Documentation ¶
Index ¶
- Constants
- Variables
- func ContainAlias(ip net.IP) *exec.Cmd
- func IPFromRequest(req *http.Request) (net.IP, error)
- func KeyGen(size int) string
- func Sha256StringArray(array []string) string
- func UUIDGen() uuid.UUID
- func UncontainAlias() *exec.Cmd
- type AdminAPIConfig
- type AdminAPIResponse
- type AdminUser
- type AliasEnv
- type ClientConfig
- type Command
- func (c *Command) AddDropFile(filename, filepath string) error
- func (c *Command) AddDropFileFromPath(path string) error
- func (c *Command) AddFetchFile(filepath string)
- func (c *Command) BuildCmd() (*exec.Cmd, error)
- func (c *Command) Complete(other *Command) error
- func (c *Command) Run() (err error)
- func (c *Command) SetCommandLine(cl string) error
- func (c Command) String() string
- func (c *Command) Strip()
- type CommandAPI
- type Endpoint
- type EndpointAPIConfig
- type EndpointConfig
- type EndpointFile
- type Endpoints
- func (es *Endpoints) Add(e *Endpoint)
- func (es *Endpoints) DelByUUID(uuid string)
- func (es *Endpoints) Endpoints() []*Endpoint
- func (es *Endpoints) GetByUUID(uuid string) (*Endpoint, bool)
- func (es *Endpoints) GetMutByUUID(uuid string) (*Endpoint, bool)
- func (es *Endpoints) Len() int
- func (es *Endpoints) MutEndpoints() []*Endpoint
- type FileUpload
- type Forwarder
- func (f *Forwarder) ArchiveLogs()
- func (f *Forwarder) CleanOlderQueued() error
- func (f *Forwarder) Close()
- func (f *Forwarder) Collect()
- func (f *Forwarder) DiskSpaceQueue() int64
- func (f *Forwarder) HasQueuedEvents() bool
- func (f *Forwarder) LogfilePath() string
- func (f *Forwarder) PipeEvent(e *evtx.GoEvtxMap)
- func (f *Forwarder) ProcessQueue()
- func (f *Forwarder) Reset()
- func (f *Forwarder) Run()
- func (f *Forwarder) Save() (err error)
- type ForwarderConfig
- type LoggingConfig
- type Manager
- func (m *Manager) AddCommand(uuid string, c *Command) error
- func (m *Manager) AddEndpoint(uuid, key string)
- func (m *Manager) Collect(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) Command(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) Container(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) ContainerList(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) ContainerSha256(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) GetCommand(uuid string) (*Command, error)
- func (m *Manager) IsDone() bool
- func (m *Manager) LoadContainers()
- func (m *Manager) LoadGeneEngine() error
- func (m *Manager) Rules(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) RulesSha256(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) Run()
- func (m *Manager) ServerKey(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) Shutdown() error
- func (m *Manager) UpdateReducer(identifier string, e *evtx.GoEvtxMap)
- func (m *Manager) UploadDump(wt http.ResponseWriter, rq *http.Request)
- func (m *Manager) Wait()
- type ManagerClient
- func (m *ManagerClient) Close()
- func (m *ManagerClient) ExecuteCommand() error
- func (m *ManagerClient) GetContainer(name string) ([]string, error)
- func (m *ManagerClient) GetContainerSha256(name string) (string, error)
- func (m *ManagerClient) GetContainersList() ([]string, error)
- func (m *ManagerClient) GetRules() (string, error)
- func (m *ManagerClient) GetRulesSha256() (string, error)
- func (m *ManagerClient) IsServerAuthEnforced() bool
- func (m *ManagerClient) IsServerAuthenticated() (auth bool, up bool)
- func (m *ManagerClient) IsServerUp() bool
- func (m *ManagerClient) PostDump(f *FileUpload) error
- func (m *ManagerClient) PostLogs(r io.Reader) error
- func (m *ManagerClient) Prepare(method, url string, body io.Reader) (*http.Request, error)
