api

package
v0.41.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 30, 2022 License: Apache-2.0 Imports: 27 Imported by: 4

README

Go API Client

A Golang API client for interacting with the Lacework API.

Usage

Download the library into your $GOPATH:

$ go get github.com/lacework/go-sdk/api

Import the library into your tool:

import "github.com/lacework/go-sdk/api"

Requirements

To interact with Lacework's API you need to have:

  1. A Lacework account
  2. Either API access keys or token for authentication

Examples

Create a new Lacework client that will automatically generate a new access token from the provided set of API keys, then hit the /external/integrations endpoint to list all available integrations from your account:

package main

import (
	"fmt"
	"log"

	"github.com/lacework/go-sdk/api"
)

func main() {
	lacework, err := api.NewClient("account",
		api.WithTokenFromKeys("KEY", "SECRET"),
	)
	if err != nil {
		log.Fatal(err)
	}

	integrations, err := lacework.Integrations.List()
	if err != nil {
		log.Fatal(err)
	}

	// Output:
	// CUSTOMER_123456B DATADOG
	// CUSTOMER_123456A CONT_VULN_CFG
	// CUSTOMER_123456C PAGER_DUTY_API
	fmt.Println(integrations.String())
}

Look at the _examples/ folder for more examples.

Documentation

Index

Constants

View Source 
const (
	// NoneAlertChannelType type that defines a non-existing Alert Channel integration
	NoneAlertChannelType alertChannelType = iota
	EmailUserAlertChannelType
	SlackChannelAlertChannelType
	AwsS3AlertChannelType
	CloudwatchEbAlertChannelType
	DatadogAlertChannelType
	WebhookAlertChannelType
	VictorOpsAlertChannelType
	CiscoSparkWebhookAlertChannelType
	MicrosoftTeamsAlertChannelType
	GcpPubSubAlertChannelType
	SplunkHecAlertChannelType
	ServiceNowRestAlertChannelType
	NewRelicInsightsAlertChannelType
	PagerDutyApiAlertChannelType
	IbmQRadarAlertChannelType
	JiraAlertChannelType
)
View Source 
const (
	AlertRuleSeverityCritical alertRuleSeverity = 1
	AlertRuleSeverityHigh     alertRuleSeverity = 2
	AlertRuleSeverityMedium   alertRuleSeverity = 3
	AlertRuleSeverityLow      alertRuleSeverity = 4
	AlertRuleSeverityInfo     alertRuleSeverity = 5
	AlertRuleSeverityUnknown  alertRuleSeverity = 0
)
View Source 
const (
	// type that defines a non-existing Cloud Account integration
	NoneCloudAccount cloudAccountType = iota
	AwsCfgCloudAccount
	AwsCtSqsCloudAccount
	AwsEksAuditCloudAccount
	AwsSidekickCloudAccount
	AwsUsGovCfgCloudAccount
	AwsUsGovCtSqsCloudAccount
	AzureAlSeqCloudAccount
	AzureCfgCloudAccount
	GcpAtSesCloudAccount
	GcpCfgCloudAccount
	GcpGkeAuditCloudAccount
)
View Source 
const (
	// type that defines a non-existing Container Registry integration
	NoneContainerRegistry containerRegistryType = iota
	GcpGarContainerRegistry
	GhcrContainerRegistry
	InlineScannerContainerRegistry
)
View Source 
const (
	// The list of valid inputs for DatadogSite field
	DatadogSiteEu  datadogSite = "eu"
	DatadogSiteCom datadogSite = "com"

	// The list of valid inputs for DatadogService field
	DatadogServiceLogsDetails   datadogService = "Logs Detail"
	DatadogServiceEventsSummary datadogService = "Events Summary"
	DatadogServiceLogsSummary   datadogService = "Logs Summary"
)
View Source 
const (
	JiraCloudAlertType  = "JIRA_CLOUD"
	JiraServerAlertType = "JIRA_SERVER"
)
View Source 
const (
	// The list of valid inputs for QRadar Communication Type field
	QRadarCommHttps           qradarComm = "HTTPS"
	QRadarCommHttpsSelfSigned qradarComm = "HTTPS Self Signed Cert"
)
View Source 
const (
	// type that defines a non-existing integration
	NoneIntegration integrationType = iota

	// AWS Config integration type
	AwsCfgIntegration

	// AWS CloudTrail integration type
	AwsCloudTrailIntegration

	// AWS Gov Cloud Config integration type
	AwsGovCloudCfgIntegration

	// AWS GovCloud CloudTrail integration type
	AwsGovCloudCTIntegration

	// AWS S3 channel integration type
	AwsS3ChannelIntegration

	// Datadog channel integration type
	DatadogChannelIntegration

	// GCP Config integration type
	GcpCfgIntegration

	// GCP Audit Log integration type
	GcpAuditLogIntegration

	// GCP Pub Sub alert channel integration type
	GcpPubSubChannelIntegration

	// New Relic Insights alert channel integration type
	NewRelicChannelIntegration

	// Azure Config integration type
	AzureCfgIntegration

	// Azure Activity Log integration type
	AzureActivityLogIntegration

	// Cisco Webex integration type
	CiscoWebexChannelIntegration

	// Container registry integration type
	ContainerRegistryIntegration

	// Microsoft Teams channel integration type
	MicrosoftTeamsChannelIntegration

	// QRadar channel integration type
	QRadarChannelIntegration

	// Slack channel integration type
	SlackChannelIntegration

	// Sevice Now alert channel integration type
	ServiceNowChannelIntegration

	// Splunk channel integration type
	SplunkIntegration

	// AWS CloudWatch integration type
	AwsCloudWatchIntegration

	// Pager Duty integration type
	PagerDutyIntegration

	// Jira integration type
	JiraIntegration

	// Email integration type
	EmailIntegration

	// VictorOps channel integration type
	VictorOpsChannelIntegration

	// Webhook channel integration type
	WebhookIntegration
)
View Source 
const (
	// type that defines a non-existing registry
	NoneRegistry registryType = iota
	DockerHubRegistry
	DockerV2Registry
	EcrRegistry
	GcrRegistry
)
View Source 
const (
	AwsEcrIAM ecrAuthType = iota
	AwsEcrAccessKey
)
View Source 
const (
	// Project level integration with GCP
	GcpProjectIntegration gcpResourceLevel = iota

	// Organization level integration with GCP
	GcpOrganizationIntegration
)
View Source 
const (
	ReportRuleSeverityCritical reportRuleSeverity = 1
	ReportRuleSeverityHigh     reportRuleSeverity = 2
	ReportRuleSeverityMedium   reportRuleSeverity = 3
	ReportRuleSeverityLow      reportRuleSeverity = 4
	ReportRuleSeverityInfo     reportRuleSeverity = 5
	ReportRuleSeverityUnknown  reportRuleSeverity = 0
)
View Source 
const (
	None integrationSchema = iota
	AlertChannels
	AlertProfiles
	AlertRules
	ContainerRegistries
	CloudAccounts
	ResourceGroups
	ReportRules
	TeamMembers
	VulnerabilityExceptions
)
View Source 
const (
	VulnerabilityExceptionReasonAcceptedRisk vulnerabilityExceptionReason = iota
	VulnerabilityExceptionReasonAcceptedFalsePositive
	VulnerabilityExceptionReasonCompensatingControls
	VulnerabilityExceptionReasonFixPending
	VulnerabilityExceptionReasonOther
	VulnerabilityExceptionReasonUnknown
)
View Source 
const (
	VulnerabilityExceptionTypeHost vulnerabilityExceptionType = iota
	VulnerabilityExceptionTypeContainer
)
View Source 
const (
	VulnerabilityExceptionSeverityCritical vulnerabilityExceptionSeverity = "Critical"
	VulnerabilityExceptionSeverityHigh     vulnerabilityExceptionSeverity = "High"
	VulnerabilityExceptionSeverityMedium   vulnerabilityExceptionSeverity = "Medium"
	VulnerabilityExceptionSeverityLow      vulnerabilityExceptionSeverity = "Low"
	VulnerabilityExceptionSeverityInfo     vulnerabilityExceptionSeverity = "Info"
	VulnerabilityExceptionSeverityUnknown  vulnerabilityExceptionSeverity = "Unknown"
)
View Source 
const AlertRuleEventType = "Event"
View Source 
const AwsComplianceEvaluationDataset complianceEvaluationDataset = "AwsCompliance"
View Source 
const AwsInventoryDataset inventoryDataset = "AwsCompliance"
View Source 
const AwsInventoryType inventoryType = "AWS"
View Source 
const DefaultTokenExpiryTime = 3600
View Source 
const ReportRuleEventType = "Report"
View Source 
const Version = "0.41.1"

Version is the semver coming from the VERSION file

Variables

View Source 
var (
	ContainerResourceGroupAllLabels = []map[string]string{{"*": "*"}}
	ContainerResourceGroupAllTags   = []string{"*"}
)

Wildcard values for selecting all labels/tags

View Source 
var AlertChannelTypes = map[alertChannelType]string{
	NoneAlertChannelType:              "None",
	EmailUserAlertChannelType:         "EmailUser",
	SlackChannelAlertChannelType:      "SlackChannel",
	AwsS3AlertChannelType:             "AwsS3",
	CloudwatchEbAlertChannelType:      "CloudwatchEb",
	DatadogAlertChannelType:           "Datadog",
	WebhookAlertChannelType:           "Webhook",
	VictorOpsAlertChannelType:         "VictorOps",
	CiscoSparkWebhookAlertChannelType: "CiscoSparkWebhook",
	MicrosoftTeamsAlertChannelType:    "MicrosoftTeams",
	GcpPubSubAlertChannelType:         "GcpPubsub",
	SplunkHecAlertChannelType:         "SplunkHec",
	ServiceNowRestAlertChannelType:    "ServiceNowRest",
	NewRelicInsightsAlertChannelType:  "NewRelicInsights",
	PagerDutyApiAlertChannelType:      "PagerDutyApi",
	IbmQRadarAlertChannelType:         "IbmQradar",
	JiraAlertChannelType:              "Jira",
}

AlertChannelTypes is the list of available Alert Channel integration types

View Source 
var AlertLevels = map[AlertLevel]string{
	CriticalAlertLevel: "Critical",
	HighAlertLevel:     "High",
	MediumAlertLevel:   "Medium",
	LowAlertLevel:      "Low",
	AllAlertLevel:      "All",
}

AlertLevels is the list of available alert levels

View Source 
var AllAwsReportRuleNotifications = new(AwsReportRuleNotifications).allNotifications()

Enable all Aws report rules

View Source 
var AllAzureReportRuleNotifications = new(AzureReportRuleNotifications).allNotifications()

Enable all Azure report rules

View Source 
var AllDailyReportRuleNotifications = new(DailyEventsReportRuleNotifications).allNotifications()

Enable all Daily report rules

View Source 
var AllGcpReportRuleNotifications = new(GcpReportRuleNotifications).allNotifications()

Enable all Gcp report rules

View Source 
var AllReportRuleNotifications = new(ReportRuleNotificationTypes).allNotifications()

Enable all report rules

View Source 
var AllWeeklyReportRuleNotifications = new(WeeklyEventsReportRuleNotifications).allNotifications()

Enable all Weekly report rules

View Source 
var AwsEcrAuthTypes = map[ecrAuthType]string{
	AwsEcrIAM:       "AWS_IAM",
	AwsEcrAccessKey: "AWS_ACCESS_KEY",
}

AwsEcrAuthTypes is the list of available ECR auth types

View Source 
var (
	AwsResourceGroupAllAccounts = []string{"*"}
)

Wildcard values for selecting all aws accounts

View Source 
var (
	AzureResourceGroupAllSubscriptions = []string{"*"}
)

Wildcard values for selecting all azure subscriptions

View Source 
var CloudAccountTypes = map[cloudAccountType]string{
	NoneCloudAccount:          "None",
	AwsCfgCloudAccount:        "AwsCfg",
	AwsCtSqsCloudAccount:      "AwsCtSqs",
	AwsEksAuditCloudAccount:   "AwsEksAudit",
	AwsSidekickCloudAccount:   "AwsSidekick",
	AwsUsGovCfgCloudAccount:   "AwsUsGovCfg",
	AwsUsGovCtSqsCloudAccount: "AwsUsGovCtSqs",
	AzureAlSeqCloudAccount:    "AzureAlSeq",
	AzureCfgCloudAccount:      "AzureCfg",
	GcpAtSesCloudAccount:      "GcpAtSes",
	GcpCfgCloudAccount:        "GcpCfg",
	GcpGkeAuditCloudAccount:   "GcpGkeAudit",
}

CloudAccountTypes is the list of available Cloud Account integration types

View Source 
var ContainerRegistryTypes = map[containerRegistryType]string{
	NoneContainerRegistry:          "None",
	GcpGarContainerRegistry:        "GCP_GAR",
	GhcrContainerRegistry:          "GHCR",
	InlineScannerContainerRegistry: "INLINE_SCANNER",
}

ContainerRegistryTypes is the list of available Container Registry integration types

View Source 
var EntityTypes = map[EntityType]string{
	NoneEntityType:           "None",
	MachineDetailsEntityType: "MachineDetails",
	UsersEntityType:          "Users",
	ImagesEntityType:         "Images",
}

EntityTypes is the list of available entity types

View Source 
var (
	GcpResourceGroupAllProjects = []string{"*"}
)

Wildcard values for selecting all gcp projects

View Source 
var IntegrationTypes = map[integrationType]integration{
	NoneIntegration:                  {"NONE", None},
	AwsCfgIntegration:                {"AWS_CFG", CloudAccounts},
	AwsCloudTrailIntegration:         {"AWS_CT_SQS", CloudAccounts},
	AwsGovCloudCfgIntegration:        {"AWS_US_GOV_CFG", CloudAccounts},
	AwsGovCloudCTIntegration:         {"AWS_US_GOV_CT_SQS", CloudAccounts},
	AwsS3ChannelIntegration:          {"AWS_S3", AlertChannels},
	CiscoWebexChannelIntegration:     {"CISCO_SPARK_WEBHOOK", AlertChannels},
	DatadogChannelIntegration:        {"DATADOG", AlertChannels},
	GcpCfgIntegration:                {"GCP_CFG", CloudAccounts},
	GcpAuditLogIntegration:           {"GCP_AT_SES", CloudAccounts},
	GcpPubSubChannelIntegration:      {"GCP_PUBSUB", AlertChannels},
	NewRelicChannelIntegration:       {"NEW_RELIC_INSIGHTS", AlertChannels},
	AzureCfgIntegration:              {"AZURE_CFG", CloudAccounts},
	AzureActivityLogIntegration:      {"AZURE_AL_SEQ", CloudAccounts},
	ContainerRegistryIntegration:     {"CONT_VULN_CFG", ContainerRegistries},
	QRadarChannelIntegration:         {"IBM_QRADAR", AlertChannels},
	MicrosoftTeamsChannelIntegration: {"MICROSOFT_TEAMS", AlertChannels},
	SlackChannelIntegration:          {"SLACK_CHANNEL", AlertChannels},
	SplunkIntegration:                {"SPLUNK_HEC", AlertChannels},
	ServiceNowChannelIntegration:     {"SERVICE_NOW_REST", AlertChannels},
	AwsCloudWatchIntegration:         {"CLOUDWATCH_EB", AlertChannels},
	PagerDutyIntegration:             {"PAGER_DUTY_API", AlertChannels},
	JiraIntegration:                  {"JIRA", AlertChannels},
	EmailIntegration:                 {"EMAIL_USER", AlertChannels},
	VictorOpsChannelIntegration:      {"VICTOR_OPS", AlertChannels},
	WebhookIntegration:               {"WEBHOOK", AlertChannels},
}

IntegrationTypes is the list of available integration types

View Source 
var (
	LwAccountResourceGroupAllAccounts = []string{"*"}
)

Wildcard values for selecting all lacework accounts

View Source 
var (
	MachineResourceGroupAllTags = []map[string]string{{"*": "*"}}
)

Wildcard values for selecting all machine tags

View Source 
var RegistryTypes = map[registryType]string{
	NoneRegistry:      "NONE",
	DockerHubRegistry: "DOCKERHUB",
	DockerV2Registry:  "V2_REGISTRY",
	EcrRegistry:       "AWS_ECR",
	GcrRegistry:       "GCP_GCR",
}

RegistryTypes is the list of available registry types

View Source 
var ResourceGroupTypes = map[ResourceGroupType]string{
	NoneResourceGroup:      "None",
	AwsResourceGroup:       "AWS",
	AzureResourceGroup:     "AZURE",
	ContainerResourceGroup: "CONTAINER",
	GcpResourceGroup:       "GCP",
	LwAccountResourceGroup: "LW_ACCOUNT",
	MachineResourceGroup:   "MACHINE",
}

ResourceGroupTypes is the list of available Resource Group types

View Source 
var ValidComplianceStatus = []string{"non-compliant", "requires-manual-assessment", "suppressed", "compliant", "could-not-assess"}

ValidComplianceStatus is a list of all valid compliance status

View Source 
var ValidEventSeverities = []string{"critical", "high", "medium", "low", "info"}

ValidEventSeverities is a list of all valid event severities

View Source 
var ValidPolicySeverities = []string{"critical", "high", "medium", "low", "info"}

ValidPolicySeverities is a list of all valid policy severities

View Source 
var ValidVulnSeverities = []string{"critical", "high", "medium", "low", "info"}

ValidVulnSeverities is a list of all valid severities in a vulnerability report

View Source 
var VulnerabilityExceptionReasons = map[vulnerabilityExceptionReason]string{
	VulnerabilityExceptionReasonAcceptedRisk:          "Accepted Risk",
	VulnerabilityExceptionReasonAcceptedFalsePositive: "False Positive",
	VulnerabilityExceptionReasonCompensatingControls:  "Compensating Controls",
	VulnerabilityExceptionReasonFixPending:            "Fix Pending",
	VulnerabilityExceptionReasonOther:                 "Other",
	VulnerabilityExceptionReasonUnknown:               "Unknown",
}
View Source 
var VulnerabilityExceptionTypes = map[vulnerabilityExceptionType]string{
	VulnerabilityExceptionTypeHost:      "Host",
	VulnerabilityExceptionTypeContainer: "Container",
}

Functions

func DatadogService added in v0.2.18 

func DatadogService(service string) (datadogService, error)

DatadogService returns the datadogService type for the corresponding string input

func DatadogSite added in v0.2.18 

func DatadogSite(site string) (datadogSite, error)

DatadogSite returns the datadogSite type for the corresponding string input

func FindAlertChannelType added in v0.11.0 

func FindAlertChannelType(alertChannel string) (alertChannelType, bool)

FindAlertChannelType looks up inside the list of available alert channel types the matching type from the provided string, if none, returns NoneAlertChannelType

func FindCloudAccountType added in v0.10.0 

func FindCloudAccountType(cloudAccount string) (cloudAccountType, bool)

FindCloudAccountType looks up inside the list of available cloud account types the matching type from the provided string, if none, returns NoneCloudAccount

func FindContainerRegistryType added in v0.13.0 

func FindContainerRegistryType(containerRegistry string) (containerRegistryType, bool)

FindContainerRegistryType looks up inside the list of available container registry types the matching type from the provided string, if none, returns NoneContainerRegistry

func FindIntegrationType 

func FindIntegrationType(t string) (integrationType, bool)

FindIntegrationType looks up inside the list of available integration types the matching type from the provided string, if none, returns NoneIntegration

func NewV2AlertProfilesService added in v0.32.0 

func NewV2AlertProfilesService(c *Client) *v2alertProfilesService

func NewV2VulnerabilitiesService added in v0.25.0 

func NewV2VulnerabilitiesService(c *Client) *v2VulnerabilitiesService

func NewVulnerabilityExceptionReason added in v0.24.0 

func NewVulnerabilityExceptionReason(reason string) vulnerabilityExceptionReason

func QRadarComm added in v0.2.20 

func QRadarComm(site string) (qradarComm, error)

QRadarComm returns the qradarComm type for the corresponding string input

func TransformReportRuleNotification added in v0.21.0 

func TransformReportRuleNotification(notificationsMap map[string]bool, notificationType reportRuleNotification) error

func VictorOpsService added in v0.2.19 

func VictorOpsService(service string) (datadogService, error)

VictorOpsService returns the datadogService type for the corresponding string input

func VictorOpsSite added in v0.2.19 

func VictorOpsSite(site string) (datadogSite, error)

VictorOpsSite returns the datadogSite type for the corresponding string input

Types

type Account added in v0.8.0 

type Account struct {
	Admin       bool   `json:"admin"`
	AccountName string `json:"accountName"`
	CustGUID    string `json:"custGuid"`
	UserGUID    string `json:"userGuid"`
	UserEnabled int    `json:"userEnabled"`
}

func (*Account) Enabled added in v0.8.0 

func (a *Account) Enabled() bool

type AccountService added in v0.3.0 

type AccountService struct {
	// contains filtered or unexported fields
}

AccountService is a service that interacts with Account related endpoints from the Lacework Server

func (*AccountService) GetOrganizationInfo added in v0.3.0 

func (svc *AccountService) GetOrganizationInfo() (
	response accountOrganizationInfoResponse,
	err error,
)

type AgentAccessToken added in v0.10.0 

type AgentAccessToken struct {
	AccessToken string                `json:"accessToken"`
	CreatedTime time.Time             `json:"createdTime"`
	Props       AgentAccessTokenProps `json:"props,omitempty"`
	TokenAlias  string                `json:"tokenAlias"`
	Enabled     int                   `json:"tokenEnabled"`
	Version     string                `json:"version"`
}

func (AgentAccessToken) PrettyState added in v0.10.0 

func (t AgentAccessToken) PrettyState() string

func (AgentAccessToken) State added in v0.10.0 

func (t AgentAccessToken) State() bool

type AgentAccessTokenProps added in v0.10.0 

type AgentAccessTokenProps struct {
	CreatedTime time.Time `json:"createdTime,omitempty"`
	Description string    `json:"description,omitempty"`
}

type AgentAccessTokenRequest added in v0.10.0 

type AgentAccessTokenRequest struct {
	Enabled    int                    `json:"tokenEnabled"`
	TokenAlias string                 `json:"tokenAlias,omitempty"`
	Props      *AgentAccessTokenProps `json:"props,omitempty"`
}

type AgentAccessTokenResponse added in v0.10.0 

type AgentAccessTokenResponse struct {
	Data AgentAccessToken `json:"data"`
}

type AgentAccessTokensResponse added in v0.10.0 

type AgentAccessTokensResponse struct {
	Data []AgentAccessToken `json:"data"`
}

type AgentAccessTokensService added in v0.10.0 

type AgentAccessTokensService struct {
	// contains filtered or unexported fields
}

AgentAccessTokensService is the service that interacts with the AgentAccessTokens schema from the Lacework APIv2 Server

func (*AgentAccessTokensService) Create added in v0.10.0 

func (svc *AgentAccessTokensService) Create(alias, desc string) (
	response AgentAccessTokenResponse,
	err error,
)

Create creates a single Agent Access Token

func (*AgentAccessTokensService) Get added in v0.10.0 

func (svc *AgentAccessTokensService) Get(token string) (
	response AgentAccessTokenResponse,
	err error,
)

Get returns an Agent Access Token with the matching ID (token)

func (*AgentAccessTokensService) List added in v0.10.0 

func (svc *AgentAccessTokensService) List() (response AgentAccessTokensResponse, err error)

List returns a list of Agent Access Tokens

func (*AgentAccessTokensService) SearchAlias added in v0.10.0 

func (svc *AgentAccessTokensService) SearchAlias(alias string) (
	response AgentAccessTokensResponse,
	err error,
)

SearchAlias will search for an Agent Access Token that matches the provider token alias

func (*AgentAccessTokensService) Update added in v0.10.0 

func (svc *AgentAccessTokensService) Update(token string, data AgentAccessTokenRequest) (
	response AgentAccessTokenResponse,
	err error,
)

Update updates an Agent Access Token with the provided request data

func (*AgentAccessTokensService) UpdateState added in v0.10.0 

func (svc *AgentAccessTokensService) UpdateState(token string, enable bool) (
	response AgentAccessTokenResponse,
	err error,
)

UpdateState updates only the state of an Agent Access Token (enable or disable)

type AgentInfo added in v0.40.0 

type AgentInfo struct {
	AgentVersion string    `json:"agentVersion"`
	CreatedTime  time.Time `json:"createdTime"`
	Hostname     string    `json:"hostname"`
	IpAddr       string    `json:"ipAddr"`
	LastUpdate   time.Time `json:"lastUpdate"`
	Mid          int       `json:"mid"`
	Mode         string    `json:"mode"`
	Os           string    `json:"os"`
	Status       string    `json:"status"`
	Tags         struct {
		// Shared Tags
		Arch           string `json:"arch,omitempty"`
		ExternalIP     string `json:"ExternalIp,omitempty"`
		Hostname       string `json:"Hostname,omitempty"`
		InstanceID     string `json:"InstanceId,omitempty"`
		InternalIP     string `json:"InternalIp,omitempty"`
		LwTokenShort   string `json:"LwTokenShort,omitempty"`
		Os             string `json:"os,omitempty"`
		VMInstanceType string `json:"VmInstanceType,omitempty"`
		VMProvider     string `json:"VmProvider,omitempty"`
		Zone           string `json:"Zone,omitempty"`

		// AWS Tags
		Account  string `json:"Account,omitempty"`
		AmiID    string `json:"AmiId,omitempty"`
		Name     string `json:"Name,omitempty"`
		SubnetID string `json:"SubnetId,omitempty"`
		VpcID    string `json:"VpcId,omitempty"`

		// GCP Tags
		Cluster                 string `json:"Cluster,omitempty"`
		ClusterLocation         string `json:"cluster-location,omitempty"`
		ClusterName             string `json:"cluster-name,omitempty"`
		ClusterUID              string `json:"cluster-uid,omitempty"`
		CreatedBy               string `json:"created-by,omitempty"`
		EnableOSLogin           string `json:"enable-oslogin,omitempty"`
		Env                     string `json:"Env,omitempty"`
		GCEtags                 string `json:"GCEtags,omitempty"`
		GCIEnsureGKEDocker      string `json:"gci-ensure-gke-docker,omitempty"`
		GCIUpdateStrategy       string `json:"gci-update-strategy,omitempty"`
		GoogleComputeEnablePCID string `json:"google-compute-enable-pcid,omitempty"`
		InstanceName            string `json:"InstanceName,omitempty"`
		InstanceTemplate        string `json:"InstanceTemplate,omitempty"`
		KubeLabels              string `json:"kube-labels,omitempty"`
		LWKubernetesCluster     string `json:"lw_KubernetesCluster,omitempty"`
		NumericProjectID        string `json:"NumericProjectId,omitempty"`
		ProjectID               string `json:"ProjectId,omitempty"`
	} `json:"tags"`
}

type AgentInfoResponse added in v0.40.0 

type AgentInfoResponse struct {
	Data   []AgentInfo  `json:"data"`
	Paging V2Pagination `json:"paging"`
}

func (AgentInfoResponse) PageInfo added in v0.40.0 

func (r AgentInfoResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (*AgentInfoResponse) ResetPaging added in v0.40.0 

func (r *AgentInfoResponse) ResetPaging()

type AgentInfoService added in v0.40.0 

type AgentInfoService struct {
	// contains filtered or unexported fields
}

AgentInfoService is the service that interacts with the AgentInfo schema from the Lacework APIv2 Server

func (*AgentInfoService) Search added in v0.40.0 

func (svc *AgentInfoService) Search(response interface{}, filters SearchFilter) error

type AgentToken added in v0.2.10 

type AgentToken struct {
	AccessToken     string           `json:"ACCESS_TOKEN"`
	Account         string           `json:"ACCOUNT"`
	LastUpdatedTime *lwtime.Epoch    `json:"LAST_UPDATED_TIME"`
	Props           *AgentTokenProps `json:"PROPS,omitempty"`
	TokenAlias      string           `json:"TOKEN_ALIAS"`
	Enabled         string           `json:"TOKEN_ENABLED"`
	Version         string           `json:"VERSION"`
}

func (AgentToken) EnabledInt added in v0.2.10 

func (t AgentToken) EnabledInt() int

func (AgentToken) PrettyStatus added in v0.2.10 

func (t AgentToken) PrettyStatus() string

@afiune this API returns a string as a boolean, so we have to do this mokeypatch

func (AgentToken) Status added in v0.2.10 

func (t AgentToken) Status() bool

type AgentTokenProps added in v0.2.10 

type AgentTokenProps struct {
	CreatedTime *lwtime.Epoch `json:"CREATED_TIME,omitempty"`
	Description string        `json:"DESCRIPTION,omitempty"`
}

type AgentTokenRequest added in v0.2.10 

type AgentTokenRequest struct {
	TokenAlias string           `json:"TOKEN_ALIAS,omitempty"`
	Enabled    int              `json:"TOKEN_ENABLED"`
	Props      *AgentTokenProps `json:"PROPS,omitempty"`
}

type AgentTokensResponse added in v0.2.10 

type AgentTokensResponse struct {
	Data    []AgentToken `json:"data"`
	Ok      bool         `json:"ok"`
	Message string       `json:"message"`
}

type AgentsService added in v0.2.10 

type AgentsService struct {
	// contains filtered or unexported fields
}

AgentsService is a service that interacts with the Agent Access Tokens endpoints from the Lacework Server

func (*AgentsService) CreateToken added in v0.2.10 

func (svc *AgentsService) CreateToken(name, desc string) (response AgentTokensResponse, err error)

CreateToken creates a new agent access token

func (*AgentsService) GetToken added in v0.2.10 

func (svc *AgentsService) GetToken(token string) (response AgentTokensResponse, err error)

GetToken returns details about an agent access token

func (*AgentsService) ListTokens added in v0.2.10 

func (svc *AgentsService) ListTokens() (response AgentTokensResponse, err error)

ListTokens returns a list of agent access tokens in a Lacework account

func (*AgentsService) UpdateToken added in v0.2.10 

func (svc *AgentsService) UpdateToken(token string, data AgentTokenRequest) (
	response AgentTokensResponse,
	err error,
)

UpdateToken updates an agent access token with the provided request data

func (*AgentsService) UpdateTokenStatus added in v0.2.10 

func (svc *AgentsService) UpdateTokenStatus(token string, enable bool) (
	response AgentTokensResponse,
	err error,
)

UpdateTokenStatus updates only the status of an agent access token (enable or disable)

type AlertChannel added in v0.11.0 

type AlertChannel interface {
	ID() string
	AlertChannelType() alertChannelType
}

AlertChannel is an interface that helps us implement a few functions that any Alert Channel might use, there are some cases, like during Update, where we need to get the ID of the Alert Channel and its type, this will allow users to pass any Alert Channel that implements these methods

type AlertChannelRaw added in v0.11.0 

type AlertChannelRaw struct {
	Data interface{} `json:"data,omitempty"`
	// contains filtered or unexported fields
}

func NewAlertChannel added in v0.11.0 

func NewAlertChannel(name string, iType alertChannelType, data interface{}) AlertChannelRaw

NewAlertChannel returns an instance of the AlertChannelRaw struct with the provided Alert Channel integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Alert Channel type.

Basic usage: Initialize a new EmailUserAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

emailAlertChan := api.NewAlertChannel("foo",
  api.EmailUserAlertChannelType,
  api.EmailUserData{
    ChannelProps: api.EmailUserChannelProps{
      Recipients: []string{"name@example.com"},
    },
  },
)

client.V2.AlertChannels.Create(emailAlertChan)

func (AlertChannelRaw) AlertChannelType added in v0.11.0 

func (alert AlertChannelRaw) AlertChannelType() alertChannelType

func (AlertChannelRaw) ID added in v0.11.0 

func (c AlertChannelRaw) ID() string

func (AlertChannelRaw) StateString added in v0.34.0 

func (c AlertChannelRaw) StateString() string

func (AlertChannelRaw) Status added in v0.34.0 

func (c AlertChannelRaw) Status() string

type AlertChannelResponse added in v0.11.0 

type AlertChannelResponse struct {
	Data AlertChannelRaw `json:"data"`
}

type AlertChannelsResponse added in v0.11.0 

type AlertChannelsResponse struct {
	Data []AlertChannelRaw `json:"data"`
}

type AlertChannelsService added in v0.11.0 

type AlertChannelsService struct {
	// contains filtered or unexported fields
}

AlertChannelsService is the service that interacts with the AlertChannels schema from the Lacework APIv2 Server

func (*AlertChannelsService) Create added in v0.11.0 

func (svc *AlertChannelsService) Create(integration AlertChannelRaw) (
	response AlertChannelResponse,
	err error,
)

Create creates a single Alert Channel integration

func (*AlertChannelsService) Delete added in v0.11.0 

func (svc *AlertChannelsService) Delete(guid string) error

Delete deletes a Alert Channel integration that matches the provided guid

func (*AlertChannelsService) Get added in v0.11.0 

func (svc *AlertChannelsService) Get(guid string, response interface{}) error

Get returns a raw response of the Alert Channel with the matching integration guid.

