eagle-security/eagle-security-hive/src/main/resources/sample-data-create.script - eagle - Git at Google

 # Licensed to the Apache Software Foundation (ASF) under one or more
 # contributor license agreements.  See the NOTICE file distributed with
 # this work for additional information regarding copyright ownership.
 # The ASF licenses this file to You under the Apache License, Version 2.0
 # (the "License"); you may not use this file except in compliance with
 # the License.  You may obtain a copy of the License at
 #
 #    http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 ##### create table:  hive resource sensitivity metadata to define what type of sensitivity one hive resource contains
 create 'hiveResourceSensitivity', {NAME => 'f', VERSIONS => '3', BLOOMFILTER => 'ROW', COMPRESSION => 'SNAPPY'}

 ##### create hive resource sensitivity data
 ##### POST
 http://localhost:38080/eagle-service/rest/entities?serviceName=HiveResourceSensitivityService
 [
  {
   "prefix": "hiveResourceSensitivity",
   "tags":{
      "hiveResource" : "xademo.customer_details.phone_number"
   },
    "sensitivityType" : "PHONE_NUMBER"
  }
 ]


 #### create hive alert definitions
 #### POST
 http://localhost:38080/eagle-service/rest/entities?serviceName=AlertDefinitionService
 [
  {
   "prefix": "alertdef",
   "tags":{
      "site" : "sandbox",
      "dataSource" : "hiveQueryLog",
      "alertExecutorId" : "hiveAccessAlertByJobHistory",
      "policyId" : "accessSensitiveResource",
      "policyType" : "siddhiCEPEngine"
   },
   "desc": "alert when some users access sensitive hive resource",
   "policyDef": "{\"type\":\"siddhiCEPEngine\",\"expression\":\"from hiveAccessLogStream[user=='user1' and sensitivityType=='PHONE_NUMBER'] select user, timestamp, resource, sensitivityType insert into outputStream ;\",\"alertContext\":{\"description\":\"access hive sensitive resource\"}}",
   "dedupeDef": "",
   "notificationDef": "",
   "remediationDef": "",
   "enabled": true
  }
 ]
	# Licensed to the Apache Software Foundation (ASF) under one or more
	# contributor license agreements. See the NOTICE file distributed with
	# this work for additional information regarding copyright ownership.
	# The ASF licenses this file to You under the Apache License, Version 2.0
	# (the "License"); you may not use this file except in compliance with
	# the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	##### create table: hive resource sensitivity metadata to define what type of sensitivity one hive resource contains
	create 'hiveResourceSensitivity', {NAME => 'f', VERSIONS => '3', BLOOMFILTER => 'ROW', COMPRESSION => 'SNAPPY'}

	##### create hive resource sensitivity data
	##### POST
	http://localhost:38080/eagle-service/rest/entities?serviceName=HiveResourceSensitivityService
	[
	{
	"prefix": "hiveResourceSensitivity",
	"tags":{
	"hiveResource" : "xademo.customer_details.phone_number"
	},
	"sensitivityType" : "PHONE_NUMBER"
	}
	]


	#### create hive alert definitions
	#### POST
	http://localhost:38080/eagle-service/rest/entities?serviceName=AlertDefinitionService
	[
	{
	"prefix": "alertdef",
	"tags":{
	"site" : "sandbox",
	"dataSource" : "hiveQueryLog",
	"alertExecutorId" : "hiveAccessAlertByJobHistory",
	"policyId" : "accessSensitiveResource",
	"policyType" : "siddhiCEPEngine"
	},
	"desc": "alert when some users access sensitive hive resource",
	"policyDef": "{\"type\":\"siddhiCEPEngine\",\"expression\":\"from hiveAccessLogStream[user=='user1' and sensitivityType=='PHONE_NUMBER'] select user, timestamp, resource, sensitivityType insert into outputStream ;\",\"alertContext\":{\"description\":\"access hive sensitive resource\"}}",
	"dedupeDef": "",
	"notificationDef": "",
	"remediationDef": "",
	"enabled": true
	}
	]