diff --git a/.circleci/config.yml b/.circleci/config.yml
index e91fa9098..10aae41fc 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -11,6 +11,9 @@ jobs:
- run:
name: Spotless check
command: bin/m spotless:check
+ - run:
+ name: Javadoc (checkstyle) check
+ command: bin/m checkstyle:check
- run:
name: Generate version.json
command: bin/write_version_json.sh
diff --git a/checkstyle/checkstyle-suppressions.xml b/checkstyle/checkstyle-suppressions.xml
new file mode 100644
index 000000000..c3512f1ca
--- /dev/null
+++ b/checkstyle/checkstyle-suppressions.xml
@@ -0,0 +1,22 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/checkstyle/foxsec_checks.xml b/checkstyle/foxsec_checks.xml
new file mode 100644
index 000000000..b78713854
--- /dev/null
+++ b/checkstyle/foxsec_checks.xml
@@ -0,0 +1,51 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/pom.xml b/pom.xml
index 13a9cdac0..a9ac7a827 100644
--- a/pom.xml
+++ b/pom.xml
@@ -78,6 +78,15 @@
+
+ org.apache.maven.plugins
+ maven-checkstyle-plugin
+ 3.1.1
+
+ true
+ checkstyle/foxsec_checks.xml
+
+
diff --git a/src/main/java/com/mozilla/secops/SourceCorrelation.java b/src/main/java/com/mozilla/secops/SourceCorrelation.java
index 4fd738f84..cda2f238d 100644
--- a/src/main/java/com/mozilla/secops/SourceCorrelation.java
+++ b/src/main/java/com/mozilla/secops/SourceCorrelation.java
@@ -218,6 +218,7 @@ public SourceCorrelator(HTTPRequestToggles toggles) {
this.monitoredResource = toggles.getMonitoredResource();
}
+ /** Transform documentation for users - see {@link DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Source address alerting correlation, ISP analysis on minimum %d "
diff --git a/src/main/java/com/mozilla/secops/amo/AddonMatcher.java b/src/main/java/com/mozilla/secops/amo/AddonMatcher.java
index a34fb65b8..38edf8dae 100644
--- a/src/main/java/com/mozilla/secops/amo/AddonMatcher.java
+++ b/src/main/java/com/mozilla/secops/amo/AddonMatcher.java
@@ -45,6 +45,7 @@ public AddonMatcher(String monitoredResource, Integer suppressRecovery, String[]
this.matchCriteria = matchCriteria;
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Match abusive addon uploads using these patterns %s and generate alerts",
diff --git a/src/main/java/com/mozilla/secops/amo/AddonMultiIpLogin.java b/src/main/java/com/mozilla/secops/amo/AddonMultiIpLogin.java
index 0b6b9ea1c..eb2a4519a 100644
--- a/src/main/java/com/mozilla/secops/amo/AddonMultiIpLogin.java
+++ b/src/main/java/com/mozilla/secops/amo/AddonMultiIpLogin.java
@@ -69,6 +69,7 @@ public AddonMultiIpLogin(
this.aggMatchers = aggMatchers;
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Detect multiple account logins for the same account from different source addresses associated with different country codes. Alert on %s different countries and %s different IPs. Regex for account exceptions: %s",
diff --git a/src/main/java/com/mozilla/secops/amo/AddonMultiMatch.java b/src/main/java/com/mozilla/secops/amo/AddonMultiMatch.java
index 0f9c887e0..871ccbba6 100644
--- a/src/main/java/com/mozilla/secops/amo/AddonMultiMatch.java
+++ b/src/main/java/com/mozilla/secops/amo/AddonMultiMatch.java
@@ -49,6 +49,7 @@ public AddonMultiMatch(String monitoredResource, Integer suppressRecovery, Integ
this.matchAlertOn = matchAlertOn;
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Detect distributed AMO submissions with the same file name. Alert on %s submissions of the same file name.",
diff --git a/src/main/java/com/mozilla/secops/amo/AddonMultiSubmit.java b/src/main/java/com/mozilla/secops/amo/AddonMultiSubmit.java
index 69b631cfd..9efccdf09 100644
--- a/src/main/java/com/mozilla/secops/amo/AddonMultiSubmit.java
+++ b/src/main/java/com/mozilla/secops/amo/AddonMultiSubmit.java
@@ -48,6 +48,7 @@ public AddonMultiSubmit(
this.matchAlertOn = matchAlertOn;