To return a more specific Go struct of a Alert Channel integration, use the proper method such as GetEmailUser() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Alert Channel integration type.

func (*AlertChannelsService) GetAwsS3 added in v0.14.0 

func (svc *AlertChannelsService) GetAwsS3(guid string) (
	response AwsS3AlertChannelResponseV2,
	err error,
)

GetAwsS3 gets a single AwsS3 alert channel matching the provided integration guid

func (*AlertChannelsService) GetCiscoSparkWebhook added in v0.18.0 

func (svc *AlertChannelsService) GetCiscoSparkWebhook(guid string) (response CiscoSparkWebhookAlertChannelResponseV2, err error)

GetCiscoSparkWebhook gets a single instance of a Cisco Spark webhook alert channel with the corresponding integration guid

func (*AlertChannelsService) GetCloudwatchEb added in v0.17.0 

func (svc *AlertChannelsService) GetCloudwatchEb(guid string) (response CloudwatchEbAlertChannelResponseV2, err error)

GetCloudwatchEb gets a single instance of an AWS Cloudwatch alert channel with the corresponding integration guid

func (*AlertChannelsService) GetDatadog added in v0.17.0 

func (svc *AlertChannelsService) GetDatadog(guid string) (response DatadogAlertChannelResponseV2, err error)

GetDatadog gets a single instance of a Datadog alert channel with the corresponding integration guid

func (*AlertChannelsService) GetEmailUser added in v0.11.0 

func (svc *AlertChannelsService) GetEmailUser(guid string) (
	response EmailUserAlertChannelResponse,
	err error,
)

GetEmailUser gets a single EmailUser alert channel matching the provided integration guid

func (*AlertChannelsService) GetGcpPubSub added in v0.18.0 

func (svc *AlertChannelsService) GetGcpPubSub(guid string) (response GcpPubSubAlertChannelResponseV2, err error)

GetGcpPubSub gets a single instance of a GCP Pub Sub alert channel with the corresponding guid

func (*AlertChannelsService) GetIbmQRadar added in v0.18.0 

func (svc *AlertChannelsService) GetIbmQRadar(guid string) (
	response IbmQRadarAlertChannelResponseV2,
	err error,
)

GetIbmQRadar gets a single IbmQRadar alert channel matching the provided integration guid

func (*AlertChannelsService) GetJira added in v0.19.0 

func (svc *AlertChannelsService) GetJira(guid string) (response JiraAlertChannelResponseV2, err error)

GetJira gets a single instance of a Jira Cloud or Jira Server alert channel with the corresponding guid

func (*AlertChannelsService) GetMicrosoftTeams added in v0.18.0 

func (svc *AlertChannelsService) GetMicrosoftTeams(guid string) (response MicrosoftTeamsAlertChannelResponseV2, err error)

GetMicrosoftTeams gets a single instance of a MicrosoftTeams alert channel with the corresponding integration guid

func (*AlertChannelsService) GetNewRelicInsights added in v0.18.0 

func (svc *AlertChannelsService) GetNewRelicInsights(guid string) (
	response NewRelicInsightsAlertChannelResponseV2,
	err error,
)

GetNewRelicInsights gets a single NewRelic alert channel matching the provided integration guid

func (*AlertChannelsService) GetPagerDutyApi added in v0.18.0 

func (svc *AlertChannelsService) GetPagerDutyApi(guid string) (
	response PagerDutyApiAlertChannelResponseV2,
	err error,
)

GetPagerDutyApi gets a single PagerDuty alert channel matching the provided integration guid

func (*AlertChannelsService) GetServiceNowRest added in v0.18.0 

func (svc *AlertChannelsService) GetServiceNowRest(guid string) (
	response ServiceNowRestAlertChannelResponseV2,
	err error,
)

GetServiceNowRest gets a single ServiceNowRest alert channel matching the provided integration guid

func (*AlertChannelsService) GetSlackChannel added in v0.14.0 

func (svc *AlertChannelsService) GetSlackChannel(guid string) (
	response SlackChannelAlertChannelResponseV2,
	err error,
)

GetSlackChannel gets a single SlackChannel alert channel matching the provided integration guid

func (*AlertChannelsService) GetSplunkHec added in v0.18.0 

func (svc *AlertChannelsService) GetSplunkHec(guid string) (
	response SplunkHecAlertChannelResponseV2,
	err error,
)

GetSplunkHec gets a single Splunk alert channel matching the provided integration guid

func (*AlertChannelsService) GetVictorOps added in v0.17.0 

func (svc *AlertChannelsService) GetVictorOps(guid string) (
	response VictorOpsAlertChannelResponseV2,
	err error,
)

GetVictorOps gets a single VictorOps alert channel matching the provided integration guid

func (*AlertChannelsService) GetWebhook added in v0.17.0 

func (svc *AlertChannelsService) GetWebhook(guid string) (
	response WebhookAlertChannelResponseV2,
	err error,
)

GetWebhook gets a single Webhook alert channel matching the provided integration guid

func (*AlertChannelsService) List added in v0.11.0 

func (svc *AlertChannelsService) List() (response AlertChannelsResponse, err error)

List returns a list of Alert Channel integrations

func (*AlertChannelsService) Test added in v0.13.0 

func (svc *AlertChannelsService) Test(guid string) error

Test tests an Alert Channel integration that matches the provided guid

func (*AlertChannelsService) UpdateAwsS3 added in v0.14.0 

func (svc *AlertChannelsService) UpdateAwsS3(data AlertChannel) (
	response AwsS3AlertChannelResponseV2,
	err error,
)

UpdateAwsS3 updates a single AwsS3 integration on the Lacework Server

func (*AlertChannelsService) UpdateCiscoSparkWebhook added in v0.18.0 

func (svc *AlertChannelsService) UpdateCiscoSparkWebhook(data AlertChannel) (response CiscoSparkWebhookAlertChannelResponseV2, err error)

UpdateCiscoSparkWebhook updates a single instance of Cisco Spark webhook integration on the Lacework server

func (*AlertChannelsService) UpdateCloudwatchEb added in v0.17.0 

func (svc *AlertChannelsService) UpdateCloudwatchEb(data AlertChannel) (response CloudwatchEbAlertChannelResponseV2, err error)

UpdateCloudwatchEb Update AWSCloudWatch updates a single instance of an AWS cloudwatch integration on the Lacework server

func (*AlertChannelsService) UpdateDatadog added in v0.17.0 

func (svc *AlertChannelsService) UpdateDatadog(data AlertChannel) (response DatadogAlertChannelResponseV2, err error)

UpdateDatadog updates a single instance of a Datadog integration on the Lacework server

func (*AlertChannelsService) UpdateEmailUser added in v0.11.0 

func (svc *AlertChannelsService) UpdateEmailUser(data AlertChannel) (
	response EmailUserAlertChannelResponse,
	err error,
)

UpdateEmailUser updates a single EmailUser integration on the Lacework Server

func (*AlertChannelsService) UpdateGcpPubSub added in v0.18.0 

func (svc *AlertChannelsService) UpdateGcpPubSub(data AlertChannel) (response GcpPubSubAlertChannelResponseV2, err error)

UpdateGcpPubSub updates a single instance of GCP Pub Sub integration on the Lacework server

func (*AlertChannelsService) UpdateIbmQRadar added in v0.18.0 

func (svc *AlertChannelsService) UpdateIbmQRadar(data AlertChannel) (
	response IbmQRadarAlertChannelResponseV2,
	err error,
)

UpdateIbmQRadar updates a single IbmQRadar integration on the Lacework Server

func (*AlertChannelsService) UpdateJira added in v0.19.0 

func (svc *AlertChannelsService) UpdateJira(data AlertChannel) (response JiraAlertChannelResponseV2, err error)

UpdateJira updates a single instance of a Jira Cloud or Jira Server integration on the Lacework server

func (*AlertChannelsService) UpdateMicrosoftTeams added in v0.18.0 

func (svc *AlertChannelsService) UpdateMicrosoftTeams(data AlertChannel) (response MicrosoftTeamsAlertChannelResponseV2, err error)

UpdateMicrosoftTeams updates a single instance of a MicrosoftTeams integration on the Lacework server

func (*AlertChannelsService) UpdateNewRelicInsights added in v0.18.0 

func (svc *AlertChannelsService) UpdateNewRelicInsights(data AlertChannel) (
	response NewRelicInsightsAlertChannelResponseV2,
	err error,
)

UpdateNewRelicInsights updates a single NewRelic integration on the Lacework Server

func (*AlertChannelsService) UpdatePagerDutyApi added in v0.18.0 

func (svc *AlertChannelsService) UpdatePagerDutyApi(data AlertChannel) (
	response PagerDutyApiAlertChannelResponseV2,
	err error,
)

UpdatePagerDutyApi updates a single PagerDuty integration on the Lacework Server

func (*AlertChannelsService) UpdateServiceNowRest added in v0.18.0 

func (svc *AlertChannelsService) UpdateServiceNowRest(data AlertChannel) (
	response ServiceNowRestAlertChannelResponseV2,
	err error,
)

UpdateServiceNowRest updates a single ServiceNowRest integration on the Lacework Server

func (*AlertChannelsService) UpdateSlackChannel added in v0.14.0 

func (svc *AlertChannelsService) UpdateSlackChannel(data AlertChannel) (
	response SlackChannelAlertChannelResponseV2,
	err error,
)

UpdateSlackChannel updates a single SlackChannel integration on the Lacework Server

func (*AlertChannelsService) UpdateSplunkHec added in v0.18.0 

func (svc *AlertChannelsService) UpdateSplunkHec(data AlertChannel) (
	response SplunkHecAlertChannelResponseV2,
	err error,
)

UpdateSplunkHec updates a single Splunk integration on the Lacework Server

func (*AlertChannelsService) UpdateVictorOps added in v0.17.0 

func (svc *AlertChannelsService) UpdateVictorOps(data AlertChannel) (
	response VictorOpsAlertChannelResponseV2,
	err error,
)

UpdateVictorOps updates a single VictorOps integration on the Lacework Server

func (*AlertChannelsService) UpdateWebhook added in v0.17.0 

func (svc *AlertChannelsService) UpdateWebhook(data AlertChannel) (
	response WebhookAlertChannelResponseV2,
	err error,
)

UpdateWebhook updates a single Webhook integration on the Lacework Server

type AlertLevel added in v0.1.22 

type AlertLevel int

Enum for Alert Severity Levels 

const (
	CriticalAlertLevel AlertLevel = 1 // Critical only
	HighAlertLevel     AlertLevel = 2 // High and above
	MediumAlertLevel   AlertLevel = 3 // Medium and above
	LowAlertLevel      AlertLevel = 4 // Low and above
	AllAlertLevel      AlertLevel = 5 // Info and above (which is All of them)
)

func (AlertLevel) Int added in v0.1.22 

func (i AlertLevel) Int() int

Int returns the int representation of an alert level

func (AlertLevel) String added in v0.1.22 

func (i AlertLevel) String() string

String returns the string representation of an alert level

func (AlertLevel) Valid added in v0.1.22 

func (i AlertLevel) Valid() bool

Valid returns whether the AlertLevel is valid or not

type AlertProfile added in v0.32.0 

type AlertProfile struct {
	Guid            string                        `json:"alertProfileId,omitempty" yaml:"alertProfileId,omitempty"`
	Extends         string                        `json:"extends" yaml:"extends"`
	Fields          []AlertProfileField           `json:"fields,omitempty" yaml:"fields,omitempty"`
	DescriptionKeys []AlertProfileDescriptionKeys `json:"descriptionKeys,omitempty" yaml:"descriptionKeys,omitempty"`
	Alerts          []AlertTemplate               `json:"alerts" yaml:"alerts"`
}

type AlertProfileConfig added in v0.32.0 

type AlertProfileConfig struct {
	Guid    string          `json:"alertProfileId" yaml:"alertProfileId"`
	Extends string          `json:"extends" yaml:"extends"`
	Alerts  []AlertTemplate `json:"alerts" yaml:"alerts"`
}

func NewAlertProfile added in v0.32.0 

func NewAlertProfile(id string, extends string, alerts []AlertTemplate) AlertProfileConfig

NewAlertProfile returns an instance of the AlertProfileConfig struct

Basic usage: Initialize a new AlertProfileConfig struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  alertProfile := api.NewAlertProfile(
		"CUSTOM_PROFILE_NAME",
		"LW_HE_FILES_DEFAULT_PROFILE"
		[]api.AlertTemplate{{
		...
		}
    },
  )

  client.V2.Alert.Profiles.Create(AlertProfile)

type AlertProfileDescriptionKeys added in v0.32.0 

type AlertProfileDescriptionKeys struct {
	Name string `json:"name" yaml:"name"`
	Spec string `json:"spec" yaml:"spec"`
}

type AlertProfileField added in v0.32.0 

type AlertProfileField struct {
	Name string `json:"name" yaml:"name"`
}

type AlertProfileResponse added in v0.32.0 

type AlertProfileResponse struct {
	Data AlertProfile `json:"data" yaml:"data"`
}

type AlertProfilesResponse added in v0.32.0 

type AlertProfilesResponse struct {
	Data []AlertProfile `json:"data" yaml:"data"`
}

type AlertRule added in v0.18.0 

type AlertRule struct {
	Guid     string          `json:"mcGuid,omitempty"`
	Type     string          `json:"type"`
	Channels []string        `json:"intgGuidList"`
	Filter   AlertRuleFilter `json:"filters"`
}

func NewAlertRule added in v0.18.0 

func NewAlertRule(name string, rule AlertRuleConfig) AlertRule

NewAlertRule returns an instance of the AlertRule struct

Basic usage: Initialize a new AlertRule struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  alertRule := api.NewAlertRule(
		"Foo",
		api.AlertRuleConfig{
		Description: "My Alert Rule"
		Severities: api.AlertRuleSeverities{api.AlertRuleSeverityHigh,
		Channels: []string{"TECHALLY_000000000000AAAAAAAAAAAAAAAAAAAA"},
		ResourceGroups: []string{"TECHALLY_111111111111AAAAAAAAAAAAAAAAAAAA"}
      },
    },
  )

  client.V2.AlertRules.Create(alertRule)

type AlertRuleConfig added in v0.18.0 

type AlertRuleConfig struct {
	Channels        []string
	Description     string
	Severities      AlertRuleSeverities
	ResourceGroups  []string
	EventCategories []string
}

type AlertRuleFilter added in v0.18.0 

type AlertRuleFilter struct {
	Name                 string   `json:"name"`
	Enabled              int      `json:"enabled"`
	Description          string   `json:"description,omitempty"`
	Severity             []int    `json:"severity"`
	ResourceGroups       []string `json:"resourceGroups,omitempty"`
	EventCategories      []string `json:"eventCategory,omitempty"`
	CreatedOrUpdatedTime string   `json:"createdOrUpdatedTime,omitempty"`
	CreatedOrUpdatedBy   string   `json:"createdOrUpdatedBy,omitempty"`
}

func (AlertRuleFilter) Status added in v0.20.0 

func (rule AlertRuleFilter) Status() string

type AlertRuleResponse added in v0.18.0 

type AlertRuleResponse struct {
	Data AlertRule `json:"data"`
}

type AlertRuleSeverities added in v0.18.0 

type AlertRuleSeverities []alertRuleSeverity

func NewAlertRuleSeverities added in v0.19.0 

func NewAlertRuleSeverities(sevSlice []string) AlertRuleSeverities

func NewAlertRuleSeveritiesFromIntSlice added in v0.19.0 

func NewAlertRuleSeveritiesFromIntSlice(sevSlice []int) AlertRuleSeverities

func (AlertRuleSeverities) ToStringSlice added in v0.19.0 

func (sevs AlertRuleSeverities) ToStringSlice() []string

type AlertRulesResponse added in v0.18.0 

type AlertRulesResponse struct {
	Data []AlertRule `json:"data"`
}

type AlertRulesService added in v0.18.0 

type AlertRulesService struct {
	// contains filtered or unexported fields
}

AlertRulesService is the service that interacts with the AlertRules schema from the Lacework APIv2 Server

func (*AlertRulesService) Create added in v0.18.0 

func (svc *AlertRulesService) Create(rule AlertRule) (
	response AlertRuleResponse,
	err error,
)

Create creates a single Alert Rule

func (*AlertRulesService) Delete added in v0.18.0 

func (svc *AlertRulesService) Delete(guid string) error

Delete deletes a Alert Rule that matches the provided guid

func (*AlertRulesService) Get added in v0.18.0 

func (svc *AlertRulesService) Get(guid string, response interface{}) error

Get returns a raw response of the Alert Rule with the matching guid.

func (*AlertRulesService) List added in v0.18.0 

func (svc *AlertRulesService) List() (response AlertRulesResponse, err error)

List returns a list of Alert Rules

func (*AlertRulesService) Update added in v0.18.0 

func (svc *AlertRulesService) Update(data AlertRule) (
	response AlertRuleResponse,
	err error,
)

Update updates a single Alert Rule of the provided guid.

type AlertTemplate added in v0.32.0 

type AlertTemplate struct {
	Name        string `json:"name" yaml:"name"`
	EventName   string `json:"eventName" yaml:"eventName"`
	Description string `json:"description" yaml:"description"`
	Subject     string `json:"subject" yaml:"subject"`
}

type AwsCfg added in v0.41.0 

type AwsCfg struct {
	Data AwsCfgData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsCfg) ID added in v0.41.0 

func (c AwsCfg) ID() string

func (AwsCfg) StateString added in v0.41.0 

func (c AwsCfg) StateString() string

func (AwsCfg) Status added in v0.41.0 

func (c AwsCfg) Status() string

type AwsCfgCredentials added in v0.41.0 

type AwsCfgCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsCfgData added in v0.41.0 

type AwsCfgData struct {
	Credentials  AwsCfgCredentials `json:"crossAccountCredentials"`
	AwsAccountID string            `json:"awsAccountId,omitempty"`
}

type AwsCfgIntegrationResponse added in v0.41.0 

type AwsCfgIntegrationResponse struct {
	Data AwsCfg `json:"data"`
}

type AwsCloudWatchAlertChannel added in v0.1.22 

type AwsCloudWatchAlertChannel struct {
	Data AwsCloudWatchData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewAwsCloudWatchAlertChannel added in v0.1.22 

func NewAwsCloudWatchAlertChannel(name string, data AwsCloudWatchData) AwsCloudWatchAlertChannel

NewAwsCloudWatchAlertChannel returns an instance of AwsCloudWatchAlertChannel with the provided name and data.

Basic usage: Initialize a new AwsCloudWatchAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

awsCloudWatch := api.NewAwsCloudWatchAlertChannel("foo",
  api.AwsCloudWatchData{
    EventBusArn: "arn:aws:events:us-west-2:1234567890:event-bus/default",
  },
)

client.Integrations.CreateAwsCloudWatchAlertChannel(awsCloudWatch)

func (AwsCloudWatchAlertChannel) StateString added in v0.1.22 

func (c AwsCloudWatchAlertChannel) StateString() string

func (AwsCloudWatchAlertChannel) Status added in v0.1.22 

func (c AwsCloudWatchAlertChannel) Status() string

type AwsCloudWatchData added in v0.1.22 

type AwsCloudWatchData struct {
	IssueGrouping string `json:"ISSUE_GROUPING,omitempty" mapstructure:"ISSUE_GROUPING"`
	EventBusArn   string `json:"EVENT_BUS_ARN" mapstructure:"EVENT_BUS_ARN"`
}

type AwsCloudWatchResponse added in v0.1.22 

type AwsCloudWatchResponse struct {
	Data    []AwsCloudWatchAlertChannel `json:"data"`
	Ok      bool                        `json:"ok"`
	Message string                      `json:"message"`
}

type AwsCrossAccountCreds added in v0.2.22 

type AwsCrossAccountCreds struct {
	RoleArn    string `json:"ROLE_ARN" mapstructure:"ROLE_ARN"`
	ExternalID string `json:"EXTERNAL_ID" mapstructure:"EXTERNAL_ID"`
}

type AwsCtSqsCredentials added in v0.10.0 

type AwsCtSqsCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsCtSqsData added in v0.10.0 

type AwsCtSqsData struct {
	Credentials  AwsCtSqsCredentials `json:"crossAccountCredentials"`
	QueueUrl     string              `json:"queueUrl"`
	AwsAccountID string              `json:"awsAccountId,omitempty"`

	// This field must be a base64 encode with the following format:
	//
	// "data:application/json;name=i.json;base64,[ENCODING]"
	//
	// [ENCODING] is the the base64 encode, use EncodeAccountMappingFile() to encode a JSON mapping file
	AccountMappingFile string `json:"accountMappingFile,omitempty"`
}

func (*AwsCtSqsData) DecodeAccountMappingFile added in v0.10.0 

func (aws *AwsCtSqsData) DecodeAccountMappingFile() ([]byte, error)

func (*AwsCtSqsData) EncodeAccountMappingFile added in v0.10.0 

func (aws *AwsCtSqsData) EncodeAccountMappingFile(mapping []byte)

type AwsCtSqsIntegration added in v0.10.0 

type AwsCtSqsIntegration struct {
	Data AwsCtSqsData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsCtSqsIntegration) ID added in v0.10.0 

func (c AwsCtSqsIntegration) ID() string

func (AwsCtSqsIntegration) StateString added in v0.34.0 

func (c AwsCtSqsIntegration) StateString() string

func (AwsCtSqsIntegration) Status added in v0.34.0 

func (c AwsCtSqsIntegration) Status() string

type AwsCtSqsIntegrationResponse added in v0.10.0 

type AwsCtSqsIntegrationResponse struct {
	Data AwsCtSqsIntegration `json:"data"`
}

type AwsEcrAccessKeyCreds added in v0.2.22 

type AwsEcrAccessKeyCreds struct {
	AccessKeyID     string `json:"ACCESS_KEY_ID" mapstructure:"ACCESS_KEY_ID"`
	SecretAccessKey string `json:"SECRET_ACCESS_KEY" mapstructure:"SECRET_ACCESS_KEY"`
}

type AwsEcrCommonData added in v0.2.22 

type AwsEcrCommonData struct {
	AwsAuthType      string `json:"AWS_AUTH_TYPE" mapstructure:"AWS_AUTH_TYPE"`
	RegistryType     string `json:"REGISTRY_TYPE" mapstructure:"REGISTRY_TYPE"`
	RegistryDomain   string `json:"REGISTRY_DOMAIN" mapstructure:"REGISTRY_DOMAIN"`
	LimitByTag       string `json:"LIMIT_BY_TAG" mapstructure:"LIMIT_BY_TAG"`
	LimitByLabel     string `json:"LIMIT_BY_LABEL" mapstructure:"LIMIT_BY_LABEL"`
	LimitByRep       string `json:"LIMIT_BY_REP,omitempty" mapstructure:"LIMIT_BY_REP"`
	LimitNumImg      int    `json:"LIMIT_NUM_IMG,omitempty" mapstructure:"LIMIT_NUM_IMG"`
	NonOSPackageEval bool   `json:"NON_OS_PACKAGE_EVAL" mapstructure:"NON_OS_PACKAGE_EVAL"`
}

type AwsEcrDataWithAccessKeyCreds added in v0.2.22 

type AwsEcrDataWithAccessKeyCreds struct {
	Credentials AwsEcrAccessKeyCreds `json:"ACCESS_KEY_CREDENTIALS" mapstructure:"ACCESS_KEY_CREDENTIALS"`
	AwsEcrCommonData
}

type AwsEcrDataWithCrossAccountCreds added in v0.2.22 

type AwsEcrDataWithCrossAccountCreds struct {
	Credentials AwsCrossAccountCreds `json:"CROSS_ACCOUNT_CREDENTIALS" mapstructure:"CROSS_ACCOUNT_CREDENTIALS"`
	AwsEcrCommonData
}

type AwsEcrWithAccessKeyIntegration added in v0.2.22 

type AwsEcrWithAccessKeyIntegration struct {
	Data AwsEcrDataWithAccessKeyCreds `json:"DATA"`
	// contains filtered or unexported fields
}

func NewAwsEcrWithAccessKeyIntegration added in v0.2.22 

func NewAwsEcrWithAccessKeyIntegration(name string, data AwsEcrDataWithAccessKeyCreds) AwsEcrWithAccessKeyIntegration

func (AwsEcrWithAccessKeyIntegration) StateString added in v0.2.22 

func (c AwsEcrWithAccessKeyIntegration) StateString() string

func (AwsEcrWithAccessKeyIntegration) Status added in v0.2.22 

func (c AwsEcrWithAccessKeyIntegration) Status() string

type AwsEcrWithAccessKeyIntegrationResponse added in v0.2.22 

type AwsEcrWithAccessKeyIntegrationResponse struct {
	Data    []AwsEcrWithAccessKeyIntegration `json:"data"`
	Ok      bool                             `json:"ok"`
	Message string                           `json:"message"`
}

type AwsEcrWithCrossAccountIntegration added in v0.2.22 

type AwsEcrWithCrossAccountIntegration struct {
	Data AwsEcrDataWithCrossAccountCreds `json:"DATA"`
	// contains filtered or unexported fields
}

func NewAwsEcrWithCrossAccountIntegration added in v0.2.22 

func NewAwsEcrWithCrossAccountIntegration(name string, data AwsEcrDataWithCrossAccountCreds) AwsEcrWithCrossAccountIntegration

func (AwsEcrWithCrossAccountIntegration) StateString added in v0.2.22 

func (c AwsEcrWithCrossAccountIntegration) StateString() string

func (AwsEcrWithCrossAccountIntegration) Status added in v0.2.22 

func (c AwsEcrWithCrossAccountIntegration) Status() string

type AwsEcrWithCrossAccountIntegrationResponse added in v0.2.22 

type AwsEcrWithCrossAccountIntegrationResponse struct {
	Data    []AwsEcrWithCrossAccountIntegration `json:"data"`
	Ok      bool                                `json:"ok"`
	Message string                              `json:"message"`
}

type AwsEksAuditCredentials added in v0.29.0 

type AwsEksAuditCredentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
}

type AwsEksAuditData added in v0.29.0 

type AwsEksAuditData struct {
	Credentials AwsEksAuditCredentials `json:"crossAccountCredentials"`
	SnsArn      string                 `json:"snsArn"`
}

type AwsEksAuditIntegration added in v0.29.0 

type AwsEksAuditIntegration struct {
	Data AwsEksAuditData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsEksAuditIntegration) ID added in v0.29.0 

func (c AwsEksAuditIntegration) ID() string

func (AwsEksAuditIntegration) StateString added in v0.34.0 

func (c AwsEksAuditIntegration) StateString() string

func (AwsEksAuditIntegration) Status added in v0.34.0 

func (c AwsEksAuditIntegration) Status() string

type AwsEksAuditIntegrationResponse added in v0.29.0 

type AwsEksAuditIntegrationResponse struct {
	Data AwsEksAuditIntegration `json:"data"`
}

type AwsGovCloudCreds added in v0.8.0 

type AwsGovCloudCreds struct {
	AccountID       string `json:"ACCOUNT_ID" mapstructure:"ACCOUNT_ID"`
	AccessKeyID     string `json:"ACCESS_KEY_ID" mapstructure:"ACCESS_KEY_ID"`
	SecretAccessKey string `json:"SECRET_ACCESS_KEY" mapstructure:"SECRET_ACCESS_KEY"`
}

type AwsGovCloudIntegration added in v0.8.0 

type AwsGovCloudIntegration struct {
	Data AwsGovCloudIntegrationData `json:"DATA"`
	// contains filtered or unexported fields
}

func (AwsGovCloudIntegration) StateString added in v0.8.0 

func (c AwsGovCloudIntegration) StateString() string

func (AwsGovCloudIntegration) Status added in v0.8.0 

func (c AwsGovCloudIntegration) Status() string

type AwsGovCloudIntegrationData added in v0.8.0 

type AwsGovCloudIntegrationData struct {
	Credentials AwsGovCloudCreds `json:"ACCESS_KEY_CREDENTIALS" mapstructure:"ACCESS_KEY_CREDENTIALS"`
}

type AwsGovCloudIntegrationsResponse added in v0.8.0 

type AwsGovCloudIntegrationsResponse struct {
	Data    []AwsGovCloudIntegration `json:"data"`
	Ok      bool                     `json:"ok"`
	Message string                   `json:"message"`
}

type AwsIntegration 

type AwsIntegration struct {
	Data AwsIntegrationData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewAwsCfgIntegration 

func NewAwsCfgIntegration(name string, data AwsIntegrationData) AwsIntegration

NewAwsCfgIntegration returns an instance of AwsIntegration of type AWS_CFG

func NewAwsCloudTrailIntegration 

func NewAwsCloudTrailIntegration(name string, data AwsIntegrationData) AwsIntegration

NewAwsCloudTrailIntegration returns an instance of AwsIntegration of type AWS_CT_SQS

func NewAwsIntegration 

func NewAwsIntegration(name string, iType integrationType, data AwsIntegrationData) AwsIntegration

NewAwsIntegration returns an instance of AwsIntegration with the provided integration type, name and data. The type can only be AwsCfgIntegration or AwsCloudTrailIntegration

Basic usage: Initialize a new AwsIntegration struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

aws := api.NewAwsIntegration("foo",
  api.AwsCfgIntegration,
  api.AwsIntegrationData{
    Credentials: &api.AwsCrossAccountCreds {
      RoleArn: "arn:aws:XYZ",
      ExternalID: "1",
    },
  },
)

client.Integrations.CreateAws(aws)

func (AwsIntegration) StateString added in v0.1.7 

func (c AwsIntegration) StateString() string

func (AwsIntegration) Status added in v0.1.3 

func (c AwsIntegration) Status() string

type AwsIntegrationData 

type AwsIntegrationData struct {
	Credentials *AwsCrossAccountCreds `json:"CROSS_ACCOUNT_CREDENTIALS,omitempty" mapstructure:"CROSS_ACCOUNT_CREDENTIALS"`

	// QueueUrl is a field that exists and is required for the AWS_CT_SQS integration,
	// though, it doesn't exist for AWS_CFG integrations, that's why we omit it if empty
	QueueUrl string `json:"QUEUE_URL,omitempty" mapstructure:"QUEUE_URL"`

	// This field must be a base64 encode with the following format:
	//
	// "data:application/json;name=i.json;base64,[ENCODING]"
	//
	// [ENCODING] is the the base64 encode, use EncodeAccountMappingFile() to encode a JSON mapping file
	AccountMappingFile string `json:"ACCOUNT_MAPPING_FILE,omitempty" mapstructure:"ACCOUNT_MAPPING_FILE"`

	// AwsAccountID is the AWS account that owns the IAM role credentials
	AwsAccountID string `json:"AWS_ACCOUNT_ID,omitempty" mapstructure:"AWS_ACCOUNT_ID"`

	// GovCloudCredentials represents the credential structure for AWS_US_GOV_CFG and AWS_US_GOV_CT_SQS integrations
	GovCloudCredentials *AwsGovCloudCreds `json:"ACCESS_KEY_CREDENTIALS,omitempty" mapstructure:"ACCESS_KEY_CREDENTIALS"`
}

func (*AwsIntegrationData) DecodeAccountMappingFile added in v0.2.9 

func (aws *AwsIntegrationData) DecodeAccountMappingFile() ([]byte, error)

func (*AwsIntegrationData) EncodeAccountMappingFile added in v0.2.9 

func (aws *AwsIntegrationData) EncodeAccountMappingFile(mapping []byte)

func (*AwsIntegrationData) GetAccountID added in v0.8.0 

func (aws *AwsIntegrationData) GetAccountID() string

func (*AwsIntegrationData) GetCredentials added in v0.8.0 

func (aws *AwsIntegrationData) GetCredentials() *AwsCrossAccountCreds

func (*AwsIntegrationData) GetGovCloudCredentials added in v0.8.0 

func (aws *AwsIntegrationData) GetGovCloudCredentials() *AwsGovCloudCreds

type AwsIntegrationsResponse 

type AwsIntegrationsResponse struct {
	Data    []AwsIntegration `json:"data"`
	Ok      bool             `json:"ok"`
	Message string           `json:"message"`
}

type AwsRecommendationsV1 added in v0.31.0 

type AwsRecommendationsV1 struct {
	// contains filtered or unexported fields
}

AwsRecommendationsV1 is a service that interacts with the V1 Recommendations endpoints from the Lacework Server

func (*AwsRecommendationsV1) GetReport added in v0.31.0 

func (svc *AwsRecommendationsV1) GetReport(reportType string) ([]RecommendationV1, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*AwsRecommendationsV1) List added in v0.31.0 

func (svc *AwsRecommendationsV1) List() ([]RecommendationV1, error)

func (*AwsRecommendationsV1) Patch added in v0.31.0 

func (svc *AwsRecommendationsV1) Patch(recommendations RecommendationStateV1) (RecommendationResponseV1, error)

type AwsReportRuleNotifications added in v0.21.0 

type AwsReportRuleNotifications struct {
	AwsCisS3          bool `json:"awsCisS3"`
	AwsHipaa          bool `json:"hipaa"`
	AwsIso2700        bool `json:"iso2700"`
	AwsNist80053Rev4  bool `json:"nist800-53Rev4"`
	AwsNist800171Rev2 bool `json:"nist800-171Rev2"`
	AwsPci            bool `json:"pci"`
	AwsSoc            bool `json:"soc"`
	AwsSocRev2        bool `json:"awsSocRev2"`
}

func (AwsReportRuleNotifications) ToMap added in v0.21.0 

func (aws AwsReportRuleNotifications) ToMap() map[string]bool

type AwsResourceGroupData added in v0.15.0 

type AwsResourceGroupData struct {
	Guid         string                `json:"guid,omitempty"`
	IsDefault    int                   `json:"isDefault,omitempty"`
	ResourceGuid string                `json:"resourceGuid,omitempty"`
	Name         string                `json:"resourceName"`
	Type         string                `json:"resourceType"`
	Enabled      int                   `json:"enabled,omitempty"`
	Props        AwsResourceGroupProps `json:"props"`
}

type AwsResourceGroupProps added in v0.15.0 

type AwsResourceGroupProps struct {
	Description string        `json:"description,omitempty"`
	AccountIDs  []string      `json:"accountIds"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (AwsResourceGroupProps) GetBaseProps added in v0.20.0 

func (props AwsResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (AwsResourceGroupProps) MarshalJSON added in v0.20.0 

func (props AwsResourceGroupProps) MarshalJSON() ([]byte, error)

type AwsResourceGroupResponse added in v0.15.0 

type AwsResourceGroupResponse struct {
	Data AwsResourceGroupData `json:"data"`
}

type AwsResourceJsonStringGroupProps added in v0.15.0 

type AwsResourceJsonStringGroupProps struct {
	Description string        `json:"DESCRIPTION,omitempty"`
	AccountIDs  []string      `json:"ACCOUNT_IDS"`
	UpdatedBy   string        `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type AwsS3AlertChannel added in v0.2.12 

type AwsS3AlertChannel struct {
	Data AwsS3ChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewAwsS3AlertChannel added in v0.2.12 

func NewAwsS3AlertChannel(name string, data AwsS3ChannelData) AwsS3AlertChannel

NewAwsS3AlertChannel returns an instance of AwsS3AlertChannel with the provided name and data.

