Documentation ¶
Index ¶
- Constants
- type GraylogConfiguration
- type GraylogMessage
- type LoggerDB
- func (logDB *LoggerDB) CleanQueryLogs(entries int64) error
- func (logDB *LoggerDB) CleanResultLogs(environment string, seconds int64) error
- func (logDB *LoggerDB) CleanStatusLogs(environment string, seconds int64) error
- func (logDB *LoggerDB) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) Query(data []byte, environment, uuid, name string, status int, debug bool)
- func (logDB *LoggerDB) QueryLogs(name string) ([]OsqueryQueryData, error)
- func (logDB *LoggerDB) Result(data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) ResultLogs(uuid, environment string, seconds int64) ([]OsqueryResultData, error)
- func (logDB *LoggerDB) Settings(mgr *settings.Settings)
- func (logDB *LoggerDB) Status(data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) StatusLogs(uuid, environment string, seconds int64) ([]OsqueryStatusData, error)
- type LoggerGraylog
- type LoggerSplunk
- type LoggerTLS
- func (l *LoggerTLS) DispatchLogs(data []byte, uuid, logType, environment string, metadata nodes.NodeMetadata, ...)
- func (l *LoggerTLS) DispatchQueries(queryData types.QueryWriteData, node nodes.OsqueryNode, debug bool)
- func (logTLS *LoggerTLS) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (l *LoggerTLS) ProcessLogQueryResult(queriesWrite types.QueryWriteRequest, environment string, debug bool)
- func (l *LoggerTLS) ProcessLogs(data json.RawMessage, logType, environment, ipaddress string, debug bool)
- func (logTLS *LoggerTLS) QueryLog(logType string, data []byte, environment, uuid, name string, status int, ...)
- type OsqueryQueryData
- type OsqueryResultData
- type OsqueryStatusData
- type SlunkConfiguration
- type SplunkMessage
Constants ¶
const ( // GraylogVersion - GELF spec version GraylogVersion = "1.1" // GraylogLevel - Log Level (informational) GraylogLevel = 6 // GraylogMethod - Method to send GraylogMethod = "POST" )
const ( // SplunkMethod Method to send requests SplunkMethod = "POST" // SplunkContentType Content Type for requests SplunkContentType = "application/json" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GraylogConfiguration ¶
type GraylogConfiguration struct { URL string `json:"url"` Host string `json:"host"` Queries string `json:"queries"` Status string `json:"status"` Results string `json:"results"` }
GraylogConfiguration to hold all graylog configuration values
func LoadGraylog ¶
func LoadGraylog(file string) (GraylogConfiguration, error)
Function to load the Graylog configuration from JSON file
type GraylogMessage ¶
type GraylogMessage struct { Version string `json:"version"` Host string `json:"host"` ShortMessage string `json:"short_message"` Timestamp int64 `json:"timestamp"` Level uint `json:"level"` Environment string `json:"_environment"` Type string `json:"_type"` UUID string `json:"_uuid"` }
GraylogMessage to handle log format to be sent to Graylog
type LoggerDB ¶
type LoggerDB struct { Database *gorm.DB Configuration backend.JSONConfigurationDB Enabled bool }
LoggerDB will be used to log data using a database
func CreateLoggerDB ¶
func (*LoggerDB) CleanQueryLogs ¶
CleanQueryLogs will delete old query logs
func (*LoggerDB) CleanResultLogs ¶
CleanResultLogs will delete old status logs
func (*LoggerDB) CleanStatusLogs ¶
CleanStatusLogs will delete old status logs
func (*LoggerDB) QueryLogs ¶
func (logDB *LoggerDB) QueryLogs(name string) ([]OsqueryQueryData, error)
QueryLogs will retrieve all query logs
func (*LoggerDB) ResultLogs ¶
func (logDB *LoggerDB) ResultLogs(uuid, environment string, seconds int64) ([]OsqueryResultData, error)