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Detect distributed submissions based on file size intervals. Alert on %s submissions of the same rounded interval.",
diff --git a/src/main/java/com/mozilla/secops/amo/FxaAccountAbuseAlias.java b/src/main/java/com/mozilla/secops/amo/FxaAccountAbuseAlias.java
index b6e4c4cf0..9106a0f65 100644
--- a/src/main/java/com/mozilla/secops/amo/FxaAccountAbuseAlias.java
+++ b/src/main/java/com/mozilla/secops/amo/FxaAccountAbuseAlias.java
@@ -52,6 +52,7 @@ public FxaAccountAbuseAlias(
this.maxAliases = maxAliases;
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Alerts on aliased FxA accounts usage. A max of %s are allowed for one account in a given session.",
diff --git a/src/main/java/com/mozilla/secops/amo/FxaAccountAbuseNewVersion.java b/src/main/java/com/mozilla/secops/amo/FxaAccountAbuseNewVersion.java
index 28df96944..a0fab0d7a 100644
--- a/src/main/java/com/mozilla/secops/amo/FxaAccountAbuseNewVersion.java
+++ b/src/main/java/com/mozilla/secops/amo/FxaAccountAbuseNewVersion.java
@@ -56,6 +56,7 @@ public FxaAccountAbuseNewVersion(
this.project = project;
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Correlates AMO addon submissions with abusive FxA account creation alerts via iprepd. Also includes blacklisted accounts regex: %s",
diff --git a/src/main/java/com/mozilla/secops/amo/ReportRestriction.java b/src/main/java/com/mozilla/secops/amo/ReportRestriction.java
index 337f9b6b1..d1ed43809 100644
--- a/src/main/java/com/mozilla/secops/amo/ReportRestriction.java
+++ b/src/main/java/com/mozilla/secops/amo/ReportRestriction.java
@@ -27,6 +27,7 @@ public ReportRestriction(String monitoredResource) {
this.monitoredResource = monitoredResource;
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return "Reports on request restrictions from AMO";
}
diff --git a/src/main/java/com/mozilla/secops/authprofile/AuthProfile.java b/src/main/java/com/mozilla/secops/authprofile/AuthProfile.java
index 7b136dd7e..03c10410c 100644
--- a/src/main/java/com/mozilla/secops/authprofile/AuthProfile.java
+++ b/src/main/java/com/mozilla/secops/authprofile/AuthProfile.java
@@ -340,6 +340,7 @@ public CritObjectAnalyze(AuthProfileOptions options) {
useEventTimestampForAlert = options.getUseEventTimestampForAlert();
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Alert via %s immediately on auth events to specified objects: %s",
@@ -545,6 +546,7 @@ public StateAnalyze(AuthProfileOptions options) {
useEventTimestampForAlert = options.getUseEventTimestampForAlert();
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return "Alert if an identity (can be thought of as a user) authenticates from a new IP";
}
diff --git a/src/main/java/com/mozilla/secops/authstate/PruningStrategyEntryAge.java b/src/main/java/com/mozilla/secops/authstate/PruningStrategyEntryAge.java
index 9d6e2ead9..4fbfab0d6 100644
--- a/src/main/java/com/mozilla/secops/authstate/PruningStrategyEntryAge.java
+++ b/src/main/java/com/mozilla/secops/authstate/PruningStrategyEntryAge.java
@@ -23,6 +23,11 @@ public void setEntryAgePruningSeconds(long entryAgePruningSeconds) {
this.entryAgePruningSeconds = entryAgePruningSeconds;
}
+ /**
+ * Implementation of method of {@link PruningStrategyEntryAge}
+ *
+ * See {@link PruningStrategy}
+ */
public void pruneState(AuthStateModel s) {
Map entries = s.getEntries();
diff --git a/src/main/java/com/mozilla/secops/authstate/PruningStrategyLatest.java b/src/main/java/com/mozilla/secops/authstate/PruningStrategyLatest.java
index c987efb50..341c897ba 100644
--- a/src/main/java/com/mozilla/secops/authstate/PruningStrategyLatest.java
+++ b/src/main/java/com/mozilla/secops/authstate/PruningStrategyLatest.java
@@ -8,6 +8,11 @@
* All entries are removed from the model with the exception of the entry with the latest timestamp.
