Box Elastic Events
The Box Elastic Events project is an open source data pipeline framework to pull Box Events and persist them to Elasticsearch.
Components Used
- Box Java SDK: Java bindings for Box's REST API's
- Akka.io: A Framework based on the Actor Model and is used for building high-performance, elastic, resilient, and distributed applications.
- Note that the current implementation is not using Akka's cluster implementation, but can be easily adapted to support it.
- Elasticsearch Java REST Client: Used for most GET and POST requests to Elasticsearch.
- Elasticsearch Java Transport Client: Used for managing Elasticserach Indices.
- Note that if and when the Java REST Client is enhanced to support the index admin API's, the usage of the transport client will be deprecated.
All-in-one Package Installation
Download the Package
- Download and extract the self-contained package here or run the following wget command.
wget https://github.com/kylefernandadams/box-elastic-events/releases/download/v1.0/box-elastic-events-allinone.tar.gz
tar -xvf box-elastic-events-allinone.tar.gz
Package Contents:
- box-elastic-events-1.0-jar-with-dependencies.jar
- Box Elastic Events configuration files
- Elasticsearch
- Kibana (OS X / darwin build only for now)
Create a New Box Developer Application
- Create a new application in the Box Developer Console https://app.box.com/developers/services.
- Choose the Enterprise Integration application type.
- Choose the OAuth 2.0 with JWT (Server Authentication) authentication method.
- Name your application.
- In the configuration section of your newly created application, Copy the clientId and clientSecret OAuth credentials.
- Enable the Manage enterprise properties check box.
Generate RSA Keypair
- In the terminal, change directories to the unarchived box-elastic-events directory.
cd box-elastic-events
- Run the generate_rsa_keypair.sh script in your terminal app of choice to generate the public and private keys.
- Provide a password in the terminal
./generate_rsa_keypair.sh
2017-02-16-11:50:36 - Starting RSA Keypair generation...
2017-02-16-11:50:36 - Generating private key...
Please enter a password for the RSA keypair
Enter Password:
- Copy the public_key.pem content that was printed in the console
- In the Box Developer Console, Click the Add a Public Key button
- Note that may recent a prompt to enable 2-factor authentication
- Paste the public_key.pem text into the Public Key window and click the Verify and Save button
- Copy the generated Public Key Id
Authorize Application
- In the Admin Console's App configuration authorize your new application using the clientId.
Add Application Configuration
- In the configuration/box-elastic-events.conf file, add the client.id in the box.platform section.
- Add the client.secret
- Add the enterprise.id. Note that your enterprise id can be retrieved from the Admin Console.
- Add the public.key.id
- Add the private.key.password
- Add the config.path for the configuration directory.
- Modify the lookback time value change how far back to capture enterprise events.
box {
platform {
client.id = ""
client.secret = ""
enterprise.id = ""
public.key.id = ""
private.key.file = "private_key.pem"
private.key.password = ""
max.cache.entries = 100
config.path = ""
# The lookback config is only used on initial creation of the ES index.
# If the ES index is already created, the last created_at date will be retrieved from ES.
# Use a lookback value of 0 if you would like to exclude a specific time frame such as days.
# Example: seconds = 60, minutess = 60, hours = 1, days = 0 to designate 1 hour
lookback {
seconds = 60
minutes = 60
hours = 24
days = 365
}
}
}
- In the elastic.enterprise section, modify the polling.interval value. The default value 2 minutes.
enterprise {
mapping = "enterprise-event-mapping.json"
type = "enterprise"
max.created.at = "get_last_es_doc.json"
# polling interval in minutes
polling.interval = 2
}
Startup Instructions
- Confirm Java is installed by running the following command.
java -version
- In the terminal, change directories to the unarchived box-elastic-events directory.
cd box-elastic-events
- Run the startup shell script.
./startup_allinone.sh
- Tail the log file to monitor for errors.
ls logs
tail -f logs/TYPE_CURRENT_DATE_HERE.log
Validation Steps
- Check that Elasticsearch is running by navigating to http://localhost:9200
- Check that the "box" Elasticsearch index has been properly created by navigating to http://localhost:9200/box/_settings?pretty
- Execute a search GET request by navigating to http://localhost:9200/box/_search?q=*&pretty
- CAUTION: This will return all docs contained the Elasticsearch box index. See the ES Search documentation to refine the search appropriately.
- Navigate to Kibana at the following URL: http://localhost:5601
Kibana Configuration
- Navigate to Kibana at the following URL: http://localhost:5601
- Change the default index name to box and change the Time-field name to created_at
- Switch to the Advanced Settings tab
- Filter the setting by timelion
- Change the timelion:timefield value to created_at
- Change the timelion:default_index value to box
- Switch to the Saved Objects tab
- Click import and navigate to the configuration/kibana-configuration.json file
- Navigate to the Kibana Dashboard Page and change the date/time range as needed.
Shutdown Instructions
- Run the shutdown_allinone.sh script
./shutdown_allinone.sh
How to Increase Ulimit on Mac OS X
Reference the following blog
Ulimit Shenanigans on OS X El Capitan
Disclaimer
This project is an open source extension to the Box platform and is not officially supported by Box, Inc. Use at your own risk. If you encounter any problems, please log an issue.
License
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.