gcs

package module
v0.0.0-...-8499fb3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 1, 2023 License: Apache-2.0 Imports: 3 Imported by: 1

README

Go Implementation of Open Cybersecurity Schema Framework (OCSF)

This repository is a go package that builds the OCSF Schemas into structs.

Open Cybersecurity Schema Framework
What is OCSF?

Documentation

Overview

https://schema.ocsf.io/objects/actor

https://schema.ocsf.io/classes/authentication?extensions=

https://schema.ocsf.io/objects/authorization

https://schema.ocsf.io/objects/digital_signature

https://schema.ocsf.io/objects/feature

https://schema.ocsf.io/objects/file

https://schema.ocsf.io/objects/fingerprint

https://schema.ocsf.io/objects/group

https://schema.ocsf.io/objects/idp

https://schema.ocsf.io/objects/policy

https://schema.ocsf.io/objects/process

https://schema.ocsf.io/objects/product

https://schema.ocsf.io/objects/session

https://schema.ocsf.io/objects/user

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Boolean 

func Boolean(b bool) *bool

func Integer 

func Integer(i int) *int

func UInteger 

func UInteger(u uint) *uint

func UInteger8 

func UInteger8(u uint8) *uint8

func ValidatorErrLog 

func ValidatorErrLog(err error)

Types

type Actor 

type Actor struct {
	AuthorizationInformation *[]AuthorizationInformation `json:"authorizations" validate:"omitempty"`
	IdentityProvider         *IdentityProvider           `json:"idp" validate:"omitempty"`
	InvokedBy                string                      `json:"invoked_by" validate:"omitempty"`
	Process                  *Process                    `json:"process" validate:"omitempty"`
	User                     *User                       `json:"user" validate:"omitempty"`
	UserSession              *Session                    `json:"session" validate:"omitempty"`
}

func ValidateActor 

func ValidateActor(actor *Actor) (*Actor, error)

type Authentication 

type Authentication struct {
	Activity                  string                 `json:"activity_name" validate:"omitempty"`
	ActivityID                uint8                  `json:"activity_id" validate:"omitempty"`
	Actor                     *Actor                 `json:"actor" validate:"omitempty"`
	AuthProtocol              string                 `json:"auth_protocol" validate:"omitempty"`
	AuthProtocolID            uint8                  `json:"auth_protocol_id" validate:"omitempty"`
	Category                  string                 `json:"category_name" validate:"omitempty"`
	CategoryID                *uint8                 `json:"category_uid" validate:"required"`
	Class                     string                 `json:"class_name" validate:"omitempty"`
	ClassID                   *uint                  `json:"class_uid" validate:"required"`
	CleartextCredentials      bool                   `json:"is_cleartext" validate:"omitempty"`
	Confidence                uint8                  `json:"confidence" validate:"omitempty"`
	Count                     uint                   `json:"count" validate:"omitempty"`
	Data                      map[string]interface{} `json:"data" validate:"omitempty"`
	Duration                  uint                   `json:"duration" validate:"omitempty"`
	EndTime                   *time.Time             `json:"end_time" validate:"omitempty"`
	EventTime                 *time.Time             `json:"time" validate:"required"`
	LogonProcess              *Process               `json:"logon_process" validate:"omitempty"`
	LogonTypeID               uint8                  `json:"logon_type_id" validate:"omitempty"`
	Message                   string                 `json:"message" validate:"omitempty"`
	MultiFactorAuthentication bool                   `json:"mfa" validate:"omitempty"`
	RawData                   string                 `json:"raw_data" validate:"omitempty"`
	Remote                    bool                   `json:"remote" validate:"omitempty"`
	Severity                  string                 `json:"severity" validate:"omitempty"`
	SeverityID                uint8                  `json:"severity_id" validate:"omitempty"`
	StartTime                 *time.Time             `json:"start_time" validate:"omitempty"`
	Status                    string                 `json:"status" validate:"omitempty"`
	StatusCode                string                 `json:"status_code" validate:"omitempty"`
	StatusDetails             string                 `json:"status_detail" validate:"omitempty"`
	StatusID                  uint8                  `json:"status_id" validate:"omitempty"`
	TimezoneOffset            int                    `json:"timezone_offset" validate:"omitempty"`
	TypeID                    *uint                  `json:"type_uid" validate:"required"`
	TypeName                  string                 `json:"type_name" validate:"omitempty"`
	UnmappedData              map[string]interface{} `json:"unmapped" validate:"omitempty"`
	User                      *User                  `json:"user" validate:"required"`
	UserSession               *Session               `json:"session" validate:"omitempty"`
}