Basic usage: Initialize a new AwsS3AlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

awsS3Channel := api.NewAwsS3AlertChannel("foo",
  api.AwsS3ChannelData{
    Credentials: api.AwsS3Creds{
      ExternalID:  "1234",
      RoleArn:     "arn:aws:iam::account-id:role/role-name-with-path",
      BucketArn:   "arn:aws:s3:::bucket_name/key_name",
    },
  },
)

client.Integrations.CreateAwsS3AlertChannel(awsS3Channel)

func (AwsS3AlertChannel) StateString added in v0.2.12 

func (c AwsS3AlertChannel) StateString() string

func (AwsS3AlertChannel) Status added in v0.2.12 

func (c AwsS3AlertChannel) Status() string

type AwsS3AlertChannelResponse added in v0.2.12 

type AwsS3AlertChannelResponse struct {
	Data    []AwsS3AlertChannel `json:"data"`
	Ok      bool                `json:"ok"`
	Message string              `json:"message"`
}

type AwsS3AlertChannelResponseV2 added in v0.14.0 

type AwsS3AlertChannelResponseV2 struct {
	Data AwsS3AlertChannelV2 `json:"data"`
}

type AwsS3AlertChannelV2 added in v0.14.0 

type AwsS3AlertChannelV2 struct {
	Data AwsS3DataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (AwsS3AlertChannelV2) ID added in v0.14.0 

func (c AwsS3AlertChannelV2) ID() string

func (AwsS3AlertChannelV2) StateString added in v0.34.0 

func (c AwsS3AlertChannelV2) StateString() string

func (AwsS3AlertChannelV2) Status added in v0.34.0 

func (c AwsS3AlertChannelV2) Status() string

type AwsS3ChannelData added in v0.2.12 

type AwsS3ChannelData struct {
	Credentials AwsS3Creds `json:"S3_CROSS_ACCOUNT_CREDENTIALS" mapstructure:"S3_CROSS_ACCOUNT_CREDENTIALS"`
}

type AwsS3Credentials added in v0.14.0 

type AwsS3Credentials struct {
	RoleArn    string `json:"roleArn"`
	ExternalID string `json:"externalId"`
	BucketArn  string `json:"bucketArn"`
}

type AwsS3Creds added in v0.2.12 

type AwsS3Creds struct {
	ExternalID string `json:"EXTERNAL_ID" mapstructure:"EXTERNAL_ID"`
	RoleArn    string `json:"ROLE_ARN" mapstructure:"ROLE_ARN"`
	BucketArn  string `json:"BUCKET_ARN" mapstructure:"BUCKET_ARN"`
}

type AwsS3DataV2 added in v0.14.0 

type AwsS3DataV2 struct {
	Credentials AwsS3Credentials `json:"s3CrossAccountCredentials"`
}

type AwsSidekick added in v0.40.0 

type AwsSidekick struct {
	Data AwsSidekickData `json:"data"`
	// contains filtered or unexported fields
}

func (AwsSidekick) ID added in v0.40.0 

func (c AwsSidekick) ID() string

func (AwsSidekick) StateString added in v0.40.0 

func (c AwsSidekick) StateString() string

func (AwsSidekick) Status added in v0.40.0 

func (c AwsSidekick) Status() string

type AwsSidekickCrossAccountCredentials added in v0.41.0 

type AwsSidekickCrossAccountCredentials struct {
	RoleArn    string `json:"roleArn,omitempty"`
	ExternalID string `json:"externalId,omitempty"`
}

type AwsSidekickData added in v0.40.0 

type AwsSidekickData struct {
	//QueryText represents an lql json string
	QueryText string `json:"queryText,omitempty"`

	//ScanFrequency in hours, 24 == 24 hours
	ScanFrequency int `json:"scanFrequency"`

	ScanContainers          bool `json:"scanContainers"`
	ScanHostVulnerabilities bool `json:"scanHostVulnerabilities"`

	AccountID         string                             `json:"awsAccountId,omitempty"`
	BucketArn         string                             `json:"bucketArn,omitempty"`
	CrossAccountCreds AwsSidekickCrossAccountCredentials `json:"crossAccountCredentials"`
}

type AwsSidekickResponse added in v0.40.0 

type AwsSidekickResponse struct {
	Data AwsSidekick `json:"data"`
}

type AzureIntegration 

type AzureIntegration struct {
	Data AzureIntegrationData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewAzureActivityLogIntegration 

func NewAzureActivityLogIntegration(name string, data AzureIntegrationData) AzureIntegration

NewAzureActivityLogIntegration returns an instance of AzureIntegration of type AZURE_AL_SEQ

func NewAzureCfgIntegration 

func NewAzureCfgIntegration(name string, data AzureIntegrationData) AzureIntegration

NewAzureCfgIntegration returns an instance of AzureIntegration of type AZURE_CFG

func NewAzureIntegration 

func NewAzureIntegration(name string, iType integrationType, data AzureIntegrationData) AzureIntegration

NewAzureIntegration returns an instance of AzureIntegration with the provided integration type, name and data. The type can only be AzureCfgIntegration or AzureActivityLogIntegration

Basic usage: Initialize a new AzureIntegration struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

azure := api.NewAzureIntegration("bar",
  api.AzureActivityLogIntegration,
  api.AzureIntegrationData{
    TenantID: "tenant_id",
    QueueUrl: "https://abc.queue.core.windows.net/123",
    Credentials: api.AzureIntegrationCreds{
      ClientID: "client_id",
      ClientSecret: "secret",
    },
  },
)
if err != nil {
  return err
}

client.Integrations.CreateAzure(azure)

func (AzureIntegration) StateString added in v0.1.7 

func (c AzureIntegration) StateString() string

func (AzureIntegration) Status added in v0.1.3 

func (c AzureIntegration) Status() string

type AzureIntegrationCreds 

type AzureIntegrationCreds struct {
	ClientID     string `json:"CLIENT_ID" mapstructure:"CLIENT_ID"`
	ClientSecret string `json:"CLIENT_SECRET" mapstructure:"CLIENT_SECRET"`
}

type AzureIntegrationData 

type AzureIntegrationData struct {
	Credentials AzureIntegrationCreds `json:"CREDENTIALS" mapstructure:"CREDENTIALS"`
	TenantID    string                `json:"TENANT_ID" mapstructure:"TENANT_ID"`

	// QueueUrl is a field that exists and is required for the AWS_CT_SQS integration,
	// though, it doesn't exist for AZURE_CFG integrations, that's why we omit it if empty
	QueueUrl string `json:"QUEUE_URL,omitempty" mapstructure:"QUEUE_URL"`
}

type AzureIntegrationsResponse 

type AzureIntegrationsResponse struct {
	Data    []AzureIntegration `json:"data"`
	Ok      bool               `json:"ok"`
	Message string             `json:"message"`
}

type AzureRecommendationsV1 added in v0.31.0 

type AzureRecommendationsV1 struct {
	// contains filtered or unexported fields
}

AzureRecommendationsV1 is a service that interacts with the V1 Recommendations endpoints from the Lacework Server

func (*AzureRecommendationsV1) GetReport added in v0.31.0 

func (svc *AzureRecommendationsV1) GetReport(reportType string) ([]RecommendationV1, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*AzureRecommendationsV1) List added in v0.31.0 

func (svc *AzureRecommendationsV1) List() ([]RecommendationV1, error)

func (*AzureRecommendationsV1) Patch added in v0.31.0 

func (svc *AzureRecommendationsV1) Patch(recommendations RecommendationStateV1) (RecommendationResponseV1, error)

type AzureReportRuleNotifications added in v0.21.0 

type AzureReportRuleNotifications struct {
	AzureCis    bool `json:"azureCis"`
	AzureCis131 bool `json:"azureCis131"`
	AzurePci    bool `json:"azurePci"`
	AzureSoc    bool `json:"azureSoc"`
}

func (AzureReportRuleNotifications) ToMap added in v0.21.0 

func (az AzureReportRuleNotifications) ToMap() map[string]bool

type AzureResourceGroupData added in v0.15.0 

type AzureResourceGroupData struct {
	Guid         string                  `json:"guid,omitempty"`
	IsDefault    int                     `json:"isDefault,omitempty"`
	ResourceGuid string                  `json:"resourceGuid,omitempty"`
	Name         string                  `json:"resourceName"`
	Type         string                  `json:"resourceType"`
	Enabled      int                     `json:"enabled,omitempty"`
	Props        AzureResourceGroupProps `json:"props"`
}

type AzureResourceGroupProps added in v0.15.0 

type AzureResourceGroupProps struct {
	Description   string        `json:"description,omitempty"`
	Tenant        string        `json:"tenant"`
	Subscriptions []string      `json:"subscriptions"`
	UpdatedBy     string        `json:"updatedBy,omitempty"`
	LastUpdated   *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (AzureResourceGroupProps) GetBaseProps added in v0.20.0 

func (props AzureResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (AzureResourceGroupProps) MarshalJSON added in v0.20.0 

func (props AzureResourceGroupProps) MarshalJSON() ([]byte, error)

type AzureResourceGroupResponse added in v0.15.0 

type AzureResourceGroupResponse struct {
	Data AzureResourceGroupData `json:"data"`
}

type AzureResourceJsonStringGroupProps added in v0.15.0 

type AzureResourceJsonStringGroupProps struct {
	Description   string        `json:"DESCRIPTION,omitempty"`
	Tenant        string        `json:"TENANT"`
	Subscriptions []string      `json:"SUBSCRIPTIONS"`
	UpdatedBy     string        `json:"UPDATED_BY,omitempty"`
	LastUpdated   *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type CiscoSparkWebhookAlertChannelResponseV2 added in v0.18.0 

type CiscoSparkWebhookAlertChannelResponseV2 struct {
	Data CiscoSparkWebhookAlertChannelV2 `json:"data"`
}

type CiscoSparkWebhookAlertChannelV2 added in v0.18.0 

type CiscoSparkWebhookAlertChannelV2 struct {
	Data CiscoSparkWebhookDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (CiscoSparkWebhookAlertChannelV2) ID added in v0.18.0 

func (c CiscoSparkWebhookAlertChannelV2) ID() string

func (CiscoSparkWebhookAlertChannelV2) StateString added in v0.34.0 

func (c CiscoSparkWebhookAlertChannelV2) StateString() string

func (CiscoSparkWebhookAlertChannelV2) Status added in v0.34.0 

func (c CiscoSparkWebhookAlertChannelV2) Status() string

type CiscoSparkWebhookDataV2 added in v0.18.0 

type CiscoSparkWebhookDataV2 struct {
	Webhook string `json:"webhook"`
}

type CiscoWebexAlertChannel added in v0.2.19 

type CiscoWebexAlertChannel struct {
	Data CiscoWebexChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewCiscoWebexAlertChannel added in v0.2.19 

func NewCiscoWebexAlertChannel(name string, data CiscoWebexChannelData) CiscoWebexAlertChannel

NewCiscoWebexAlertChannel returns an instance of CiscoWebexAlertChannel with the provided name and data.

Basic usage: Initialize a new CiscoWebexAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

ciscoWebexChannel := api.NewCiscoWebexAlertChannel("foo",
  api.CiscoWebexChannelData{
    WebhookURL: "https://webexapis.com/v1/webhooks/incoming/api-token",
  },
)

client.Integrations.CreateCiscoWebexAlertChannel(ciscoWebexChannel)

func (CiscoWebexAlertChannel) StateString added in v0.2.19 

func (c CiscoWebexAlertChannel) StateString() string

func (CiscoWebexAlertChannel) Status added in v0.2.19 

func (c CiscoWebexAlertChannel) Status() string

type CiscoWebexAlertChannelResponse added in v0.2.19 

type CiscoWebexAlertChannelResponse struct {
	Data    []CiscoWebexAlertChannel `json:"data"`
	Ok      bool                     `json:"ok"`
	Message string                   `json:"message"`
}

type CiscoWebexChannelData added in v0.2.19 

type CiscoWebexChannelData struct {
	WebhookURL string `json:"WEBHOOK" mapstructure:"WEBHOOK"`
}

type Client 

type Client struct {
	Account         *AccountService
	Agents          *AgentsService
	Compliance      *ComplianceService
	Events          *EventsService
	Integrations    *IntegrationsService
	Policy          *PolicyService
	Recommendations *RecommendationsServiceV1
	Vulnerabilities *VulnerabilitiesService

	V2 *V2Endpoints
	// contains filtered or unexported fields
}

func CopyClient added in v0.10.0 

func CopyClient(origin *Client, opts ...Option) (*Client, error)

CopyClient generates a copy of the provider Lacework API Go client

Example of basic usage 

client, err := api.NewClient("demo")
if err == nil {
    client.Integrations.List()
}

clientCopy, err := api.CopyClient(client, api.WithOrgAccess())
if err == nil {
    clientCopy.Integrations.List()
}

func NewClient 

func NewClient(account string, opts ...Option) (*Client, error)

New generates a new Lacework API client

Example of basic usage 

lacework, err := api.NewClient("demo")
if err == nil {
    lacework.Integrations.List()
}

func (*Client) ApiVersion 

func (c *Client) ApiVersion() string

ApiVersion returns the API client version

func (*Client) Do 

func (c *Client) Do(req *http.Request) (*http.Response, error)

Do calls request.Do() directly

func (*Client) DoDecoder 

func (c *Client) DoDecoder(req *http.Request, v interface{}) (*http.Response, error)

DoDecoder is used to execute (aka Do) the http request and decode it into the provided interface, all at once

func (*Client) GenerateToken 

func (c *Client) GenerateToken() (*TokenData, error)

GenerateToken generates a new access token

func (*Client) GenerateTokenWithKeys 

func (c *Client) GenerateTokenWithKeys(keyID, secretKey string) (*TokenData, error)

GenerateTokenWithKeys generates a new access token with the provided keys

func (*Client) NewRequest 

func (c *Client) NewRequest(method string, apiURL string, body io.Reader) (*http.Request, error)

NewRequest generates a new http request

func (*Client) NextPage added in v0.25.0 

func (c *Client) NextPage(p Pageable) (bool, error)

NextPage

Use this function to access the next page from an API v2 endpoint, the provided response must implement the Pageable interface and when it is passed, it will be overwritten, if the response doesn't have paging information this function returns false and not error

Usage: To iterate over all pages

```go var ( 

response = api.MachineDetailEntityResponse{}
err      = client.V2.Entities.Search(&response, api.SearchFilter{})

) 

for {
		// Use information from response.Data
		fmt.Printf("Data from page: %d\n", len(response.Data))

		pageOk, err := client.NextPage(&response)
		if err != nil {
			fmt.Printf("Unable to access next page, error '%s'", err.Error())
			break
		}

		if pageOk {
			continue
		}
		break
}

```

func (*Client) OrgAccess added in v0.23.0 

func (c *Client) OrgAccess() bool

OrgAccess check if the Org-Access header is set to 'true', if so, the client is configured to manage org level dataset

func (*Client) RequestDecoder 

func (c *Client) RequestDecoder(method, path string, body io.Reader, v interface{}) error

RequestDecoder performs an http request on an endpoint, and decodes the response into the provided interface, all at once

func (*Client) RequestEncoderDecoder added in v0.1.3 

func (c *Client) RequestEncoderDecoder(method, path string, data, v interface{}) error

RequestEncoderDecoder leverages RequestDecoder and performs an http request that first encodes the provider 'data' as a JSON Reader and passes it as the body to the request

func (*Client) TokenExpired added in v0.2.21 

func (c *Client) TokenExpired() bool

func (*Client) URL 

func (c *Client) URL() string

URL returns the base url configured

func (*Client) ValidAuth added in v0.2.13 

func (c *Client) ValidAuth() bool

ValidAuth verifies that the client has valid authentication

type CloudAccount added in v0.10.0 

type CloudAccount interface {
	ID() string
	CloudAccountType() cloudAccountType
}

CloudAccount is an interface that helps us implement a few functions that any Cloud Account might use, there are some cases, like during Update, where we need to get the ID of the Cloud Account and its type, this will allow users to pass any Cloud Account that implements these methods

type CloudAccountRaw added in v0.10.0 

type CloudAccountRaw struct {
	Data interface{} `json:"data,omitempty"`
	// contains filtered or unexported fields
}

func NewCloudAccount added in v0.10.0 

func NewCloudAccount(name string, iType cloudAccountType, data interface{}) CloudAccountRaw

NewCloudAccount returns an instance of the CloudAccountRaw struct with the provided Cloud Account integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Cloud Account type.

Basic usage: Initialize a new AwsIntegration struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

awsCtSqs := api.NewCloudAccount("foo",
  api.AwsCtSqsCloudAccount,
  api.AwsCtSqsData{
    QueueUrl: "https://sqs.us-west-2.amazonaws.com/123456789000/lw",
    Credentials: &api.AwsCtSqsCredentials {
      RoleArn: "arn:aws:XYZ",
      ExternalID: "1",
    },
  },
)

client.V2.CloudAccount.Create(awsCtSqs)

func (CloudAccountRaw) CloudAccountType added in v0.10.0 

func (cloud CloudAccountRaw) CloudAccountType() cloudAccountType

func (CloudAccountRaw) ID added in v0.10.0 

func (c CloudAccountRaw) ID() string

func (CloudAccountRaw) StateString added in v0.34.0 

func (c CloudAccountRaw) StateString() string

func (CloudAccountRaw) Status added in v0.34.0 

func (c CloudAccountRaw) Status() string

type CloudAccountResponse added in v0.10.0 

type CloudAccountResponse struct {
	Data CloudAccountRaw `json:"data"`
}

type CloudAccountsResponse added in v0.10.0 

type CloudAccountsResponse struct {
	Data []CloudAccountRaw `json:"data"`
}

type CloudAccountsService added in v0.10.0 

type CloudAccountsService struct {
	// contains filtered or unexported fields
}

CloudAccountsService is the service that interacts with the CloudAccounts schema from the Lacework APIv2 Server

func (*CloudAccountsService) Create added in v0.10.0 

func (svc *CloudAccountsService) Create(integration CloudAccountRaw) (
	response CloudAccountResponse,
	err error,
)

Create creates a single Cloud Account integration

func (*CloudAccountsService) CreateAwsSidekick added in v0.40.0 

func (svc *CloudAccountsService) CreateAwsSidekick(data CloudAccount) (
	response AwsSidekickResponse,
	err error,
)

CreateAwsSidekick creates an AwsSidekick Cloud Account integration

func (*CloudAccountsService) Delete added in v0.10.0 

func (svc *CloudAccountsService) Delete(guid string) error

Delete deletes a Cloud Account integration that matches the provided guid

func (*CloudAccountsService) Get added in v0.10.0 

func (svc *CloudAccountsService) Get(guid string, response interface{}) error

Get returns a raw response of the Cloud Account with the matching integration guid.

To return a more specific Go struct of a Cloud Account integration, use the proper method such as GetAwsCtSqs() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Cloud Account integration type.

func (*CloudAccountsService) GetAwsCfg added in v0.41.0 

func (svc *CloudAccountsService) GetAwsCfg(guid string) (
	response AwsCfgIntegrationResponse,
	err error,
)

GetAwsCfg gets a single AwsCfg integration matching the provided integration guid

func (*CloudAccountsService) GetAwsCtSqs added in v0.10.0 

func (svc *CloudAccountsService) GetAwsCtSqs(guid string) (
	response AwsCtSqsIntegrationResponse,
	err error,
)

GetAwsCtSqs gets a single AwsCtSqs integration matching the provided integration guid

func (*CloudAccountsService) GetAwsEksAudit added in v0.29.0 

func (svc *CloudAccountsService) GetAwsEksAudit(guid string) (
	response AwsEksAuditIntegrationResponse,
	err error,
)

GetAwsEksAudit gets a single AwsEksAudit integration matching the provided integration guid

func (*CloudAccountsService) GetAwsSidekick added in v0.40.0 

func (svc *CloudAccountsService) GetAwsSidekick(guid string) (
	response AwsSidekickResponse,
	err error,
)

GetAwsSidekick gets a single AwsSidekick integration matching the provided integration guid

func (*CloudAccountsService) GetGcpGkeAudit added in v0.36.0 

func (svc *CloudAccountsService) GetGcpGkeAudit(guid string) (
	response GcpGkeAuditIntegrationResponse,
	err error,
)

GetGcpGkeAudit gets a single GcpGkeAudit integration matching the provided integration guid

func (*CloudAccountsService) List added in v0.10.0 

func (svc *CloudAccountsService) List() (response CloudAccountsResponse, err error)

List returns a list of Cloud Account integrations

func (*CloudAccountsService) ListByType added in v0.34.0 

func (svc *CloudAccountsService) ListByType(caType cloudAccountType) (response CloudAccountsResponse, err error)

ListByType lists the cloud accounts from the provided type that are available on the Lacework Server

func (*CloudAccountsService) UpdateAwsCfg added in v0.41.0 

func (svc *CloudAccountsService) UpdateAwsCfg(data CloudAccount) (
	response AwsCfgIntegrationResponse,
	err error,
)

UpdateAwsCfg updates a single AwsCfg integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsCtSqs added in v0.10.0 

func (svc *CloudAccountsService) UpdateAwsCtSqs(data CloudAccount) (
	response AwsCtSqsIntegrationResponse,
	err error,
)

UpdateAwsCtSqs updates a single AwsCtSqs integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsEksAudit added in v0.29.0 

func (svc *CloudAccountsService) UpdateAwsEksAudit(data CloudAccount) (
	response AwsEksAuditIntegrationResponse,
	err error,
)

UpdateAwsEksAudit updates a single AwsEksAudit integration on the Lacework Server

func (*CloudAccountsService) UpdateAwsSidekick added in v0.40.0 

func (svc *CloudAccountsService) UpdateAwsSidekick(data CloudAccount) (
	response AwsSidekickResponse,
	err error,
)

UpdateAwsSidekick updates a single AwsSidekick integration on the Lacework Server

func (*CloudAccountsService) UpdateGcpGkeAudit added in v0.36.0 

func (svc *CloudAccountsService) UpdateGcpGkeAudit(data CloudAccount) (
	response GcpGkeAuditIntegrationResponse,
	err error,
)

UpdateGcpGkeAudit updates a single GcpGkeAudit integration on the Lacework Server

type CloudComplianceReport added in v0.26.0 

type CloudComplianceReport interface {
	GetComplianceRecommendation(recommendationID string) ComplianceRecommendation
}

type CloudwatchEbAlertChannelResponseV2 added in v0.17.0 

type CloudwatchEbAlertChannelResponseV2 struct {
	Data CloudwatchEbAlertChannelV2 `json:"data"`
}

type CloudwatchEbAlertChannelV2 added in v0.17.0 

type CloudwatchEbAlertChannelV2 struct {
	Data CloudwatchEbDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (CloudwatchEbAlertChannelV2) ID added in v0.17.0 

func (c CloudwatchEbAlertChannelV2) ID() string

func (CloudwatchEbAlertChannelV2) StateString added in v0.34.0 

func (c CloudwatchEbAlertChannelV2) StateString() string

func (CloudwatchEbAlertChannelV2) Status added in v0.34.0 

func (c CloudwatchEbAlertChannelV2) Status() string

type CloudwatchEbDataV2 added in v0.17.0 

type CloudwatchEbDataV2 struct {
	EventBusArn   string `json:"eventBusArn"`
	IssueGrouping string `json:"issueGrouping,omitempty"`
}

type CompAzureSubscriptions added in v0.1.12 

type CompAzureSubscriptions struct {
	Tenant        string   `json:"tenant"`
	Subscriptions []string `json:"subscriptions"`
}

type CompGcpProjects added in v0.1.12 

type CompGcpProjects struct {
	Organization string   `json:"organization"`
	Projects     []string `json:"projects"`
}

type ComplianceAwsReport added in v0.1.12 

type ComplianceAwsReport struct {
	ReportTitle     string                     `json:"reportTitle"`
	ReportType      string                     `json:"reportType"`
	ReportTime      time.Time                  `json:"reportTime"`
	AccountID       string                     `json:"accountId"`
	AccountAlias    string                     `json:"accountAlias"`
	Summary         []ComplianceSummary        `json:"summary"`
	Recommendations []ComplianceRecommendation `json:"recommendations"`
}

func (ComplianceAwsReport) GetComplianceRecommendation added in v0.26.0 

func (aws ComplianceAwsReport) GetComplianceRecommendation(recommendationID string) ComplianceRecommendation

type ComplianceAwsReportConfig added in v0.1.12 

type ComplianceAwsReportConfig struct {
	AccountID string
	Type      string
}

type ComplianceAzureReport added in v0.1.12 

type ComplianceAzureReport struct {
	ReportTitle      string                     `json:"reportTitle"`
	ReportType       string                     `json:"reportType"`
	ReportTime       time.Time                  `json:"reportTime"`
	TenantID         string                     `json:"tenantId"`
	TenantName       string                     `json:"tenantName"`
	SubscriptionID   string                     `json:"subscriptionId"`
	SubscriptionName string                     `json:"subscriptionName"`
	Summary          []ComplianceSummary        `json:"summary"`
	Recommendations  []ComplianceRecommendation `json:"recommendations"`
}

func (ComplianceAzureReport) GetComplianceRecommendation added in v0.26.0 

func (az ComplianceAzureReport) GetComplianceRecommendation(recommendationID string) ComplianceRecommendation

type ComplianceAzureReportConfig added in v0.1.12 

type ComplianceAzureReportConfig struct {
	TenantID       string
	SubscriptionID string
	Type           string
}

type ComplianceEvaluationAws added in v0.41.0 

type ComplianceEvaluationAws struct {
	Account struct {
		AccountId    string `json:"AccountId"`
		AccountAlias string `json:"Account_Alias"`
	} `json:"account"`
	EvalType       string    `json:"evalType"`
	Id             string    `json:"id"`
	Reason         string    `json:"reason"`
	Recommendation string    `json:"recommendation"`
	ReportTime     time.Time `json:"reportTime"`
	Resource       string    `json:"resource"`
	Section        string    `json:"section"`
	Severity       string    `json:"severity"`
	Status         string    `json:"status"`
}

type ComplianceEvaluationAwsResponse added in v0.41.0 

type ComplianceEvaluationAwsResponse struct {
	Data   []ComplianceEvaluationAws `json:"data"`
	Paging V2Pagination              `json:"paging"`
}

func (ComplianceEvaluationAwsResponse) PageInfo added in v0.41.0 

func (r ComplianceEvaluationAwsResponse) PageInfo() *V2Pagination

func (*ComplianceEvaluationAwsResponse) ResetPaging added in v0.41.0 

func (r *ComplianceEvaluationAwsResponse) ResetPaging()

type ComplianceEvaluationSearch added in v0.41.0 

type ComplianceEvaluationSearch struct {
	SearchFilter
	Dataset complianceEvaluationDataset `json:"dataset"`
}

type ComplianceEvaluationService added in v0.41.0 

type ComplianceEvaluationService struct {
	// contains filtered or unexported fields
}

func (*ComplianceEvaluationService) Search added in v0.41.0 

func (svc *ComplianceEvaluationService) Search(response interface{}, filters ComplianceEvaluationSearch) error

Search expects the response and the search filters

e.g. 

 var (
	  awsComplianceEvaluationSearchResponse api.ComplianceEvaluationAwsResponse
	  filter = api.ComplianceEvaluationSearch{
		  SearchFilter: api.SearchFilter{
			  Filters: []api.Filter{{
				  Expression: "eq",
				  Field:      "resource",
				  Value:      arn:aws:s3:::my-bucket,
			  }},
		  },
		  Dataset: api.AwsComplianceEvaluationDataset,
	  }
 )
  lacework.V2.ComplianceEvaluation.Search(&awsComplianceEvaluationSearchResponse, filters)

type ComplianceGcpReport added in v0.1.12 

type ComplianceGcpReport struct {
	ReportTitle      string                     `json:"reportTitle"`
	ReportType       string                     `json:"reportType"`
	ReportTime       time.Time                  `json:"reportTime"`
	OrganizationID   string                     `json:"organizationId"`
	OrganizationName string                     `json:"organizationName"`
	ProjectID        string                     `json:"projectId"`
	ProjectName      string                     `json:"projectName"`
	Summary          []ComplianceSummary        `json:"summary"`
	Recommendations  []ComplianceRecommendation `json:"recommendations"`
}

func (ComplianceGcpReport) GetComplianceRecommendation added in v0.26.0 

func (gcp ComplianceGcpReport) GetComplianceRecommendation(recommendationID string) ComplianceRecommendation

type ComplianceGcpReportConfig added in v0.1.12 

type ComplianceGcpReportConfig struct {
	OrganizationID string
	ProjectID      string
	Type           string
}

type ComplianceRecommendation added in v0.1.12 

type ComplianceRecommendation struct {
	RecID                 string                `json:"rec_id"`
	AssessedResourceCount int                   `json:"assessed_resource_count"`
	ResourceCount         int                   `json:"resource_count"`
	Category              string                `json:"category"`
	InfoLink              string                `json:"info_link"`
	Service               string                `json:"service"`
	Severity              int                   `json:"severity"`
	Status                string                `json:"status"`
	Suppressions          []string              `json:"suppressions"`
	Title                 string                `json:"title"`
	Violations            []ComplianceViolation `json:"violations"`
}

func (*ComplianceRecommendation) SeverityString added in v0.1.12 

func (r *ComplianceRecommendation) SeverityString() string

type ComplianceService added in v0.1.12 

type ComplianceService struct {
	// contains filtered or unexported fields
}

ComplianceService is a service that interacts with the compliance endpoints from the Lacework Server

func (*ComplianceService) DownloadAwsReportPDF added in v0.1.12 

func (svc *ComplianceService) DownloadAwsReportPDF(filepath string, config ComplianceAwsReportConfig) error

func (*ComplianceService) DownloadAzureReportPDF added in v0.1.12 

func (svc *ComplianceService) DownloadAzureReportPDF(filepath string, config ComplianceAzureReportConfig) error

func (*ComplianceService) DownloadGcpReportPDF added in v0.1.12 

func (svc *ComplianceService) DownloadGcpReportPDF(filepath string, config ComplianceGcpReportConfig) error

func (*ComplianceService) GetAwsReport added in v0.1.12 

func (svc *ComplianceService) GetAwsReport(config ComplianceAwsReportConfig) (
	response complianceAwsReportResponse,
	err error,
)

func (*ComplianceService) GetAzureReport added in v0.1.12 

func (svc *ComplianceService) GetAzureReport(config ComplianceAzureReportConfig) (
	response complianceAzureReportResponse,
	err error,
)

func (*ComplianceService) GetGcpReport added in v0.1.12 

func (svc *ComplianceService) GetGcpReport(config ComplianceGcpReportConfig) (
	response complianceGcpReportResponse,
	err error,
)

func (*ComplianceService) ListAzureSubscriptions added in v0.1.12 

func (svc *ComplianceService) ListAzureSubscriptions(tenantID string) (
	response compAzureSubsResponse,
	err error,
)

func (*ComplianceService) ListGcpProjects added in v0.1.12 

func (svc *ComplianceService) ListGcpProjects(orgID string) (
	response compGcpProjectsResponse,
	err error,
)

func (*ComplianceService) RunAwsReport added in v0.1.12 

func (svc *ComplianceService) RunAwsReport(accountID string) (
	response map[string]interface{},
	err error,
)

func (*ComplianceService) RunAzureReport added in v0.1.12 

func (svc *ComplianceService) RunAzureReport(tenantID string) (
	response complianceRunAzureReportResponse,
	err error,
)

func (*ComplianceService) RunGcpReport added in v0.1.12 

func (svc *ComplianceService) RunGcpReport(projectID string) (
	response complianceRunGcpReportResponse,
	err error,
)

func (*ComplianceService) RunIntegrationReport added in v0.2.6 

func (svc *ComplianceService) RunIntegrationReport(intgGuid string) (
	response map[string]interface{},
	err error,
)

type ComplianceSummary added in v0.1.12 

type ComplianceSummary struct {
	AssessedResourceCount     int `json:"assessed_resource_count"`
	NumCompliant              int `json:"num_compliant"`
	NumNotCompliant           int `json:"num_not_compliant"`
	NumRecommendations        int `json:"num_recommendations"`
	NumSeverity1NonCompliance int `json:"num_severity_1_non_compliance"`
	NumSeverity2NonCompliance int `json:"num_severity_2_non_compliance"`
	NumSeverity3NonCompliance int `json:"num_severity_3_non_compliance"`
	NumSeverity4NonCompliance int `json:"num_severity_4_non_compliance"`
	NumSeverity5NonCompliance int `json:"num_severity_5_non_compliance"`
	NumSuppressed             int `json:"num_suppressed"`
	SuppressedResourceCount   int `json:"suppressed_resource_count"`
	ViolatedResourceCount     int `json:"violated_resource_count"`
}

type ComplianceViolation added in v0.1.12 

type ComplianceViolation struct {
	Region   string   `json:"region"`
	Resource string   `json:"resource"`
	Reasons  []string `json:"reasons"`
}

type ContainerRegCreds added in v0.1.9 

type ContainerRegCreds struct {
	// for docker hub registry (DOCKERHUB)
	Username string `json:"USERNAME,omitempty" mapstructure:"USERNAME"`
	Password string `json:"PASSWORD,omitempty" mapstructure:"PASSWORD"`

	// for docker V2 registry (V2_REGISTRY)
	SSL bool `json:"SSL,omitempty" mapstructure:"SSL"`

	// for GCR registry (GCP_GCR)
	ClientEmail  string `json:"CLIENT_EMAIL,omitempty" mapstructure:"CLIENT_EMAIL"`
	ClientID     string `json:"CLIENT_ID,omitempty" mapstructure:"CLIENT_ID"`
	PrivateKey   string `json:"PRIVATE_KEY,omitempty" mapstructure:"PRIVATE_KEY"`
	PrivateKeyID string `json:"PRIVATE_KEY_ID,omitempty" mapstructure:"PRIVATE_KEY_ID"`
}

type ContainerRegData added in v0.1.9 

type ContainerRegData struct {
	// @afiune the container registry schema contains a few different DATA types,
	// and because of that we are adding ALL fields that we could possibly have
	// for ALL container registry types (look at the variable RegistryTypes) with
	// the exception of AWS_ECR, this integration has a different credentials field
	// and because of that we have to define it separately
	Credentials  ContainerRegCreds `json:"CREDENTIALS" mapstructure:"CREDENTIALS"`
	RegistryType string            `json:"REGISTRY_TYPE" mapstructure:"REGISTRY_TYPE"`

	// for GCP_GCR integrations, the registry domain has to be one of:
	// => [ "gcr.io", "us.gcr.io", "eu.gcr.io", "asia.gcr.io" ]
	RegistryDomain        string `json:"REGISTRY_DOMAIN" mapstructure:"REGISTRY_DOMAIN"`
	LimitByTag            string `json:"LIMIT_BY_TAG" mapstructure:"LIMIT_BY_TAG"`
	LimitByLabel          string `json:"LIMIT_BY_LABEL" mapstructure:"LIMIT_BY_LABEL"`
	LimitByRep            string `json:"LIMIT_BY_REP,omitempty" mapstructure:"LIMIT_BY_REP"`
	LimitNumImg           int    `json:"LIMIT_NUM_IMG,omitempty" mapstructure:"LIMIT_NUM_IMG"`
	NonOSPackageEval      bool   `json:"NON_OS_PACKAGE_EVAL" mapstructure:"NON_OS_PACKAGE_EVAL"`
	RegistryNotifications *bool  `json:"REGISTRY_NOTIFICATIONS,omitempty" mapstructure:"REGISTRY_NOTIFICATIONS"`
}

type ContainerRegIntResponse added in v0.1.9 

type ContainerRegIntResponse struct {
	Data    []ContainerRegIntegration `json:"data"`
	Ok      bool                      `json:"ok"`
	Message string                    `json:"message"`
}

type ContainerRegIntegration added in v0.1.9 

type ContainerRegIntegration struct {
	Data ContainerRegData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewContainerRegIntegration added in v0.1.9 

func NewContainerRegIntegration(name string, data ContainerRegData) ContainerRegIntegration

NewContainerRegIntegration returns an instance of ContainerRegIntegration with the provided name and data.

