAddressLongitude()` Get source address longitude
`Double`	`getSourceAddressRiskScore()` Get source address risks core from minfraud
`String`	`getSourceAddressTimeZone()` Get source address time zone field
`String`	`getSubjectUser()` Get subject user field
`String`	`getSubjectUserIdentity()` Get subject user identity field
`String`	`getUrlRequestHost()` Get extracted URL request host component
`String`	`getUrlRequestPath()` Get extracted URL request path field
`String`	`getUserAgent()` Get user agent
`Boolean`	`hasStatusTag(Normalized.StatusTag st)` Test if normalized event has a given StatusTag
`boolean`	`insightsEnrichment(Minfraud mf)` Include details from Minfraud Insights into Normalized
`Boolean`	`isOfType(Normalized.Type t)` Test if normalized event is of a given type
`void`	`setObject(String object)` Set object field
`void`	`setReferenceID(String referenceID)`
`void`	`setRequestMethod(String requestMethod)` Set request method field
`void`	`setRequestStatus(Integer requestStatus)` Set request status
`void`	`setRequestUrl(String requestUrl)` Set request URL field
`void`	`setSourceAddress(String addr)` Set source address field
`void`	`setSourceAddress(String addr, com.mozilla.secops.parser.ParserState state)` Set source address field
`void`	`setStatusTag(Normalized.StatusTag st)` Set normalized status tag
`void`	`setSubjectUser(String user)` Set subject user field
`void`	`setSubjectUserIdentity(String subjectUserIdentity)` Set subject user identity field
`void`	`setType(Normalized.Type t)` Set normalized data type
`void`	`setUrlRequestHost(String urlRequestHost)` Set extracted URL request host field
`void`	`setUrlRequestPath(String urlRequestPath)` Set extracted URL request path field
`void`	`setUserAgent(String userAgent)` Set user agent

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - eventStringValue
```
public String eventStringValue(EventFilterPayload.StringProperty property)
```
    Return a given normalized payload field based on the supplied field identifier
    
    Parameters:
    
    property - EventFilterPayload.StringProperty
    
    Returns:
    
    String value or null
  - eventIntegerValue
```
public Integer eventIntegerValue(EventFilterPayload.IntegerProperty property)
```
    Return a given normalized payload field based on the supplied field identifier
    
    Parameters:
    
    property - EventFilterPayload.IntegerProperty
    
    Returns:
    
    Integer value or null
  - isOfType
```
public Boolean isOfType(Normalized.Type t)
```
    Test if normalized event is of a given type
    
    Parameters:
    
    t - Normalized.Type
    
    Returns:
    
    True if type is set in normalized data fields
  - addType
```
public void addType(Normalized.Type t)
```
    Add a type flag to normalized type
    
    Parameters:
    
    t - Normalized.Type
  - setType
```
public void setType(Normalized.Type t)
```
    Set normalized data type
    
    Parameters:
    
    t - Normalized.Type
  - hasStatusTag
```
public Boolean hasStatusTag(Normalized.StatusTag st)
```
    Test if normalized event has a given StatusTag
    
    Parameters:
    
    st - Normalized.StatusTag
    
    Returns:
    
    True if tag is set for this event
  - addStatusTag
```
public void addStatusTag(Normalized.StatusTag st)
```
    Add a StatusTag to a normalized event
    
    Parameters:
    
    st - Normalized.StatusTag
  - setStatusTag
```
public void setStatusTag(Normalized.StatusTag st)
```
    Set normalized status tag
    
    Parameters:
    
    st - Normalized.StatusTag
  - setSubjectUser
```
public void setSubjectUser(String user)
```
    Set subject user field
    
    Parameters:
    
    user - Username
  - setSourceAddress
```
public void setSourceAddress(String addr,
                             com.mozilla.secops.parser.ParserState state)
```
    Set source address field
    
    Parameters:
    
    addr - Source address
    
    state - Parser state
  - setSourceAddress
```
public void setSourceAddress(String addr)
```
    Set source address field
    
    Parameters:
    
    addr - Source address
  - setObject
```
public void setObject(String object)
```
    Set object field
    
    Parameters:
    
    object - Object being authenticated to
  - getSubjectUser
```
public String getSubjectUser()
```
    Get subject user field
    
    Returns:
    
    Username
  - getSubjectUserIdentity
```
public String getSubjectUserIdentity()
```
    Get subject user identity field
    
    Returns:
    
    Subject user identity
  - setSubjectUserIdentity
```
public void setSubjectUserIdentity(String subjectUserIdentity)
```
    Set subject user identity field
    
    Parameters:
    
    subjectUserIdentity - Resolved identity value
  - getSourceAddress
```
public String getSourceAddress()
```
    Get source address field
    
    Returns:
    
    Source address
  - getObject
```
public String getObject()
```
    Get object field
    
    Returns:
    
    Object string
  - getSourceAddressCity
```
public String getSourceAddressCity()
```
    Get source address city field
    
    Returns:
    
    Source address city string
  - getSourceAddressCountry
```
public String getSourceAddressCountry()
```
    Get source address country field
    
    Returns:
    
    Source address country string
  - getSourceAddressTimeZone
```
public String getSourceAddressTimeZone()
```
    Get source address time zone field
    
    Returns:
    
    Source address time zone, or null if not present
  - getSourceAddressLatitude
```
public Double getSourceAddressLatitude()
```
    Get source address latitude
    
    Returns:
    
    Source address latitude
  - getSourceAddressLongitude
```
public Double getSourceAddressLongitude()
```
    Get source address longitude
    
