csplugin

package
v1.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 11, 2024 License: MIT Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PluginProtocolVersion uint   = 1
	CrowdsecPluginKey     string = "CROWDSEC_PLUGIN_KEY"
)

Variables

View Source 
var DefaultEmptyTicker = time.Second * 1

Functions

func CheckCredential added in v1.4.0 

func CheckCredential(uid int, gid int) *syscall.SysProcAttr

func FormatAlerts added in v1.5.3 

func FormatAlerts(format string, alerts []*models.Alert) (string, error)

func NewHCLogAdapter 

func NewHCLogAdapter(l *logrus.Logger, name string) hclog.Logger

NewHCLogAdapter takes an instance of a Logrus logger and returns an hclog logger in the form of an HCLogAdapter.

func SetRequiredFields added in v1.6.0 

func SetRequiredFields(pluginCfg *PluginConfig)

Types

type GRPCClient 

type GRPCClient struct {
	// contains filtered or unexported fields
}

func (*GRPCClient) Configure 

func (m *GRPCClient) Configure(ctx context.Context, config *protobufs.Config) (*protobufs.Empty, error)

func (*GRPCClient) Notify 

func (m *GRPCClient) Notify(ctx context.Context, notification *protobufs.Notification) (*protobufs.Empty, error)

type GRPCServer 

type GRPCServer struct {
	Impl Notifier
}

type HCLogAdapter 

type HCLogAdapter struct {
	// contains filtered or unexported fields
}

HCLogAdapter implements the hclog interface. Plugins use hclog to send log entries back to ephemeral-iam and this adapter allows for those logs to be handled by ephemeral-iam's Logrus logger.

func (HCLogAdapter) Debug 

func (h HCLogAdapter) Debug(msg string, args ...interface{})

func (HCLogAdapter) Error 

func (h HCLogAdapter) Error(msg string, args ...interface{})

func (HCLogAdapter) GetLevel added in v1.5.3 

func (h HCLogAdapter) GetLevel() hclog.Level

func (HCLogAdapter) ImpliedArgs 

func (h HCLogAdapter) ImpliedArgs() []interface{}

func (HCLogAdapter) Info 

func (h HCLogAdapter) Info(msg string, args ...interface{})

func (HCLogAdapter) IsDebug 

func (h HCLogAdapter) IsDebug() bool

func (HCLogAdapter) IsError 

func (h HCLogAdapter) IsError() bool

func (HCLogAdapter) IsInfo 

func (h HCLogAdapter) IsInfo() bool

func (HCLogAdapter) IsTrace 

func (h HCLogAdapter) IsTrace() bool

func (HCLogAdapter) IsWarn 

func (h HCLogAdapter) IsWarn() bool

func (HCLogAdapter) Log 

func (h HCLogAdapter) Log(level hclog.Level, msg string, args ...interface{})

func (HCLogAdapter) Name 

func (h HCLogAdapter) Name() string

func (HCLogAdapter) Named 

func (h HCLogAdapter) Named(name string) hclog.Logger

func (HCLogAdapter) ResetNamed 

func (h HCLogAdapter) ResetNamed(name string) hclog.Logger

func (*HCLogAdapter) SetLevel 

func (h *HCLogAdapter) SetLevel(level hclog.Level)

func (HCLogAdapter) StandardLogger 

func (h HCLogAdapter) StandardLogger(opts *hclog.StandardLoggerOptions) *log.Logger

func (HCLogAdapter) StandardWriter 

func (h HCLogAdapter) StandardWriter(opts *hclog.StandardLoggerOptions) io.Writer

func (HCLogAdapter) Trace 

func (h HCLogAdapter) Trace(msg string, args ...interface{})

func (HCLogAdapter) Warn 

func (h HCLogAdapter) Warn(msg string, args ...interface{})

func (HCLogAdapter) With 

func (h HCLogAdapter) With(args ...interface{}) hclog.Logger

type Notifier 

type Notifier interface {
	Notify(ctx context.Context, notification *protobufs.Notification) (*protobufs.Empty, error)
	Configure(ctx context.Context, cfg *protobufs.Config) (*protobufs.Empty, error)
}

type NotifierPlugin 

type NotifierPlugin struct {
	plugin.Plugin
	Impl Notifier
}

func (*NotifierPlugin) GRPCClient 

func (p *NotifierPlugin) GRPCClient(ctx context.Context, broker *plugin.GRPCBroker, c *grpc.ClientConn) (interface{}, error)

func (*NotifierPlugin) GRPCServer 

func (p *NotifierPlugin) GRPCServer(broker *plugin.GRPCBroker, s *grpc.Server) error

type PluginBroker 

type PluginBroker struct {
	PluginChannel chan ProfileAlert
	// contains filtered or unexported fields
}

The broker is responsible for running the plugins and dispatching events It receives all the events from the main process and stacks them up It is as well notified by the watcher when it needs to deliver events to plugins (based on time or count threshold)

func (*PluginBroker) CreateCmd added in v1.4.0 

func (pb *PluginBroker) CreateCmd(binaryPath string) (*exec.Cmd, error)

func (*PluginBroker) Init 

func (pb *PluginBroker) Init(pluginCfg *csconfig.PluginCfg, profileConfigs []*csconfig.ProfileCfg, configPaths *csconfig.ConfigurationPaths) error

func (*PluginBroker) Kill 

func (pb *PluginBroker) Kill()

func (*PluginBroker) Run 

func (pb *PluginBroker) Run(pluginTomb *tomb.Tomb)

type PluginConfig 

type PluginConfig struct {
	Type           string        `yaml:"type"`
	Name           string        `yaml:"name"`
	GroupWait      time.Duration `yaml:"group_wait,omitempty"`
	GroupThreshold int           `yaml:"group_threshold,omitempty"`
	MaxRetry       int           `yaml:"max_retry,omitempty"`
	TimeOut        time.Duration `yaml:"timeout,omitempty"`

	Format string `yaml:"format,omitempty"` // specific to notification plugins

	Config map[string]interface{} `yaml:",inline"` //to keep the plugin-specific config

}

holder to determine where to dispatch config and how to format messages

func ParsePluginConfigFile added in v1.4.0 

func ParsePluginConfigFile(path string) ([]PluginConfig, error)

type PluginWatcher 

type PluginWatcher struct {
	PluginConfigByName     map[string]PluginConfig
	AlertCountByPluginName alertCounterByPluginName
	PluginEvents           chan string
	Inserts                chan string
	// contains filtered or unexported fields
}

func (*PluginWatcher) Init 

func (pw *PluginWatcher) Init(configs map[string]PluginConfig, alertsByPluginName map[string][]*models.Alert)

func (*PluginWatcher) Start 

func (pw *PluginWatcher) Start(tomb *tomb.Tomb)

type ProfileAlert 

type ProfileAlert struct {
	ProfileID uint
	Alert     *models.Alert
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.