Basic usage: Create a Docker Hub integration 

client, err := api.NewClient("account")
if err != nil {
  return err
}

docker := api.NewContainerRegIntegration("foo",
  api.ContainerRegData{
    Credentials: api.ContainerRegCreds {
      Username: "techally",
      Password: "secret",
    },
    RegistryType: api.DockerHubRegistry.String(),
    RegistryDomain: "index.docker.io",
    LimitByTag: "*",
    LimitByLabel: "*",
    LimitNumImg: "5",
  },
)

client.Integrations.CreateContainerRegistry(docker)

func NewDockerHubRegistryIntegration added in v0.2.1 

func NewDockerHubRegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration

func NewDockerV2RegistryIntegration added in v0.2.1 

func NewDockerV2RegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration

func NewGcrRegistryIntegration added in v0.2.1 

func NewGcrRegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration

func (ContainerRegIntegration) StateString added in v0.1.9 

func (c ContainerRegIntegration) StateString() string

func (ContainerRegIntegration) Status added in v0.1.9 

func (c ContainerRegIntegration) Status() string

type ContainerRegistriesResponse added in v0.13.0 

type ContainerRegistriesResponse struct {
	Data []ContainerRegistryRaw `json:"data"`
}

type ContainerRegistriesService added in v0.13.0 

type ContainerRegistriesService struct {
	// contains filtered or unexported fields
}

ContainerRegistriesService is the service that interacts with the ContainerRegistries schema from the Lacework APIv2 Server

func (*ContainerRegistriesService) Create added in v0.13.0 

func (svc *ContainerRegistriesService) Create(integration ContainerRegistryRaw) (
	response ContainerRegistryResponse,
	err error,
)

Create creates a single Container Registry integration

func (*ContainerRegistriesService) Delete added in v0.13.0 

func (svc *ContainerRegistriesService) Delete(guid string) error

Delete deletes a Container Registry integration that matches the provided guid

func (*ContainerRegistriesService) Get added in v0.13.0 

func (svc *ContainerRegistriesService) Get(guid string, response interface{}) error

Get returns a raw response of the Container Registry with the matching integration guid.

To return a more specific Go struct of a Container Registry integration, use the proper method such as GetGhcr() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Container Registry integration type.

func (*ContainerRegistriesService) GetGcpGar added in v0.13.0 

func (svc *ContainerRegistriesService) GetGcpGar(guid string) (
	response GcpGarIntegrationResponse,
	err error,
)

GetGcpGar gets a single GcpGar integration matching the provided integration guid

func (*ContainerRegistriesService) GetGhcr added in v0.13.0 

func (svc *ContainerRegistriesService) GetGhcr(guid string) (
	response GhcrIntegrationResponse,
	err error,
)

GetGhcr gets a single Ghcr integration matching the provided integration guid

func (*ContainerRegistriesService) GetInlineScanner added in v0.39.0 

func (svc *ContainerRegistriesService) GetInlineScanner(guid string) (
	response InlineScannerIntegrationResponse,
	err error,
)

GetInlineScanner gets a single InlineScanner integration matching the provided integration guid

func (*ContainerRegistriesService) List added in v0.13.0 

func (svc *ContainerRegistriesService) List() (response ContainerRegistriesResponse, err error)

List returns a list of Container Registry integrations

func (*ContainerRegistriesService) UpdateGcpGar added in v0.13.0 

func (svc *ContainerRegistriesService) UpdateGcpGar(data ContainerRegistry) (
	response GcpGarIntegrationResponse,
	err error,
)

UpdateGcpGar updates a single GcpGar integration on the Lacework Server

func (*ContainerRegistriesService) UpdateGhcr added in v0.13.0 

func (svc *ContainerRegistriesService) UpdateGhcr(data ContainerRegistry) (
	response GhcrIntegrationResponse,
	err error,
)

UpdateGhcr updates a single Ghcr integration on the Lacework Server

func (*ContainerRegistriesService) UpdateInlineScanner added in v0.39.0 

func (svc *ContainerRegistriesService) UpdateInlineScanner(data ContainerRegistry) (
	response InlineScannerIntegrationResponse,
	err error,
)

UpdateInlineScanner updates a single InlineScanner integration on the Lacework Server

type ContainerRegistry added in v0.13.0 

type ContainerRegistry interface {
	ID() string
	ContainerRegistryType() containerRegistryType
}

ContainerRegistry is an interface that helps us implement a few functions that any Container Registry might use, there are some cases, like during Update, where we need to get the ID of the Container Registry and its type, this will allow users to pass any Container Registry that implements these methods

type ContainerRegistryRaw added in v0.13.0 

type ContainerRegistryRaw struct {
	Data interface{} `json:"data,omitempty"`
	// contains filtered or unexported fields
}

func NewContainerRegistry added in v0.13.0 

func NewContainerRegistry(name string, regType containerRegistryType, data interface{}) ContainerRegistryRaw

NewContainerRegistry returns an instance of the ContainerRegistryRaw struct with the provided Container Registry integration type, name and raw data as an interface{}.

NOTE: This function must be used by any Container Registry type.

Basic usage: Initialize a new GhcrContainerRegistry integration struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

ghcr := api.NewContainerRegistry("foo",
  api.GhcrContainerRegistry,
  api.GhcrData{
    Credentials: api.GhcrCredentials {
      Username: "bubu",
      Password: "supers3cret",
      Ssl: true,
    },
  },
)

client.V2.ContainerRegistries.Create(ghcr)

func (ContainerRegistryRaw) ContainerRegistryType added in v0.13.0 

func (reg ContainerRegistryRaw) ContainerRegistryType() containerRegistryType

func (ContainerRegistryRaw) ID added in v0.13.0 

func (c ContainerRegistryRaw) ID() string

func (ContainerRegistryRaw) StateString added in v0.34.0 

func (c ContainerRegistryRaw) StateString() string

func (ContainerRegistryRaw) Status added in v0.34.0 

func (c ContainerRegistryRaw) Status() string

type ContainerRegistryResponse added in v0.13.0 

type ContainerRegistryResponse struct {
	Data ContainerRegistryRaw `json:"data"`
}

type ContainerResourceGroupData added in v0.15.0 

type ContainerResourceGroupData struct {
	Guid         string                      `json:"guid,omitempty"`
	IsDefault    int                         `json:"isDefault,omitempty"`
	ResourceGuid string                      `json:"resourceGuid,omitempty"`
	Name         string                      `json:"resourceName"`
	Type         string                      `json:"resourceType"`
	Enabled      int                         `json:"enabled,omitempty"`
	Props        ContainerResourceGroupProps `json:"props"`
}

type ContainerResourceGroupProps added in v0.15.0 

type ContainerResourceGroupProps struct {
	Description     string              `json:"description,omitempty"`
	ContainerLabels []map[string]string `json:"containerLabels"`
	ContainerTags   []string            `json:"containerTags"`
	UpdatedBy       string              `json:"updatedBy,omitempty"`
	LastUpdated     *lwtime.Epoch       `json:"lastUpdated,omitempty"`
}

func (ContainerResourceGroupProps) GetBaseProps added in v0.20.0 

func (props ContainerResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (ContainerResourceGroupProps) MarshalJSON added in v0.20.0 

func (props ContainerResourceGroupProps) MarshalJSON() ([]byte, error)

type ContainerResourceGroupResponse added in v0.15.0 

type ContainerResourceGroupResponse struct {
	Data ContainerResourceGroupData `json:"data"`
}

type ContainerResourceJsonStringGroupProps added in v0.15.0 

type ContainerResourceJsonStringGroupProps struct {
	Description     string              `json:"DESCRIPTION,omitempty"`
	ContainerLabels []map[string]string `json:"CONTAINER_LABELS"`
	ContainerTags   []string            `json:"CONTAINER_TAGS"`
	UpdatedBy       string              `json:"UPDATED_BY,omitempty"`
	LastUpdated     *lwtime.Epoch       `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type ContainerVulnerability added in v0.7.0 

type ContainerVulnerability struct {
	Name        string                 `json:"name"`
	Description string                 `json:"description"`
	Severity    string                 `json:"severity"`
	Link        string                 `json:"link"`
	FixVersion  string                 `json:"fix_version"`
	Metadata    map[string]interface{} `json:"metadata"`
	Status      string                 `json:"status"`
}

func (*ContainerVulnerability) CVSSv2Score added in v0.7.0 

func (v *ContainerVulnerability) CVSSv2Score() float64

func (*ContainerVulnerability) CVSSv3Score added in v0.7.0 

func (v *ContainerVulnerability) CVSSv3Score() float64

type ContainerVulnerabilityService added in v0.2.0 

type ContainerVulnerabilityService struct {
	// contains filtered or unexported fields
}

ContainerVulnerabilityService is a service that interacts with the vulnerabilities endpoints for the container space from the Lacework Server

func (*ContainerVulnerabilityService) AssessmentFromImageDigest added in v0.2.0 

func (svc *ContainerVulnerabilityService) AssessmentFromImageDigest(imageDigest string) (
	response VulnContainerAssessmentResponse,
	err error,
)

ListAssessments leverages ListAssessmentsDateRange and returns a list of assessments from the last 7 days

func (*ContainerVulnerabilityService) AssessmentFromImageID added in v0.2.0 

func (svc *ContainerVulnerabilityService) AssessmentFromImageID(imageID string) (
	response VulnContainerAssessmentResponse,
	err error,
)

func (*ContainerVulnerabilityService) ListAssessments added in v0.2.0 

func (svc *ContainerVulnerabilityService) ListAssessments() (VulnContainerAssessmentsResponse, error)

ListAssessments leverages ListAssessmentsDateRange and returns a list of assessments from the last 7 days

func (*ContainerVulnerabilityService) ListAssessmentsDateRange added in v0.2.0 

func (svc *ContainerVulnerabilityService) ListAssessmentsDateRange(start, end time.Time) (
	response VulnContainerAssessmentsResponse,
	err error,
)

ListAssessmentsDateRange returns a list of container assessments during the specified date range

func (*ContainerVulnerabilityService) Scan added in v0.2.0 

func (svc *ContainerVulnerabilityService) Scan(registry, repository, tagOrHash string) (
	response vulnContainerScanResponse,
	err error,
)

Scan triggers a container vulnerability scan to the provider registry, repository, and tag provided. This function calls the underlaying API endpoint that assumes that the container repository has been already integrated with the platform.

func (*ContainerVulnerabilityService) ScanStatus added in v0.2.0 

func (svc *ContainerVulnerabilityService) ScanStatus(requestID string) (
	response vulnContainerScanStatusResponse,
	err error,
)

type DailyEventsReportRuleNotifications added in v0.21.0 

type DailyEventsReportRuleNotifications struct {
	AgentEvents               bool `json:"agentEvents"`
	OpenShiftCompliance       bool `json:"openShiftCompliance"`
	OpenShiftComplianceEvents bool `json:"openShiftComplianceEvents"`
	PlatformEvents            bool `json:"platformEvents"`
	AwsCloudtrailEvents       bool `json:"awsCloudtrailEvents"`
	AwsComplianceEvents       bool `json:"awsComplianceEvents"`
	AzureComplianceEvents     bool `json:"azureComplianceEvents"`
	AzureActivityLogEvents    bool `json:"azureActivityLogEvents"`
	GcpAuditTrailEvents       bool `json:"gcpAuditTrailEvents"`
	GcpComplianceEvents       bool `json:"gcpComplianceEvents"`
}

func (DailyEventsReportRuleNotifications) ToMap added in v0.21.0 

func (daily DailyEventsReportRuleNotifications) ToMap() map[string]bool

type DataExportRule added in v0.41.0 

type DataExportRule struct {
	ID     string               `json:"mcGuid,omitempty"`
	Filter DataExportRuleFilter `json:"filters"`
	Type   string               `json:"type"`
	IDs    []string             `json:"intgGuidList"`
}

type DataExportRuleFilter added in v0.41.0 

type DataExportRuleFilter struct {
	Name            string   `json:"name"`
	Description     string   `json:"description"`
	CreatedBy       string   `json:"createdOrUpdatedBy,omitempty"`
	UpdatedTime     string   `json:"createdOrUpdatedTime,omitempty"`
	Enabled         int      `json:"enabled"`
	ProfileVersions []string `json:"profileVersions,omitempty"`
}

type DataExportRuleResponse added in v0.41.0 

type DataExportRuleResponse struct {
	Data    DataExportRule `json:"data"`
	Message string         `json:"message"`
}

type DataExportRulesResponse added in v0.41.0 

type DataExportRulesResponse struct {
	Data    []DataExportRule `json:"data"`
	Message string           `json:"message"`
}

type DataExportRulesService added in v0.41.0 

type DataExportRulesService struct {
	// contains filtered or unexported fields
}

DataExportRulesService is a service that interacts with the DataExportRule endpoints from the Lacework Server

func (*DataExportRulesService) Create added in v0.41.0 

func (svc *DataExportRulesService) Create(rule DataExportRule) (response DataExportRuleResponse,
	err error,
)

Create creates a single Data Export Rule

func (*DataExportRulesService) Delete added in v0.41.0 

func (svc *DataExportRulesService) Delete(guid string) error

Delete deletes a Data Export Rule that matches the provided guid

func (*DataExportRulesService) Get added in v0.41.0 

func (svc *DataExportRulesService) Get(id string) (
	response DataExportRuleResponse,
	err error,
)

Get returns a raw response of the Data Export Rule with the matching guid.

func (*DataExportRulesService) List added in v0.41.0 

func (svc *DataExportRulesService) List() (
	response DataExportRulesResponse,
	err error,
)

List returns a list of Data Export Rules

func (*DataExportRulesService) Search added in v0.41.0 

func (svc *DataExportRulesService) Search(filters SearchFilter) (
	response DataExportRulesResponse, err error,
)

Search returns a list of Data Export Rules

func (*DataExportRulesService) Update added in v0.41.0 

func (svc *DataExportRulesService) Update(rule DataExportRule) (response DataExportRuleResponse,
	err error,
)

Update updates a Data Export Rule that matches the provided guid

type DatadogAlertChannel added in v0.2.18 

type DatadogAlertChannel struct {
	Data DatadogChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewDatadogAlertChannel added in v0.2.18 

func NewDatadogAlertChannel(name string, data DatadogChannelData) DatadogAlertChannel

NewDatadogAlertChannel returns an instance of DatadogAlertChannel with the provided name and data.

Basic usage: Initialize a new DatadogAlertChannel struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  datadog := api.NewDatadogAlertChannel("foo",
  api.DatadogChannelData{
		DatadogSite:    api.DatadogSiteEu,
 		DatadogService: api.DatadogServiceEventsSummary,
	  	ApiKey:      	"datadog-key",
  },
  )

  client.Integrations.CreateDatadogAlertChannel(datadogChannel)

func (DatadogAlertChannel) StateString added in v0.2.18 

func (c DatadogAlertChannel) StateString() string

func (DatadogAlertChannel) Status added in v0.2.18 

func (c DatadogAlertChannel) Status() string

type DatadogAlertChannelResponse added in v0.2.18 

type DatadogAlertChannelResponse struct {
	Data    []DatadogAlertChannel `json:"data"`
	Ok      bool                  `json:"ok"`
	Message string                `json:"message"`
}

type DatadogAlertChannelResponseV2 added in v0.17.0 

type DatadogAlertChannelResponseV2 struct {
	Data DatadogAlertChannelV2 `json:"data"`
}

type DatadogAlertChannelV2 added in v0.17.0 

type DatadogAlertChannelV2 struct {
	Data DatadogDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (DatadogAlertChannelV2) ID added in v0.17.0 

func (c DatadogAlertChannelV2) ID() string

func (DatadogAlertChannelV2) StateString added in v0.34.0 

func (c DatadogAlertChannelV2) StateString() string

func (DatadogAlertChannelV2) Status added in v0.34.0 

func (c DatadogAlertChannelV2) Status() string

type DatadogChannelData added in v0.2.18 

type DatadogChannelData struct {
	DatadogSite    datadogSite    `json:"DATADOG_SITE,omitempty" mapstructure:"DATADOG_SITE"`
	DatadogService datadogService `json:"DATADOG_TYPE,omitempty" mapstructure:"DATADOG_TYPE"`
	ApiKey         string         `json:"API_KEY" mapstructure:"API_KEY"`
}

type DatadogDataV2 added in v0.17.0 

type DatadogDataV2 struct {
	ApiKey      string         `json:"apiKey"`
	DatadogSite datadogSite    `json:"datadogSite,omitempty"`
	DatadogType datadogService `json:"datadogType,omitempty"`
}

type Datasource added in v0.18.0 

type Datasource struct {
	Name                string                   `json:"name"`
	Description         string                   `json:"description"`
	ResultSchema        []DatasourceSchema       `json:"resultSchema"`
	SourceRelationships []DatasourceRelationship `json:"sourceRelationships"`
}

type DatasourceRelationship added in v0.31.0 

type DatasourceRelationship struct {
	Name          string `json:"name"`
	Description   string `json:"description"`
	From          string `json:"from"`
	To            string `json:"to"`
	ToCardinality string `json:"toCardinality"`
}

type DatasourceResponse added in v0.18.0 

type DatasourceResponse struct {
	Data    Datasource `json:"data"`
	Message string     `json:"message"`
}

type DatasourceSchema added in v0.18.0 

type DatasourceSchema struct {
	Name        string `json:"name"`
	DataType    string `json:"dataType"`
	Description string `json:"description"`
}

type DatasourcesResponse added in v0.18.0 

type DatasourcesResponse struct {
	Data    []Datasource `json:"data"`
	Message string       `json:"message"`
}

type DatasourcesService added in v0.18.0 

type DatasourcesService struct {
	// contains filtered or unexported fields
}

DatasourcesService is a service that interacts with the Datasources endpoints from the Lacework Server

func (*DatasourcesService) Get added in v0.18.0 

func (svc *DatasourcesService) Get(id string) (
	response DatasourceResponse,
	err error,
)

func (*DatasourcesService) List added in v0.18.0 

func (svc *DatasourcesService) List() (
	response DatasourcesResponse,
	err error,
)

type EmailUserAlertChannelResponse added in v0.11.0 

type EmailUserAlertChannelResponse struct {
	Data EmailUserIntegration `json:"data"`
}

type EmailUserChannelProps added in v0.11.0 

type EmailUserChannelProps struct {
	Recipients []string `json:"recipients"`
}

type EmailUserData added in v0.11.0 

type EmailUserData struct {
	ChannelProps      EmailUserChannelProps `json:"channelProps"`
	NotificationTypes struct {
		Properties interface{} `json:"properties,omitempty"`
	} `json:"notificationTypes"`
}

type EmailUserIntegration added in v0.11.0 

type EmailUserIntegration struct {
	Data EmailUserData `json:"data"`
	// contains filtered or unexported fields
}

func (EmailUserIntegration) ID added in v0.11.0 

func (c EmailUserIntegration) ID() string

func (EmailUserIntegration) StateString added in v0.34.0 

func (c EmailUserIntegration) StateString() string

func (EmailUserIntegration) Status added in v0.34.0 

func (c EmailUserIntegration) Status() string

type EntitiesService added in v0.25.0 

type EntitiesService struct {
	// contains filtered or unexported fields
}

func (*EntitiesService) ListAllImages added in v0.25.0 

func (svc *EntitiesService) ListAllImages() (response ImagesEntityResponse, err error)

ListAllImages iterates over all pages to return all images information at once

func (*EntitiesService) ListAllImagesWithFilters added in v0.38.0 

func (svc *EntitiesService) ListAllImagesWithFilters(filters SearchFilter) (response ImagesEntityResponse, err error)

ListAllImagesWithFilters iterates over all pages to return all images information at once based on a user defined filter

func (*EntitiesService) ListAllMachineDetails added in v0.25.0 

func (svc *EntitiesService) ListAllMachineDetails() (response MachineDetailsEntityResponse, err error)

ListAllMachineDetails iterates over all pages to return all machine details at once

func (*EntitiesService) ListAllMachineDetailsWithFilters added in v0.38.0 

func (svc *EntitiesService) ListAllMachineDetailsWithFilters(filters SearchFilter) (response MachineDetailsEntityResponse, err error)

ListAllMachineDetailsWithFilters iterates over all pages to return all machine details at once based on a user defined filter

func (*EntitiesService) ListAllUsers added in v0.25.0 

func (svc *EntitiesService) ListAllUsers() (response UsersEntityResponse, err error)

ListAllUsers iterates over all pages to return all user information at once

func (*EntitiesService) ListImages added in v0.25.0 

func (svc *EntitiesService) ListImages() (response ImagesEntityResponse, err error)

ListImages returns a list of UserEntity from the last 7 days

func (*EntitiesService) ListImagesWithFilters added in v0.38.0 

func (svc *EntitiesService) ListImagesWithFilters(filters SearchFilter) (response ImagesEntityResponse, err error)

ListImagesWithFilters returns a list of UserEntity based on a user defined filter

func (*EntitiesService) ListMachineDetails added in v0.25.0 

func (svc *EntitiesService) ListMachineDetails() (response MachineDetailsEntityResponse, err error)

ListMachineDetails returns a list of MachineDetailEntity from the last 7 days

func (*EntitiesService) ListMachineDetailsWithFilters added in v0.38.0 

func (svc *EntitiesService) ListMachineDetailsWithFilters(filters SearchFilter) (response MachineDetailsEntityResponse, err error)

ListMachineDetailsWithFilters returns a list of UserEntity based on a user defined filter

func (*EntitiesService) ListUsers added in v0.25.0 

func (svc *EntitiesService) ListUsers() (response UsersEntityResponse, err error)

ListUsers returns a list of UserEntity from the last 7 days

func (*EntitiesService) Search added in v0.25.0 

func (svc *EntitiesService) Search(response interface{}, filters SearchFilter) error

Search expects the response and the search filters

e.g. 

var (
    response = &api.MachineDetailsEntityResponse{}
    now      = time.Now().UTC()
    before   = now.AddDate(0, 0, -7) // 7 days from ago
    filters  = api.SearchFilter{
        TimeFilter: &api.TimeFilter{
            StartTime: &before,
            EndTime:   &now,
        },
    }
)
lacework.V2.Entities.Search(response, filters)

type EntityType added in v0.25.0 

type EntityType int
const (
	NoneEntityType EntityType = iota
	MachineDetailsEntityType
	UsersEntityType
	ImagesEntityType
)

type Event added in v0.1.6 

type Event struct {
	EventID   string    `json:"event_id"`
	EventType string    `json:"event_type"`
	Severity  string    `json:"severity"`
	StartTime time.Time `json:"start_time"`
	EndTime   time.Time `json:"end_time"`
}

func (*Event) SeverityString added in v0.1.6 

func (e *Event) SeverityString() string

type EventAPIEntity added in v0.1.11 

type EventAPIEntity struct {
	Service string `json:"service"`
	Api     string `json:"api"`
}

type EventApplicationEntity added in v0.1.11 

type EventApplicationEntity struct {
	Application       string    `json:"application"`
	HasExternalConns  int32     `json:"has_external_conns"`
	IsClient          int32     `json:"is_client"`
	IsServer          int32     `json:"is_server"`
	EarliestKnownTime time.Time `json:"earliest_known_time"`
}

type EventCTUserEntity added in v0.1.11 

type EventCTUserEntity struct {
	Username    string   `json:"username"`
	AccountID   string   `json:"account_id"`
	Mfa         int32    `json:"mfa"`
	ApiList     []string `json:"api_list"`
	RegionList  []string `json:"region_list"`
	PrincipalID string   `json:"principal_id"`
}

type EventContainerEntity added in v0.1.11 

type EventContainerEntity struct {
	ImageRepo        string    `json:"image_repo"`
	ImageTag         string    `json:"image_tag"`
	HasExternalConns int32     `json:"has_external_conns"`
	IsClient         int32     `json:"is_client"`
	IsServer         int32     `json:"is_server"`
	FirstSeenTime    time.Time `json:"first_seen_time"`
	PodNamespace     string    `json:"pod_namespace"`
	PodIpAddr        string    `json:"pod_ip_addr"`
}

type EventCustomRuleEntity added in v0.1.11 

type EventCustomRuleEntity struct {
	LastUpdatedTime time.Time `json:"last_updated_time"`
	LastUpdatedUser string    `json:"last_updated_user"`
	DisplayFilter   string    `json:"display_filter"`
	RuleGuid        string    `json:"rule_guid"`
}

type EventDetails added in v0.1.6 

type EventDetails struct {
	EventID    string         `json:"event_id"`
	EventActor string         `json:"event_actor"`
	EventModel string         `json:"event_model"`
	EventType  string         `json:"event_type"`
	StartTime  time.Time      `json:"start_time"`
	EndTime    time.Time      `json:"end_time"`
	EntityMap  EventEntityMap `json:"entity_map"`
}

type EventDetailsResponse added in v0.1.6 

type EventDetailsResponse struct {
	Events []EventDetails `json:"data"`
}

type EventDnsNameEntity added in v0.1.11 

type EventDnsNameEntity struct {
	Hostname      string  `json:"hostname"`
	PortList      []int32 `json:"port_list"`
	TotalInBytes  float32 `json:"total_in_bytes"`
	TotalOutBytes float32 `json:"total_out_bytes"`
}

type EventEntityMap added in v0.1.6 

type EventEntityMap struct {
	User            []EventUserEntity            `json:"user,omitempty"`
	Application     []EventApplicationEntity     `json:"application,omitempty"`
	Machine         []EventMachineEntity         `json:"machine,omitempty"`
	Container       []EventContainerEntity       `json:"container,omitempty"`
	DnsName         []EventDnsNameEntity         `json:"DnsName,omitempty"`   // @afiune not in standard
	IpAddress       []EventIpAddressEntity       `json:"IpAddress,omitempty"` // @afiune not in standard
	Process         []EventProcessEntity         `json:"process,omitempty"`
	FileDataHash    []EventFileDataHashEntity    `json:"FileDataHash,omitempty"`    // @afiune not in standard
	FileExePath     []EventFileExePathEntity     `json:"FileExePath,omitempty"`     // @afiune not in standard
	SourceIpAddress []EventSourceIpAddressEntity `json:"SourceIpAddress,omitempty"` // @afiune not in standard
	API             []EventAPIEntity             `json:"api,omitempty"`
	Region          []EventRegionEntity          `json:"region,omitempty"`
	CTUser          []EventCTUserEntity          `json:"ct_user,omitempty"`
	Resource        []EventResourceEntity        `json:"resource,omitempty"`
	RecID           []EventRecIDEntity           `json:"RecId,omitempty"`           // @afiune not in standard
	CustomRule      []EventCustomRuleEntity      `json:"CustomRule,omitempty"`      // @afiune not in standard
	NewViolation    []EventNewViolationEntity    `json:"NewViolation,omitempty"`    // @afiune not in standard
	ViolationReason []EventViolationReasonEntity `json:"ViolationReason,omitempty"` // @afiune not in standard
}

type EventFileDataHashEntity added in v0.1.11 

type EventFileDataHashEntity struct {
	FiledataHash  string    `json:"filedata_hash"`
	MachineCount  int32     `json:"machine_count"`
	ExePathList   []string  `json:"exe_path_list"`
	FirstSeenTime time.Time `json:"first_seen_time"`
	IsKnownBad    int32     `json:"is_known_bad"`
}

type EventFileExePathEntity added in v0.1.11 

type EventFileExePathEntity struct {
	ExePath          string    `json:"exe_path"`
	FirstSeenTime    time.Time `json:"first_seen_time"`
	LastFiledataHash string    `json:"last_filedata_hash"`
	LastPackageName  string    `json:"last_package_name"`
	LastVersion      string    `json:"last_version"`
	LastFileOwner    string    `json:"last_file_owner"`
}

type EventIpAddressEntity added in v0.1.11 

type EventIpAddressEntity struct {
	IpAddress     string        `json:"ip_address"`
	TotalInBytes  float32       `json:"total_in_bytes"`
	TotalOutBytes float32       `json:"total_out_bytes"`
	ThreatTags    string        `json:"threat_tags"`
	ThreatSource  []interface{} `json:"threat_source"` // @afiune this field could be anything...
	Country       string        `json:"country"`
	Region        string        `json:"region"`
	PortList      []int32       `json:"port_list"`
	FirstSeenTime time.Time     `json:"first_seen_time"`
}

type EventMachineEntity added in v0.1.11 

type EventMachineEntity struct {
	Hostname          string  `json:"hostname"`
	ExternalIp        string  `json:"external_ip"`
	InstanceID        string  `json:"instance_id"`
	InstanceName      string  `json:"instance_name"`
	CpuPercentage     float32 `json:"cpu_percentage"`
	InternalIpAddress string  `json:"internal_ip_address"`
}

type EventNewViolationEntity added in v0.1.11 

type EventNewViolationEntity struct {
	RecID    string `json:"rec_id"`
	Reason   string `json:"reason"`
	Resource string `json:"resource"`
}

type EventProcessEntity added in v0.1.11 

type EventProcessEntity struct {
	Hostname         string    `json:"hostname"`
	ProcessID        int32     `json:"process_id"`
	ProcessStartTime time.Time `json:"process_start_time"`
	Cmdline          string    `json:"cmdline"`
	CpuPercentage    float32   `json:"cpu_percentage"`
}

type EventRecIDEntity added in v0.1.11 

type EventRecIDEntity struct {
	RecID        string `json:"rec_id"`
	AccountID    string `json:"account_id"`
	AccountAlias string `json:"account_alias"`
	Title        string `json:"title"`
	Status       string `json:"status"`
	EvalType     string `json:"eval_type"`
	EvalGuid     string `json:"eval_guid"`
}

type EventRegionEntity added in v0.1.11 

type EventRegionEntity struct {
	Region      string   `json:"region"`
	AccountList []string `json:"account_list"`
}

type EventResourceEntity added in v0.1.11 

type EventResourceEntity struct {
	Name string `json:"name"`
	// @afiune the API documentation says this field is a string, but there are
	// many events that has this field as a number, boolean, etc.  :sadpanda:
	Value interface{} `json:"value"`
}

type EventSourceIpAddressEntity added in v0.1.11 

type EventSourceIpAddressEntity struct {
	IpAddress string `json:"ip_address"`
	Region    string `json:"region"`
	Country   string `json:"country"`
}

type EventUserEntity added in v0.1.11 

type EventUserEntity struct {
	MachineHostname string `json:"machine_hostname"`
	Username        string `json:"username"`
}

type EventViolationReasonEntity added in v0.1.11 

type EventViolationReasonEntity struct {
	RecID  string `json:"rec_id"`
	Reason string `json:"reason"`
}

type EventsCount added in v0.1.6 

type EventsCount struct {
	Critical int
	High     int
	Medium   int
	Low      int
	Info     int
	Total    int
}

type EventsResponse added in v0.1.6 

type EventsResponse struct {
	Events []Event `json:"data"`
}

func (*EventsResponse) GetEventsCount added in v0.1.6 

func (er *EventsResponse) GetEventsCount() EventsCount

type EventsService added in v0.1.6 

type EventsService struct {
	// contains filtered or unexported fields
}

EventsService is a service that interacts with the Events endpoints from the Lacework Server

func (*EventsService) Details added in v0.1.6 

func (svc *EventsService) Details(eventID string) (response EventDetailsResponse, err error)

Details returns details about the specified event_id

func (*EventsService) List added in v0.1.6 

func (svc *EventsService) List() (EventsResponse, error)

List leverages ListDateRange and returns a list of events from the last 7 days

func (*EventsService) ListDateRange added in v0.1.21 

func (svc *EventsService) ListDateRange(start, end time.Time) (
	response EventsResponse,
	err error,
)

ListDateRange returns a list of Lacework events during the specified date range

Requirements and specifications: * The dates format should be: yyyy-MM-ddTHH:mm:ssZ (example 2019-07-11T21:11:00Z) * The START_TIME and END_TIME must be specified in UTC * The difference between the START_TIME and END_TIME must not be greater than 7 days * The START_TIME must be less than or equal to three months from current date * The number of records produced is limited to 5000

type ExecuteQuery added in v0.11.0 

type ExecuteQuery struct {
	QueryText string `json:"queryText"`
}

type ExecuteQueryArgument added in v0.11.0 

type ExecuteQueryArgument struct {
	Name  ExecuteQueryArgumentName `json:"name"`
	Value string                   `json:"value"`
}

type ExecuteQueryArgumentName added in v0.35.0 

type ExecuteQueryArgumentName string
const (
	QueryStartTimeRange ExecuteQueryArgumentName = "StartTimeRange"
	QueryEndTimeRange   ExecuteQueryArgumentName = "EndTimeRange"
)

type ExecuteQueryByIDRequest added in v0.11.0 

type ExecuteQueryByIDRequest struct {
	QueryID   string                 `json:"queryId,omitempty"`
	Options   ExecuteQueryOptions    `json:"options"`
	Arguments []ExecuteQueryArgument `json:"arguments"`
}

type ExecuteQueryOptions added in v0.40.0 

type ExecuteQueryOptions struct {
	Limit *int `json:"limit,omitempty"`
}

type ExecuteQueryRequest added in v0.11.0 

type ExecuteQueryRequest struct {
	Query     ExecuteQuery           `json:"query"`
	Options   ExecuteQueryOptions    `json:"options"`
	Arguments []ExecuteQueryArgument `json:"arguments"`
}

type ExecuteQueryResponse added in v0.36.0 

type ExecuteQueryResponse struct {
	Data    []interface{} `json:"data"`
	Ok      bool          `json:"ok"`
	Message string        `json:"message"`
}

type Filter added in v0.10.0 

type Filter struct {
	Expression string   `json:"expression,omitempty"`
	Field      string   `json:"field,omitempty"`
	Value      string   `json:"value,omitempty"`
	Values     []string `json:"values,omitempty"`
}

type GcpCredentials 

type GcpCredentials struct {
	ClientID     string `json:"CLIENT_ID" mapstructure:"CLIENT_ID"`
	ClientEmail  string `json:"CLIENT_EMAIL" mapstructure:"CLIENT_EMAIL"`
	PrivateKeyID string `json:"PRIVATE_KEY_ID" mapstructure:"PRIVATE_KEY_ID"`
	PrivateKey   string `json:"PRIVATE_KEY" mapstructure:"PRIVATE_KEY"`
}

type GcpCredentialsV2 added in v0.13.0 

type GcpCredentialsV2 struct {
	ClientEmail  string `json:"clientEmail"`
	ClientID     string `json:"clientId"`
	PrivateKeyID string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey,omitempty"`
}