- func (m *ManagerClient) PrepareFileUpload(path, guid, evthash, filename string) (*FileUpload, error)
- func (m *ManagerClient) PrepareGzip(method, url string, body io.Reader) (*http.Request, error)
- type ManagerConfig
- type ManagerLogConfig
- type MispConfig
- type TLSConfig
Constants ¶
const ( // UserAgent used by the client UserAgent = "Whids-API-Client/1.0" // Mega byte size Mega = 1 << 20 // DefaultMaxUploadSize default maximum upload size DefaultMaxUploadSize = 100 * Mega )
const ( // DefaultDirPerm default log directory permissions for forwarder DefaultDirPerm = 0700 // DefaultLogfileSize default forwarder logfile size DefaultLogfileSize = logfile.MB * 5 // DiskSpaceThreshold allow 1GB of queued events DiskSpaceThreshold = logfile.GB // MinRotationInterval is the minimum rotation interval allowed MinRotationInterval = time.Minute )
const ( // DefaultLogPerm default logfile permission for Manager DefaultLogPerm = 0600 // DefaultManagerLogSize default size for Manager's logfiles DefaultManagerLogSize = logfile.MB * 100 // DefaultKeySize default size for API key generation DefaultKeySize = 64 // EptAPIDefaultPort default port used by manager's endpoint API EptAPIDefaultPort = 1519 // AdmAPIDefaultPort default port used by manager's admin API AdmAPIDefaultPort = 1520 )
const ( // EptAPIServerKeyPath API route used to get server key EptAPIServerKeyPath = "/key" // EptAPIRulesPath API route used to get Gene rules available in server EptAPIRulesPath = "/rules" // EptAPIRulesSha256Path API route used to retrieve sha256 of latest batch of Gene rules EptAPIRulesSha256Path = "/rules/sha256" // EptAPIContainerListPath API route to serve the list of containers available in the Manager EptAPIContainerListPath = "/containers" // EptAPIContainerPath API route to get a container EptAPIContainerPath = "/container/{name}" // EptAPIContainerSha256Path API route to serve sha256 of the different containers EptAPIContainerSha256Path = "/container/sha256/{name}" // EptAPIPostLogsPath API route used to post logs EptAPIPostLogsPath = "/logs" // EptAPIPostDumpPath API route used to dump things EptAPIPostDumpPath = "/upload/dumps" // EptAPICommandPath used to GET commands and POST results EptAPICommandPath = "/commands" )
Routes used by Clients
const ( AdmAPIStatsPath = "/stats" AdmAPIRulesPath = "/rules" AdmAPIRulesReloadPath = "/rules/reload" AdmAPIRulesSavePath = "/rules/save" AdmAPIEndpointsPath = "/endpoints" AdmAPIEndpointsByIDPath = AdmAPIEndpointsPath + "/{euuid:" + uuidRe + "}" // Command related AdmAPIEndpointCommandPath = AdmAPIEndpointsByIDPath + "/command" AdmAPIEndpointCommandFieldPath = AdmAPIEndpointCommandPath + "/{field}" // Logs related AdmAPIEndpointLogsPath = AdmAPIEndpointsByIDPath + "/logs" AdmAPIEndpointAlertsPath = AdmAPIEndpointsByIDPath + "/alerts" // Reports related AdmAPIEndpointsReportsPath = AdmAPIEndpointsPath + "/reports" AdmAPIEndpointReportPath = AdmAPIEndpointsByIDPath + "/report" )
Routes used for Admin API
const (
// ContainRuleName is the name of the Windows firewall rule used to contain endpoint
ContainRuleName = "EDR containment"
)
Variables ¶
var ( // ErrUnkEndpoint error to return when endpoint is unknown ErrUnkEndpoint = fmt.Errorf("Unknown endpoint") )
var ( // Hostname the client is running on (initialized in init() function) Hostname string )
Functions ¶
func ContainAlias ¶
ContainAlias is an alias to contain an endpoint
func IPFromRequest ¶
IPFromRequest extracts the user IP address from req, if present. source: https://blog.golang.org/context/userip/userip.go
func UncontainAlias ¶
UncontainAlias builds a command to uncontain an endpoint NB: implementation must be in line with what is done in ContainAlias
