io

package
v0.6.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 16, 2021 License: BSD-3-Clause, GPL-3.0 Imports: 39 Imported by: 0

Documentation

Overview

Package io implements IO primitives

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Count added in v0.6.6

func Count(filename string) (count int64, err error)

Count returns the total number of records found in an audit record file it does not return an error in case of a regular EOF but will return an error in case of an unexpected EOF.

func CreateElasticIndex added in v0.6.6

func CreateElasticIndex(wc *WriterConfig)

CreateElasticIndex will create and configure a single elastic database index.

func Dump added in v0.6.6

func Dump(w *os.File, c DumpConfig) error

Dump reads the specified netcap file and dumps the output according to the configuration to the specified *io.File.

func FPrintBuildInfo added in v0.6.6

func FPrintBuildInfo(w io.Writer)

FPrintBuildInfo PrintBuildInfo displays build information related to netcap to the specified io protoWriter.

func FPrintLogo(w io.Writer)

FPrintLogo PrintLogo prints the netcap logo.

func GenerateConfig added in v0.6.6

func GenerateConfig(fs *flag.FlagSet, tool string)

GenerateConfig generates a default configuration for the given flag set.

func InitLabelManager added in v0.6.6

func InitLabelManager(pathMappingInfo string, debug bool, scatter bool, scatterDuration time.Duration)

InitLabelManager can be invoked to configure the labels

func InitRecord added in v0.6.6

func InitRecord(typ types.Type) (record proto.Message)

InitRecord initializes a new record of the given type that conforms to the proto.Message interface if netcap is extended with new audit records they need to be added here as well.

func NewHeader added in v0.6.6

func NewHeader(t types.Type, source, version string, includesPayloads bool, ti time.Time) *types.Header

NewHeader creates and returns a new netcap audit file header.

func PrintBuildInfo added in v0.6.6

func PrintBuildInfo()

PrintBuildInfo displays build information related to netcap to stdout.

func PrintLogo()

PrintLogo prints the netcap logo.

func SetLogger added in v0.6.6

func SetLogger(lg *zap.Logger)

SetLogger sets the logger for the resolvers package.

Types

type AuditRecordWriter added in v0.6.6

type AuditRecordWriter interface {
	Write(msg proto.Message) error
	WriteHeader(t types.Type) error
	Close(numRecords int64) (name string, size int64)
}

AuditRecordWriter is an interface for writing netcap audit records.

func NewAuditRecordWriter added in v0.6.6

func NewAuditRecordWriter(wc *WriterConfig) AuditRecordWriter

NewAuditRecordWriter will return a new writer for netcap audit records.

type ChannelAuditRecordWriter added in v0.6.6

type ChannelAuditRecordWriter interface {
	AuditRecordWriter
	GetChan() <-chan []byte
}

ChannelAuditRecordWriter extends the AuditRecordWriter by offering a function to get a channel to receive serialized audit records.

type DumpConfig added in v0.6.6

type DumpConfig struct {
	Path          string
	Separator     string
	Selection     string
	MemBufferSize int
	JSON          bool
	Table         bool
	UTC           bool
	Fields        bool
	TabSeparated  bool
	Structured    bool
	CSV           bool
	ForceColors   bool
}

DumpConfig contains all possible settings for dumping an audit records this structure has an optimized field order to avoid excessive padding.

type ElasticConfig added in v0.6.6

type ElasticConfig struct {
	// ElasticAddrs is a list of elastic database endpoints to send data to
	// the elastic default is localhost:9200
	ElasticAddrs []string

	// ElasticUser is the elastic user in case the database is protected via basic auth
	ElasticUser string

	// ElasticPass is the elastic password in case the database is protected via basic auth
	ElasticPass string

	// KibanaEndpoint is the address for Kibana
	KibanaEndpoint string

	// LimitTotalFields is the maximum number of fields allowed per batch
	LimitTotalFields int

	// BulkSize controls the number of documents sent to elastic per batch
	BulkSize int
}

ElasticConfig allows to overwrite elastic defaults.

type Reader added in v0.6.6

type Reader struct {
	// contains filtered or unexported fields
}

Reader implements reading netcap audit record files.

func Open added in v0.6.6

func Open(file string, memBufSize int) (*Reader, error)

Open a netcap audit record file for reading.

func (*Reader) Close added in v0.6.6

func (r *Reader) Close() error

Close the file.

func (*Reader) Next added in v0.6.6

func (r *Reader) Next(msg proto.Message) error

Next Message.

func (*Reader) ReadHeader added in v0.6.6

func (r *Reader) ReadHeader() (*types.Header, error)

ReadHeader reads the file header.

type WriterConfig added in v0.6.6

type WriterConfig struct {

	// Writer Types:
	// Comma Separated Values writer
	CSV bool

	// Protobuf writer
	Proto bool

	// JSON writer
	JSON bool

	// Channel writer
	Chan bool

	// ChanSize is the size of chunks sent through the channel
	ChanSize int

	// Elastic db writer
	Elastic bool

	// UnixSocket writer
	UnixSocket bool

	// ElasticConfig allows to overwrite elastic defaults
	ElasticConfig

	// The Null writer will write nothing to disk and discard all data.
	Null bool

	// Netcap header information
	Name          string
	Type          types.Type
	Buffer        bool
	Compress      bool
	Out           string
	MemBufferSize int

	// Netcap header information
	Source           string
	Version          string
	IncludesPayloads bool
	StartTime        time.Time

	// compression
	CompressionBlockSize int
	CompressionLevel     int

	// Encode data on the fly
	Encode bool

	// Label data on the fly
	Label bool
}

WriterConfig contains config parameters for a audit record writer.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL