rule

package
v0.34.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2023 License: GPL-3.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DoesEventMatch 

func DoesEventMatch(e event.NormalizedEvent, r DirectiveRule, s *StickyDiffData, connID uint64) bool

DoesEventMatch check event against rule for rule with stickyDiff set, s will be appended as needed

func GetQuickCheckPairs added in v0.26.2 

func GetQuickCheckPairs(r []DirectiveRule) (sidPairs []SIDPair, taxoPairs []TaxoPair)

GetQuickCheckPairs returns SIDPairs and TaxoPairs for a given set of directive rules

func QuickCheckPluginRule added in v0.26.2 

func QuickCheckPluginRule(pairs []SIDPair, e *event.NormalizedEvent) bool

QuickCheckPluginRule checks event against the key fields in a directive plugin rules

func QuickCheckTaxoRule added in v0.26.2 

func QuickCheckTaxoRule(pairs []TaxoPair, e *event.NormalizedEvent) bool

QuickCheckTaxoRule checks event against the key fields in a directive taxonomy rules

Types

type CustomData added in v0.16.0 

type CustomData struct {
	Label   string `json:"label"`
	Content string `json:"content"`
}

CustomData combine all custom fields into a struct for easier use by backlog and alarm

func AppendUniqCustomData added in v0.16.0 

func AppendUniqCustomData(prev []CustomData, label string, content string) []CustomData

AppendUniqCustomData returns unique custom data slice

type DirectiveRule 

type DirectiveRule struct {
	Name         string   `json:"name"`
	Stage        int      `json:"stage"`
	PluginID     int      `json:"plugin_id"`
	PluginSID    []int    `json:"plugin_sid"`
	Product      []string `json:"product,omitempty"`
	Category     string   `json:"category,omitempty"`
	SubCategory  []string `json:"subcategory,omitempty"`
	Occurrence   int      `json:"occurrence"`
	From         string   `json:"from"`
	To           string   `json:"to"`
	Type         string   `json:"type"`
	PortFrom     string   `json:"port_from"`
	PortTo       string   `json:"port_to"`
	Protocol     string   `json:"protocol,omitempty"`
	Reliability  int      `json:"reliability"`
	Timeout      int64    `json:"timeout"`
	StartTime    int64    `json:"start_time,omitempty"`
	EndTime      int64    `json:"end_time,omitempty"`
	RcvdTime     int64    `json:"rcvd_time,omitempty"`
	Status       string   `json:"status,omitempty"`
	Events       []string `json:"events,omitempty"`
	StickyDiff   string   `json:"sticky_different,omitempty"`
	CustomData1  string   `json:"custom_data1,omitempty"`
	CustomLabel1 string   `json:"custom_label1,omitempty"`
	CustomData2  string   `json:"custom_data2,omitempty"`
	CustomLabel2 string   `json:"custom_label2,omitempty"`
	CustomData3  string   `json:"custom_data3,omitempty"`
	CustomLabel3 string   `json:"custom_label3,omitempty"`
}

DirectiveRule defines the struct for directive rules, this is read-only struct.

type SIDPair added in v0.26.2 

type SIDPair struct {
	PluginID  int
	PluginSID []int
}

SIDPair defines the fields to include during PluginRule quick check

type StickyDiffData 

type StickyDiffData struct {
	sync.RWMutex
	SDiffString []string
	SDiffInt    []int
}

StickyDiffData hold the previous data for stickydiff rule This is mutable, so its separated from DirectiveRule

type TaxoPair added in v0.26.2 

type TaxoPair struct {
	Product  []string
	Category string
}

TaxoPair defines the fields to include during TaxonomyRule quick check

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.