func ValidateAuthentication 

func ValidateAuthentication(auth *Authentication) (*Authentication, error)

type AuthorizationInformation 

type AuthorizationInformation struct {
	AuthorizationDecision string  `json:"decision" validate:"omitempty"`
	Policy                *Policy `json:"policy" validate:"omitempty"`
}

func ValidateAuthorizationInformation 

func ValidateAuthorizationInformation(authInfo *AuthorizationInformation) (*AuthorizationInformation, error)

type DigitalSignature 

type DigitalSignature struct {
	CompanyName  string         `json:"company_name" validate:"required"`
	CreatedTimed *time.Time     `json:"created_time" validate:"omitempty"`
	DeveloperUID string         `json:"developer_uid" validate:"omitempty"`
	Fingerprints *[]Fingerprint `json:"fingerprints" validate:"omitempty"`
	IssuerName   string         `json:"issuer_name" validate:"omitempty"`
	SerialNumber string         `json:"serial_number" validate:"omitempty"`
}

func ValidateDigitalSignature 

func ValidateDigitalSignature(ds *DigitalSignature) (*DigitalSignature, error)

type Feature 

type Feature struct {
	FeatureID      string `json:"uid" validate:"omitempty"`
	FeatureName    string `json:"name" validate:"omitempty"`
	FeatureVersion string `json:"version" validate:"omitempty"`
}

func ValidateFeature 

func ValidateFeature(feature *Feature) (*Feature, error)

type File 

type File struct {
	AccessedTime       *time.Time             `json:"accessed_time" validate:"omitempty"`
	Accessor           *User                  `json:"accessor" validate:"omitempty"`
	Attributes         uint                   `json:"attributes" validate:"omitempty"`
	CompanyName        string                 `json:"company_name" validate:"omitempty"`
	Confidentiality    string                 `json:"confidentiality" validate:"omitempty"`
	ConfidentialityID  uint8                  `json:"confidentiality_id" validate:"omitempty"`
	CreatedTime        *time.Time             `json:"created_time" validate:"omitempty"`
	Creator            *User                  `json:"creator" validate:"omitempty"`
	Description        string                 `json:"desc" validate:"omitempty"`
	DigitalSignature   *DigitalSignature      `json:"signature" validate:"omitempty"`
	ExtendedAttributes map[string]interface{} `json:"xattributes" validate:"omitempty"`
	Fingerprints       *[]Fingerprint         `json:"fingerprints" validate:"omitempty"`
	MIMEType           string                 `json:"mime_type" validate:"omitempty"`
	Modifier           *User                  `json:"modifier" validate:"omitempty"`
	Name               string                 `json:"name" validate:"required"`
	Owner              *User                  `json:"owner" validate:"omitempty"`
	ParentFolder       string                 `json:"parent_folder" validate:"omitempty"`
	Path               string                 `json:"path" validate:"omitempty"`
	Product            *Product               `json:"product" validate:"omitempty"`
	SecurityDescriptor string                 `json:"security_descriptor" validate:"omitempty"`
	Size               int64                  `json:"size" validate:"omitempty"`
	System             bool                   `json:"is_system" validate:"omitempty"`
	Type               string                 `json:"type" validate:"omitempty"`
	TypeID             *uint8                 `json:"type_id" validate:"required"`
	UniqueID           string                 `json:"uid" validate:"omitempty"`
	Version            string                 `json:"version" validate:"omitempty"`
}

func ValidateFile 

func ValidateFile(file *File) (*File, error)

type Fingerprint 

type Fingerprint struct {
	Algorithm   string `json:"algorithm" validate:"omitempty"`
	AlgorithmID *uint8 `json:"algorithm_id" validate:"required"`
	Value       string `json:"value" validate:"required"`
}

func ValidateFingerprint 

func ValidateFingerprint(fingerprint *Fingerprint) (*Fingerprint, error)

type Group 

type Group struct {
	AccountType string   `json:"type" validate:"omitempty"`
	Description string   `json:"desc" validate:"omitempty"`
	Name        string   `json:"name" validate:"required"`
	Privileges  []string `json:"privileges" validate:"omitempty"`
	UniqueID    string   `json:"unique_id" validate:"omitempty"`
}