*/
public class PruningStrategyLatest implements PruningStrategy {
+ /**
+ * Implementation of method of {@link PruningStrategyLatest}
+ *
+ * See {@link PruningStrategy}
+ */
public void pruneState(AuthStateModel s) {
ArrayList> sorted =
s.timeSortedEntries();
diff --git a/src/main/java/com/mozilla/secops/awsbehavior/AwsBehavior.java b/src/main/java/com/mozilla/secops/awsbehavior/AwsBehavior.java
index 1ca5c434b..ac5ffdab6 100755
--- a/src/main/java/com/mozilla/secops/awsbehavior/AwsBehavior.java
+++ b/src/main/java/com/mozilla/secops/awsbehavior/AwsBehavior.java
@@ -79,6 +79,7 @@ public static class Matcher extends PTransform, PCollection, PCollection<
private CloudtrailMatcherManager cmmanager;
private Logger log;
+ /** Initialize new Matchers with {@link AwsBehaviorOptions} */
public Matchers(AwsBehaviorOptions options) throws IOException {
log = LoggerFactory.getLogger(Matchers.class);
cmmanagerPath = options.getCloudtrailMatcherManagerPath();
diff --git a/src/main/java/com/mozilla/secops/customs/Customs.java b/src/main/java/com/mozilla/secops/customs/Customs.java
index 2c4cb5bd7..ebd846ba6 100644
--- a/src/main/java/com/mozilla/secops/customs/Customs.java
+++ b/src/main/java/com/mozilla/secops/customs/Customs.java
@@ -103,6 +103,7 @@ public CustomsSummary(CustomsOptions options) {
monitoredResource = options.getMonitoredResourceIndicator();
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return "Summarizes various event counts over 15 minute period.";
}
diff --git a/src/main/java/com/mozilla/secops/customs/CustomsAccountCreation.java b/src/main/java/com/mozilla/secops/customs/CustomsAccountCreation.java
index 1d7182456..f56724726 100644
--- a/src/main/java/com/mozilla/secops/customs/CustomsAccountCreation.java
+++ b/src/main/java/com/mozilla/secops/customs/CustomsAccountCreation.java
@@ -45,6 +45,7 @@ public CustomsAccountCreation(CustomsOptions options) {
this.escalate = options.getEscalateAccountCreation();
}
+ /** Transform documentation for users - see {@link CustomsDocumentingTransform} */
public String getTransformDocDescription() {
return String.format(
"Alert if single source address creates %d or more accounts within 10 minute"
diff --git a/src/main/java/com/mozilla/secops/customs/CustomsAccountCreationDist.java b/src/main/java/com/mozilla/secops/customs/CustomsAccountCreationDist.java
index 30b15a056..fda2efc88 100644
--- a/src/main/java/com/mozilla/secops/customs/CustomsAccountCreationDist.java
+++ b/src/main/java/com/mozilla/secops/customs/CustomsAccountCreationDist.java
@@ -43,6 +43,7 @@ public CustomsAccountCreationDist(CustomsOptions options) {
this.escalate = options.getEscalateAccountCreationDistributed();
}
+ /** Transform documentation for users - see {@link CustomsDocumentingTransform} */
public String getTransformDocDescription() {
return String.format(
"Alert if at least %d accounts are created from different source addresses in a 10 "
diff --git a/src/main/java/com/mozilla/secops/customs/CustomsAlert.java b/src/main/java/com/mozilla/secops/customs/CustomsAlert.java
index 881c259cf..f68ca73b2 100644
--- a/src/main/java/com/mozilla/secops/customs/CustomsAlert.java
+++ b/src/main/java/com/mozilla/secops/customs/CustomsAlert.java
@@ -150,6 +150,12 @@ private static CustomsAlert baseAlert(Alert a) {
return ret;
}
+ /**
+ * Convert source login failure alert into a list of customs alerts.
+ *
+ * @param a Alert to convert
+ * @return ArrayList of CustomsAlert created
+ */
public static ArrayList convertSourceLoginFailure(Alert a) {
ArrayList ret = new ArrayList<>();
@@ -170,6 +176,12 @@ public static ArrayList convertSourceLoginFailure(Alert a) {
return ret;
}
+ /**
+ * Convert a distributed source login failure alert into a list of customs alerts.