GcpCredentials is already defined in api/integrations_gcp.go:163 so we need to add a "V2" at the end to make it clear that this is the Google Credentials struct for API v2

type GcpGarData added in v0.13.0 

type GcpGarData struct {
	Credentials      GcpCredentialsV2    `json:"credentials"`
	RegistryDomain   string              `json:"registryDomain"`
	RegistryType     string              `json:"registryType"` // always "GCP_GAR"
	LimitByTag       []string            `json:"limitByTag"`
	LimitByLabel     []map[string]string `json:"limitByLabel"`
	LimitByRep       []string            `json:"limitByRep"`
	LimitNumImg      int                 `json:"limitNumImg"`
	NonOSPackageEval bool                `json:"nonOsPackageEval"`
}

type GcpGarIntegration added in v0.13.0 

type GcpGarIntegration struct {
	Data GcpGarData `json:"data"`
	// contains filtered or unexported fields
}

func (GcpGarIntegration) ContainerRegistryType added in v0.13.0 

func (reg GcpGarIntegration) ContainerRegistryType() containerRegistryType

func (GcpGarIntegration) ID added in v0.13.0 

func (c GcpGarIntegration) ID() string

func (GcpGarIntegration) StateString added in v0.34.0 

func (c GcpGarIntegration) StateString() string

func (GcpGarIntegration) Status added in v0.34.0 

func (c GcpGarIntegration) Status() string

type GcpGarIntegrationResponse added in v0.13.0 

type GcpGarIntegrationResponse struct {
	Data GcpGarIntegration `json:"data"`
}

type GcpGkeAuditCredentials added in v0.36.0 

type GcpGkeAuditCredentials struct {
	ClientId     string `json:"clientId"`
	ClientEmail  string `json:"clientEmail"`
	PrivateKeyId string `json:"privateKeyId"`
	PrivateKey   string `json:"privateKey"`
}

type GcpGkeAuditData added in v0.36.0 

type GcpGkeAuditData struct {
	Credentials     GcpGkeAuditCredentials `json:"credentials"`
	IntegrationType string                 `json:"integrationType"`
	// OrganizationId is optional for a project level integration, therefore we omit if empty
	OrganizationId   string `json:"organizationId,omitempty"`
	ProjectId        string `json:"projectId"`
	SubscriptionName string `json:"subscriptionName"`
}

type GcpGkeAuditIntegration added in v0.36.0 

type GcpGkeAuditIntegration struct {
	Data GcpGkeAuditData `json:"data"`
	// contains filtered or unexported fields
}

func (GcpGkeAuditIntegration) ID added in v0.36.0 

func (c GcpGkeAuditIntegration) ID() string

func (GcpGkeAuditIntegration) StateString added in v0.36.0 

func (c GcpGkeAuditIntegration) StateString() string

func (GcpGkeAuditIntegration) Status added in v0.36.0 

func (c GcpGkeAuditIntegration) Status() string

type GcpGkeAuditIntegrationResponse added in v0.36.0 

type GcpGkeAuditIntegrationResponse struct {
	Data GcpGkeAuditIntegration `json:"data"`
}

type GcpIntegration 

type GcpIntegration struct {
	Data GcpIntegrationData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewGcpAuditLogIntegration 

func NewGcpAuditLogIntegration(name string, data GcpIntegrationData) GcpIntegration

NewGcpAuditLogIntegration returns an instance of GcpIntegration of type GCP_AT_SES

func NewGcpCfgIntegration 

func NewGcpCfgIntegration(name string, data GcpIntegrationData) GcpIntegration

NewGcpCfgIntegration returns an instance of GcpIntegration of type GCP_CFG

func NewGcpIntegration 

func NewGcpIntegration(name string, iType integrationType, data GcpIntegrationData) GcpIntegration

NewGcpIntegration returns an instance of GcpIntegration with the provided integration type, name and data. The type can only be GcpCfgIntegration or GcpAuditLogIntegration

Basic usage: Initialize a new GcpIntegration struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

gcp := api.NewGcpIntegration("abc",
  api.GcpCfgIntegration,
  api.GcpIntegrationData{
    ID: "1234",
    IDType: api.GcpProjectIntegration.String(),
    Credentials: api.GcpCredentials{
      ClientID: "id",
      ClientEmail: "email",
      PrivateKeyID: "key_id",
      PrivateKey: "key",
    },
  },
)

client.Integrations.CreateGcp(gcp)

func (GcpIntegration) StateString added in v0.1.7 

func (c GcpIntegration) StateString() string

func (GcpIntegration) Status added in v0.1.3 

func (c GcpIntegration) Status() string

type GcpIntegrationData 

type GcpIntegrationData struct {
	ID          string         `json:"ID"`
	IDType      string         `json:"ID_TYPE" mapstructure:"ID_TYPE"`
	Credentials GcpCredentials `json:"CREDENTIALS" mapstructure:"CREDENTIALS"`

	// SubscriptionName is a field that exists and is required for the GCP_AT_SES
	// integration, though, it doesn't exist for GCP_CFG integrations, that's why
	// we omit it if empty
	SubscriptionName string `json:"SUBSCRIPTION_NAME,omitempty" mapstructure:"SUBSCRIPTION_NAME"`
}

type GcpIntegrationsResponse 

type GcpIntegrationsResponse struct {
	Data    []GcpIntegration `json:"data"`
	Ok      bool             `json:"ok"`
	Message string           `json:"message"`
}

type GcpPubSubAlertChannel added in v0.2.15 

type GcpPubSubAlertChannel struct {
	Data GcpPubSubChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewGcpPubSubAlertChannel added in v0.2.15 

func NewGcpPubSubAlertChannel(name string, data GcpPubSubChannelData) GcpPubSubAlertChannel

NewGcpPubSubAlertChannel returns an instance of GcpPubSubAlertChannel with the provided name and data.

Basic usage: Initialize a new GcpPubSubAlertChannel struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

	gcpPubSubChannel := api.NewGcpPubSubAlertChannel("foo",
		api.GcpPubSubChannelData{
			ProjectID:     "my-sample-project-191923",
			TopicID:       "mytopic",
			IssueGrouping: "Resources",
			Credentials: api.GcpCredentials{
				ClientID:     "client_id",
				ClientEmail:  "foo@example.iam.gserviceaccount.com",
				PrivateKey:   "priv_key",
				PrivateKeyID: "p_key_id",
			},
		},
		)

  client.Integrations.CreateGcpPubSubAlertChannel(gcpPubSubChannel)

func (GcpPubSubAlertChannel) StateString added in v0.2.15 

func (c GcpPubSubAlertChannel) StateString() string

func (GcpPubSubAlertChannel) Status added in v0.2.15 

func (c GcpPubSubAlertChannel) Status() string

type GcpPubSubAlertChannelResponse added in v0.2.15 

type GcpPubSubAlertChannelResponse struct {
	Data    []GcpPubSubAlertChannel `json:"data"`
	Ok      bool                    `json:"ok"`
	Message string                  `json:"message"`
}

type GcpPubSubAlertChannelResponseV2 added in v0.18.0 

type GcpPubSubAlertChannelResponseV2 struct {
	Data GcpPubSubAlertChannelV2 `json:"data"`
}

type GcpPubSubAlertChannelV2 added in v0.18.0 

type GcpPubSubAlertChannelV2 struct {
	Data GcpPubSubDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (GcpPubSubAlertChannelV2) ID added in v0.18.0 

func (c GcpPubSubAlertChannelV2) ID() string

func (GcpPubSubAlertChannelV2) StateString added in v0.34.0 

func (c GcpPubSubAlertChannelV2) StateString() string

func (GcpPubSubAlertChannelV2) Status added in v0.34.0 

func (c GcpPubSubAlertChannelV2) Status() string

type GcpPubSubChannelData added in v0.2.15 

type GcpPubSubChannelData struct {
	ProjectID     string         `json:"PROJECT_ID" mapstructure:"PROJECT_ID"`
	TopicID       string         `json:"TOPIC_ID" mapstructure:"TOPIC_ID"`
	IssueGrouping string         `json:"ISSUE_GROUPING,omitempty" mapstructure:"ISSUE_GROUPING"`
	Credentials   GcpCredentials `json:"CREDENTIALS" mapstructure:"CREDENTIALS"`
}

type GcpPubSubCredentials added in v0.18.0 

type GcpPubSubCredentials struct {
	ClientEmail  string `json:"clientEmail"`
	ClientID     string `json:"clientId"`
	PrivateKey   string `json:"privateKey"`
	PrivateKeyID string `json:"privateKeyId"`
}

type GcpPubSubDataV2 added in v0.18.0 

type GcpPubSubDataV2 struct {
	Credentials   GcpPubSubCredentials `json:"credentials"`
	IssueGrouping string               `json:"issueGrouping"`
	ProjectID     string               `json:"projectId"`
	TopicID       string               `json:"topicId"`
}

type GcpRecommendationsV1 added in v0.31.0 

type GcpRecommendationsV1 struct {
	// contains filtered or unexported fields
}

GcpRecommendationsV1 is a service that interacts with the V1 Recommendations endpoints from the Lacework Server

func (*GcpRecommendationsV1) GetReport added in v0.31.0 

func (svc *GcpRecommendationsV1) GetReport(reportType string) ([]RecommendationV1, error)

GetReport This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct. Scoped to Lacework Account/Subaccount

func (*GcpRecommendationsV1) List added in v0.31.0 

func (svc *GcpRecommendationsV1) List() ([]RecommendationV1, error)

func (*GcpRecommendationsV1) Patch added in v0.31.0 

func (svc *GcpRecommendationsV1) Patch(recommendations RecommendationStateV1) (RecommendationResponseV1, error)

type GcpReportRuleNotifications added in v0.21.0 

type GcpReportRuleNotifications struct {
	GcpCis       bool `json:"gcpCis"`
	GcpHipaa     bool `json:"gcpHipaa"`
	GcpHipaaRev2 bool `json:"gcpHipaaRev2"`
	GcpIso27001  bool `json:"gcpIso27001"`
	GcpCis12     bool `json:"gcpCis12"`
	GcpK8s       bool `json:"gcpK8s"`
	GcpPci       bool `json:"gcpPci"`
	GcpPciRev2   bool `json:"gcpPciRev2"`
	GcpSoc       bool `json:"gcpSoc"`
	GcpSocRev2   bool `json:"gcpSocRev2"`
}

func (GcpReportRuleNotifications) ToMap added in v0.21.0 

func (gcp GcpReportRuleNotifications) ToMap() map[string]bool

type GcpResourceGroupData added in v0.15.0 

type GcpResourceGroupData struct {
	Guid         string                `json:"guid,omitempty"`
	IsDefault    int                   `json:"isDefault,omitempty"`
	ResourceGuid string                `json:"resourceGuid,omitempty"`
	Name         string                `json:"resourceName"`
	Type         string                `json:"resourceType"`
	Enabled      int                   `json:"enabled,omitempty"`
	Props        GcpResourceGroupProps `json:"props"`
}

type GcpResourceGroupJsonStringProps added in v0.15.0 

type GcpResourceGroupJsonStringProps struct {
	Description  string        `json:"DESCRIPTION,omitempty"`
	Organization string        `json:"ORGANIZATION"`
	Projects     []string      `json:"PROJECTS"`
	UpdatedBy    string        `json:"UPDATED_BY,omitempty"`
	LastUpdated  *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type GcpResourceGroupProps added in v0.15.0 

type GcpResourceGroupProps struct {
	Description  string        `json:"description,omitempty"`
	Organization string        `json:"organization"`
	Projects     []string      `json:"projects"`
	UpdatedBy    string        `json:"updatedBy,omitempty"`
	LastUpdated  *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (GcpResourceGroupProps) GetBaseProps added in v0.20.0 

func (props GcpResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (GcpResourceGroupProps) MarshalJSON added in v0.20.0 

func (props GcpResourceGroupProps) MarshalJSON() ([]byte, error)

type GcpResourceGroupResponse added in v0.15.0 

type GcpResourceGroupResponse struct {
	Data GcpResourceGroupData `json:"data"`
}

type GhcrCredentials added in v0.13.0 

type GhcrCredentials struct {
	Username string `json:"username"`
	Password string `json:"password,omitempty"`
	Ssl      bool   `json:"ssl"`
}

GcpCredentials is already defined in api/integrations_gcp.go:163 so we need to add a "V2" at the end to make it clear that this is the Google Credentials struct for API v2

type GhcrData added in v0.13.0 

type GhcrData struct {
	Credentials           GhcrCredentials     `json:"credentials"`
	RegistryNotifications bool                `json:"registryNotifications"`
	RegistryDomain        string              `json:"registryDomain"` // always "ghcr.io"
	RegistryType          string              `json:"registryType"`   // always "GHCR"
	LimitByTag            []string            `json:"limitByTag"`
	LimitByLabel          []map[string]string `json:"limitByLabel"`
	LimitByRep            []string            `json:"limitByRep"`
	LimitNumImg           int                 `json:"limitNumImg"`
	NonOSPackageEval      bool                `json:"nonOsPackageEval"`
}

type GhcrIntegration added in v0.13.0 

type GhcrIntegration struct {
	Data GhcrData `json:"data"`
	// contains filtered or unexported fields
}

func (GhcrIntegration) ContainerRegistryType added in v0.13.0 

func (reg GhcrIntegration) ContainerRegistryType() containerRegistryType

func (GhcrIntegration) ID added in v0.13.0 

func (c GhcrIntegration) ID() string

func (GhcrIntegration) StateString added in v0.34.0 

func (c GhcrIntegration) StateString() string

func (GhcrIntegration) Status added in v0.34.0 

func (c GhcrIntegration) Status() string

type GhcrIntegrationResponse added in v0.13.0 

type GhcrIntegrationResponse struct {
	Data GhcrIntegration `json:"data"`
}

type HostScanPackageVulnDetails added in v0.2.2 

type HostScanPackageVulnDetails struct {
	CVEProps struct {
		CveBatchID  string `json:"cve_batch_id"`
		Description string `json:"description"`
		Link        string `json:"link"`
		Metadata    struct {
			NVD struct {
				CVSSv2 struct {
					PublishedDateTime string  `json:"PublishedDateTime"`
					Score             float64 `json:"Score"`
					Vectors           string  `json:"Vectors"`
				} `json:"CVSSv2"`
				CVSSv3 struct {
					ExploitabilityScore float64 `json:"ExploitabilityScore"`
					ImpactScore         float64 `json:"ImpactScore"`
					Score               float64 `json:"Score"`
					Vectors             string  `json:"Vectors"`
				} `json:"CVSSv3"`
			} `json:"NVD"`
		} `json:"metadata"`
	} `json:"CVE_PROPS"`
	FeatureKey struct {
		Name      string `json:"name"`
		Namespace string `json:"namespace"`
	} `json:"FEATURE_KEY"`
	FixInfo   HostScanPackageVulnFixInfo `json:"FIX_INFO"`
	OsPkgInfo struct {
		Namespace     string `json:"namespace"`
		Os            string `json:"os"`
		OsVer         string `json:"os_ver"`
		Pkg           string `json:"pkg"`
		PkgVer        string `json:"pkg_ver"`
		VersionFormat string `json:"version_format"`
	} `json:"OS_PKG_INFO"`
	Props struct {
		EvalAlgo string `json:"eval_algo"`
	} `json:"PROPS"`
	Severity string `json:"SEVERITY"`
	Summary  struct {
		EvalCreatedTime          string `json:"eval_created_time"`
		EvalStatus               string `json:"eval_status"`
		NumFixableVuln           int    `json:"num_fixable_vuln"`
		NumFixableVulnBySeverity struct {
			Num1 int `json:"1"`
			Num2 int `json:"2"`
			Num3 int `json:"3"`
			Num4 int `json:"4"`
			Num5 int `json:"5"`
		} `json:"num_fixable_vuln_by_severity"`
		NumTotal          int `json:"num_total"`
		NumVuln           int `json:"num_vuln"`
		NumVulnBySeverity struct {
			Num1 int `json:"1"`
			Num2 int `json:"2"`
			Num3 int `json:"3"`
			Num4 int `json:"4"`
			Num5 int `json:"5"`
		} `json:"num_vuln_by_severity"`
	} `json:"SUMMARY"`
	VulnID string `json:"VULN_ID"`
}

func (*HostScanPackageVulnDetails) HasFix added in v0.2.10 

func (v *HostScanPackageVulnDetails) HasFix() bool

func (*HostScanPackageVulnDetails) Match added in v0.2.10 

func (v *HostScanPackageVulnDetails) Match() bool

func (*HostScanPackageVulnDetails) ScoreString added in v0.2.2 

func (scanPkg *HostScanPackageVulnDetails) ScoreString() string

type HostScanPackageVulnFixInfo added in v0.4.0 

type HostScanPackageVulnFixInfo struct {
	CompareResult               int    `json:"compare_result"`
	EvalStatus                  string `json:"eval_status"`
	FixAvailable                int    `json:"fix_available"`
	FixedVersion                string `json:"fixed_version"`
	FixedVersionComparisonInfos []struct {
		CurrFixVer                         string `json:"curr_fix_ver"`
		IsCurrFixVerGreaterThanOtherFixVer string `json:"is_curr_fix_ver_greater_than_other_fix_ver"`
		OtherFixVer                        string `json:"other_fix_ver"`
	} `json:"fixed_version_comparison_infos"`
	FixedVersionComparisonScore int    `json:"fixed_version_comparison_score"`
	MaxPrefixMatchingLenScore   int    `json:"max_prefix_matching_len_score"`
	VersionInstalled            string `json:"version_installed"`
}

type HostVulnCVE added in v0.2.0 

type HostVulnCVE struct {
	ID       string             `json:"cve_id"`
	Packages []HostVulnPackage  `json:"packages"`
	Summary  HostVulnCveSummary `json:"summary"`
}

type HostVulnCounts added in v0.2.0 

type HostVulnCounts struct {
	Critical     int32
	CritFixable  int32
	High         int32
	HighFixable  int32
	Medium       int32
	MedFixable   int32
	Low          int32
	LowFixable   int32
	Info         int32
	InfoFixable  int32
	Total        int32
	TotalFixable int32
}

func (*HostVulnCounts) HighestFixableSeverity added in v0.4.0 

func (h *HostVulnCounts) HighestFixableSeverity() string

HighestFixableSeverity returns the highest fixable severity level vulnerability

func (*HostVulnCounts) HighestSeverity added in v0.4.0 

func (h *HostVulnCounts) HighestSeverity() string

HighestSeverity returns the highest severity level vulnerability

func (*HostVulnCounts) TotalFixableVulnerabilities added in v0.4.0 

func (h *HostVulnCounts) TotalFixableVulnerabilities() int32

TotalFixableVulnerabilities returns the total number of vulnerabilities that have a fix available

type HostVulnCveSummary added in v0.2.0 

type HostVulnCveSummary struct {
	Severity             HostVulnSeverityCounts `json:"severity"`
	TotalVulnerabilities int                    `json:"total_vulnerabilities"`
	LastEvaluationTime   lwtime.EpochString     `json:"last_evaluation_time"`
}

type HostVulnDetail added in v0.2.0 

type HostVulnDetail struct {
	Details  hostVulnHostDetail `json:"host"`
	Packages []HostVulnPackage  `json:"packages"`
	Summary  HostVulnCveSummary `json:"summary"`
}

type HostVulnHostAssessment added in v0.2.0 

type HostVulnHostAssessment struct {
	Host hostVulnHostDetail `json:"host"`
	CVEs []HostVulnCVE      `json:"vulnerabilities"`
}

func (*HostVulnHostAssessment) VulnerabilityCounts added in v0.2.0 

func (assessment *HostVulnHostAssessment) VulnerabilityCounts() HostVulnCounts

type HostVulnPackage added in v0.2.0 

type HostVulnPackage struct {
	Name                string          `json:"name"`
	Namespace           string          `json:"namespace"`
	Severity            string          `json:"severity"`
	Status              string          `json:"status,omitempty"`
	VulnerabilityStatus string          `json:"vulnerability_status,omitempty"`
	Version             string          `json:"version"`
	HostCount           string          `json:"host_count"`
	PackageStatus       string          `json:"package_status"`
	Description         string          `json:"description"`
	CveLink             string          `json:"cve_link"`
	CvssScore           string          `json:"cvss_score"`
	CvssV2Score         string          `json:"cvss_v_2_score"`
	CvssV3Score         string          `json:"cvss_v_3_score"`
	FirstSeenTime       lwtime.RFC1123Z `json:"first_seen_time"`
	FixAvailable        string          `json:"fix_available"`
	FixedVersion        string          `json:"fixed_version"`
}

type HostVulnScanPkgManifestResponse added in v0.2.3 

type HostVulnScanPkgManifestResponse struct {
	Vulns   []HostScanPackageVulnDetails `json:"data"`
	Ok      bool                         `json:"ok"`
	Message string                       `json:"message"`
}

func (*HostVulnScanPkgManifestResponse) CleanResponse added in v0.2.10 

func (scanPkgManifest *HostVulnScanPkgManifestResponse) CleanResponse()

CleanResponse will go over all the vulnerabilities from a package-manifest scan and remove the non-matching ones, leaving only the vulnerabilities that matter

func (*HostVulnScanPkgManifestResponse) VulnerabilityCounts added in v0.2.3 

func (scanPkgManifest *HostVulnScanPkgManifestResponse) VulnerabilityCounts() HostVulnCounts

type HostVulnSeverityCounts added in v0.2.0 

type HostVulnSeverityCounts struct {
	Critical *HostVulnSeverityCountsDetails `json:"Critical"`
	High     *HostVulnSeverityCountsDetails `json:"High"`
	Medium   *HostVulnSeverityCountsDetails `json:"Medium"`
	Low      *HostVulnSeverityCountsDetails `json:"Low"`
	Info     *HostVulnSeverityCountsDetails `json:"Info"`
}

func (*HostVulnSeverityCounts) VulnerabilityCounts added in v0.2.0 

func (counts *HostVulnSeverityCounts) VulnerabilityCounts() HostVulnCounts

type HostVulnSeverityCountsDetails added in v0.4.0 

type HostVulnSeverityCountsDetails struct {
	Fixable         int32 `json:"fixable"`
	Vulnerabilities int32 `json:"vulnerabilities"`
}

type HostVulnerabilityService added in v0.2.0 

type HostVulnerabilityService struct {
	// contains filtered or unexported fields
}

HostVulnerabilityService is a service that interacts with the vulnerabilities endpoints for the host space from the Lacework Server

func (*HostVulnerabilityService) GetHostAssessment added in v0.2.0 

func (svc *HostVulnerabilityService) GetHostAssessment(id string) (
	response hostVulnHostResponse,
	err error,
)

func (*HostVulnerabilityService) ListCves added in v0.2.0 

func (svc *HostVulnerabilityService) ListCves() (
	response hostVulnListCvesResponse,
	err error,
)

func (*HostVulnerabilityService) ListHostsWithCVE added in v0.2.0 

func (svc *HostVulnerabilityService) ListHostsWithCVE(id string) (
	response hostVulnListHostsResponse,
	err error,
)

func (*HostVulnerabilityService) Scan added in v0.2.0 

func (svc *HostVulnerabilityService) Scan(manifest *PackageManifest) (
	response HostVulnScanPkgManifestResponse,
	err error,
)

Scan requests an on-demand vulnerability assessment of your software packages to determine if the packages contain any common vulnerabilities and exposures

NOTE: Only packages managed by a package manager for supported OS's are reported

type IbmQRadarAlertChannelResponseV2 added in v0.18.0 

type IbmQRadarAlertChannelResponseV2 struct {
	Data IbmQRadarAlertChannelV2 `json:"data"`
}

type IbmQRadarAlertChannelV2 added in v0.18.0 

type IbmQRadarAlertChannelV2 struct {
	Data IbmQRadarDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (IbmQRadarAlertChannelV2) ID added in v0.18.0 

func (c IbmQRadarAlertChannelV2) ID() string

func (IbmQRadarAlertChannelV2) StateString added in v0.34.0 

func (c IbmQRadarAlertChannelV2) StateString() string

func (IbmQRadarAlertChannelV2) Status added in v0.34.0 

func (c IbmQRadarAlertChannelV2) Status() string

type IbmQRadarDataV2 added in v0.18.0 

type IbmQRadarDataV2 struct {
	QRadarCommType qradarComm `json:"qradarCommType"`
	HostURL        string     `json:"qradarHostUrl"`
	HostPort       int        `json:"qradarHostPort,omitempty"`
}

type ImageEntity added in v0.25.0 

type ImageEntity struct {
	ContainerType string    `json:"containerType"`
	CreatedTime   time.Time `json:"createdTime"`
	ImageID       string    `json:"imageId"`
	Mid           int       `json:"mid"`
	Repo          string    `json:"repo"`
	Size          int       `json:"size"`
	Tag           string    `json:"tag"`
}

type ImagesEntityResponse added in v0.25.0 

type ImagesEntityResponse struct {
	Data   []ImageEntity `json:"data"`
	Paging V2Pagination  `json:"paging"`
}

func (ImagesEntityResponse) PageInfo added in v0.25.0 

func (r ImagesEntityResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (*ImagesEntityResponse) ResetPaging added in v0.25.0 

func (r *ImagesEntityResponse) ResetPaging()

type InlineScannerData added in v0.39.0 

type InlineScannerData struct {
	RegistryType  string              `json:"registryType"` // always "INLINE_SCANNER"
	IdentifierTag []map[string]string `json:"identifierTag"`
	// @afiune reported bug
	// > https://lacework.atlassian.net/browse/RAIN-33574
	LimitNumScan int `json:"limitNumScan,omitempty"`
}

type InlineScannerIntegration added in v0.39.0 

type InlineScannerIntegration struct {
	Data        InlineScannerData        `json:"data"`
	ServerToken InlineScannerServerToken `json:"serverToken"`
	// contains filtered or unexported fields
}

func (InlineScannerIntegration) ContainerRegistryType added in v0.39.0 

func (reg InlineScannerIntegration) ContainerRegistryType() containerRegistryType

func (InlineScannerIntegration) ID added in v0.39.0 

func (c InlineScannerIntegration) ID() string

func (InlineScannerIntegration) StateString added in v0.39.0 

func (c InlineScannerIntegration) StateString() string

func (InlineScannerIntegration) Status added in v0.39.0 

func (c InlineScannerIntegration) Status() string

type InlineScannerIntegrationResponse added in v0.39.0 

type InlineScannerIntegrationResponse struct {
	Data InlineScannerIntegration `json:"data"`
}

type InlineScannerServerToken added in v0.39.0 

type InlineScannerServerToken struct {
	Token string `json:"serverToken"`
	URI   string `json:"uri"`
}

type IntegrationState added in v0.1.6 

type IntegrationState struct {
	Ok                 bool                   `json:"ok"`
	LastUpdatedTime    string                 `json:"lastUpdatedTime"`
	LastSuccessfulTime string                 `json:"lastSuccessfulTime"`
	Details            map[string]interface{} `json:"details,omitempty"`
}

type IntegrationsService 

type IntegrationsService struct {
	// contains filtered or unexported fields
}

IntegrationsService is a service that interacts with the integrations endpoints from the Lacework Server

func (*IntegrationsService) AwsAccountIDs added in v0.39.0 

func (svc *IntegrationsService) AwsAccountIDs() ([]string, error)

AwsAccountIDs retrieves a string slice of aws account ids

func (*IntegrationsService) CreateAws 

func (svc *IntegrationsService) CreateAws(integration AwsIntegration) (
	response AwsIntegrationsResponse,
	err error,
)

CreateAws creates a single AWS integration on the Lacework Server

func (*IntegrationsService) CreateAwsCloudWatchAlertChannel added in v0.1.22 

func (svc *IntegrationsService) CreateAwsCloudWatchAlertChannel(integration AwsCloudWatchAlertChannel) (
	response AwsCloudWatchResponse,
	err error,
)

CreateAwsCloudWatchAlertChannel creates a AWS CloudWatch alert channel on the Lacework Server

func (*IntegrationsService) CreateAwsEcrWithAccessKey added in v0.2.22 

func (svc *IntegrationsService) CreateAwsEcrWithAccessKey(integration AwsEcrWithAccessKeyIntegration) (
	response AwsEcrWithAccessKeyIntegrationResponse,
	err error,
)

CreateAwsEcrWithAccessKey creates an AWS_ECR integration using an AWS Access Key as authenticatin method to access the registry

func (*IntegrationsService) CreateAwsEcrWithCrossAccount added in v0.2.22 

func (svc *IntegrationsService) CreateAwsEcrWithCrossAccount(integration AwsEcrWithCrossAccountIntegration) (
	response AwsEcrWithCrossAccountIntegrationResponse,
	err error,
)

CreateAwsEcrWithCrossAccount creates an AWS_ECR integration using an IAM Role as authenticatin method to access the registry

func (*IntegrationsService) CreateAwsS3AlertChannel added in v0.2.12 

func (svc *IntegrationsService) CreateAwsS3AlertChannel(integration AwsS3AlertChannel) (
	response AwsS3AlertChannelResponse,
	err error,
)

CreateAwsS3AlertChannel creates an AWS_S3 alert channel integration on the Lacework Server

func (*IntegrationsService) CreateAzure 

func (svc *IntegrationsService) CreateAzure(integration AzureIntegration) (
	response AzureIntegrationsResponse,
	err error,
)

CreateAzure creates a single Azure integration on the Lacework Server

func (*IntegrationsService) CreateCiscoWebexAlertChannel added in v0.2.19 

func (svc *IntegrationsService) CreateCiscoWebexAlertChannel(integration CiscoWebexAlertChannel) (
	response CiscoWebexAlertChannelResponse,
	err error,
)

CreateCiscoWebexAlertChannel creates a ciscoWebex alert channel integration on the Lacework Server

func (*IntegrationsService) CreateContainerRegistry added in v0.1.9 

func (svc *IntegrationsService) CreateContainerRegistry(integration ContainerRegIntegration) (
	response ContainerRegIntResponse,
	err error,
)

CreateContainerRegistry creates a container registry integration on the Lacework Server

func (*IntegrationsService) CreateDatadogAlertChannel added in v0.2.18 

func (svc *IntegrationsService) CreateDatadogAlertChannel(integration DatadogAlertChannel) (
	response DatadogAlertChannelResponse,
	err error,
)

CreateDatadogAlertChannel creates a datadog alert channel integration on the Lacework Server

func (*IntegrationsService) CreateGcp 

func (svc *IntegrationsService) CreateGcp(data GcpIntegration) (
	response GcpIntegrationsResponse,
	err error,
)

CreateGcp creates a single Gcp integration on the Lacework Server

func (*IntegrationsService) CreateGcpPubSubAlertChannel added in v0.2.15 

func (svc *IntegrationsService) CreateGcpPubSubAlertChannel(integration GcpPubSubAlertChannel) (
	response GcpPubSubAlertChannelResponse,
	err error,
)

CreateGcpPubSubAlertChannel creates an GCP_PUBSUB alert channel integration on the Lacework Server

func (*IntegrationsService) CreateJiraAlertChannel added in v0.1.24 

func (svc *IntegrationsService) CreateJiraAlertChannel(integration JiraAlertChannel) (
	response JiraAlertChannelResponse,
	err error,
)

CreateJiraAlertChannel creates a jira alert channel integration on the Lacework Server

func (*IntegrationsService) CreateMicrosoftTeamsAlertChannel added in v0.2.19 

func (svc *IntegrationsService) CreateMicrosoftTeamsAlertChannel(integration MicrosoftTeamsAlertChannel) (
	response MicrosoftTeamsAlertChannelResponse,
	err error,
)

CreateMicrosoftTeamsAlertChannel creates a msTeams alert channel integration on the Lacework Server

func (*IntegrationsService) CreateNewRelicAlertChannel added in v0.2.20 

func (svc *IntegrationsService) CreateNewRelicAlertChannel(integration NewRelicAlertChannel) (
	response NewRelicAlertChannelResponse,
	err error,
)

CreateNewRelicAlertChannel creates an NEW_RELIC_INSIGHTS alert channel integration on the Lacework Server

func (*IntegrationsService) CreatePagerDutyAlertChannel added in v0.1.22 

func (svc *IntegrationsService) CreatePagerDutyAlertChannel(integration PagerDutyAlertChannel) (
	response PagerDutyAlertChannelResponse,
	err error,
)

CreatePagerDutyAlertChannel creates a pager duty alert channel integration on the Lacework Server

func (*IntegrationsService) CreateQRadarAlertChannel added in v0.2.20 

func (svc *IntegrationsService) CreateQRadarAlertChannel(integration QRadarAlertChannel) (
	response QRadarAlertChannelResponse,
	err error,
)

CreateQRadarAlertChannel creates a qradar alert channel integration on the Lacework Server

func (*IntegrationsService) CreateServiceNowAlertChannel added in v0.2.16 

func (svc *IntegrationsService) CreateServiceNowAlertChannel(integration ServiceNowAlertChannel) (
	response ServiceNowAlertChannelResponse,
	err error,
)

CreateServiceNowAlertChannel creates a serviceNow alert channel integration on the Lacework Server

func (*IntegrationsService) CreateSlackAlertChannel added in v0.1.22 

func (svc *IntegrationsService) CreateSlackAlertChannel(integration SlackAlertChannel) (
	response SlackAlertChannelResponse,
	err error,
)

CreateSlackAlertChannel creates a slack alert channel integration on the Lacework Server

func (*IntegrationsService) CreateSplunkAlertChannel added in v0.2.14 

func (svc *IntegrationsService) CreateSplunkAlertChannel(integration SplunkAlertChannel) (
	response SplunkAlertChannelResponse,
	err error,
)

CreateSplunkAlertChannel creates a splunk alert channel integration on the Lacework Server

func (*IntegrationsService) CreateVictorOpsAlertChannel added in v0.2.19 

func (svc *IntegrationsService) CreateVictorOpsAlertChannel(integration VictorOpsAlertChannel) (
	response VictorOpsAlertChannelResponse,
	err error,
)

CreateVictorOpsAlertChannel creates a datadog alert channel integration on the Lacework Server

func (*IntegrationsService) CreateWebhookAlertChannel added in v0.2.11 

func (svc *IntegrationsService) CreateWebhookAlertChannel(integration WebhookAlertChannel) (
	response WebhookAlertChannelResponse,
	err error,
)

CreateWebhookAlertChannel creates a webhook alert channel integration on the Lacework Server

func (*IntegrationsService) Delete 

func (svc *IntegrationsService) Delete(guid string) (
	response RawIntegrationsResponse,
	err error,
)

Delete deletes a single integration matching the integration guid on the Lacework Server the returned integration contains the 'Data' field raw (map of interfaces)

func (*IntegrationsService) DeleteAws 

func (svc *IntegrationsService) DeleteAws(guid string) (
	response AwsIntegrationsResponse,
	err error,
)

DeleteAws deletes a single AWS integration matching the integration guid on the Lacework Server

func (*IntegrationsService) DeleteAzure 

func (svc *IntegrationsService) DeleteAzure(guid string) (
	response AzureIntegrationsResponse,
	err error,
)