Types ¶
type AdminAPIConfig ¶
type AdminAPIConfig struct { Host string `toml:"host" comment:"Hostname or IP address where the API should listen to"` Port int `toml:"port" comment:"Port used by the API"` Users []AdminUser `toml:"users" comment:"List of admin users"` }
AdminAPIConfig configuration for Administrative API
type AdminAPIResponse ¶
type AdminAPIResponse struct { Data interface{} `json:"data"` Message string `json:"message"` Error string `json:"error"` }
AdminAPIResponse standard structure to encode any response from the AdminAPI
func NewAdminAPIRespError ¶
func NewAdminAPIRespError(err error) *AdminAPIResponse
NewAdminAPIRespError creates a new response from an error
func NewAdminAPIRespErrorString ¶
func NewAdminAPIRespErrorString(err string) *AdminAPIResponse
NewAdminAPIRespErrorString creates a new error response from an error
func NewAdminAPIResponse ¶
func NewAdminAPIResponse(data interface{}) *AdminAPIResponse
NewAdminAPIResponse creates a new response from data
func (*AdminAPIResponse) ToJSON ¶
func (r *AdminAPIResponse) ToJSON() []byte
ToJSON serializes the response to JSON
func (*AdminAPIResponse) UnmarshalData ¶
func (r *AdminAPIResponse) UnmarshalData(i interface{}) error
UnmarshalData unmarshals the Data field of the response to an interface
type ClientConfig ¶
type ClientConfig struct { Proto string `toml:"proto" comment:"Protocol to use to connect to manager (http or https)"` Host string `toml:"host" comment:"Hostname or IP of the manager"` Port int `toml:"port" comment:"Port at which endpoint API is running on manager server"` UUID string `toml:"endpoint-uuid" comment:"Endpoint UUID configured on manager used to authenticate this endpoint"` Key string `toml:"endpoint-key" comment:"Endpoint key configured on manager used to authenticate this endpoint"` ServerKey string `` /* 203-byte string literal not displayed */ ServerFingerprint string `toml:"server-fingerprint" comment:"Configure manager certificate pinning\n Put here the manager's certificate fingerprint"` Unsafe bool `toml:"unsafe" comment:"Allow unsafe HTTPS connection"` MaxUploadSize int64 `toml:"max-upload-size" comment:"Maximum allowed upload size"` }
ClientConfig structure definition
func (*ClientConfig) ManagerIP ¶
func (cc *ClientConfig) ManagerIP() net.IP
ManagerIP returns the IP address of the manager if any, returns nil otherwise
func (*ClientConfig) Transport ¶
func (cc *ClientConfig) Transport() http.RoundTripper
Transport creates an approriate HTTP transport from a configuration Cert pinning inspired by: https://medium.com/@zmanian/server-public-key-pinning-in-go-7a57bbe39438
type Command ¶
type Command struct { UUID string `json:"uuid"` Name string `json:"name"` Args []string `json:"args"` // used to drop files on the endpoint Drop []*EndpointFile `json:"drop"` // used to fetch files from the endpoint Fetch map[string]*EndpointFile `json:"fetch"` Stdout []byte `json:"stdout"` Stderr []byte `json:"stderr"` Error string `json:"error"` Sent bool `json:"sent"` Background bool `json:"background"` Completed bool `json:"completed"` Timeout time.Duration `json:"timeout"` SentTime time.Time `json:"sent-time"` // contains filtered or unexported fields }
Command structure representing a command sent to an endpoint
func NewCommandWithEnv ¶
NewCommandWithEnv creates a new Command to run on an endpoint
func (*Command) AddDropFile ¶
AddDropFile adds a file to drop on the endpoint. Argument filepath is the path of the file on the local filesystem
func (*Command) AddDropFileFromPath ¶
AddDropFileFromPath adds a file to drop on the endpoint. It is a wrapper around AddDropFile
func (*Command) AddFetchFile ¶
AddFetchFile adds a file to fetch from the endpoint.