+ *
+ * @param a Alert to convert
+ * @return ArrayList of CustomsAlert created
+ */
public static ArrayList convertSourceLoginFailureDist(Alert a) {
ArrayList ret = new ArrayList<>();
diff --git a/src/main/java/com/mozilla/secops/customs/CustomsPasswordResetAbuse.java b/src/main/java/com/mozilla/secops/customs/CustomsPasswordResetAbuse.java
index 319cdfd75..742d88a0a 100644
--- a/src/main/java/com/mozilla/secops/customs/CustomsPasswordResetAbuse.java
+++ b/src/main/java/com/mozilla/secops/customs/CustomsPasswordResetAbuse.java
@@ -30,6 +30,7 @@ public class CustomsPasswordResetAbuse
private final Logger log = LoggerFactory.getLogger(CustomsAccountCreation.class);
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDocDescription() {
return String.format(
"Alert if single source requests password reset for at least %d distinct accounts "
diff --git a/src/main/java/com/mozilla/secops/customs/CustomsVelocity.java b/src/main/java/com/mozilla/secops/customs/CustomsVelocity.java
index 99590145d..6ce61867f 100644
--- a/src/main/java/com/mozilla/secops/customs/CustomsVelocity.java
+++ b/src/main/java/com/mozilla/secops/customs/CustomsVelocity.java
@@ -45,6 +45,7 @@ public class CustomsVelocity extends PTransform, PCollection<
private final String maxmindCityDbPath;
private final String maxmindIspDbPath;
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDocDescription() {
return String.format(
"Alert based on applying location velocity analysis to FxA events,"
diff --git a/src/main/java/com/mozilla/secops/customs/SourceLoginFailure.java b/src/main/java/com/mozilla/secops/customs/SourceLoginFailure.java
index 85251c219..54640e2c6 100644
--- a/src/main/java/com/mozilla/secops/customs/SourceLoginFailure.java
+++ b/src/main/java/com/mozilla/secops/customs/SourceLoginFailure.java
@@ -41,6 +41,7 @@ public SourceLoginFailure(Customs.CustomsOptions options) {
escalate = options.getEscalateSourceLoginFailure();
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDocDescription() {
return String.format(
"Alert on %d login failures from a single source in a 10 minute window.", threshold);
diff --git a/src/main/java/com/mozilla/secops/customs/SourceLoginFailureDist.java b/src/main/java/com/mozilla/secops/customs/SourceLoginFailureDist.java
index e4b1dd83b..5e1e956f3 100644
--- a/src/main/java/com/mozilla/secops/customs/SourceLoginFailureDist.java
+++ b/src/main/java/com/mozilla/secops/customs/SourceLoginFailureDist.java
@@ -37,6 +37,7 @@ public SourceLoginFailureDist(Customs.CustomsOptions options) {
escalate = options.getEscalateSourceLoginFailureDistributed();
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDocDescription() {
return String.format(
"Alert on login failures for a particular account from %d different source addresses "
diff --git a/src/main/java/com/mozilla/secops/gatekeeper/ETDTransforms.java b/src/main/java/com/mozilla/secops/gatekeeper/ETDTransforms.java
index 382ebb4a1..3ae552c0e 100644
--- a/src/main/java/com/mozilla/secops/gatekeeper/ETDTransforms.java
+++ b/src/main/java/com/mozilla/secops/gatekeeper/ETDTransforms.java
@@ -133,6 +133,7 @@ public GenerateETDAlerts(Options opts) {
}
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return "Alerts are generated based on events sent from GCP's Event Threat Detection.";
}
diff --git a/src/main/java/com/mozilla/secops/gatekeeper/GuardDutyTransforms.java b/src/main/java/com/mozilla/secops/gatekeeper/GuardDutyTransforms.java
index b1519ddeb..fc90724bb 100644
--- a/src/main/java/com/mozilla/secops/gatekeeper/GuardDutyTransforms.java
+++ b/src/main/java/com/mozilla/secops/gatekeeper/GuardDutyTransforms.java
@@ -145,6 +145,7 @@ public GenerateGDAlerts(Options opts) {
}
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return "Alerts are generated based on events sent from AWS's Guardduty.";
}
diff --git a/src/main/java/com/mozilla/secops/httprequest/HTTPRequest.java b/src/main/java/com/mozilla/secops/httprequest/HTTPRequest.java
index 405def1ab..7c28adc26 100644
--- a/src/main/java/com/mozilla/secops/httprequest/HTTPRequest.java
+++ b/src/main/java/com/mozilla/secops/httprequest/HTTPRequest.java
@@ -195,6 +195,7 @@ public ErrorRateAnalysis(
log = LoggerFactory.getLogger(ErrorRateAnalysis.class);
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Alert if a single source address generates more than %d 4xx errors in a "
@@ -305,6 +306,7 @@ public HardLimitAnalysis(
log = LoggerFactory.getLogger(HardLimitAnalysis.class);