DeleteAzure deletes a single Azure integration matching the integration on the Lacework Server

func (*IntegrationsService) DeleteGcp 

func (svc *IntegrationsService) DeleteGcp(guid string) (
	response GcpIntegrationsResponse,
	err error,
)

DeleteGcp deletes a single Gcp integration matching the integration guid on the Lacework Server

func (*IntegrationsService) Get 

func (svc *IntegrationsService) Get(guid string) (
	response RawIntegrationsResponse,
	err error,
)

Get gets a single integration matching the integration guid on the Lacework Server, the returned integration contains the 'Data' field raw (map of interfaces)

func (*IntegrationsService) GetAws 

func (svc *IntegrationsService) GetAws(guid string) (
	response AwsIntegrationsResponse,
	err error,
)

GetAws gets a single AWS integration matching the integration guid on the Lacework Server

func (*IntegrationsService) GetAwsCloudWatchAlertChannel added in v0.1.22 

func (svc *IntegrationsService) GetAwsCloudWatchAlertChannel(guid string) (
	response AwsCloudWatchResponse,
	err error,
)

GetAwsCloudWatchAlertChannel gets a AWS CloudWatch alert channel that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetAwsEcrWithAccessKey added in v0.2.22 

func (svc *IntegrationsService) GetAwsEcrWithAccessKey(guid string) (
	response AwsEcrWithAccessKeyIntegrationResponse,
	err error,
)

GetAwsEcrWithAccessKey gets an AWS_ECR integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetAwsEcrWithCrossAccount added in v0.2.22 

func (svc *IntegrationsService) GetAwsEcrWithCrossAccount(guid string) (
	response AwsEcrWithCrossAccountIntegrationResponse,
	err error,
)

GetAwsEcrWithCrossAccount gets an AWS_ECR integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetAwsS3AlertChannel added in v0.2.12 

func (svc *IntegrationsService) GetAwsS3AlertChannel(guid string) (
	response AwsS3AlertChannelResponse,
	err error,
)

GetAwsS3AlertChannel gets an AWS_S3 alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetAzure 

func (svc *IntegrationsService) GetAzure(guid string) (
	response AzureIntegrationsResponse,
	err error,
)

GetAzure gets a single Azure integration matching the integration guid on the Lacework Server

func (*IntegrationsService) GetCiscoWebexAlertChannel added in v0.2.19 

func (svc *IntegrationsService) GetCiscoWebexAlertChannel(guid string) (response CiscoWebexAlertChannelResponse,
	err error)

GetCiscoWebexAlertChannel gets a ciscoWebex alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetContainerRegistry added in v0.1.22 

func (svc *IntegrationsService) GetContainerRegistry(guid string) (
	response ContainerRegIntResponse,
	err error,
)

GetContainerRegistry gets a container registry integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetDatadogAlertChannel added in v0.2.18 

func (svc *IntegrationsService) GetDatadogAlertChannel(guid string) (response DatadogAlertChannelResponse,
	err error)

GetDatadogAlertChannel gets a datadog alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetGcp 

func (svc *IntegrationsService) GetGcp(guid string) (
	response GcpIntegrationsResponse,
	err error,
)

GetGcp gets a single Gcp integration matching the integration guid on the Lacework Server

func (*IntegrationsService) GetGcpPubSubAlertChannel added in v0.2.15 

func (svc *IntegrationsService) GetGcpPubSubAlertChannel(guid string) (
	response GcpPubSubAlertChannelResponse,
	err error,
)

GetGcpPubSubAlertChannel gets an GCP_PUBSUB alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetJiraAlertChannel added in v0.1.24 

func (svc *IntegrationsService) GetJiraAlertChannel(guid string) (
	response JiraAlertChannelResponse,
	err error,
)

GetJiraAlertChannel gets a jira alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetMicrosoftTeamsAlertChannel added in v0.2.19 

func (svc *IntegrationsService) GetMicrosoftTeamsAlertChannel(guid string) (response MicrosoftTeamsAlertChannelResponse,
	err error)

GetMicrosoftTeamsAlertChannel gets a msTeams alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetNewRelicAlertChannel added in v0.2.20 

func (svc *IntegrationsService) GetNewRelicAlertChannel(guid string) (
	response NewRelicAlertChannelResponse,
	err error,
)

GetNewRelicAlertChannel gets an NEW_RELIC_INSIGHTS alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetPagerDutyAlertChannel added in v0.1.22 

func (svc *IntegrationsService) GetPagerDutyAlertChannel(guid string) (
	response PagerDutyAlertChannelResponse,
	err error,
)

GetPagerDutyAlertChannel gets a pager duty alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetQRadarAlertChannel added in v0.2.20 

func (svc *IntegrationsService) GetQRadarAlertChannel(guid string) (response QRadarAlertChannelResponse,
	err error)

GetQRadarAlertChannel gets a qradar alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetSchema 

func (svc *IntegrationsService) GetSchema(iType integrationType) (
	response map[string]interface{},
	err error,
)

GetSchema get the integration schema for the provided integration type

func (*IntegrationsService) GetServiceNowAlertChannel added in v0.2.16 

func (svc *IntegrationsService) GetServiceNowAlertChannel(guid string) (response ServiceNowAlertChannelResponse,
	err error)

GetServiceNowAlertChannel gets a serviceNow alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetSlackAlertChannel added in v0.1.22 

func (svc *IntegrationsService) GetSlackAlertChannel(guid string) (
	response SlackAlertChannelResponse,
	err error,
)

GetSlackAlertChannel gets a slack alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetSplunkAlertChannel added in v0.2.14 

func (svc *IntegrationsService) GetSplunkAlertChannel(guid string) (response SplunkAlertChannelResponse,
	err error)

GetSplunkAlertChannel gets a splunk alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetVictorOpsAlertChannel added in v0.2.19 

func (svc *IntegrationsService) GetVictorOpsAlertChannel(guid string) (response VictorOpsAlertChannelResponse,
	err error)

GetVictorOpsAlertChannel gets a datadog alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) GetWebhookAlertChannel added in v0.2.11 

func (svc *IntegrationsService) GetWebhookAlertChannel(guid string) (response WebhookAlertChannelResponse,
	err error)

GetWebhookAlertChannel gets a webhook alert channel integration that matches with the provided integration guid on the Lacework Server

func (*IntegrationsService) List 

func (svc *IntegrationsService) List() (response RawIntegrationsResponse, err error)

List lists the external integrations available on the Lacework Server

func (*IntegrationsService) ListAwsCfg 

func (svc *IntegrationsService) ListAwsCfg() (response AwsIntegrationsResponse, err error)

ListAwsCfg lists the AWS_CFG external integrations available on the Lacework Server

func (*IntegrationsService) ListAwsCloudTrail 

func (svc *IntegrationsService) ListAwsCloudTrail() (response AwsIntegrationsResponse, err error)

ListAwsCloudTrail lists the AWS_CT_SQS external integrations available on the Lacework Server

func (*IntegrationsService) ListAwsCloudWatchAlertChannel added in v0.1.22 

func (svc *IntegrationsService) ListAwsCloudWatchAlertChannel() (response AwsCloudWatchResponse, err error)

ListAwsCloudWatchAlertChannel lists the CLOUDWATCH_EB external integrations available on the Lacework Server

func (*IntegrationsService) ListAwsS3AlertChannel added in v0.2.12 

func (svc *IntegrationsService) ListAwsS3AlertChannel() (response AwsS3AlertChannelResponse, err error)

ListAwsS3AlertChannel lists the AWS_S3 external integrations available on the Lacework Server

func (*IntegrationsService) ListAzureActivityLog 

func (svc *IntegrationsService) ListAzureActivityLog() (
	response AzureIntegrationsResponse, err error,
)

ListAzureActivityLog lists the AZURE_AL_SEQ external integrations available on the Lacework Server

func (*IntegrationsService) ListAzureCfg 

func (svc *IntegrationsService) ListAzureCfg() (
	response AzureIntegrationsResponse, err error,
)

ListAzureCfg lists the AZURE_CFG external integrations available on the Lacework Server

func (*IntegrationsService) ListByType 

func (svc *IntegrationsService) ListByType(iType integrationType) (response RawIntegrationsResponse, err error)

ListByType lists the external integrations from the provided type that are available on the Lacework Server

func (*IntegrationsService) ListCiscoWebexAlertChannel added in v0.2.19 

func (svc *IntegrationsService) ListCiscoWebexAlertChannel() (response CiscoWebexAlertChannelResponse, err error)

ListCiscoWebexAlertChannel lists the WEBHOOK external integrationS available on the Lacework Server

func (*IntegrationsService) ListContainerRegistryIntegrations added in v0.3.0 

func (svc *IntegrationsService) ListContainerRegistryIntegrations() (response ContainerRegIntResponse, err error)

ListContainerRegistryIntegrations lists the CONT_VULN_CFG external integrations available on the Lacework Server

func (*IntegrationsService) ListDatadogAlertChannel added in v0.2.18 

func (svc *IntegrationsService) ListDatadogAlertChannel() (response DatadogAlertChannelResponse, err error)

ListDatadogAlertChannel lists the datadog alert channel integrations available on the Lacework Server

func (*IntegrationsService) ListGcpAuditLog 

func (svc *IntegrationsService) ListGcpAuditLog() (response GcpIntegrationsResponse, err error)

ListGcpAuditLog lists the GCP_AT_SES external integrations available on the Lacework Server

func (*IntegrationsService) ListGcpCfg 

func (svc *IntegrationsService) ListGcpCfg() (response GcpIntegrationsResponse, err error)

ListGcpCfg lists the GCP_CFG external integrations available on the Lacework Server

func (*IntegrationsService) ListGcpPubSubAlertChannel added in v0.2.15 

func (svc *IntegrationsService) ListGcpPubSubAlertChannel() (response GcpPubSubAlertChannelResponse, err error)

ListGcpPubSubAlertChannel lists the GCP_PUBSUB external integrations available on the Lacework Server

func (*IntegrationsService) ListJiraAlertChannel added in v0.1.24 

func (svc *IntegrationsService) ListJiraAlertChannel() (response JiraAlertChannelResponse, err error)

ListJiraAlertChannel lists the JIRA external integrations available on the Lacework Server

func (*IntegrationsService) ListMicrosoftTeamsAlertChannel added in v0.2.19 

func (svc *IntegrationsService) ListMicrosoftTeamsAlertChannel() (response MicrosoftTeamsAlertChannelResponse, err error)

ListMicrosoftTeamsAlertChannel lists the Microsoft Teams external integrations available on the Lacework Server

func (*IntegrationsService) ListNewRelicAlertChannel added in v0.2.20 

func (svc *IntegrationsService) ListNewRelicAlertChannel() (response NewRelicAlertChannelResponse, err error)

ListNewRelicAlertChannel lists the NEW_RELIC_INSIGHTS external integrations available on the Lacework Server

func (*IntegrationsService) ListPagerDutyAlertChannel added in v0.1.22 

func (svc *IntegrationsService) ListPagerDutyAlertChannel() (response PagerDutyAlertChannelResponse, err error)

ListPagerDutyAlertChannel lists the PAGER_DUTY_API external integrations available on the Lacework Server

func (*IntegrationsService) ListQRadarAlertChannel added in v0.2.20 

func (svc *IntegrationsService) ListQRadarAlertChannel() (response QRadarAlertChannelResponse, err error)

ListQRadarAlertChannel lists the qradar alert channel integrations available on the Lacework Server

func (*IntegrationsService) ListServiceNowAlertChannel added in v0.2.16 

func (svc *IntegrationsService) ListServiceNowAlertChannel() (response ServiceNowAlertChannelResponse, err error)

ListServiceNowAlertChannel lists the serviceNow alert channel integrations available on the Lacework Server

func (*IntegrationsService) ListSlackAlertChannel added in v0.1.22 

func (svc *IntegrationsService) ListSlackAlertChannel() (response SlackAlertChannelResponse, err error)

ListSlackAlertChannel lists the SLACK_CHANNEL external integrations available on the Lacework Server

func (*IntegrationsService) ListSplunkAlertChannel added in v0.2.14 

func (svc *IntegrationsService) ListSplunkAlertChannel() (response SplunkAlertChannelResponse, err error)

ListSplunkAlertChannel lists the splunk alert channel integrations available on the Lacework Server

func (*IntegrationsService) ListVictorOpsAlertChannel added in v0.2.19 

func (svc *IntegrationsService) ListVictorOpsAlertChannel() (response VictorOpsAlertChannelResponse, err error)

ListVictorOpsAlertChannel lists the datadog alert channel integrations available on the Lacework Server

func (*IntegrationsService) ListWebhookAlertChannel added in v0.2.11 

func (svc *IntegrationsService) ListWebhookAlertChannel() (response WebhookAlertChannelResponse, err error)

ListWebhookAlertChannel lists the WEBHOOK external integrationS available on the Lacework Server

func (*IntegrationsService) UpdateAws 

func (svc *IntegrationsService) UpdateAws(data AwsIntegration) (
	response AwsIntegrationsResponse,
	err error,
)

UpdateAws updates a single AWS integration on the Lacework Server

func (*IntegrationsService) UpdateAwsCloudWatchAlertChannel added in v0.1.22 

func (svc *IntegrationsService) UpdateAwsCloudWatchAlertChannel(data AwsCloudWatchAlertChannel) (
	response AwsCloudWatchResponse,
	err error,
)

UpdateAwsCloudWatchAlertChannel updates a single AWS CloudWatch alert channel

func (*IntegrationsService) UpdateAwsEcrWithAccessKey added in v0.2.22 

func (svc *IntegrationsService) UpdateAwsEcrWithAccessKey(integration AwsEcrWithAccessKeyIntegration) (
	response AwsEcrWithAccessKeyIntegrationResponse,
	err error,
)

UpdateAwsEcrWithAccessKey updates a single AWS_ECR integration

func (*IntegrationsService) UpdateAwsEcrWithCrossAccount added in v0.2.22 

func (svc *IntegrationsService) UpdateAwsEcrWithCrossAccount(integration AwsEcrWithCrossAccountIntegration) (
	response AwsEcrWithCrossAccountIntegrationResponse,
	err error,
)

UpdateAwsEcrWithCrossAccount updates a single AWS_ECR integration

func (*IntegrationsService) UpdateAwsS3AlertChannel added in v0.2.12 

func (svc *IntegrationsService) UpdateAwsS3AlertChannel(data AwsS3AlertChannel) (
	response AwsS3AlertChannelResponse,
	err error,
)

UpdateAwsS3AlertChannel updates a single AWS_S3 alert channel integration

func (*IntegrationsService) UpdateAzure 

func (svc *IntegrationsService) UpdateAzure(data AzureIntegration) (
	response AzureIntegrationsResponse,
	err error,
)

UpdateAzure updates a single Azure integration on the Lacework Server

func (*IntegrationsService) UpdateCiscoWebexAlertChannel added in v0.2.19 

func (svc *IntegrationsService) UpdateCiscoWebexAlertChannel(data CiscoWebexAlertChannel) (
	response CiscoWebexAlertChannelResponse,
	err error,
)

UpdateCiscoWebexAlertChannel updates a single ciscoWebex alert channel integration

func (*IntegrationsService) UpdateContainerRegistry added in v0.1.22 

func (svc *IntegrationsService) UpdateContainerRegistry(integration ContainerRegIntegration) (
	response ContainerRegIntResponse,
	err error,
)

UpdateContainerRegistry updates a single container registry integration

func (*IntegrationsService) UpdateDatadogAlertChannel added in v0.2.18 

func (svc *IntegrationsService) UpdateDatadogAlertChannel(data DatadogAlertChannel) (
	response DatadogAlertChannelResponse,
	err error,
)

UpdateDatadogAlertChannel updates a single datadog alert channel integration

func (*IntegrationsService) UpdateGcp 

func (svc *IntegrationsService) UpdateGcp(data GcpIntegration) (
	response GcpIntegrationsResponse,
	err error,
)

UpdateGcp updates a single Gcp integration on the Lacework Server

func (*IntegrationsService) UpdateGcpPubSubAlertChannel added in v0.2.15 

func (svc *IntegrationsService) UpdateGcpPubSubAlertChannel(data GcpPubSubAlertChannel) (
	response GcpPubSubAlertChannelResponse,
	err error,
)

UpdateGcpPubSubAlertChannel updates a single GCP_PUBSUB alert channel integration

func (*IntegrationsService) UpdateJiraAlertChannel added in v0.1.24 

func (svc *IntegrationsService) UpdateJiraAlertChannel(data JiraAlertChannel) (
	response JiraAlertChannelResponse,
	err error,
)

UpdateJiraAlertChannel updates a single jira alert channel integration

func (*IntegrationsService) UpdateMicrosoftTeamsAlertChannel added in v0.2.19 

func (svc *IntegrationsService) UpdateMicrosoftTeamsAlertChannel(data MicrosoftTeamsAlertChannel) (
	response MicrosoftTeamsAlertChannelResponse,
	err error,
)

UpdateMicrosoftTeamsAlertChannel updates a single msTeams alert channel integration

func (*IntegrationsService) UpdateNewRelicAlertChannel added in v0.2.20 

func (svc *IntegrationsService) UpdateNewRelicAlertChannel(data NewRelicAlertChannel) (
	response NewRelicAlertChannelResponse,
	err error,
)

UpdateNewRelicAlertChannel updates a single NEW_RELIC_INSIGHTS alert channel integration

func (*IntegrationsService) UpdatePagerDutyAlertChannel added in v0.1.22 

func (svc *IntegrationsService) UpdatePagerDutyAlertChannel(data PagerDutyAlertChannel) (
	response PagerDutyAlertChannelResponse,
	err error,
)

UpdatePagerDutyAlertChannel updates a single pager duty alert channel integration

func (*IntegrationsService) UpdateQRadarAlertChannel added in v0.2.20 

func (svc *IntegrationsService) UpdateQRadarAlertChannel(data QRadarAlertChannel) (
	response QRadarAlertChannelResponse,
	err error,
)

UpdateQRadarAlertChannel updates a single qradar alert channel integration

func (*IntegrationsService) UpdateServiceNowAlertChannel added in v0.2.16 

func (svc *IntegrationsService) UpdateServiceNowAlertChannel(data ServiceNowAlertChannel) (
	response ServiceNowAlertChannelResponse,
	err error,
)

UpdateServiceNowAlertChannel updates a single serviceNow alert channel integration

func (*IntegrationsService) UpdateSlackAlertChannel added in v0.1.22 

func (svc *IntegrationsService) UpdateSlackAlertChannel(data SlackAlertChannel) (
	response SlackAlertChannelResponse,
	err error,
)

UpdateSlackAlertChannel updates a single slack alert channel integration

func (*IntegrationsService) UpdateSplunkAlertChannel added in v0.2.14 

func (svc *IntegrationsService) UpdateSplunkAlertChannel(data SplunkAlertChannel) (
	response SplunkAlertChannelResponse,
	err error,
)

UpdateSplunkAlertChannel updates a single splunk alert channel integration

func (*IntegrationsService) UpdateVictorOpsAlertChannel added in v0.2.19 

func (svc *IntegrationsService) UpdateVictorOpsAlertChannel(data VictorOpsAlertChannel) (
	response VictorOpsAlertChannelResponse,
	err error,
)

UpdateVictorOpsAlertChannel updates a single datadog alert channel integration

func (*IntegrationsService) UpdateWebhookAlertChannel added in v0.2.11 

func (svc *IntegrationsService) UpdateWebhookAlertChannel(data WebhookAlertChannel) (
	response WebhookAlertChannelResponse,
	err error,
)

UpdateWebhookAlertChannel updates a single webhook alert channel integration

type InventoryAws added in v0.41.0 

type InventoryAws struct {
	ApiKey         string `json:"apiKey"`
	Csp            string `json:"csp"`
	EndTime        string `json:"endTime"`
	StartTime      string `json:"startTime"`
	ResourceId     string `json:"resourceId"`
	ResourceRegion string `json:"resourceRegion"`
	ResourceTags   any    `json:"resourceTags"`
	ResourceType   string `json:"resourceType"`
	Service        string `json:"service"`
	Urn            string `json:"urn"`
	CloudDetails   struct {
		AccountAlias string `json:"accountAlias"`
		AccountID    string `json:"accountID"`
	} `json:"cloudDetails"`
	Status struct {
		FormatVersion int    `json:"formatVersion"`
		Props         any    `json:"props"`
		Status        string `json:"status"`
		// Error status
		ErrorMessage string `json:"errorMessage,omitempty"`
		ErrorType    string `json:"errorType,omitempty"`
	} `json:"status"`
	ResourceConfig any `json:"resourceConfig"`
}

type InventoryAwsResponse added in v0.41.0 

type InventoryAwsResponse struct {
	Data   []InventoryAws `json:"data"`
	Paging V2Pagination   `json:"paging"`
}

func (InventoryAwsResponse) PageInfo added in v0.41.0 

func (r InventoryAwsResponse) PageInfo() *V2Pagination

func (*InventoryAwsResponse) ResetPaging added in v0.41.0 

func (r *InventoryAwsResponse) ResetPaging()

type InventorySearch added in v0.41.0 

type InventorySearch struct {
	SearchFilter
	Csp     inventoryType    `json:"csp"`
	Dataset inventoryDataset `json:"dataset"`
}

type InventoryService added in v0.41.0 

type InventoryService struct {
	// contains filtered or unexported fields
}

func (*InventoryService) Search added in v0.41.0 

func (svc *InventoryService) Search(response interface{}, filters InventorySearch) error

Search expects the response and the search filters

e.g. 

 var (
	  awsInventorySearchResponse api.InventoryAwsResponse
	  filter = api.InventorySearch{
		  SearchFilter: api.SearchFilter{
			  Filters: []api.Filter{{
				  Expression: "eq",
				  Field:      "urn",
				  Value:      arn:aws:s3:::my-bucket,
			  }},
		  },
		  Dataset: api.AwsComplianceEvaluationDataset,
	  }
 )
  lacework.V2.Inventory.Search(&awsInventorySearchResponse, filters)

type JiraAlertChannel added in v0.1.24 

type JiraAlertChannel struct {
	Data JiraAlertChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewJiraAlertChannel added in v0.1.24 

func NewJiraAlertChannel(name string, data JiraAlertChannelData) JiraAlertChannel

NewJiraAlertChannel returns an instance of JiraAlertChannel with the provided name and data.

Basic usage: Initialize a new JiraAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

jiraAlert := api.NewJiraAlertChannel("foo",
  api.JiraAlertChannelData{
    JiraType:         api.JiraCloudAlertType,
    JiraUrl:          "mycompany.atlassian.net",
    IssueType:        "Bug",
    ProjectID:        "EXAMPLE",
    Username:         "me",
    ApiToken:         "my-api-token",
    IssueGrouping:    "Resources",
  },
)

client.Integrations.CreateJiraAlertChannel(jiraAlert)

func NewJiraCloudAlertChannel added in v0.1.24 

func NewJiraCloudAlertChannel(name string, data JiraAlertChannelData) JiraAlertChannel

NewJiraCloudAlertChannel returns a JiraAlertChannel instance preconfigured as a JIRA_CLOUD type

func NewJiraServerAlertChannel added in v0.1.24 

func NewJiraServerAlertChannel(name string, data JiraAlertChannelData) JiraAlertChannel

NewJiraServerAlertChannel returns a JiraAlertChannel instance preconfigured as a JIRA_SERVER type

func (JiraAlertChannel) StateString added in v0.1.24 

func (c JiraAlertChannel) StateString() string

func (JiraAlertChannel) Status added in v0.1.24 

func (c JiraAlertChannel) Status() string

type JiraAlertChannelData added in v0.1.24 

type JiraAlertChannelData struct {
	JiraType      string `json:"JIRA_TYPE" mapstructure:"JIRA_TYPE"`
	JiraUrl       string `json:"JIRA_URL" mapstructure:"JIRA_URL"`
	IssueType     string `json:"ISSUE_TYPE" mapstructure:"ISSUE_TYPE"`
	ProjectID     string `json:"PROJECT_ID" mapstructure:"PROJECT_ID"`
	Username      string `json:"USERNAME" mapstructure:"USERNAME"`
	ApiToken      string `json:"API_TOKEN,omitempty" mapstructure:"API_TOKEN"` // Jira Cloud
	Password      string `json:"PASSWORD,omitempty" mapstructure:"PASSWORD"`   // Jira Server
	IssueGrouping string `json:"ISSUE_GROUPING,omitempty" mapstructure:"ISSUE_GROUPING"`

	// This field must be a base64 encode with the following format:
	//
	// "data:application/json;name=i.json;base64,[ENCODING]"
	//
	// [ENCODING] is the the base64 encode, use EncodeCustomTemplateFile() to encode a JSON template
	CustomTemplateFile string `json:"CUSTOM_TEMPLATE_FILE,omitempty" mapstructure:"CUSTOM_TEMPLATE_FILE"`
}

func (*JiraAlertChannelData) DecodeCustomTemplateFile added in v0.2.1 

func (jira *JiraAlertChannelData) DecodeCustomTemplateFile() (string, error)

func (*JiraAlertChannelData) EncodeCustomTemplateFile added in v0.2.1 

func (jira *JiraAlertChannelData) EncodeCustomTemplateFile(template string)

type JiraAlertChannelResponse added in v0.1.24 

type JiraAlertChannelResponse struct {
	Data    []JiraAlertChannel `json:"data"`
	Ok      bool               `json:"ok"`
	Message string             `json:"message"`
}

type JiraAlertChannelResponseV2 added in v0.19.0 

type JiraAlertChannelResponseV2 struct {
	Data JiraAlertChannelV2 `json:"data"`
}

type JiraAlertChannelV2 added in v0.19.0 

type JiraAlertChannelV2 struct {
	Data JiraDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (JiraAlertChannelV2) ID added in v0.19.0 

func (c JiraAlertChannelV2) ID() string

func (JiraAlertChannelV2) StateString added in v0.34.0 

func (c JiraAlertChannelV2) StateString() string

func (JiraAlertChannelV2) Status added in v0.34.0 

func (c JiraAlertChannelV2) Status() string

type JiraDataV2 added in v0.19.0 

type JiraDataV2 struct {
	ApiToken           string `json:"apiToken,omitempty"` // used for Jira Cloud
	CustomTemplateFile string `json:"customTemplateFile,omitempty"`
	IssueGrouping      string `json:"issueGrouping,omitempty"`
	IssueType          string `json:"issueType"`
	JiraType           string `json:"jiraType"`
	JiraUrl            string `json:"jiraUrl"`
	ProjectID          string `json:"projectId"`
	Username           string `json:"username"`
	Password           string `json:"password,omitempty"` // used for Jira Server
}

func (*JiraDataV2) DecodeCustomTemplateFile added in v0.19.0 

func (jira *JiraDataV2) DecodeCustomTemplateFile() (string, error)

func (*JiraDataV2) EncodeCustomTemplateFile added in v0.19.0 

func (jira *JiraDataV2) EncodeCustomTemplateFile(template string)

type LifecycleCallbacks added in v0.10.0 

type LifecycleCallbacks struct {
	// RequestCallback is a function that will be executed after every client request
	RequestCallback func(int, http.Header) error

	// TokenExpiredCallback  is a function that the consumer can configure
	// into the client so that it is run when the token expired
	TokenExpiredCallback func() error
}

type LwAccountResourceGroupData added in v0.15.0 

type LwAccountResourceGroupData struct {
	Guid         string                      `json:"guid,omitempty"`
	IsDefault    int                         `json:"isDefault,omitempty"`
	ResourceGuid string                      `json:"resourceGuid,omitempty"`
	Name         string                      `json:"resourceName"`
	Type         string                      `json:"resourceType"`
	Enabled      int                         `json:"enabled,omitempty"`
	Props        LwAccountResourceGroupProps `json:"props"`
}

type LwAccountResourceGroupJsonStringProps added in v0.15.0 

type LwAccountResourceGroupJsonStringProps struct {
	Description string        `json:"DESCRIPTION,omitempty"`
	LwAccounts  []string      `json:"LW_ACCOUNTS"`
	UpdatedBy   string        `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type LwAccountResourceGroupProps added in v0.15.0 

type LwAccountResourceGroupProps struct {
	Description string        `json:"description,omitempty"`
	LwAccounts  []string      `json:"lwAccounts"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

func (LwAccountResourceGroupProps) GetBaseProps added in v0.20.0 

func (props LwAccountResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (LwAccountResourceGroupProps) MarshalJSON added in v0.20.0 

func (props LwAccountResourceGroupProps) MarshalJSON() ([]byte, error)

type LwAccountResourceGroupResponse added in v0.15.0 

type LwAccountResourceGroupResponse struct {
	Data LwAccountResourceGroupData `json:"data"`
}

type MachineDetailEntity added in v0.25.0 

type MachineDetailEntity struct {
	AwsInstanceID string    `json:"awsInstanceId"`
	AwsZone       string    `json:"awsZone"`
	CreatedTime   time.Time `json:"createdTime"`
	Domain        string    `json:"domain"`
	Hostname      string    `json:"hostname"`
	Kernel        string    `json:"kernel"`
	KernelRelease string    `json:"kernelRelease"`
	KernelVersion string    `json:"kernelVersion"`
	Mid           int       `json:"mid"`
	Os            string    `json:"os"`
	OsVersion     string    `json:"osVersion"`
	Tags          struct {
		// Shared Tags
		Arch           string `json:"arch,omitempty"`
		ExternalIP     string `json:"ExternalIp,omitempty"`
		Hostname       string `json:"Hostname,omitempty"`
		InstanceID     string `json:"InstanceId,omitempty"`
		InternalIP     string `json:"InternalIp,omitempty"`
		LwTokenShort   string `json:"LwTokenShort,omitempty"`
		Os             string `json:"os,omitempty"`
		VMInstanceType string `json:"VmInstanceType,omitempty"`
		VMProvider     string `json:"VmProvider,omitempty"`
		Zone           string `json:"Zone,omitempty"`

		// AWS Tags
		Account  string `json:"Account,omitempty"`
		AmiID    string `json:"AmiId,omitempty"`
		Name     string `json:"Name,omitempty"`
		SubnetID string `json:"SubnetId,omitempty"`
		VpcID    string `json:"VpcId,omitempty"`

		// GCP Tags
		Cluster                 string `json:"Cluster,omitempty"`
		ClusterLocation         string `json:"cluster-location,omitempty"`
		ClusterName             string `json:"cluster-name,omitempty"`
		ClusterUID              string `json:"cluster-uid,omitempty"`
		CreatedBy               string `json:"created-by,omitempty"`
		EnableOSLogin           string `json:"enable-oslogin,omitempty"`
		Env                     string `json:"Env,omitempty"`
		GCEtags                 string `json:"GCEtags,omitempty"`
		GCIEnsureGKEDocker      string `json:"gci-ensure-gke-docker,omitempty"`
		GCIUpdateStrategy       string `json:"gci-update-strategy,omitempty"`
		GoogleComputeEnablePCID string `json:"google-compute-enable-pcid,omitempty"`
		InstanceName            string `json:"InstanceName,omitempty"`
		InstanceTemplate        string `json:"InstanceTemplate,omitempty"`
		KubeLabels              string `json:"kube-labels,omitempty"`
		LWKubernetesCluster     string `json:"lw_KubernetesCluster,omitempty"`
		NumericProjectID        string `json:"NumericProjectId,omitempty"`
		ProjectID               string `json:"ProjectId,omitempty"`
	} `json:"tags"`
}

type MachineDetailsEntityResponse added in v0.25.0 

type MachineDetailsEntityResponse struct {
	Data   []MachineDetailEntity `json:"data"`
	Paging V2Pagination          `json:"paging"`
}

func (MachineDetailsEntityResponse) PageInfo added in v0.25.0 

func (r MachineDetailsEntityResponse) PageInfo() *V2Pagination

Fulfill Pageable interface (look at api/v2.go)

func (*MachineDetailsEntityResponse) ResetPaging added in v0.25.0 

func (r *MachineDetailsEntityResponse) ResetPaging()

type MachineResourceGroupData added in v0.15.0 

type MachineResourceGroupData struct {
	Guid         string                    `json:"guid,omitempty"`
	IsDefault    int                       `json:"isDefault,omitempty"`
	ResourceGuid string                    `json:"resourceGuid,omitempty"`
	Name         string                    `json:"resourceName"`
	Type         string                    `json:"resourceType"`
	Enabled      int                       `json:"enabled,omitempty"`
	Props        MachineResourceGroupProps `json:"props"`
}

type MachineResourceGroupJsonStringProps added in v0.15.0 

type MachineResourceGroupJsonStringProps struct {
	Description string              `json:"DESCRIPTION,omitempty"`
	MachineTags []map[string]string `json:"MACHINE_TAGS"`
	UpdatedBy   string              `json:"UPDATED_BY,omitempty"`
	LastUpdated *lwtime.Epoch       `json:"LAST_UPDATED,omitempty"`
}

Workaround for props being returned as a json string

type MachineResourceGroupProps added in v0.15.0 

type MachineResourceGroupProps struct {
	Description string              `json:"description,omitempty"`
	MachineTags []map[string]string `json:"machineTags"`
	UpdatedBy   string              `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch       `json:"lastUpdated,omitempty"`
}

func (MachineResourceGroupProps) GetBaseProps added in v0.20.0 

func (props MachineResourceGroupProps) GetBaseProps() ResourceGroupPropsBase

func (MachineResourceGroupProps) MarshalJSON added in v0.20.0 

func (props MachineResourceGroupProps) MarshalJSON() ([]byte, error)

type MachineResourceGroupResponse added in v0.15.0 

type MachineResourceGroupResponse struct {
	Data MachineResourceGroupData `json:"data"`
}

type MicrosoftTeamsAlertChannel added in v0.2.19 

type MicrosoftTeamsAlertChannel struct {
	Data MicrosoftTeamsChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewMicrosoftTeamsAlertChannel added in v0.2.19 

func NewMicrosoftTeamsAlertChannel(name string, data MicrosoftTeamsChannelData) MicrosoftTeamsAlertChannel

NewMicrosoftTeamsAlertChannel returns an instance of MicrosoftTeamsAlertChannel with the provided name and data.