func (*Command) Run ¶
Run runs the command according to the specified settings it aims at being used on the endpoint
func (*Command) SetCommandLine ¶
SetCommandLine sets the command line to execute on the endpoint
type CommandAPI ¶
type CommandAPI struct { CommandLine string `json:"command-line"` FetchFiles []string `json:"fetch-files"` DropFiles []string `json:"drop-files"` Timeout time.Duration `json:"timeout"` }
CommandAPI structure used by Admin API clients to POST commands
func (*CommandAPI) ToCommand ¶
func (c *CommandAPI) ToCommand() (*Command, error)
ToCommand converts a CommandAPI to a Command
type Endpoint ¶
type Endpoint struct { UUID string `json:"uuid"` Hostname string `json:"hostname"` IP string `json:"ip"` Key string `json:"key"` Command *Command `json:"command,omitempty"` LastConnection time.Time `json:"last-connection"` }
Endpoint structure used to track and interact with endpoints
func NewEndpoint ¶
NewEndpoint returns a new Endpoint structure
func (*Endpoint) UpdateLastConnection ¶
func (e *Endpoint) UpdateLastConnection()
UpdateLastConnection updates the LastConnection member of Endpoint structure
type EndpointAPIConfig ¶
type EndpointAPIConfig struct { Host string `toml:"host" comment:"Hostname or IP where the API should listen to"` Port int `toml:"port" comment:"Port used by the API"` ServerKey string `` /* 162-byte string literal not displayed */ Endpoints []EndpointConfig `toml:"endpoints" comment:"Endpoints configurations"` }
EndpointAPIConfig structure holding configuration for the API used by endpoints
func (*EndpointAPIConfig) DelEndpoint ¶
func (ec *EndpointAPIConfig) DelEndpoint(uuid string)
DelEndpoint deletes an endpoint from the configuration
type EndpointConfig ¶
type EndpointConfig struct { UUID string `toml:"uuid" comment:"Unique client identifier"` Key string `toml:"key" comment:"API key used to authenticate the client"` }
EndpointConfig structure to hold the configuration for one endpoint
type EndpointFile ¶
type EndpointFile struct { UUID string `json:"uuid"` Name string `json:"name"` Data []byte `json:"data"` Error string `json:"error"` }
EndpointFile describes a File to drop or fetch from the endpoint
type Endpoints ¶
Endpoints structure used to manage endpoints This struct looks over complicated for what it does but it is because it was more complex before and got simplified (too lazy to change it...)
func (*Endpoints) GetMutByUUID ¶
GetMutByUUID returns reference to an Endpoint
func (*Endpoints) MutEndpoints ¶
MutEndpoints returns a list of references of the endpoints
type FileUpload ¶
type FileUpload struct { Name string `json:"filename"` GUID string `json:"guid"` EventHash string `json:"event-hash"` Content []byte `json:"content"` }
FileUpload structure used to forward files from the client to the manager
func (*FileUpload) Dump ¶
func (f *FileUpload) Dump(dir string) (err error)
Dump dumps the FileUpload into the given root directory dir
func (*FileUpload) Implode ¶
func (f *FileUpload) Implode() string
Implode returns the full path of the FileUpload
func (*FileUpload) Validate ¶
func (f *FileUpload) Validate() error
Validate that the file upload follows the expected format
type Forwarder ¶
type Forwarder struct { sync.Mutex Client *ManagerClient TimeTresh time.Duration EventTresh uint64 Pipe *bytes.Buffer EventsPiped uint64 Local bool // contains filtered or unexported fields }
Forwarder structure definition
func NewForwarder ¶
func NewForwarder(c *ForwarderConfig) (*Forwarder, error)
NewForwarder creates a new Forwarder structure Todo: needs update with client
func (*Forwarder) ArchiveLogs ¶
func (f *Forwarder) ArchiveLogs()
ArchiveLogs archives the old log files not compressed into compressed
func (*Forwarder) CleanOlderQueued ¶
CleanOlderQueued cleans up the older queue file
func (*Forwarder) Collect ¶
func (f *Forwarder) Collect()
Collect sends the piped event to the remote server Todo: needs update with client
func (*Forwarder) DiskSpaceQueue ¶
DiskSpaceQueue compute the disk space (in bytes) taken by queued events
func (*Forwarder) HasQueuedEvents ¶
HasQueuedEvents checks whether some events are waiting to be sent
func (*Forwarder) LogfilePath ¶
LogfilePath returns the path of the logfile if it exists else returns empty string