    Returns:
    
    Source address longitude
  - getSourceAddressIsp
```
public String getSourceAddressIsp()
```
    Get source address ISP
    
    Returns:
    
    ISP string or null if unset
  - getSourceAddressAsn
```
public Integer getSourceAddressAsn()
```
    Get source address ASN
    
    Returns:
    
    ASN integer or null if unset
  - getSourceAddressAsOrg
```
public String getSourceAddressAsOrg()
```
    Get source address AS organization
    
    Returns:
    
    AS organization string or null if unset
  - getSourceAddressRiskScore
```
public Double getSourceAddressRiskScore()
```
    Get source address risks core from minfraud
    
    Returns:
    
    Source address risk score
  - getSourceAddressIsAnonymous
```
public Boolean getSourceAddressIsAnonymous()
```
    Get source address isanonymous
    
    Returns:
    
    True if source address is apart of an anonmity network
  - getSourceAddressIsAnonymousVpn
```
public Boolean getSourceAddressIsAnonymousVpn()
```
    Get source address isanonymousvpn
    
    Returns:
    
    True if source address is an anonymous vpn
  - getSourceAddressIsHostingProvider
```
public Boolean getSourceAddressIsHostingProvider()
```
    Get source address ishostingprovider
    
    Returns:
    
    True if source address is from a hosting provider
  - getSourceAddressIsLegitimateProxy
```
public Boolean getSourceAddressIsLegitimateProxy()
```
    Get source address islegitimateproxy
    
    Returns:
    
    True if source address is a legitimate proxy
  - getSourceAddressIsPublicProxy
```
public Boolean getSourceAddressIsPublicProxy()
```
    Get source address ispublicproxy
    
    Returns:
    
    True if source address is a public proxy
  - getSourceAddressIsTorExitNode
```
public Boolean getSourceAddressIsTorExitNode()
```
    Get source address istorexitnode
    
    Returns:
    
    True if source address is a tor exit node
  - getRequestMethod
```
public String getRequestMethod()
```
    Get request method field
    
    Returns:
    
    Request method string
  - setRequestMethod
```
public void setRequestMethod(String requestMethod)
```
    Set request method field
    
    Parameters:
    
    requestMethod - Request method
  - getRequestUrl
```
public String getRequestUrl()
```
    Get request URL field
    
    Returns:
    
    Request URL field
  - setRequestUrl
```
public void setRequestUrl(String requestUrl)
```
    Set request URL field
    
    Parameters:
    
    requestUrl - Request URL
  - getUrlRequestPath
```
public String getUrlRequestPath()
```
    Get extracted URL request path field
    
    Returns:
    
    Request path field
  - setUrlRequestPath
```
public void setUrlRequestPath(String urlRequestPath)
```
    Set extracted URL request path field
    
    Parameters:
    
    urlRequestPath - Extracted request path
  - getUrlRequestHost
```
public String getUrlRequestHost()
```
    Get extracted URL request host component
    
    Returns:
    
    Request host field
  - setUrlRequestHost
```
public void setUrlRequestHost(String urlRequestHost)
```
    Set extracted URL request host field
    
    Parameters:
    
    urlRequestHost - Extracted request host
  - getRequestStatus
```
public Integer getRequestStatus()
```
    Get request status
    
    Returns:
    
    Request status field
  - setRequestStatus
```
public void setRequestStatus(Integer requestStatus)
```
    Set request status
    
    Parameters:
    
    requestStatus - Request status
  - getUserAgent
```
public String getUserAgent()
```
    Get user agent
    
    Returns:
    
    User agent field
  - setUserAgent
```
public void setUserAgent(String userAgent)
```
    Set user agent
    
    Parameters:
    
    userAgent - User agent
  - getReferenceID
```
public String getReferenceID()
```
    Get the reference ID (identifier from the event source)
    
    Returns:
    
    ID from the original event
  - setReferenceID
```
public void setReferenceID(String referenceID)
```
  - insightsEnrichment
```
public boolean insightsEnrichment(Minfraud mf)
```
    Include details from Minfraud Insights into Normalized
    Will do nothing if sourceAddress is null
    
    Parameters:
    
    mf - Minfraud client
    
    Returns:
    
    True if enrichment was successful, false otherwise

Class Normalized

Nested Class Summary

Method Summary

Methods inherited from class java.lang.Object

Method Detail

eventStringValue

eventIntegerValue

isOfType

addType

setType

hasStatusTag

addStatusTag

setStatusTag

setSubjectUser

setSourceAddress

setSourceAddress

setObject

getSubjectUser

getSubjectUserIdentity

setSubjectUserIdentity

getSourceAddress

getObject

getSourceAddressCity

getSourceAddressCountry

getSourceAddressTimeZone

getSourceAddressLatitude

getSourceAddressLongitude

getSourceAddressIsp

getSourceAddressAsn

getSourceAddressAsOrg

getSourceAddressRiskScore

getSourceAddressIsAnonymous

getSourceAddressIsAnonymousVpn

getSourceAddressIsHostingProvider

getSourceAddressIsLegitimateProxy

getSourceAddressIsPublicProxy

getSourceAddressIsTorExitNode

getRequestMethod

setRequestMethod

getRequestUrl

setRequestUrl

getUrlRequestPath

setUrlRequestPath

getUrlRequestHost

setUrlRequestHost

getRequestStatus

setRequestStatus

getUserAgent

setUserAgent

getReferenceID

setReferenceID

insightsEnrichment