func ValidateGroup 

func ValidateGroup(group *Group) (*Group, error)

type IdentityProvider 

type IdentityProvider struct {
	Name     string `json:"name" validate:"omitempty"`
	UniqueID string `json:"uid" validate:"omitempty"`
}

func ValidateIdentityProvider 

func ValidateIdentityProvider(idp *IdentityProvider) (*IdentityProvider, error)

type Policy 

type Policy struct {
	Description string `json:"desc" validate:"omitempty"`
	Group       *Group `json:"group" validate:"omitempty"`
	Name        string `json:"name" validate:"required"`
	UniqueID    string `json:"uid" validate:"omitempty"`
	Version     string `json:"version" validate:"omitempty"`
}

func ValidatePolicy 

func ValidatePolicy(policy *Policy) (*Policy, error)

type Process 

type Process struct {
	CommandLine        string                 `json:"cmd_line" validate:"omitempty"`
	CreatedTimed       *time.Time             `json:"created_time" validate:"omitempty"`
	ExtendedAttributes map[string]interface{} `json:"xattributes" validate:"omitempty"`
	File               *File                  `json:"file" validate:"omitempty"`
	Integrity          string                 `json:"integrity" validate:"omitempty"`
	IntegrityLevel     uint8                  `json:"integrity_id" validate:"omitempty"`
	Lineage            []string               `json:"lineage" validate:"omitempty"`
	LoadedModules      []string               `json:"loaded_modules" validate:"omitempty"`
	Name               string                 `json:"name" validate:"omitempty"`
	ParentProcess      *Process               `json:"parent_process" validate:"omitempty"`
	ProcessID          uint                   `json:"pid" validate:"omitempty"`
	ProcessUID         string                 `json:"uid" validate:"omitempty"`
	Sandbox            string                 `json:"sandbox" validate:"omitempty"`
	TerminatedTime     *time.Time             `json:"terminated_time" validate:"omitempty"`
	ThreadID           uint                   `json:"tid" validate:"omitempty"`
	User               *User                  `json:"user" validate:"omitempty"`
	UserSession        *Session               `json:"session" validae:"omitempty"`
}

func ValidateProcess 

func ValidateProcess(process *Process) (*Process, error)

type Product 

type Product struct {
	Feature        *Feature `json:"feature" validate:"omitempty"`
	Language       string   `json:"lang" validate:"omitempty"`
	ProductID      string   `json:"uid" validate:"omitempty"`
	ProductName    string   `json:"name" validate:"required"`
	ProductPath    string   `json:"path" validate:"omitempty"`
	ProductVersion string   `json:"version" validate:"omitempty"`
	VendorName     string   `json:"vendor_name" validate:"required"`
}

func ValidateProduct 

func ValidateProduct(product *Product) (*Product, error)

type Session 

type Session struct {
	CreatedTimed              *time.Time `json:"created_time" validate:"omitempty"`
	ExpirationTime            *time.Time `json:"expiration_time" validate:"omitempty"`
	IssuerDetails             string     `json:"issuer" validate:"omitempty"`
	MultiFactorAuthentication bool       `json:"mfa" validate:"omitempty"`
	UUID                      string     `json:"uuid" validate:"omitempty"`
	UniqueID                  string     `json:"uid" validate:"omitempty"`
	UserCredentialID          string     `json:"credential_uid" validate:"omitempty"`
}

func ValidateSession 

func ValidateSession(session *Session) (*Session, error)

type User 

type User struct {
	AccountType      string   `json:"account_type" validate:"omitempty"`
	AccountTypeID    uint8    `json:"account_type_id" validate:"omitempty"`
	AccountUID       string   `json:"account_uid" validate:"omitempty"`
	Domain           string   `json:"domain" validate:"omitempty"`
	EmailAddress     string   `json:"email_addr" validate:"email,omitempty"`
	Groups           *[]Group `json:"groups" validate:"omitempty"`
	Name             string   `json:"name" validate:"omitempty"`
	OrgID            string   `json:"org_uid" validate:"omitempty"`
	Type             string   `json:"type" validate:"omitempty"`
	TypeID           uint8    `json:"type_id" validate:"omitempty"`
	UniqueUserID     string   `json:"uuid" validate:"omitempty"`
	UserCredentialID string   `json:"credential_uid" validate:"omitempty"`
	UserID           string   `json:"uid" validate:"omitempty"`
}

func ValidateUser 

func ValidateUser(user *User) (*User, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.