func (*Forwarder) ProcessQueue ¶
func (f *Forwarder) ProcessQueue()
ProcessQueue processes the events queued Todo: needs update with client
type ForwarderConfig ¶
type ForwarderConfig struct { Local bool `` /* 127-byte string literal not displayed */ Client ClientConfig `toml:"manager" comment:"Configure connection to the manager"` Logging LoggingConfig `toml:"logging" comment:"Forwarder's logging configuration"` }
ForwarderConfig structure definition
type LoggingConfig ¶
type LoggingConfig struct { Dir string `toml:"dir" comment:"Directory used to store logs"` RotationInterval time.Duration `toml:"rotation-interval" comment:"Logfile rotation interval"` }
LoggingConfig structure to encode Logging configuration of the forwarder
type Manager ¶
type Manager struct { sync.RWMutex Config *ManagerConfig // contains filtered or unexported fields }
Manager structure definition
func NewManager ¶
func NewManager(c *ManagerConfig) (*Manager, error)
NewManager creates a new WHIDS manager with a logfile as parameter
func (*Manager) AddCommand ¶
AddCommand sets a command to be executed on endpoint specified by UUID
func (*Manager) AddEndpoint ¶
AddEndpoint adds new endpoint to the manager
func (*Manager) Collect ¶
func (m *Manager) Collect(wt http.ResponseWriter, rq *http.Request)
Collect HTTP handler
func (*Manager) Command ¶
func (m *Manager) Command(wt http.ResponseWriter, rq *http.Request)
Command HTTP handler
func (*Manager) Container ¶
func (m *Manager) Container(wt http.ResponseWriter, rq *http.Request)
Container HTTP handler serves Gene containers to clients
func (*Manager) ContainerList ¶
func (m *Manager) ContainerList(wt http.ResponseWriter, rq *http.Request)
ContainerList HTTP handler to server the list of available containers
func (*Manager) ContainerSha256 ¶
func (m *Manager) ContainerSha256(wt http.ResponseWriter, rq *http.Request)
ContainerSha256 HTTP handler to server the Sha256 of a given container
func (*Manager) GetCommand ¶
GetCommand gets the command set for an endpoint specified by UUID
func (*Manager) LoadContainers ¶
func (m *Manager) LoadContainers()
LoadContainers loads the containers into the manager the container names is given by the filename without the extension Example: /some/random/abspath/blacklist.txt will give blacklist container
func (*Manager) LoadGeneEngine ¶
LoadGeneEngine make the manager update the gene rules it has to serve
func (*Manager) Rules ¶
func (m *Manager) Rules(wt http.ResponseWriter, rq *http.Request)
Rules HTTP handler used to serve the rules
func (*Manager) RulesSha256 ¶
func (m *Manager) RulesSha256(wt http.ResponseWriter, rq *http.Request)
RulesSha256 returns the sha256 of the latest set of rules loaded into the manager
func (*Manager) ServerKey ¶
func (m *Manager) ServerKey(wt http.ResponseWriter, rq *http.Request)
ServerKey HTTP handler used to authenticate server on client side
func (*Manager) UpdateReducer ¶
UpdateReducer updates the reducer member of the Manager
func (*Manager) UploadDump ¶
func (m *Manager) UploadDump(wt http.ResponseWriter, rq *http.Request)
UploadDump HTTP handler used to upload dump files from client to manager
type ManagerClient ¶
type ManagerClient struct {
// contains filtered or unexported fields
}
ManagerClient structure definition
func NewManagerClient ¶
func NewManagerClient(c *ClientConfig) (*ManagerClient, error)
NewManagerClient creates a new Client to interface with the manager
func (*ManagerClient) Close ¶
func (m *ManagerClient) Close()
Close closes idle connections from underlying transport
func (*ManagerClient) ExecuteCommand ¶
func (m *ManagerClient) ExecuteCommand() error
ExecuteCommand executes a Command on the endpoint and return the result to the manager. NB: this method is blocking due to Command.Run function call
func (*ManagerClient) GetContainer ¶
func (m *ManagerClient) GetContainer(name string) ([]string, error)
GetContainer retrieves a given container from the manager
func (*ManagerClient) GetContainerSha256 ¶
func (m *ManagerClient) GetContainerSha256(name string) (string, error)
GetContainerSha256 retrieves a given container from the manager
func (*ManagerClient) GetContainersList ¶
func (m *ManagerClient) GetContainersList() ([]string, error)
GetContainersList retrieves the names of the containers available in the manager
func (*ManagerClient) GetRules ¶
func (m *ManagerClient) GetRules() (string, error)
GetRules retrieve the latest batch of Gene rules available on the server
func (*ManagerClient) GetRulesSha256 ¶
func (m *ManagerClient) GetRulesSha256() (string, error)
GetRulesSha256 returns the sha256 string of the latest batch of rules available on the server
func (*ManagerClient) IsServerAuthEnforced ¶
func (m *ManagerClient) IsServerAuthEnforced() bool
IsServerAuthEnforced returns true if server authentication is requested by the client
func (*ManagerClient) IsServerAuthenticated ¶
func (m *ManagerClient) IsServerAuthenticated() (auth bool, up bool)
IsServerAuthenticated returns true if the server is authenticated and thus can be trusted
func (*ManagerClient) IsServerUp ¶
func (m *ManagerClient) IsServerUp() bool
IsServerUp returns true if manager server is up
func (*ManagerClient) PostDump ¶
func (m *ManagerClient) PostDump(f *FileUpload) error
PostDump client helper to upload a file to the Manager
func (*ManagerClient) PostLogs ¶
func (m *ManagerClient) PostLogs(r io.Reader) error
PostLogs posts logs to be collected
func (*ManagerClient) PrepareFileUpload ¶
func (m *ManagerClient) PrepareFileUpload(path, guid, evthash, filename string) (*FileUpload, error)
PrepareFileUpload prepares a FileUpload from several parameters
func (*ManagerClient) PrepareGzip ¶
PrepareGzip prepares a http.Request gzip encoded to be sent to the manager
type ManagerConfig ¶
type ManagerConfig struct { // TOML strings need to be first otherwise issue parsing back config RulesDir string `toml:"rules-dir" comment:"Gene rule directory\n See: https://github.com/0xrawsec/gene-rules"` DumpDir string `toml:"dump-dir" comment:"Directory where to dump artifacts collected on hosts"` ContainersDir string `toml:"containers-dir" comment:"Gene rules' containers directory\n (c.f. Gene documentation https://github.com/0xrawsec/gene)"` AdminAPI AdminAPIConfig `toml:"admin-api" comment:"Settings to configure administrative API (not supposed to be reachable by endpoints)"` EndpointAPI EndpointAPIConfig `toml:"endpoint-api" comment:"Settings to configure API used by endpoints"` Logging ManagerLogConfig `toml:"logging" comment:"Logging settings"` TLS TLSConfig `toml:"tls" comment:"TLS settings. Leave empty, not to use TLS"` MISP MispConfig `toml:"misp" comment:"MISP settings. Use this setting to push IOCs as containers on endpoints"` // contains filtered or unexported fields }
ManagerConfig defines manager's configuration structure
func LoadManagerConfig ¶
func LoadManagerConfig(path string) (*ManagerConfig, error)
LoadManagerConfig loads the manager configuration from a file
func (*ManagerConfig) AddEndpointConfig ¶
func (mc *ManagerConfig) AddEndpointConfig(uuid, key string)
AddEndpointConfig adds a new endpoint with uuid and key to the manager
func (*ManagerConfig) Save ¶
func (mc *ManagerConfig) Save() error
Save saves the configuration to a path specified by the path member of the structure
func (*ManagerConfig) SetPath ¶
func (mc *ManagerConfig) SetPath(path string)
SetPath exposes the path member for changes
type ManagerLogConfig ¶
type ManagerLogConfig struct { Root string `toml:"root" comment:"Root directory where logfiles are stored"` LogBasename string `toml:"logfile" comment:"Logfile name (relative to root) used to store logs"` EnEnptLogs bool `` /* 158-byte string literal not displayed */ VerboseHTTP bool `toml:"verbose-http" comment:"Enables verbose HTTP logs\n When disabled beaconing requests are filtered out"` }
ManagerLogConfig structure to hold manager's logging configuration
type MispConfig ¶
type MispConfig struct { Proto string `toml:"protocol" comment:"HTTP protocol to use (http or https)"` Host string `toml:"host" comment:"Hostname or IP address of MISP server"` APIKey string `toml:"api-key" comment:"MISP API key"` }
MispConfig with TOML tags
type TLSConfig ¶
type TLSConfig struct { Cert string `toml:"cert" comment:"Path to the certificate file to use for TLS connections"` Key string `toml:"key" comment:"Path to the key to use for TLS connection"` }
TLSConfig structure definition