Documentation ¶
Index ¶
- Constants
- Variables
- func Authorize(emailid, token string, asRoot bool) (string, error)
- func DeAuthorize(asRoot bool) (string, error)
- func FileExists(filename string) bool
- func FortifyK8sCluster(tenant, clusterName string, force bool) (string, error)
- func GetComputeCount(zone, app, tenant string) (int, int, error)
- func GetThreatCount(zone, app, tenant string) (int, int, error)
- func RunAs(cmdstr, user string, pipeInput string) (string, error)
- func RunCmd(cmdstr string) (string, error)
- func RunCmdWithInput(cmdstr string, pipeInput string) (string, error)
- func RunControl(cmdArgs []string, user string, exitOnFailure bool, pipeInput string) (string, error)
- func RunControlOut(cmdArgs []string, user string, exitOnFailure bool, out *bytes.Buffer, ...) error
- func RunStrControl(cmdstr, user string, exitOnFailure bool, pipeInput string) (string, error)
- func SetAraalictlPath(newPath string)
- func TenantCreate(name, adminName, adminEmail string, freemium bool) (string, error)
- func TenantDelete(tenantID string) error
- func UpdateLinks(zone, app, tenant string, links []Link) (string, error)
- func UserAdd(tenantID, userName, userEmail, role string) error
- func UserDelete(tenantID, userEmail string) error
- type AlertCard
- type AlertInfo
- type AlertPage
- type App
- type Compute
- type ComputeCount
- type DirectionCounts
- type EndPoint
- type FortifyAraaliHelmValues
- type FortifyHelmValues
- type Insight
- type InsightDetail
- type Link
- type TenantUser
- type ThreatCount
- type Vulnerability
- type Zone
Constants ¶
const ONE_DAY = 24 * 60 * time.Minute
Constants
Variables ¶
var ActlPath = "/opt/araali/bin/araalictl"
Araalictl path
var CommandDebug = false
CommandDebug - logs every command that is executed
Functions ¶
func FortifyK8sCluster ¶
FortifyK8sCluster - for tenant
func GetComputeCount ¶
GetComputeCount - returns a count of virtual machines and containers
func GetThreatCount ¶
GetThreatCount - returns
Alert count for threats detected & alert count for threats prevented
func RunControl ¶
func RunControl(cmdArgs []string, user string, exitOnFailure bool, pipeInput string) (string, error)
RunControl takes a command and runs it, control is for whether to exit
func RunControlOut ¶
func RunControlOut(cmdArgs []string, user string, exitOnFailure bool, out *bytes.Buffer, in *bytes.Buffer) error
RunControlOut takes a command and runs it, control is for whether to exit, allows output to go to stdout
func RunStrControl ¶
RunStrControl takes a command string and runs it, control is for whether to exit
func TenantCreate ¶
TenantCreate - returns tenant-id
func UpdateLinks ¶
UpdateLinks - update links for an app
Types ¶
type AlertCard ¶
type AlertCard struct { TotalAlerts uint64 `yaml:"alert_summary"` AlertDetails []Zone `yaml:"alert_details,omitempty"` }
func GetAlertCard ¶
GetAlertCard - get AlertCard for tenant.
type AlertInfo ¶
type AlertInfo struct { CommunicationAlertType string `yaml:"communication_alert_type,omitempty"` ProcessAlertType string `yaml:"process_alert_type,omitempty"` ReOpenCount uint32 `yaml:"reopen_count,omitempty"` Status string `yaml:"status,omitempty"` }
AlertInfo object
type AlertPage ¶
type AlertPage struct { PagingToken string Alerts []Link // contains filtered or unexported fields }
AlertPage
func GetAlerts ¶
func GetAlerts(tenant string, startTime, endTime int64, count int32, fetchAll bool) (AlertPage, error)
GetAlerts - get all alerts for a tenant between specified time. tenant: this is optional can be set to emtpy. startTime: is optional, should be epoch expressed in seconds. If 0 will be set to currentTime - 1 day. endTime: is optional, should be epoch expressed in seconds. If 0 will be set to currentTime. count: is optional, should be number of alerts we want to fetch at a time. If 0 will be defaulted 100. Sample usage: startTime := time.Now().Add(-(3 * araalictl.ONE_DAY)).Unix() alertPage := araalictl.GetAlerts("", startTime, 0, 25) fmt.Printf("Fetched %d alerts.\n", len(alertPage.Alerts))
for { if !alertPage.HasNext() { fmt.Println("Done fetching!") break } alertPage.NextPage() fmt.Printf("Fetched %d alerts.\n", len(alertPage.Alerts)) }
type App ¶
type App struct { ZoneName string AppName string `yaml:"app_name"` Links []Link `yaml:"links,omitempty"` DefinedCounts DirectionCounts `yaml:"defined_policies,omitempty"` DeniedCounts DirectionCounts `yaml:"denied_policies,omitempty"` AlertCounts DirectionCounts `yaml:"alerts,omitempty"` ServiceCounts DirectionCounts `yaml:"services,omitempty"` ComputeCounts ComputeCount `yaml:"compute,omitempty"` AraaliUrl string `yaml:"araali_url,omitempty"` }
type Compute ¶
