Documentation
¶
Index ¶
- Constants
- type GraylogConfiguration
- type GraylogMessage
- type LoggerDB
- func (logDB *LoggerDB) CleanQueryLogs(entries int64) error
- func (logDB *LoggerDB) CleanResultLogs(environment string, seconds int64) error
- func (logDB *LoggerDB) CleanStatusLogs(environment string, seconds int64) error
- func (logDB *LoggerDB) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) Query(data []byte, environment, uuid, name string, status int, debug bool)
- func (logDB *LoggerDB) QueryLogs(name string) ([]OsqueryQueryData, error)
- func (logDB *LoggerDB) Result(data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) ResultLogs(uuid, environment string, seconds int64) ([]OsqueryResultData, error)
- func (logDB *LoggerDB) Settings(mgr *settings.Settings)
- func (logDB *LoggerDB) Status(data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) StatusLogs(uuid, environment string, seconds int64) ([]OsqueryStatusData, error)
- type LoggerGraylog
- type LoggerSplunk
- type LoggerTLS
- func (l *LoggerTLS) DispatchLogs(data []byte, uuid, logType, environment string, metadata nodes.NodeMetadata, ...)
- func (l *LoggerTLS) DispatchQueries(queryData types.QueryWriteData, node nodes.OsqueryNode, debug bool)
- func (logTLS *LoggerTLS) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (l *LoggerTLS) ProcessLogQueryResult(queriesWrite types.QueryWriteRequest, environment string, debug bool)
- func (l *LoggerTLS) ProcessLogs(data json.RawMessage, logType, environment, ipaddress string, debug bool)
- func (logTLS *LoggerTLS) QueryLog(logType string, data []byte, environment, uuid, name string, status int, ...)
- type OsqueryQueryData
- type OsqueryResultData
- type OsqueryStatusData
- type SlunkConfiguration
- type SplunkMessage
Constants ¶
View Source
const ( // GraylogVersion - GELF spec version GraylogVersion = "1.1" // GraylogLevel - Log Level (informational) GraylogLevel = 6 // GraylogMethod - Method to send GraylogMethod = "POST" )
View Source
const ( // SplunkMethod Method to send requests SplunkMethod = "POST" // SplunkContentType Content Type for requests SplunkContentType = "application/json" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GraylogConfiguration ¶
type GraylogConfiguration struct {
URL string `json:"url"`
Host string `json:"host"`
Queries string `json:"queries"`
Status string `json:"status"`
Results string `json:"results"`
}
GraylogConfiguration to hold all graylog configuration values
func LoadGraylog ¶
func LoadGraylog(file string) (GraylogConfiguration, error)
Function to load the Graylog configuration from JSON file
type GraylogMessage ¶
type GraylogMessage struct {
Version string `json:"version"`
Host string `json:"host"`
ShortMessage string `json:"short_message"`
Timestamp int64 `json:"timestamp"`
Level uint `json:"level"`
Environment string `json:"_environment"`
Type string `json:"_type"`
UUID string `json:"_uuid"`
}
GraylogMessage to handle log format to be sent to Graylog
type LoggerDB ¶
type LoggerDB struct {
Database *gorm.DB
Configuration backend.JSONConfigurationDB
Enabled bool
}
LoggerDB will be used to log data using a database
func CreateLoggerDB ¶
func (*LoggerDB) CleanQueryLogs ¶
CleanQueryLogs will delete old query logs
func (*LoggerDB) CleanResultLogs ¶
CleanResultLogs will delete old status logs
func (*LoggerDB) CleanStatusLogs ¶
CleanStatusLogs will delete old status logs
func (*LoggerDB) QueryLogs ¶
func (logDB *LoggerDB) QueryLogs(name string) ([]OsqueryQueryData, error)
QueryLogs will retrieve all query logs
func (*LoggerDB) ResultLogs ¶
func (logDB *LoggerDB) ResultLogs(uuid, environment string, seconds int64) ([]OsqueryResultData, error)
ResultLogs will retrieve all result logs