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Alert if single source address makes more than %d requests in a 1 minute window.",
@@ -425,6 +427,7 @@ public UserAgentBlacklistAnalysis(
log = LoggerFactory.getLogger(UserAgentBlacklistAnalysis.class);
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return new String(
"Alert if client makes request with user agent that matches entry in blacklist.");
@@ -613,6 +616,7 @@ public EndpointAbuseAnalysis(
}
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
String buf = null;
for (int i = 0; i < endpoints.length; i++) {
@@ -845,6 +849,7 @@ public ThresholdAnalysis(
log = LoggerFactory.getLogger(ThresholdAnalysis.class);
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
return String.format(
"Alert if a single source address makes more than %.2f times the calculated"
@@ -1009,6 +1014,7 @@ public static class EndpointSequenceAbuseTimingInfo implements Serializable {
public String secondMethod;
public String secondPath;
+ /** Convert configuration to String */
public String toString() {
return String.format(
"%d:%s:%s:%d:%s:%s",
@@ -1055,6 +1061,7 @@ public EndpointSequenceAbuse(
}
}
+ /** Transform documentation for users - see {@link com.mozilla.secops.DocumentingTransform} */
public String getTransformDoc() {
String buf = null;
for (int i = 0; i < endpointPatterns.length; i++) {
diff --git a/src/main/java/com/mozilla/secops/metrics/CfgTickBuilder.java b/src/main/java/com/mozilla/secops/metrics/CfgTickBuilder.java
index d2250f742..0a3846dfe 100644
--- a/src/main/java/com/mozilla/secops/metrics/CfgTickBuilder.java
+++ b/src/main/java/com/mozilla/secops/metrics/CfgTickBuilder.java
@@ -35,7 +35,7 @@ private void mergeData(HashMap in) {
/**
* Add documentation about a transform to the configuration tick
*
- * @param t {@link DocumentingTransform}
+ * @param t {@link com.mozilla.secops.DocumentingTransform}
*/
public void withTransformDoc(DocumentingTransform t) {
cfgData.put(String.format("heuristic_%s", t.getClass().getSimpleName()), t.getTransformDoc());
diff --git a/src/main/java/com/mozilla/secops/parser/FxaAuth.java b/src/main/java/com/mozilla/secops/parser/FxaAuth.java
index 82715ee37..91eededd8 100644
--- a/src/main/java/com/mozilla/secops/parser/FxaAuth.java
+++ b/src/main/java/com/mozilla/secops/parser/FxaAuth.java
@@ -309,6 +309,11 @@ private Boolean discernPasswordForgotSendCode() {
return false;
}
+ /**
+ * Check if the auth event contained a successful certifcate signing
+ *
+ * @return Boolean
+ */
public Boolean discernCertificateSignSuccess() {
if (!(fxaAuthData.getPath().equals("/v1/certificate/sign"))) {
return false;
diff --git a/src/main/java/com/mozilla/secops/parser/KeyedEvent.java b/src/main/java/com/mozilla/secops/parser/KeyedEvent.java
index 07d6dae83..6830abec0 100644
--- a/src/main/java/com/mozilla/secops/parser/KeyedEvent.java
+++ b/src/main/java/com/mozilla/secops/parser/KeyedEvent.java
@@ -15,6 +15,7 @@ public class KeyedEvent implements Serializable {
private final String key;
private final Event event;
+ /** Convert KeyedEvent to {@link KV} */
public KV toKV() {
if ((key == null) || (event == null)) {
return null;
@@ -22,6 +23,7 @@ public KV toKV() {
return KV.of(key, event);
}
+ /** Initialize new KeyedEvent */
public KeyedEvent(String key, Event event) {
this.key = key;
this.event = event;
diff --git a/src/main/java/com/mozilla/secops/parser/models/fxaauth/FxaAuth.java b/src/main/java/com/mozilla/secops/parser/models/fxaauth/FxaAuth.java
index 79c164762..9be786474 100644
--- a/src/main/java/com/mozilla/secops/parser/models/fxaauth/FxaAuth.java
+++ b/src/main/java/com/mozilla/secops/parser/models/fxaauth/FxaAuth.java
@@ -100,6 +100,12 @@ public int getValue() {
return value;
}
+ /**
+ * Get Errno from int value
+ *
+ * @param errno int value
+ * @return Errno
+ */
@JsonCreator
public static Errno forValue(int errno) {
for (Errno e : values()) {
diff --git a/src/main/java/com/mozilla/secops/postprocessing/AlertSummary.java b/src/main/java/com/mozilla/secops/postprocessing/AlertSummary.java
index a5bb59594..769d955d9 100644
--- a/src/main/java/com/mozilla/secops/postprocessing/AlertSummary.java
+++ b/src/main/java/com/mozilla/secops/postprocessing/AlertSummary.java
@@ -69,6 +69,7 @@ public class AlertSummary extends PTransform, PCollection extends StateCursor {
private KeyFactory keyFactory;
private Transaction tx;
+ /**
+ * Commit datastore transaction
+ *
+ * @throws StateException
+ */
public void commit() throws StateException {
if (tx == null) {
throw new StateException("datastore cursor not configured as transaction");