type Compute struct { Name string `yaml:"name"` IpAddress string `yaml:"ip_address"` Uuid string `yaml:"uuid"` Image string `yaml:"image"` Zone string `yaml:"zone"` Apps []App `yaml:"apps"` Processes []string `yaml:"processes"` State string `yaml:"state"` AssetType string `yaml:"asset_type"` ProcessCapabilities []string `yaml:"process_capabilities"` IpAddresses []string `yaml:"ip_addresses"` OriginalUuid string `yaml:"original_uuid` Vulnerabilities []Vulnerability `yaml:"vulnerabilities"` Mode string `yaml:"mode"` OsName string `yaml:"os_name"` }
func GetCompute ¶
GetCompute - return VMs and containers for given zone/app with vulnerability info
type ComputeCount ¶
type ComputeCount struct { VirtualMachines uint32 `yaml:"virtual_machines,omitempty"` Containers uint32 `yaml:"containers,omitempty"` }
func GetComputeWithInsights ¶
func GetComputeWithInsights(zone, app, tenant string, includeInsights map[string]bool) (ComputeCount, error)
GetComputeWithInsights - returns
Asset type and count of each type of insight
type DirectionCounts ¶
type DirectionCounts struct { Total uint64 `yaml:"total,omitempty"` Ingress uint64 `yaml:"ingress,omitempty"` PerimeterIngress uint64 `yaml:"perimeter_ingress,omitempty"` Internal uint64 `yaml:"internal,omitempty"` Egress uint64 `yaml:"egress,omitempty"` PerimeterEgress uint64 `yaml:"perimeter_egress,omitempty"` }
type EndPoint ¶
type EndPoint struct { Zone string `yaml:"zone,omitempty"` App string `yaml:"app,omitempty"` Process string `yaml:"process,omitempty"` BinaryName string `yaml:"binary_name,omitempty"` ParentProcess string `yaml:"parent_process,omitempty"` DnsPattern string `yaml:"dns_pattern,omitempty"` Subnet string `yaml:"subnet,omitempty"` NetMask uint32 `yaml:"netmask,omitempty"` DstPort uint32 `yaml:"dst_port,omitempty"` OrigZone string `yaml:"orig_zone,omitempty"` OrigApp string `yaml:"orig_app,omitempty"` OrigProcess string `yaml:"orig_process,omitempty"` OrigBinaryName string `yaml:"orig_binary_name,omitempty"` OrigParentProcess string `yaml:"orig_parent_process,omitempty"` OrigDnsPattern string `yaml:"orig_dns_pattern,omitempty"` OrigSubnet string `yaml:"orig_subnet,omitempty"` OrigNetMask uint32 `yaml:"orig_netmask,omitempty"` OrigDstPort uint32 `yaml:"orig_dst_port,omitempty"` // contains filtered or unexported fields }
Endpoint Object
type FortifyAraaliHelmValues ¶
type FortifyAraaliHelmValues struct { WorkloadId string `yaml:"workload_id" json:"workload_id"` ClusterName string `yaml:"cluster_name" json:"cluster_name"` Fog string `yaml:"fog" json:"fog"` Zone string `yaml:"zone" json:"zone"` App string `yaml:"app" json:"app"` Enforce bool `yaml:"enforce" json:"enforce"` Upgrade bool `yaml:"upgrade" json:"upgrade"` AutoK8SImage string `yaml:"autok8s_image" json:"autok8s_image"` FwImage string `yaml:"fw_image" json:"fw_image"` FwInitImage string `yaml:"fw_init_image" json:"fw_init_image"` }
FortifyHelmValues
type FortifyHelmValues ¶
type FortifyHelmValues struct {
AHV FortifyAraaliHelmValues `yaml:"araali" json:"araali"`
}
func FortifyK8SGenerateHelm ¶
func FortifyK8SGenerateHelm(tenantID, clusterName string) (*FortifyHelmValues, error)
FortifyK8SGenerateHelm - Generates values.yaml for araali fortification helm chart
type Insight ¶
type Insight struct { InsightType string `yaml:"insighttype" json:"insighttype"` Url string `yaml:"url" json:"url"` Count int `yaml:"count" json:"count"` }
InsightCounts
type InsightDetail ¶
type InsightDetail struct { Lenstype string `yaml:"lenstype,omitempty" json:"lenstype"` Zone string `yaml:"zone,omitempty" json:"zone"` App string `yaml:"app,omitempty" json:"app"` Pod string `yaml:"pod,omitempty" json:"pod"` Container string `yaml:"containername,omitempty" json:"containername"` Process string `yaml:"process,omitempty" json:"process"` ParentProcess string `yaml:"parent_process,omitempty" json:"parentprocess"` BinaryName string `yaml:"binaryname,omitempty" json:binaryname"` Service string `yaml:"service,omitempty" json:"service"` Reason string `yaml:"reason,omitempty" json:"reason"` InsightReason string `yaml:"insightreason,omitempty" json:"insightreason"` ProcessCapabilities string `yaml:"processcapabilities,omitempty" json:"processcapabilities"` }
type Link ¶
type Link struct { Client EndPoint Server EndPoint Type string Speculative bool State string Timestamp uint64 UniqueId string `yaml:"unique_id"` NewState string `yaml:"new_state,omitempty"` PagingToken string `yaml:"paging_token,omitempty"` AlertInfo AlertInfo `yaml:"alert_info,omitempty"` }
Link Object
type TenantUser ¶
type ThreatCount ¶
type ThreatCount struct { TenantId string `yaml:"tenantid" json:"tenant_id"` Zone string `yaml:"zone" json:"zone"` PerimeterIngressAlerts int `yaml: "perimeter_ingress_alerts" json:"perimeter_ingress_alerts"` PerimeterEgressAlerts int `yaml: "perimeter_egress_alerts" json:":"perimeter_egress_alerts"` MonitoredNonPerimeterAlerts int `yaml: "monitored_non_perimeter_alerts" json:"monitored_non_perimeter_alerts"` EnforceAlerts int `yaml: "enforced_alerts" json:"enforced_alerts"` }