func (*LoggerDB) StatusLogs ¶
func (logDB *LoggerDB) StatusLogs(uuid, environment string, seconds int64) ([]OsqueryStatusData, error)
StatusLogs will retrieve all status logs
type LoggerGraylog ¶
type LoggerGraylog struct {
Configuration GraylogConfiguration
Headers map[string]string
Enabled bool
}
LoggerGraylog will be used to log data using Graylog
func CreateLoggerGraylog ¶
func CreateLoggerGraylog(graylogFile string) (*LoggerGraylog, error)
func (*LoggerGraylog) Send ¶
func (logGL *LoggerGraylog) Send(logType string, data []byte, environment, uuid string, debug bool)
GraylogSend - Function that sends JSON logs to Graylog
func (*LoggerGraylog) Settings ¶
func (logGL *LoggerGraylog) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerSplunk ¶
type LoggerSplunk struct {
Configuration SlunkConfiguration
Headers map[string]string
Enabled bool
}
LoggerSplunk will be used to log data using Splunk
func CreateLoggerSplunk ¶
func CreateLoggerSplunk(splunkFile string) (*LoggerSplunk, error)
func (*LoggerSplunk) Send ¶
func (logSP *LoggerSplunk) Send(logType string, data []byte, environment, uuid string, debug bool)
Send - Function that sends JSON logs to Splunk HTTP Event Collector
func (*LoggerSplunk) Settings ¶
func (logSP *LoggerSplunk) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerTLS ¶
type LoggerTLS struct {
Logging string
Logger interface{}
Nodes *nodes.NodeManager
Queries *queries.Queries
}
LoggerTLS will be used to handle logging for the TLS endpoint
func CreateLoggerTLS ¶
func CreateLoggerTLS(logging, loggingFile string, mgr *settings.Settings, nodes *nodes.NodeManager, queries *queries.Queries) (*LoggerTLS, error)
CreateLoggerTLS to instantiate a new logger for the TLS endpoint
func (*LoggerTLS) DispatchLogs ¶
func (l *LoggerTLS) DispatchLogs(data []byte, uuid, logType, environment string, metadata nodes.NodeMetadata, debug bool)
DispatchLogs - Helper to dispatch logs
func (*LoggerTLS) DispatchQueries ¶
func (l *LoggerTLS) DispatchQueries(queryData types.QueryWriteData, node nodes.OsqueryNode, debug bool)
DispatchQueries - Helper to dispatch queries
func (*LoggerTLS) ProcessLogQueryResult ¶
func (l *LoggerTLS) ProcessLogQueryResult(queriesWrite types.QueryWriteRequest, environment string, debug bool)
ProcessLogQueryResult - Helper to process on-demand query result logs
func (*LoggerTLS) ProcessLogs ¶
func (l *LoggerTLS) ProcessLogs(data json.RawMessage, logType, environment, ipaddress string, debug bool)
ProcessLogs - Helper to process logs
type OsqueryQueryData ¶
type OsqueryQueryData struct {
gorm.Model
UUID string `gorm:"index"`
Environment string
Name string
Data []byte
Status int
}
OsqueryQueryData to log query data to database
type OsqueryResultData ¶
type OsqueryResultData struct {
gorm.Model
UUID string `gorm:"index"`
Environment string
Name string
Action string
Epoch int64
Columns []byte
Counter int
}
OsqueryResultData to log result data to database
type OsqueryStatusData ¶
type OsqueryStatusData struct {
gorm.Model
UUID string `gorm:"index"`
Environment string
Line string
Message string
Version string
Filename string
Severity string
}
OsqueryStatusData to log status data to database
type SlunkConfiguration ¶
type SlunkConfiguration struct {
URL string `json:"url"`
Token string `json:"token"`
Host string `json:"host"`
Index string `json:"index"`
Queries string `json:"queries"`
Status string `json:"status"`
Results string `json:"results"`
}
SlunkConfiguration to hold all splunk configuration values
func LoadSplunk ¶
func LoadSplunk(file string) (SlunkConfiguration, error)
Function to load the Splunk configuration from JSON file
Source Files
Click to show internal directories.
Click to hide internal directories.