ResultLogs will retrieve all result logs
func (*LoggerDB) StatusLogs ¶
func (logDB *LoggerDB) StatusLogs(uuid, environment string, seconds int64) ([]OsqueryStatusData, error)
StatusLogs will retrieve all status logs
type LoggerGraylog ¶
type LoggerGraylog struct { Configuration GraylogConfiguration Headers map[string]string Enabled bool }
LoggerGraylog will be used to log data using Graylog
func CreateLoggerGraylog ¶
func CreateLoggerGraylog(graylogFile string) (*LoggerGraylog, error)
func (*LoggerGraylog) Send ¶
func (logGL *LoggerGraylog) Send(logType string, data []byte, environment, uuid string, debug bool)
GraylogSend - Function that sends JSON logs to Graylog
func (*LoggerGraylog) Settings ¶
func (logGL *LoggerGraylog) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerSplunk ¶
type LoggerSplunk struct { Configuration SlunkConfiguration Headers map[string]string Enabled bool }
LoggerSplunk will be used to log data using Splunk
func CreateLoggerSplunk ¶
func CreateLoggerSplunk(splunkFile string) (*LoggerSplunk, error)
func (*LoggerSplunk) Send ¶
func (logSP *LoggerSplunk) Send(logType string, data []byte, environment, uuid string, debug bool)
Send - Function that sends JSON logs to Splunk HTTP Event Collector
func (*LoggerSplunk) Settings ¶
func (logSP *LoggerSplunk) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerTLS ¶
type LoggerTLS struct { Logging string Logger interface{} Nodes *nodes.NodeManager Queries *queries.Queries }
LoggerTLS will be used to handle logging for the TLS endpoint
func CreateLoggerTLS ¶
func CreateLoggerTLS(logging, loggingFile string, mgr *settings.Settings, nodes *nodes.NodeManager, queries *queries.Queries) (*LoggerTLS, error)
CreateLoggerTLS to instantiate a new logger for the TLS endpoint
func (*LoggerTLS) DispatchLogs ¶
func (l *LoggerTLS) DispatchLogs(data []byte, uuid, logType, environment string, metadata nodes.NodeMetadata, debug bool)
DispatchLogs - Helper to dispatch logs
func (*LoggerTLS) DispatchQueries ¶
func (l *LoggerTLS) DispatchQueries(queryData types.QueryWriteData, node nodes.OsqueryNode, debug bool)
DispatchQueries - Helper to dispatch queries
func (*LoggerTLS) ProcessLogQueryResult ¶
func (l *LoggerTLS) ProcessLogQueryResult(queriesWrite types.QueryWriteRequest, environment string, debug bool)
ProcessLogQueryResult - Helper to process on-demand query result logs
func (*LoggerTLS) ProcessLogs ¶
func (l *LoggerTLS) ProcessLogs(data json.RawMessage, logType, environment, ipaddress string, debug bool)
ProcessLogs - Helper to process logs
type OsqueryQueryData ¶
type OsqueryQueryData struct { gorm.Model UUID string `gorm:"index"` Environment string Name string Data []byte Status int }
OsqueryQueryData to log query data to database
type OsqueryResultData ¶
type OsqueryResultData struct { gorm.Model UUID string `gorm:"index"` Environment string Name string Action string Epoch int64 Columns []byte Counter int }
OsqueryResultData to log result data to database
type OsqueryStatusData ¶
type OsqueryStatusData struct { gorm.Model UUID string `gorm:"index"` Environment string Line string Message string Version string Filename string Severity string }
OsqueryStatusData to log status data to database
type SlunkConfiguration ¶
type SlunkConfiguration struct { URL string `json:"url"` Token string `json:"token"` Host string `json:"host"` Index string `json:"index"` Queries string `json:"queries"` Status string `json:"status"` Results string `json:"results"` }
SlunkConfiguration to hold all splunk configuration values
func LoadSplunk ¶
func LoadSplunk(file string) (SlunkConfiguration, error)
Function to load the Splunk configuration from JSON file