Basic usage: Initialize a new MicrosoftTeamsAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

microsoftTeamsChannel := api.NewMicrosoftTeamsAlertChannel("foo",
  api.MicrosoftTeamsChannelData{
    WebhookURL: "https://outlook.office.com/webhook/api-token",
  },
)

client.Integrations.CreateMicrosoftTeamsAlertChannel(microsoftTeamsChannel)

func (MicrosoftTeamsAlertChannel) StateString added in v0.2.19 

func (c MicrosoftTeamsAlertChannel) StateString() string

func (MicrosoftTeamsAlertChannel) Status added in v0.2.19 

func (c MicrosoftTeamsAlertChannel) Status() string

type MicrosoftTeamsAlertChannelResponse added in v0.2.19 

type MicrosoftTeamsAlertChannelResponse struct {
	Data    []MicrosoftTeamsAlertChannel `json:"data"`
	Ok      bool                         `json:"ok"`
	Message string                       `json:"message"`
}

type MicrosoftTeamsAlertChannelResponseV2 added in v0.18.0 

type MicrosoftTeamsAlertChannelResponseV2 struct {
	Data MicrosoftTeamsAlertChannelV2 `json:"data"`
}

type MicrosoftTeamsAlertChannelV2 added in v0.18.0 

type MicrosoftTeamsAlertChannelV2 struct {
	Data MicrosoftTeamsData `json:"data"`
	// contains filtered or unexported fields
}

func (MicrosoftTeamsAlertChannelV2) ID added in v0.18.0 

func (c MicrosoftTeamsAlertChannelV2) ID() string

func (MicrosoftTeamsAlertChannelV2) StateString added in v0.34.0 

func (c MicrosoftTeamsAlertChannelV2) StateString() string

func (MicrosoftTeamsAlertChannelV2) Status added in v0.34.0 

func (c MicrosoftTeamsAlertChannelV2) Status() string

type MicrosoftTeamsChannelData added in v0.2.19 

type MicrosoftTeamsChannelData struct {
	WebhookURL string `json:"TEAMS_URL" mapstructure:"TEAMS_URL"`
}

type MicrosoftTeamsData added in v0.18.0 

type MicrosoftTeamsData struct {
	TeamsURL string `json:"teamsUrl"`
}

type NewPolicy added in v0.10.0 

type NewPolicy struct {
	PolicyID      string   `json:"policyId,omitempty" yaml:"policyId,omitempty" `
	PolicyType    string   `json:"policyType" yaml:"policyType"`
	QueryID       string   `json:"queryId" yaml:"queryId"`
	Title         string   `json:"title" yaml:"title"`
	Enabled       bool     `json:"enabled" yaml:"enabled"`
	Description   string   `json:"description" yaml:"description"`
	Remediation   string   `json:"remediation" yaml:"remediation"`
	Severity      string   `json:"severity" yaml:"severity"`
	Limit         int      `json:"limit,omitempty" yaml:"limit,omitempty"`
	EvalFrequency string   `json:"evalFrequency,omitempty" yaml:"evalFrequency,omitempty"`
	AlertEnabled  bool     `json:"alertEnabled" yaml:"alertEnabled"`
	AlertProfile  string   `json:"alertProfile" yaml:"alertProfile"`
	Tags          []string `json:"tags,omitempty" yaml:"tags,omitempty"`
}

func ParseNewPolicy added in v0.36.0 

func ParseNewPolicy(s string) (NewPolicy, error)

type NewQuery added in v0.10.0 

type NewQuery struct {
	QueryID   string `json:"queryId" yaml:"queryId"`
	QueryText string `json:"queryText" yaml:"queryText"`
}

func ParseNewQuery added in v0.36.0 

func ParseNewQuery(s string) (NewQuery, error)

type NewRelicAlertChannel added in v0.2.20 

type NewRelicAlertChannel struct {
	Data NewRelicChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewNewRelicAlertChannel added in v0.2.20 

func NewNewRelicAlertChannel(name string, data NewRelicChannelData) NewRelicAlertChannel

NewNewRelicAlertChannel returns an instance of NewRelicAlertChannel with the provided name and data.

Basic usage: Initialize a new NewRelicAlertChannel struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

	newRelicChannel := api.NewNewRelicAlertChannel("foo",
		api.NewRelicChannelData{
			AccountID: 2338053,
			InsertKey: "x-xx-xxxxxxxxxxxxxxxxxx",
		},
	)

  client.Integrations.CreateNewRelicAlertChannel(newRelicChannel)

func (NewRelicAlertChannel) StateString added in v0.2.20 

func (c NewRelicAlertChannel) StateString() string

func (NewRelicAlertChannel) Status added in v0.2.20 

func (c NewRelicAlertChannel) Status() string

type NewRelicAlertChannelResponse added in v0.2.20 

type NewRelicAlertChannelResponse struct {
	Data    []NewRelicAlertChannel `json:"data"`
	Ok      bool                   `json:"ok"`
	Message string                 `json:"message"`
}

type NewRelicChannelData added in v0.2.20 

type NewRelicChannelData struct {
	AccountID int    `json:"ACCOUNT_ID" mapstructure:"ACCOUNT_ID"`
	InsertKey string `json:"INSERT_KEY" mapstructure:"INSERT_KEY"`
}

type NewRelicInsightsAlertChannelResponseV2 added in v0.18.0 

type NewRelicInsightsAlertChannelResponseV2 struct {
	Data NewRelicInsightsAlertChannelV2 `json:"data"`
}

type NewRelicInsightsAlertChannelV2 added in v0.18.0 

type NewRelicInsightsAlertChannelV2 struct {
	Data NewRelicInsightsDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (NewRelicInsightsAlertChannelV2) ID added in v0.18.0 

func (c NewRelicInsightsAlertChannelV2) ID() string

func (NewRelicInsightsAlertChannelV2) StateString added in v0.34.0 

func (c NewRelicInsightsAlertChannelV2) StateString() string

func (NewRelicInsightsAlertChannelV2) Status added in v0.34.0 

func (c NewRelicInsightsAlertChannelV2) Status() string

type NewRelicInsightsDataV2 added in v0.18.0 

type NewRelicInsightsDataV2 struct {
	AccountID int    `json:"accountId"`
	InsertKey string `json:"insertKey"`
}

type Option 

type Option interface {
	// contains filtered or unexported methods
}

func WithApiKeys 

func WithApiKeys(id, secret string) Option

WithApiKeys sets the key_id and secret used to generate API access tokens

func WithApiV2 

func WithApiV2() Option

WithApiV2 configures the client to use the API version 2 (/api/v2) for common API endpoints

func WithExpirationTime 

func WithExpirationTime(t int) Option

WithExpirationTime configures the token expiration time

func WithHeader added in v0.1.19 

func WithHeader(header, value string) Option

WithHeader configures a HTTP Header to pass to every request

func WithLifecycleCallbacks added in v0.10.0 

func WithLifecycleCallbacks(callbacks LifecycleCallbacks) Option

WithLifecycleCallbacks will configure the lifecycle callback functions

func WithLogFile added in v0.1.2 

func WithLogFile(filename string) Option

WithLogFile configures the client to write messages to the provided file

func WithLogLevel added in v0.1.1 

func WithLogLevel(level string) Option

WithLogLevel sets the log level of the client, available: info or debug

func WithLogLevelAndFile added in v0.1.2 

func WithLogLevelAndFile(level, filename string) Option

WithLogLevelAndFile sets the log level of the client and writes the log messages to the provided file

func WithLogLevelAndWriter added in v0.1.2 

func WithLogLevelAndWriter(level string, w io.Writer) Option

WithLogLevelAndWriter sets the log level of the client and writes the log messages to the provided io.Writer

func WithLogWriter added in v0.1.2 

func WithLogWriter(w io.Writer) Option

WithLogWriter configures the client to log messages to the provided io.Writer

func WithOrgAccess added in v0.10.0 

func WithOrgAccess() Option

WithOrgAccess sets the Org-Access Header to access the organization level data sets

func WithSubaccount added in v0.8.0 

func WithSubaccount(subaccount string) Option

WithSubaccount sets a subaccount into an API client

func WithTimeout added in v0.2.19 

func WithTimeout(timeout time.Duration) Option

WithTimeout changes the default client timeout

func WithToken 

func WithToken(token string) Option

WithToken sets the token used to authenticate the API requests

func WithTokenAndExpiration added in v0.10.0 

func WithTokenAndExpiration(token string, expiration time.Time) Option

WithTokenAndExpiration sets the token used to authenticate the API requests and additionally configures the expiration of the token

func WithTokenFromKeys 

func WithTokenFromKeys(id, secret string) Option

WithTokenFromKeys sets the API access keys and triggers a new token generation NOTE: Order matters when using this option, use it at the end of a NewClient() func

func WithURL 

func WithURL(baseURL string) Option

WithURL sets the base URL, this options is only available for test purposes

type OsPkgInfo added in v0.2.10 

type OsPkgInfo struct {
	Os     string `json:"os"`
	OsVer  string `json:"os_ver"`
	Pkg    string `json:"pkg"`
	PkgVer string `json:"pkg_ver"`
}

type PackageManifest added in v0.2.10 

type PackageManifest struct {
	OsPkgInfoList []OsPkgInfo `json:"os_pkg_info_list"`
}

PackageManifest is the representation of a package manifest that the Lacework API server expects when executing a scan 

{
    "os_pkg_info_list": [
        {
            "os":"Ubuntu",
            "os_ver":"18.04",
            "pkg": "openssl",
            "pkg_ver": "1.1.1-1ubuntu2.1~18.04.6"
        }
    ]
}

type Pageable added in v0.25.0 

type Pageable interface {
	PageInfo() *V2Pagination
	ResetPaging()
}

Pageable is the interface that structs should implement to become pageable and be able to use the client.NextPage() function

type PagerDutyAlertChannel added in v0.1.22 

type PagerDutyAlertChannel struct {
	Data PagerDutyData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewPagerDutyAlertChannel added in v0.1.22 

func NewPagerDutyAlertChannel(name string, data PagerDutyData) PagerDutyAlertChannel

NewPagerDutyAlertChannel returns an instance of PagerDutyAlertChannel with the provided name and data.

Basic usage: Initialize a new PagerDutyAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

pagerduty := api.NewPagerDutyAlertChannel("foo",
  api.PagerDutyData{
    IntegrationKey:   "1234abc8901abc567abc123abc78e012",
  },
)

client.Integrations.CreatePagerDutyAlertChannel(pagerduty)

func (PagerDutyAlertChannel) StateString added in v0.1.22 

func (c PagerDutyAlertChannel) StateString() string

func (PagerDutyAlertChannel) Status added in v0.1.22 

func (c PagerDutyAlertChannel) Status() string

type PagerDutyAlertChannelResponse added in v0.1.22 

type PagerDutyAlertChannelResponse struct {
	Data    []PagerDutyAlertChannel `json:"data"`
	Ok      bool                    `json:"ok"`
	Message string                  `json:"message"`
}

type PagerDutyApiAlertChannelResponseV2 added in v0.18.0 

type PagerDutyApiAlertChannelResponseV2 struct {
	Data PagerDutyApiAlertChannelV2 `json:"data"`
}

type PagerDutyApiAlertChannelV2 added in v0.18.0 

type PagerDutyApiAlertChannelV2 struct {
	Data PagerDutyApiDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (PagerDutyApiAlertChannelV2) ID added in v0.18.0 

func (c PagerDutyApiAlertChannelV2) ID() string

func (PagerDutyApiAlertChannelV2) StateString added in v0.34.0 

func (c PagerDutyApiAlertChannelV2) StateString() string

func (PagerDutyApiAlertChannelV2) Status added in v0.34.0 

func (c PagerDutyApiAlertChannelV2) Status() string

type PagerDutyApiDataV2 added in v0.18.0 

type PagerDutyApiDataV2 struct {
	IntegrationKey string `json:"apiIntgKey"`
}

type PagerDutyData added in v0.1.22 

type PagerDutyData struct {
	IssueGrouping  string `json:"ISSUE_GROUPING,omitempty" mapstructure:"ISSUE_GROUPING"`
	IntegrationKey string `json:"API_INTG_KEY" mapstructure:"API_INTG_KEY"`
}

type PoliciesResponse added in v0.10.0 

type PoliciesResponse struct {
	Data    []Policy `json:"data"`
	Message string   `json:"message"`
}

type Policy added in v0.8.0 

type Policy struct {
	PolicyID       string   `json:"policyId" yaml:"policyId"`
	PolicyType     string   `json:"policyType" yaml:"-"`
	QueryID        string   `json:"queryId" yaml:"queryId"`
	Title          string   `json:"title" yaml:"title"`
	Enabled        bool     `json:"enabled" yaml:"enabled"`
	Description    string   `json:"description" yaml:"description"`
	Remediation    string   `json:"remediation" yaml:"remediation"`
	Severity       string   `json:"severity" yaml:"severity"`
	Limit          int      `json:"limit" yaml:"limit"`
	EvalFrequency  string   `json:"evalFrequency" yaml:"evalFrequency"`
	AlertEnabled   bool     `json:"alertEnabled" yaml:"alertEnabled"`
	AlertProfile   string   `json:"alertProfile" yaml:"alertProfile"`
	Tags           []string `json:"tags" yaml:"tags"`
	Owner          string   `json:"owner" yaml:"-"`
	LastUpdateTime string   `json:"lastUpdateTime" yaml:"-"`
	LastUpdateUser string   `json:"lastUpdateUser" yaml:"-"`
}

func (*Policy) HasTag added in v0.25.0 

func (p *Policy) HasTag(t string) bool

type PolicyException added in v0.37.0 

type PolicyException struct {
	ExceptionID    string                      `json:"exceptionId,omitempty"`
	Description    string                      `json:"description"`
	Constraints    []PolicyExceptionConstraint `json:"constraints"`
	LastUpdateTime string                      `json:"lastUpdateTime,omitempty"`
	LastUpdateUser string                      `json:"lastUpdateUser,omitempty"`
}

type PolicyExceptionConstraint added in v0.37.0 

type PolicyExceptionConstraint struct {
	FieldKey    string `json:"fieldKey"`
	FieldValues []any  `json:"fieldValues"`
}

type PolicyExceptionResponse added in v0.37.0 

type PolicyExceptionResponse struct {
	Data PolicyException `json:"data"`
}

type PolicyExceptionsResponse added in v0.37.0 

type PolicyExceptionsResponse struct {
	Data []PolicyException `json:"data"`
}

type PolicyResponse added in v0.8.0 

type PolicyResponse struct {
	Data    Policy `json:"data"`
	Message string `json:"message"`
}

type PolicyService added in v0.8.0 

type PolicyService struct {
	Exceptions *policyExceptionsService
	// contains filtered or unexported fields
}

PolicyService is a service that interacts with the Custom Policies endpoints from the Lacework Server

func NewV2PolicyService added in v0.37.0 

func NewV2PolicyService(c *Client) *PolicyService

func (*PolicyService) Create added in v0.8.0 

func (svc *PolicyService) Create(np NewPolicy) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) Delete added in v0.8.0 

func (svc *PolicyService) Delete(policyID string) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) Get added in v0.10.0 

func (svc *PolicyService) Get(policyID string) (
	response PolicyResponse,
	err error,
)

func (*PolicyService) List added in v0.10.0 

func (svc *PolicyService) List() (
	response PoliciesResponse,
	err error,
)

func (*PolicyService) ListTags added in v0.25.0 

func (svc *PolicyService) ListTags() (
	response PolicyTagsResponse,
	err error,
)

func (*PolicyService) Update added in v0.8.0 

func (svc *PolicyService) Update(up UpdatePolicy) (
	response PolicyResponse,
	err error,
)

type PolicyTagsResponse added in v0.25.0 

type PolicyTagsResponse struct {
	Data    []string `json:"data"`
	Message string   `json:"message"`
}

type QRadarAlertChannel added in v0.2.20 

type QRadarAlertChannel struct {
	Data QRadarChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewQRadarAlertChannel added in v0.2.20 

func NewQRadarAlertChannel(name string, data QRadarChannelData) QRadarAlertChannel

NewQRadarAlertChannel returns an instance of QRadarAlertChannel with the provided name and data.

Basic usage: Initialize a new QRadarAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

qradarChannel := api.NewQRadarAlertChannel("foo",
  api.QRadarChannelData{
    CommunicationType: "HTTPS",
    HostURL:           "https://qradar-lacework.com",
    HostPort:          8080,
  },
)

client.Integrations.CreateQRadarAlertChannel(qradarChannel)

func (QRadarAlertChannel) StateString added in v0.2.20 

func (c QRadarAlertChannel) StateString() string

func (QRadarAlertChannel) Status added in v0.2.20 

func (c QRadarAlertChannel) Status() string

type QRadarAlertChannelResponse added in v0.2.20 

type QRadarAlertChannelResponse struct {
	Data    []QRadarAlertChannel `json:"data"`
	Ok      bool                 `json:"ok"`
	Message string               `json:"message"`
}

type QRadarChannelData added in v0.2.20 

type QRadarChannelData struct {
	CommunicationType qradarComm `json:"QRADAR_COMM_TYPE,omitempty" mapstructure:"QRADAR_COMM_TYPE"`
	HostURL           string     `json:"QRADAR_HOST_URL" mapstructure:"QRADAR_HOST_URL"`
	HostPort          int        `json:"QRADAR_HOST_PORT,omitempty" mapstructure:"QRADAR_HOST_PORT"`
}

type QueriesResponse added in v0.10.0 

type QueriesResponse struct {
	Data    []Query `json:"data"`
	Message string  `json:"message"`
}

type Query added in v0.10.0 

type Query struct {
	QueryID        string                   `json:"queryId" yaml:"queryId"`
	QueryText      string                   `json:"queryText" yaml:"queryText"`
	Owner          string                   `json:"owner"`
	LastUpdateTime string                   `json:"lastUpdateTime"`
	LastUpdateUser string                   `json:"lastUpdateUser"`
	ResultSchema   []map[string]interface{} `json:"resultSchema"`
}

type QueryDeleteResponse added in v0.10.0 

type QueryDeleteResponse struct {
	Message string `json:"message"`
}

type QueryResponse added in v0.10.0 

type QueryResponse struct {
	Data    Query  `json:"data"`
	Message string `json:"message"`
}

type QueryService added in v0.10.0 

type QueryService struct {
	// contains filtered or unexported fields
}

QueryService is a service that interacts with the Queries endpoints from the Lacework Server

func (*QueryService) Create added in v0.10.0 

func (svc *QueryService) Create(nq NewQuery) (
	response QueryResponse,
	err error,
)

func (*QueryService) Delete added in v0.10.0 

func (svc *QueryService) Delete(id string) (
	response QueryDeleteResponse,
	err error,
)

func (*QueryService) Execute added in v0.10.0 

func (svc *QueryService) Execute(request ExecuteQueryRequest) (
	response ExecuteQueryResponse,
	err error,
)

func (*QueryService) ExecuteByID added in v0.11.0 

func (svc *QueryService) ExecuteByID(request ExecuteQueryByIDRequest) (
	response ExecuteQueryResponse,
	err error,
)

func (*QueryService) Get added in v0.10.0 

func (svc *QueryService) Get(id string) (
	response QueryResponse,
	err error,
)

func (*QueryService) List added in v0.10.0 

func (svc *QueryService) List() (
	response QueriesResponse,
	err error,
)

func (*QueryService) Update added in v0.10.0 

func (svc *QueryService) Update(id string, uq UpdateQuery) (
	response QueryResponse,
	err error,
)

func (*QueryService) Validate added in v0.10.0 

func (svc *QueryService) Validate(vq ValidateQuery) (
	response QueryResponse,
	err error,
)

type RawIntegration 

type RawIntegration struct {
	Data map[string]interface{} `json:"DATA"`
	// contains filtered or unexported fields
}

func (RawIntegration) StateString added in v0.1.7 

func (c RawIntegration) StateString() string

func (RawIntegration) Status added in v0.1.3 

func (c RawIntegration) Status() string

type RawIntegrationsResponse 

type RawIntegrationsResponse struct {
	Data    []RawIntegration `json:"data"`
	Ok      bool             `json:"ok"`
	Message string           `json:"message"`
}

type RecommendationDataV1 added in v0.31.0 

type RecommendationDataV1 map[string]RecommendationEnabledV1

type RecommendationEnabledV1 added in v0.31.0 

type RecommendationEnabledV1 struct {
	Enabled bool `json:"enabled"`
}

type RecommendationResponseV1 added in v0.31.0 

type RecommendationResponseV1 struct {
	Data    []RecommendationDataV1 `json:"data"`
	Ok      bool                   `json:"ok"`
	Message string                 `json:"message"`
}

func (*RecommendationResponseV1) RecommendationList added in v0.31.0 

func (res *RecommendationResponseV1) RecommendationList() (recommendations []RecommendationV1)

func (*RecommendationResponseV1) ReportStatus added in v0.31.0 

func (res *RecommendationResponseV1) ReportStatus() map[string]bool

ReportStatus This is an experimental feature. Returned RecommendationID's are not guaranteed to be correct.

type RecommendationStateV1 added in v0.31.0 

type RecommendationStateV1 map[string]string

func NewRecommendationV1 added in v0.31.0 

func NewRecommendationV1(recommendations []RecommendationV1) RecommendationStateV1

func NewRecommendationV1State added in v0.31.0 

func NewRecommendationV1State(recommendations []RecommendationV1, state bool) RecommendationStateV1

type RecommendationTypeV1 added in v0.31.0 

type RecommendationTypeV1 string
const (
	AwsRecommendation   RecommendationTypeV1 = "aws"
	AzureRecommendation RecommendationTypeV1 = "azure"
	GcpRecommendation   RecommendationTypeV1 = "gcp"
)

type RecommendationV1 added in v0.31.0 

type RecommendationV1 struct {
	ID    string
	State bool
}

type RecommendationsServiceV1 added in v0.31.0 

type RecommendationsServiceV1 struct {
	Aws   recommendationServiceV1
	Azure recommendationServiceV1
	Gcp   recommendationServiceV1
	// contains filtered or unexported fields
}

RecommendationsServiceV1 is a service that interacts with the V1 Recommendations endpoints from the Lacework Server

type ReportRule added in v0.21.0 

type ReportRule struct {
	Guid                    string                      `json:"mcGuid,omitempty"`
	Type                    string                      `json:"type"`
	EmailAlertChannels      []string                    `json:"intgGuidList"`
	Filter                  ReportRuleFilter            `json:"filters"`
	ReportNotificationTypes ReportRuleNotificationTypes `json:"reportNotificationTypes"`
}

func NewReportRule added in v0.21.0 

func NewReportRule(name string, rule ReportRuleConfig) (ReportRule, error)

NewReportRule returns an instance of the ReportRule struct

Basic usage: Initialize a new ReportRule struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  reportRule := api.NewReportRule(
		"Foo",
		api.ReportRuleConfig{
		Description: "My Report Rule"
		Severities: api.ReportRuleSeverities{api.ReportRuleSeverityHigh,
		EmailAlertChannels: []string{"TECHALLY_000000000000AAAAAAAAAAAAAAAAAAAA"},
		ResourceGroups: []string{"TECHALLY_111111111111AAAAAAAAAAAAAAAAAAAA"}
		ReportNotificationTypes: api.WeeklyEventsReportRuleNotifications{TrendReport: true},
      },
    },
  )

  client.V2.ReportRules.Create(reportRule)

type ReportRuleConfig added in v0.21.0 

type ReportRuleConfig struct {
	EmailAlertChannels []string
	Description        string
	Severities         ReportRuleSeverities
	NotificationTypes  []reportRuleNotification
	ResourceGroups     []string
}

type ReportRuleFilter added in v0.21.0 

type ReportRuleFilter struct {
	Name                 string   `json:"name"`
	Enabled              int      `json:"enabled"`
	Description          string   `json:"description,omitempty"`
	Severity             []int    `json:"severity"`
	ResourceGroups       []string `json:"resourceGroups,omitempty"`
	CreatedOrUpdatedTime string   `json:"createdOrUpdatedTime,omitempty"`
	CreatedOrUpdatedBy   string   `json:"createdOrUpdatedBy,omitempty"`
}

func (ReportRuleFilter) Status added in v0.21.0 

func (rule ReportRuleFilter) Status() string

type ReportRuleNotificationTypes added in v0.21.0 

type ReportRuleNotificationTypes struct {
	AgentEvents               bool `json:"agentEvents"`
	AwsCisS3                  bool `json:"awsCisS3"`
	AwsCloudtrailEvents       bool `json:"awsCloudtrailEvents"`
	AwsComplianceEvents       bool `json:"awsComplianceEvents"`
	AwsHipaa                  bool `json:"hipaa"`
	AwsIso2700                bool `json:"iso2700"`
	AwsNist80053Rev4          bool `json:"nist800-53Rev4"`
	AwsNist800171Rev2         bool `json:"nist800-171Rev2"`
	AwsPci                    bool `json:"pci"`
	AwsSoc                    bool `json:"soc"`
	AwsSocRev2                bool `json:"awsSocRev2"`
	AzureActivityLogEvents    bool `json:"azureActivityLogEvents"`
	AzureCis                  bool `json:"azureCis"`
	AzureCis131               bool `json:"azureCis131"`
	AzureComplianceEvents     bool `json:"azureComplianceEvents"`
	AzurePci                  bool `json:"azurePci"`
	AzureSoc                  bool `json:"azureSoc"`
	GcpAuditTrailEvents       bool `json:"gcpAuditTrailEvents"`
	GcpCis                    bool `json:"gcpCis"`
	GcpComplianceEvents       bool `json:"gcpComplianceEvents"`
	GcpHipaa                  bool `json:"gcpHipaa"`
	GcpHipaaRev2              bool `json:"gcpHipaaRev2"`
	GcpIso27001               bool `json:"gcpIso27001"`
	GcpCis12                  bool `json:"gcpCis12"`
	GcpK8s                    bool `json:"gcpK8s"`
	GcpPci                    bool `json:"gcpPci"`
	GcpPciRev2                bool `json:"gcpPciRev2"`
	GcpSoc                    bool `json:"gcpSoc"`
	GcpSocRev2                bool `json:"gcpSocRev2"`
	OpenShiftCompliance       bool `json:"openShiftCompliance"`
	OpenShiftComplianceEvents bool `json:"openShiftComplianceEvents"`
	PlatformEvents            bool `json:"platformEvents"`
	TrendReport               bool `json:"trendReport"`
}

func NewReportRuleNotificationTypes added in v0.21.0 

func NewReportRuleNotificationTypes(types []reportRuleNotification) (ReportRuleNotificationTypes, error)

func (ReportRuleNotificationTypes) ToMap added in v0.21.0 

func (all ReportRuleNotificationTypes) ToMap() map[string]bool

type ReportRuleNotifications added in v0.21.0 

type ReportRuleNotifications []reportRuleNotification

type ReportRuleResponse added in v0.21.0 

type ReportRuleResponse struct {
	Data ReportRule `json:"data"`
}

type ReportRuleSeverities added in v0.21.0 

type ReportRuleSeverities []reportRuleSeverity

func NewReportRuleSeverities added in v0.21.0 

func NewReportRuleSeverities(sevSlice []string) ReportRuleSeverities

func NewReportRuleSeveritiesFromIntSlice added in v0.21.0 

func NewReportRuleSeveritiesFromIntSlice(sevSlice []int) ReportRuleSeverities

func (ReportRuleSeverities) ToStringSlice added in v0.21.0 

func (sevs ReportRuleSeverities) ToStringSlice() []string

type ReportRulesResponse added in v0.21.0 

type ReportRulesResponse struct {
	Data []ReportRule `json:"data"`
}

type ReportRulesService added in v0.21.0 

type ReportRulesService struct {
	// contains filtered or unexported fields
}

ReportRulesService is the service that interacts with the ReportRules schema from the Lacework APIv2 Server

func (*ReportRulesService) Create added in v0.21.0 

func (svc *ReportRulesService) Create(rule ReportRule) (
	response ReportRuleResponse,
	err error,
)

Create creates a single Report Rule

func (*ReportRulesService) Delete added in v0.21.0 

func (svc *ReportRulesService) Delete(guid string) error

Delete deletes a Report Rule that matches the provided guid

func (*ReportRulesService) Get added in v0.21.0 

func (svc *ReportRulesService) Get(guid string, response interface{}) error

Get returns a raw response of the Report Rule with the matching guid.

func (*ReportRulesService) List added in v0.21.0 

func (svc *ReportRulesService) List() (response ReportRulesResponse, err error)

List returns a list of Report Rules

func (*ReportRulesService) Update added in v0.21.0 

func (svc *ReportRulesService) Update(data ReportRule) (
	response ReportRuleResponse,
	err error,
)

Update updates a single Report Rule of the provided guid.

type ReportSchema added in v0.31.0 

type ReportSchema struct {
	Name              string   `json:"name"`
	RecommendationIDs []string `json:"recommendationIDs"`
}

type ResourceGroup added in v0.15.0 

type ResourceGroup interface {
	ID() string
	ResourceGroupType() ResourceGroupType
	ResetResourceGUID()
}

type ResourceGroupData added in v0.15.0 

type ResourceGroupData struct {
	Guid         string      `json:"guid,omitempty"`
	IsDefault    int         `json:"isDefault,omitempty"`
	ResourceGuid string      `json:"resourceGuid,omitempty"`
	Name         string      `json:"resourceName"`
	Type         string      `json:"resourceType"`
	Enabled      int         `json:"enabled,omitempty"`
	Props        interface{} `json:"props"`
}

func NewResourceGroup added in v0.15.0 

func NewResourceGroup(name string, iType ResourceGroupType, props interface{}) ResourceGroupData

NewResourceGroup returns an instance of the ResourceGroupData struct with the provided ResourceGroup type, name and the props field as an interface{}.

NOTE: This function must be used by any ResourceGroup type.

Basic usage: Initialize a new ContainerResourceGroup struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  group := api.NewResourceGroup("container resource group",
    api.ContainerResourceGroup,
    api.ContainerResourceGroupData{
      Props: api.ContainerResourceGroupProps{
			Description:     "all containers,
			ContainerLabels: ContainerResourceGroupAllLabels,
			ContainerTags:   ContainerResourceGroupAllTags,
		},
    },
  )

  client.V2.ResourceGroups.Create(group)

func (ResourceGroupData) ID added in v0.15.0 

func (group ResourceGroupData) ID() string

func (*ResourceGroupData) ResetResourceGUID added in v0.15.0 

func (group *ResourceGroupData) ResetResourceGUID()

func (ResourceGroupData) ResourceGroupType added in v0.15.0 

func (group ResourceGroupData) ResourceGroupType() ResourceGroupType

func (ResourceGroupData) Status added in v0.15.0 

func (group ResourceGroupData) Status() string

type ResourceGroupProps added in v0.20.0 

type ResourceGroupProps interface {
	GetBaseProps() ResourceGroupPropsBase
}

type ResourceGroupPropsBase added in v0.20.0 

type ResourceGroupPropsBase struct {
	Description string        `json:"description"`
	UpdatedBy   string        `json:"updatedBy,omitempty"`
	LastUpdated *lwtime.Epoch `json:"lastUpdated,omitempty"`
}

type ResourceGroupResponse added in v0.15.0 

type ResourceGroupResponse struct {
	Data ResourceGroupData `json:"data"`
}

type ResourceGroupType added in v0.15.0 

type ResourceGroupType int
const (
	// type that defines a non-existing Resource Group
	NoneResourceGroup ResourceGroupType = iota
	AwsResourceGroup
	AzureResourceGroup
	ContainerResourceGroup
	GcpResourceGroup
	MachineResourceGroup

	// requires Org Access account client.WithOrgAccess()
	LwAccountResourceGroup
)

func FindResourceGroupType added in v0.15.0 

func FindResourceGroupType(resourceGroup string) (ResourceGroupType, bool)

FindResourceGroupType looks up inside the list of available resource group types the matching type from the provided string, if none, returns NoneResourceGroup

func (ResourceGroupType) String added in v0.15.0 

func (i ResourceGroupType) String() string

String returns the string representation of a Resource Group type

type ResourceGroupsResponse added in v0.15.0 

type ResourceGroupsResponse struct {
	Data []ResourceGroupData `json:"data"`
}

type ResourceGroupsService added in v0.15.0 

type ResourceGroupsService struct {
	// contains filtered or unexported fields
}

ResourceGroupsService is the service that interacts with the ResourceGroups schema from the Lacework APIv2 Server

func (*ResourceGroupsService) Create added in v0.15.0 

func (svc *ResourceGroupsService) Create(group ResourceGroupData) (
	response ResourceGroupResponse,
	err error,
)

Create creates a single Resource Group

func (*ResourceGroupsService) CreateAws added in v0.15.0 

func (svc *ResourceGroupsService) CreateAws(data ResourceGroup) (
	response AwsResourceGroupResponse,
	err error,
)

CreateAws creates a single Aws ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateAzure added in v0.15.0 

func (svc *ResourceGroupsService) CreateAzure(data ResourceGroup) (
	response AzureResourceGroupResponse,
	err error,
)

CreateAzure creates a single Azure ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateContainer added in v0.15.0 

func (svc *ResourceGroupsService) CreateContainer(data ResourceGroup) (
	response ContainerResourceGroupResponse,
	err error,
)

CreateContainer creates a single Container ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateGcp added in v0.15.0 

func (svc *ResourceGroupsService) CreateGcp(data ResourceGroup) (
	response GcpResourceGroupResponse,
	err error,
)

CreateGcp creates a single Gcp ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateLwAccount added in v0.15.0 

func (svc *ResourceGroupsService) CreateLwAccount(data ResourceGroup) (
	response LwAccountResourceGroupResponse,
	err error,
)

CreateLwAccount creates a single LwAccount ResourceGroup on the Lacework Server

func (*ResourceGroupsService) CreateMachine added in v0.15.0 

func (svc *ResourceGroupsService) CreateMachine(data ResourceGroup) (
	response MachineResourceGroupResponse,
	err error,
)

CreateMachine creates a single Machine ResourceGroup on the Lacework Server

func (*ResourceGroupsService) Delete added in v0.15.0 

func (svc *ResourceGroupsService) Delete(guid string) error

Delete deletes a Resource Group that matches the provided resource guid

func (*ResourceGroupsService) Get added in v0.15.0 

func (svc *ResourceGroupsService) Get(guid string, response interface{}) error

Get returns a raw response of the Resource Group with the matching resource guid.

To return a more specific Go struct of a Resource Group, use the proper method such as GetContainerResourceGroup() where the function name is composed by: 

Get<Type>(guid)

  Where <Type> is the Resource Group type.

func (*ResourceGroupsService) GetAws added in v0.15.0 

func (svc *ResourceGroupsService) GetAws(guid string) (
	response AwsResourceGroupResponse,
	err error,
)

GetAws gets a single Aws ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetAzure added in v0.15.0 

func (svc *ResourceGroupsService) GetAzure(guid string) (
	response AzureResourceGroupResponse,
	err error,
)

GetAzure gets a single Azure ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetContainer added in v0.15.0 

func (svc *ResourceGroupsService) GetContainer(guid string) (
	response ContainerResourceGroupResponse,
	err error,
)

GetContainer gets a single Container ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetGcp added in v0.15.0 

func (svc *ResourceGroupsService) GetGcp(guid string) (
	response GcpResourceGroupResponse,
	err error,
)

GetGcp gets a single Gcp ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetLwAccount added in v0.15.0 

func (svc *ResourceGroupsService) GetLwAccount(guid string) (
	response LwAccountResourceGroupResponse,
	err error,
)

GetContainer gets a single LwAccount ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) GetMachine added in v0.15.0 

func (svc *ResourceGroupsService) GetMachine(guid string) (
	response MachineResourceGroupResponse,
	err error,
)

GetMachine gets a single Machine ResourceGroup matching the provided resource guid

func (*ResourceGroupsService) List added in v0.15.0 

func (svc *ResourceGroupsService) List() (response ResourceGroupsResponse, err error)

List returns a list of Resource Groups

func (*ResourceGroupsService) Update added in v0.15.0 

func (svc *ResourceGroupsService) Update(data ResourceGroup) (
	response ResourceGroupResponse,
	err error,
)

Update updates a single ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateAws added in v0.15.0 

func (svc *ResourceGroupsService) UpdateAws(data ResourceGroup) (
	response AwsResourceGroupResponse, err error)

UpdateAws updates a single Aws ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateAzure added in v0.15.0 

func (svc *ResourceGroupsService) UpdateAzure(data ResourceGroup) (
	response AzureResourceGroupResponse,
	err error,
)

UpdateAzure updates a single Azure ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateContainer added in v0.15.0 

func (svc *ResourceGroupsService) UpdateContainer(data ResourceGroup) (
	response ContainerResourceGroupResponse,
	err error,
)

UpdateContainer updates a single Container ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateGcp added in v0.15.0 

func (svc *ResourceGroupsService) UpdateGcp(data ResourceGroup) (
	response GcpResourceGroupResponse,
	err error,
)

UpdateGcp updates a single Gcp ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateLwAccount added in v0.15.0 

func (svc *ResourceGroupsService) UpdateLwAccount(data ResourceGroup) (
	response LwAccountResourceGroupResponse,
	err error,
)

UpdateLwAccount updates a single LwAccount ResourceGroup on the Lacework Server

func (*ResourceGroupsService) UpdateMachine added in v0.15.0 

func (svc *ResourceGroupsService) UpdateMachine(data ResourceGroup) (
	response MachineResourceGroupResponse,
	err error,
)

UpdateMachine updates a single Machine ResourceGroup on the Lacework Server

type SchemasService added in v0.13.0 

type SchemasService struct {
	Services map[integrationSchema]V2Service
	// contains filtered or unexported fields
}

SchemasService is the service that retrieves schemas for v2

func (*SchemasService) GetService added in v0.13.0 

func (svc *SchemasService) GetService(schemaName integrationSchema) V2Service

type SearchFilter added in v0.10.0 

type SearchFilter struct {
	*TimeFilter `json:"timeFilter,omitempty"`
	Filters     []Filter `json:"filters,omitempty"`
	Returns     []string `json:"returns,omitempty"`
}

SearchFilter is the representation of an advanced search payload for retrieving information out of the Lacework APIv2 Server

An advanced example of a SearchFilter to search for an Agent Access Token that matches the provider token alias and return only the token found: 

SearchFilter{
	Filters: []Filter{
		Filter{
			Field:      "tokenAlias",
			Expression: "eq",
			Value:      "k8s-deployment,
		},
	},
	Returns: []string{"accessToken"},
}

type ServiceNowAlertChannel added in v0.2.16 

type ServiceNowAlertChannel struct {
	Data ServiceNowChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewServiceNowAlertChannel added in v0.2.16 

func NewServiceNowAlertChannel(name string, data ServiceNowChannelData) ServiceNowAlertChannel

NewServiceNowAlertChannel returns an instance of ServiceNowAlertChannel with the provided name and data.

Basic usage: Initialize a new ServiceNowAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

serviceNowChannel := api.NewServiceNowAlertChannel("foo",
  api.ServiceNowChannelData{
    InstanceURL:   "snow-lacework.com",
    Username:      "snow-user",
    Password:      "snow-password",
    IssueGrouping: "Events",
  },
)

client.Integrations.CreateServiceNowAlertChannel(serviceNowChannel)

func (ServiceNowAlertChannel) StateString added in v0.2.16 

func (c ServiceNowAlertChannel) StateString() string

func (ServiceNowAlertChannel) Status added in v0.2.16 

func (c ServiceNowAlertChannel) Status() string

type ServiceNowAlertChannelResponse added in v0.2.16 

type ServiceNowAlertChannelResponse struct {
	Data    []ServiceNowAlertChannel `json:"data"`
	Ok      bool                     `json:"ok"`
	Message string                   `json:"message"`
}

type ServiceNowChannelData added in v0.2.16 

type ServiceNowChannelData struct {
	InstanceURL        string `json:"INSTANCE_URL" mapstructure:"INSTANCE_URL"`
	Username           string `json:"USER_NAME" mapstructure:"USER_NAME"`
	Password           string `json:"PASSWORD" mapstructure:"PASSWORD"`
	CustomTemplateFile string `json:"CUSTOM_TEMPLATE_FILE,omitempty" mapstructure:"CUSTOM_TEMPLATE_FILE"`
	IssueGrouping      string `json:"ISSUE_GROUPING,omitempty" mapstructure:"ISSUE_GROUPING"`
}

func (*ServiceNowChannelData) DecodeCustomTemplateFile added in v0.2.21 

func (snow *ServiceNowChannelData) DecodeCustomTemplateFile() (string, error)

func (*ServiceNowChannelData) EncodeCustomTemplateFile added in v0.2.21 

func (snow *ServiceNowChannelData) EncodeCustomTemplateFile(template string)

type ServiceNowRestAlertChannelResponseV2 added in v0.18.0 

type ServiceNowRestAlertChannelResponseV2 struct {
	Data ServiceNowRestAlertChannelV2 `json:"data"`
}

type ServiceNowRestAlertChannelV2 added in v0.18.0 

type ServiceNowRestAlertChannelV2 struct {
	Data ServiceNowRestDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (ServiceNowRestAlertChannelV2) ID added in v0.18.0 

func (c ServiceNowRestAlertChannelV2) ID() string

func (ServiceNowRestAlertChannelV2) StateString added in v0.34.0 

func (c ServiceNowRestAlertChannelV2) StateString() string

func (ServiceNowRestAlertChannelV2) Status added in v0.34.0 

func (c ServiceNowRestAlertChannelV2) Status() string

type ServiceNowRestDataV2 added in v0.18.0 

type ServiceNowRestDataV2 struct {
	Username           string `json:"userName"`
	Password           string `json:"password"`
	InstanceURL        string `json:"instanceUrl"`
	CustomTemplateFile string `json:"customTemplateFile,omitempty"`
	IssueGrouping      string `json:"issueGrouping,omitempty"`
}

func (*ServiceNowRestDataV2) DecodeCustomTemplateFile added in v0.18.0 

func (snow *ServiceNowRestDataV2) DecodeCustomTemplateFile() (string, error)

func (*ServiceNowRestDataV2) EncodeCustomTemplateFile added in v0.18.0 

func (snow *ServiceNowRestDataV2) EncodeCustomTemplateFile(template string)

type SlackAlertChannel added in v0.1.22 

type SlackAlertChannel struct {
	Data SlackChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewSlackAlertChannel added in v0.1.22 

func NewSlackAlertChannel(name string, data SlackChannelData) SlackAlertChannel

NewSlackAlertChannel returns an instance of SlackAlertChannel with the provided name and data.

Basic usage: Initialize a new SlackAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

slackChannel := api.NewSlackAlertChannel("foo",
  api.SlackChannelData{
    SlackUrl: "https://hooks.slack.com/services/ABCD/12345/abcd1234",
  },
)

client.Integrations.CreateSlackAlertChannel(slackChannel)

func (SlackAlertChannel) StateString added in v0.1.22 

func (c SlackAlertChannel) StateString() string

func (SlackAlertChannel) Status added in v0.1.22 

func (c SlackAlertChannel) Status() string

type SlackAlertChannelResponse added in v0.1.22 

type SlackAlertChannelResponse struct {
	Data    []SlackAlertChannel `json:"data"`
	Ok      bool                `json:"ok"`
	Message string              `json:"message"`
}

type SlackChannelAlertChannelResponseV2 added in v0.14.0 

type SlackChannelAlertChannelResponseV2 struct {
	Data SlackChannelAlertChannelV2 `json:"data"`
}

type SlackChannelAlertChannelV2 added in v0.14.0 

type SlackChannelAlertChannelV2 struct {
	Data SlackChannelDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (SlackChannelAlertChannelV2) ID added in v0.14.0 

func (c SlackChannelAlertChannelV2) ID() string

func (SlackChannelAlertChannelV2) StateString added in v0.34.0 

func (c SlackChannelAlertChannelV2) StateString() string

func (SlackChannelAlertChannelV2) Status added in v0.34.0 

func (c SlackChannelAlertChannelV2) Status() string

type SlackChannelData added in v0.1.21 

type SlackChannelData struct {
	SlackUrl string `json:"SLACK_URL" mapstructure:"SLACK_URL"`
}

type SlackChannelDataV2 added in v0.14.0 

type SlackChannelDataV2 struct {
	SlackUrl string `json:"slackUrl"`
}

type SplunkAlertChannel added in v0.2.14 

type SplunkAlertChannel struct {
	Data SplunkChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewSplunkAlertChannel added in v0.2.14 

func NewSplunkAlertChannel(name string, data SplunkChannelData) SplunkAlertChannel

NewSplunkAlertChannel returns an instance of SplunkAlertChannel with the provided name and data.

Basic usage: Initialize a new SplunkAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

splunkChannel := api.NewSplunkAlertChannel("foo",
  api.SplunkChannelData{
    Channel: "channel-name",
    HecToken: "AA111111-11AA-1AA1-11AA-11111AA1111A",
    Host: "localhost",
    Port: 80,
    Ssl: false,
    EventData: api.SplunkEventData{
      Index: "index",
      Source: "source",
     },
  },
)

client.Integrations.CreateSplunkAlertChannel(splunkChannel)

func (SplunkAlertChannel) StateString added in v0.2.14 

func (c SplunkAlertChannel) StateString() string

func (SplunkAlertChannel) Status added in v0.2.14 

func (c SplunkAlertChannel) Status() string

type SplunkAlertChannelResponse added in v0.2.14 

type SplunkAlertChannelResponse struct {
	Data    []SplunkAlertChannel `json:"data"`
	Ok      bool                 `json:"ok"`
	Message string               `json:"message"`
}

type SplunkChannelData added in v0.2.14 

type SplunkChannelData struct {
	Channel   string          `json:"CHANNEL,omitempty" mapstructure:"CHANNEL"`
	HecToken  string          `json:"HEC_TOKEN" mapstructure:"HEC_TOKEN"`
	Host      string          `json:"HOST" mapstructure:"HOST"`
	Port      int             `json:"PORT" mapstructure:"PORT"`
	Ssl       bool            `json:"SSL" mapstructure:"SSL"`
	EventData SplunkEventData `json:"EVENT_DATA" mapstructure:"EVENT_DATA"`
}

type SplunkEventData added in v0.2.14 

type SplunkEventData struct {
	Index  string `json:"INDEX" mapstructure:"INDEX"`
	Source string `json:"SOURCE" mapstructure:"SOURCE"`
}

type SplunkHecAlertChannelResponseV2 added in v0.18.0 

type SplunkHecAlertChannelResponseV2 struct {
	Data SplunkHecAlertChannelV2 `json:"data"`
}

type SplunkHecAlertChannelV2 added in v0.18.0 

type SplunkHecAlertChannelV2 struct {
	Data SplunkHecDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (SplunkHecAlertChannelV2) ID added in v0.18.0 

func (c SplunkHecAlertChannelV2) ID() string

func (SplunkHecAlertChannelV2) StateString added in v0.34.0 

func (c SplunkHecAlertChannelV2) StateString() string

func (SplunkHecAlertChannelV2) Status added in v0.34.0 

func (c SplunkHecAlertChannelV2) Status() string

type SplunkHecDataV2 added in v0.18.0 

type SplunkHecDataV2 struct {
	HecToken  string               `json:"hecToken"`
	Channel   string               `json:"channel,omitempty"`
	Host      string               `json:"host"`
	Port      int                  `json:"port"`
	Ssl       bool                 `json:"ssl"`
	EventData SplunkHecEventDataV2 `json:"eventData"`
}

type SplunkHecEventDataV2 added in v0.18.0 

type SplunkHecEventDataV2 struct {
	Index  string `json:"index"`
	Source string `json:"source"`
}

type TeamMember added in v0.23.0 

type TeamMember struct {
	CustGuid    string          `json:"custGuid,omitempty"`
	Props       TeamMemberProps `json:"props"`
	UserEnabled int             `json:"userEnabled"`
	UserGuid    string          `json:"userGuid,omitempty"`
	UserName    string          `json:"userName,omitempty"`
}

TeamMember is for a standalone team member without org access

func NewTeamMember added in v0.23.0 

func NewTeamMember(username string, props TeamMemberProps) TeamMember

NewTeamMember returns an instance of the Team Member struct

Basic usage: Initialize a new TeamMember struct and then use the new instance to perform CRUD operations. 

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  teamMember := api.NewTeamMember(
		"FooBar",
		api.TeamMemberProps{
		Company: "ACME Inc",
		FirstName: "Foo",
		LastName: "Bar"
     },
  },

)

client.V2.TeamMembers.Create(teamMember)

type TeamMemberAccount added in v0.23.0 

type TeamMemberAccount struct {
	AccountName string `json:"accountName"`
	Admin       bool   `json:"admin"`
	CustGuid    string `json:"custGuid"`
	UserEnabled int    `json:"userEnabled"`
	UserGuid    string `json:"userGuid"`
}

type TeamMemberOrg added in v0.23.0 

type TeamMemberOrg struct {
	AdminRoleAccounts []string        `json:"adminRoleAccounts"`
	OrgAdmin          bool            `json:"orgAdmin"`
	OrgUser           bool            `json:"orgUser"`
	Props             TeamMemberProps `json:"props"`
	UserEnabled       int             `json:"userEnabled,omitempty"`
	UserGuid          string          `json:"userGuid,omitempty"`
	UserName          string          `json:"userName,omitempty"`
	UserRoleAccounts  []string        `json:"userRoleAccounts"`
}

TeamMemberOrg is for an organizational team member

func NewTeamMemberOrg added in v0.23.0 

func NewTeamMemberOrg(username string, props TeamMemberProps) TeamMemberOrg

NewTeamMemberOrg returns an instance of the team member org struct

Basic usage: Initialize a new TeamMemberOrg struct and then use the new instance to perform CRUD operations. 

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  teamMember := api.NewTeamMemberOrg(
		"FooBar",
		api.TeamMemberProps{
		Company: "ACME Inc",
		FirstName: "Foo",
		LastName: "Bar"
     },
  },

)

client.V2.TeamMembers.CreateOrg(teamMember)

type TeamMemberOrgData added in v0.23.0 

type TeamMemberOrgData struct {
	Accounts   []TeamMemberAccount `json:"accounts"`
	OrgAccount bool                `json:"orgAccount"`
	OrgAdmin   bool                `json:"orgAdmin"`
	OrgUser    bool                `json:"orgUser"`
	Url        string              `json:"url"`
	UserName   string              `json:"userName"`
}

type TeamMemberOrgResponse added in v0.23.0 

type TeamMemberOrgResponse struct {
	Data TeamMemberOrgData `json:"data"`
}

type TeamMemberProps added in v0.23.0 

type TeamMemberProps struct {
	AccountAdmin bool `json:"accountAdmin,omitempty"`
	//Company is empty for patch requests on updateOrg as it cannot be modified
	Company                string      `json:"company,omitempty"`
	CreatedTime            string      `json:"createdTime,omitempty"`
	FirstName              string      `json:"firstName"`
	JitCreated             bool        `json:"jitCreated,omitempty"`
	LastLoginTime          interface{} `json:"lastLoginTime,omitempty"`
	LastName               string      `json:"lastName"`
	LastSessionCreatedTime interface{} `json:"lastSessionCreatedTime,omitempty"`
	OrgAdmin               bool        `json:"orgAdmin,omitempty"`
	OrgUser                bool        `json:"orgUser,omitempty"`
	UpdatedBy              string      `json:"updatedBy,omitempty"`
	UpdatedTime            interface{} `json:"updatedTime,omitempty"`
}

type TeamMemberResponse added in v0.23.0 

type TeamMemberResponse struct {
	Data TeamMember `json:"data"`
}

type TeamMembersResponse added in v0.23.0 

type TeamMembersResponse struct {
	Data []TeamMember `json:"data"`
}

type TeamMembersService added in v0.23.0 

type TeamMembersService struct {
	// contains filtered or unexported fields
}

func (*TeamMembersService) Create added in v0.23.0 

func (svc *TeamMembersService) Create(tm TeamMember) (res TeamMemberResponse, err error)

Create creates a single team member

func (*TeamMembersService) CreateOrg added in v0.23.0 

func (svc *TeamMembersService) CreateOrg(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

CreateOrg creates a single team member at the org level TODO Move all ORG stuff into a different file

func (*TeamMembersService) Delete added in v0.23.0 

func (svc *TeamMembersService) Delete(guid string) error

Delete deletes a single team member at the account level with the corresponding guid

func (*TeamMembersService) DeleteOrg added in v0.23.0 

func (svc *TeamMembersService) DeleteOrg(guid string) error

DeleteOrg deletes a single team member at the org level with the corresponding guid

func (*TeamMembersService) Get added in v0.23.0 

func (svc *TeamMembersService) Get(guid string, res interface{}) error

Get returns a response of the team member

func (*TeamMembersService) List added in v0.23.0 

func (svc *TeamMembersService) List() (res TeamMembersResponse, err error)

List returns a list of team members

func (*TeamMembersService) SearchUsername added in v0.23.0 

func (svc *TeamMembersService) SearchUsername(username string) (res TeamMembersResponse, err error)

func (*TeamMembersService) Update added in v0.23.0 

func (svc *TeamMembersService) Update(tm TeamMember) (res TeamMemberResponse, err error)

Update updates a single team member at the account-level with the corresponding guid

func (*TeamMembersService) UpdateOrg added in v0.23.0 

func (svc *TeamMembersService) UpdateOrg(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

UpdateOrg updates a single team member at the org-level with the corresponding username

func (*TeamMembersService) UpdateOrgById added in v0.23.0 

func (svc *TeamMembersService) UpdateOrgById(tm TeamMemberOrg) (res TeamMemberOrgResponse, err error)

UpdateOrgById updates a single team member at the org-level with the corresponding guid

type TimeFilter added in v0.10.0 

type TimeFilter struct {
	StartTime *time.Time `json:"startTime,omitempty"`
	EndTime   *time.Time `json:"endTime,omitempty"`
}

type TokenData added in v0.8.0 

type TokenData struct {
	ExpiresAt time.Time `json:"expiresAt"`
	Token     string    `json:"token"`
}

APIv2

type TokenV1Data added in v0.10.0 

type TokenV1Data struct {
	ExpiresAt string `json:"expiresAt"`
	Token     string `json:"token"`
}

APIv1

type TokenV1Response added in v0.10.0 

type TokenV1Response struct {
	Data    []TokenV1Data `json:"data"`
	Ok      bool          `json:"ok"`
	Message string        `json:"message"`
}

func (TokenV1Response) ExpiresAt added in v0.10.0 

func (v1 TokenV1Response) ExpiresAt() time.Time

Soon-To-Be-Deprecated

func (TokenV1Response) Token added in v0.10.0 

func (v1 TokenV1Response) Token() string

Soon-To-Be-Deprecated

type UpdatePolicy added in v0.10.0 

type UpdatePolicy struct {
	PolicyID      string   `json:"policyId,omitempty" yaml:"policyId,omitempty"`
	PolicyType    string   `json:"policyType,omitempty" yaml:"policyType,omitempty"`
	QueryID       string   `json:"queryId,omitempty" yaml:"queryId,omitempty"`
	Title         string   `json:"title,omitempty" yaml:"title,omitempty"`
	Enabled       *bool    `json:"enabled,omitempty" yaml:"enabled,omitempty"`
	Description   string   `json:"description,omitempty" yaml:"description,omitempty"`
	Remediation   string   `json:"remediation,omitempty" yaml:"remediation,omitempty"`
	Severity      string   `json:"severity,omitempty" yaml:"severity,omitempty"`
	Limit         *int     `json:"limit,omitempty" yaml:"limit,omitempty"`
	EvalFrequency string   `json:"evalFrequency,omitempty" yaml:"evalFrequency,omitempty"`
	AlertEnabled  *bool    `json:"alertEnabled,omitempty" yaml:"alertEnabled,omitempty"`
	AlertProfile  string   `json:"alertProfile,omitempty" yaml:"alertProfile,omitempty"`
	Tags          []string `json:"tags,omitempty" yaml:"tags,omitempty"`
}
In order to properly PATCH we need to omit items that aren't specified.

For booleans and integers Golang will omit zero values false and 0 respectively. This would prevent someone from toggling something to disabled or 0 respectively. As such we are using pointers instead of primitives for booleans and integers in this struct

func ParseUpdatePolicy added in v0.36.0 

func ParseUpdatePolicy(s string) (UpdatePolicy, error)

type UpdateQuery added in v0.10.0 

type UpdateQuery struct {
	QueryText string `json:"queryText"`
}

type UserEntity added in v0.25.0 

type UserEntity struct {
	CreatedTime      time.Time `json:"createdTime"`
	Mid              int       `json:"mid"`
	OtherGroupNames  []string  `json:"otherGroupNames"`
	PrimaryGroupName string    `json:"primaryGroupName"`
	UID              int       `json:"uid"`
	Username         string    `json:"username"`
}

type UserProfile added in v0.8.0 

type UserProfile struct {
	Username   string    `json:"username"`
	OrgAccount bool      `json:"orgAccount"`
	URL        string    `json:"url"`
	OrgAdmin   bool      `json:"orgAdmin"`
	OrgUser    bool      `json:"orgUser"`
	Accounts   []Account `json:"accounts"`
}

func (*UserProfile) OrgAccountName added in v0.8.0 

func (p *UserProfile) OrgAccountName() string

func (*UserProfile) SubAccountNames added in v0.8.0 

func (p *UserProfile) SubAccountNames() []string

type UserProfileResponse added in v0.8.0 

type UserProfileResponse struct {
	Data []UserProfile `json:"data"`
}

type UserProfileService added in v0.8.0 

type UserProfileService struct {
	// contains filtered or unexported fields
}

UserProfileService is the service that interacts with the UserProfile schema from the Lacework APIv2 Server

func (*UserProfileService) Get added in v0.8.0 

func (svc *UserProfileService) Get() (response UserProfileResponse, err error)

type UsersEntityResponse added in v0.25.0 

type UsersEntityResponse struct {
	Data   []UserEntity `json:"data"`
	Paging V2Pagination `json:"paging"`
}

func (UsersEntityResponse) PageInfo added in v0.25.0 

func (r UsersEntityResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (*UsersEntityResponse) ResetPaging added in v0.25.0 

func (r *UsersEntityResponse) ResetPaging()

type V2CommonIntegration added in v0.13.0 

type V2CommonIntegration struct {
	Data v2CommonIntegrationData `json:"data"`
}

type V2Endpoints added in v0.8.0 

type V2Endpoints struct {

	// Every schema must have its own service
	UserProfile             *UserProfileService
	AlertChannels           *AlertChannelsService
	Alert                   *v2alertProfilesService
	AlertRules              *AlertRulesService
	ReportRules             *ReportRulesService
	CloudAccounts           *CloudAccountsService
	ContainerRegistries     *ContainerRegistriesService
	ResourceGroups          *ResourceGroupsService
	AgentAccessTokens       *AgentAccessTokensService
	AgentInfo               *AgentInfoService
	Inventory               *InventoryService
	ComplianceEvaluations   *ComplianceEvaluationService
	Query                   *QueryService
	Policy                  *PolicyService
	Entities                *EntitiesService
	Schemas                 *SchemasService
	Datasources             *DatasourcesService
	DataExportRules         *DataExportRulesService
	TeamMembers             *TeamMembersService
	VulnerabilityExceptions *VulnerabilityExceptionsService
	Vulnerabilities         *v2VulnerabilitiesService
	// contains filtered or unexported fields
}

V2Endpoints groups all APIv2 endpoints available, they are grouped by schema which matches with our service architecture

func NewV2Endpoints added in v0.8.0 

func NewV2Endpoints(c *Client) *V2Endpoints

type V2IntegrationState added in v0.10.0 

type V2IntegrationState struct {
	Ok                 bool                   `json:"ok"`
	Details            map[string]interface{} `json:"details"`
	LastUpdatedTime    lwtime.Epoch           `json:"lastUpdatedTime"`
	LastSuccessfulTime lwtime.Epoch           `json:"lastSuccessfulTime"`
}

type V2Pagination added in v0.25.0 

type V2Pagination struct {
	Rows      int `json:"rows"`
	TotalRows int `json:"totalRows"`
	Urls      struct {
		NextPage string `json:"nextPage"`
	} `json:"urls"`
}

type V2Service added in v0.13.0 

type V2Service interface {
	Get(string, interface{}) error
	Delete(string) error
}

type ValidateQuery added in v0.10.1 

type ValidateQuery struct {
	QueryText string `json:"queryText"`
}

type VictorOpsAlertChannel added in v0.2.19 

type VictorOpsAlertChannel struct {
	Data VictorOpsChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewVictorOpsAlertChannel added in v0.2.19 

func NewVictorOpsAlertChannel(name string, data VictorOpsChannelData) VictorOpsAlertChannel

NewVictorOpsAlertChannel returns an instance of VictorOpsAlertChannel with the provided name and data.

Basic usage: Initialize a new VictorOpsAlertChannel struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  datadog := api.NewVictorOpsAlertChannel("foo",
    api.VictorOpsChannelData{
		    WebhookURL: "https://alert.victorops.com/integrations/generic/20131114/alert/31e945ee-5cad-44e7-afb0-97c20ea80dd8/database,
    },
  )

  client.Integrations.CreateVictorOpsAlertChannel(datadogChannel)

func (VictorOpsAlertChannel) StateString added in v0.2.19 

func (c VictorOpsAlertChannel) StateString() string

func (VictorOpsAlertChannel) Status added in v0.2.19 

func (c VictorOpsAlertChannel) Status() string

type VictorOpsAlertChannelResponse added in v0.2.19 

type VictorOpsAlertChannelResponse struct {
	Data    []VictorOpsAlertChannel `json:"data"`
	Ok      bool                    `json:"ok"`
	Message string                  `json:"message"`
}

type VictorOpsAlertChannelResponseV2 added in v0.17.0 

type VictorOpsAlertChannelResponseV2 struct {
	Data VictorOpsAlertChannelV2 `json:"data"`
}

type VictorOpsAlertChannelV2 added in v0.17.0 

type VictorOpsAlertChannelV2 struct {
	Data VictorOpsDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (VictorOpsAlertChannelV2) ID added in v0.17.0 

func (c VictorOpsAlertChannelV2) ID() string

func (VictorOpsAlertChannelV2) StateString added in v0.34.0 

func (c VictorOpsAlertChannelV2) StateString() string

func (VictorOpsAlertChannelV2) Status added in v0.34.0 

func (c VictorOpsAlertChannelV2) Status() string

type VictorOpsChannelData added in v0.2.19 

type VictorOpsChannelData struct {
	WebhookURL string `json:"INTG_URL" mapstructure:"INTG_URL"`
}

type VictorOpsDataV2 added in v0.17.0 

type VictorOpsDataV2 struct {
	Url string `json:"intgUrl"`
}

type VulnContainerAssessment added in v0.2.0 

type VulnContainerAssessment struct {
	TotalVulnerabilities    int32               `json:"total_vulnerabilities"`
	CriticalVulnerabilities int32               `json:"critical_vulnerabilities"`
	HighVulnerabilities     int32               `json:"high_vulnerabilities"`
	MediumVulnerabilities   int32               `json:"medium_vulnerabilities"`
	LowVulnerabilities      int32               `json:"low_vulnerabilities"`
	InfoVulnerabilities     int32               `json:"info_vulnerabilities"`
	FixableVulnerabilities  int32               `json:"fixable_vulnerabilities"`
	LastEvaluationTime      string              `json:"last_evaluation_time,omitempty"`
	Image                   *VulnContainerImage `json:"image,omitempty"`

	// @afiune these two parameters, Status and Message will appear when
	// the vulnerability scan is still running. ugh. why?
	Status  string `json:"status,omitempty"`
	Message string `json:"message,omitempty"`

	// ScanStatus is a property that will appear when the vulnerability scan finished
	// running, this status indicates whether the scan finished successfully or not
	ScanStatus string `json:"scan_status,omitempty"`
}

func (*VulnContainerAssessment) HighestFixableSeverity added in v0.4.0 

func (report *VulnContainerAssessment) HighestFixableSeverity() string

HighestFixableSeverity returns the highest fixable severity level vulnerability in a VulnContainerAssessment

func (*VulnContainerAssessment) HighestSeverity added in v0.4.0 

func (report *VulnContainerAssessment) HighestSeverity() string

HighestSeverity returns the highest severity level vulnerability in a VulnContainerAssessment

func (*VulnContainerAssessment) TotalFixableVulnerabilities added in v0.4.0 

func (report *VulnContainerAssessment) TotalFixableVulnerabilities() int32

TotalFixableVulnerabilities returns the total number of vulnerabilities that have a fix available

func (*VulnContainerAssessment) VulnFixableCount added in v0.2.0 

func (report *VulnContainerAssessment) VulnFixableCount(severity string) int32

type VulnContainerAssessmentResponse added in v0.2.0 

type VulnContainerAssessmentResponse struct {
	Data    VulnContainerAssessment `json:"data"`
	Ok      bool                    `json:"ok"`
	Message string                  `json:"message"`
}

func (*VulnContainerAssessmentResponse) CheckStatus added in v0.2.0 

func (res *VulnContainerAssessmentResponse) CheckStatus() string

type VulnContainerAssessmentSummary added in v0.2.0 

type VulnContainerAssessmentSummary struct {
	EvalGuid                    string          `json:"eval_guid"`
	EvalStatus                  string          `json:"eval_status"`
	EvalType                    string          `json:"eval_type"`
	ImageCreatedTime            lwtime.NanoTime `json:"image_created_time"`
	ImageDigest                 string          `json:"image_digest"`
	ImageID                     string          `json:"image_id"`
	ImageNamespace              string          `json:"image_namespace"`
	ImageRegistry               string          `json:"image_registry"`
	ImageRepo                   string          `json:"image_repo"`
	ImageScanErrorMsg           string          `json:"image_scan_error_msg"`
	ImageScanStatus             string          `json:"image_scan_status"`
	ImageScanTime               lwtime.NanoTime `json:"image_scan_time"`
	ImageSize                   string          `json:"image_size"`
	ImageTags                   []string        `json:"image_tags"`
	NdvContainers               string          `json:"ndv_containers"`
	NumFixes                    string          `json:"num_fixes"`
	NumVulnerabilitiesSeverity1 string          `json:"num_vulnerabilities_severity_1"`
	NumVulnerabilitiesSeverity2 string          `json:"num_vulnerabilities_severity_2"`
	NumVulnerabilitiesSeverity3 string          `json:"num_vulnerabilities_severity_3"`
	NumVulnerabilitiesSeverity4 string          `json:"num_vulnerabilities_severity_4"`
	NumVulnerabilitiesSeverity5 string          `json:"num_vulnerabilities_severity_5"`
	StartTime                   lwtime.NanoTime `json:"start_time"`
}

type VulnContainerAssessmentsResponse added in v0.2.0 

type VulnContainerAssessmentsResponse struct {
	Assessments []VulnContainerAssessmentSummary `json:"data"`
	Ok          bool                             `json:"ok"`
	Message     string                           `json:"message"`
}

type VulnContainerImage added in v0.2.0 

type VulnContainerImage struct {
	ImageInfo   *vulnContainerImageInfo   `json:"image_info,omitempty"`
	ImageLayers []VulnContainerImageLayer `json:"image_layers,omitempty"`
}

type VulnContainerImageLayer added in v0.7.0 

type VulnContainerImageLayer struct {
	Hash      string                 `json:"hash"`
	CreatedBy string                 `json:"created_by"`
	Packages  []VulnContainerPackage `json:"packages"`
}

type VulnContainerPackage added in v0.7.0 

type VulnContainerPackage struct {
	Name            string                   `json:"name"`
	Namespace       string                   `json:"namespace"`
	Version         string                   `json:"version"`
	Vulnerabilities []ContainerVulnerability `json:"vulnerabilities"`

	// @afiune maybe these fields are host related information and not container
	FixAvailable  string `json:"fix_available,omitempty"`
	FixedVersion  string `json:"fixed_version,omitempty"`
	HostCount     string `json:"host_count,omitempty"`
	Severity      string `json:"severity,omitempty"`
	Status        string `json:"status,omitempty"`
	CveLink       string `json:"cve_link,omitempty"`
	CveScore      string `json:"cve_score,omitempty"`
	CvssV3Score   string `json:"cvss_v3_score,omitempty"`
	CvssV2Score   string `json:"cvss_v2_score,omitempty"`
	FirstSeenTime string `json:"first_seen_time,omitempty"`
}

type VulnerabilitiesContainersResponse added in v0.25.0 

type VulnerabilitiesContainersResponse struct {
	Data   []VulnerabilityContainer `json:"data"`
	Paging V2Pagination             `json:"paging"`
}

func (VulnerabilitiesContainersResponse) PageInfo added in v0.25.0 

func (r VulnerabilitiesContainersResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (*VulnerabilitiesContainersResponse) ResetPaging added in v0.25.0 

func (r *VulnerabilitiesContainersResponse) ResetPaging()

type VulnerabilitiesHostResponse added in v0.25.0 

type VulnerabilitiesHostResponse struct {
	Data   []VulnerabilityHost `json:"data"`
	Paging V2Pagination        `json:"paging"`
}

func (VulnerabilitiesHostResponse) PageInfo added in v0.25.0 

func (r VulnerabilitiesHostResponse) PageInfo() *V2Pagination

Fulfill Pagination interface (look at api/v2.go)

func (*VulnerabilitiesHostResponse) ResetPaging added in v0.25.0 

func (r *VulnerabilitiesHostResponse) ResetPaging()

type VulnerabilitiesService added in v0.1.3 

type VulnerabilitiesService struct {
	Host      *HostVulnerabilityService
	Container *ContainerVulnerabilityService
	// contains filtered or unexported fields
}

VulnerabilitiesService is a service that interacts with the vulnerabilities endpoints from the Lacework Server

func NewVulnerabilityService added in v0.2.0 

func NewVulnerabilityService(c *Client) *VulnerabilitiesService

type VulnerabilityAssessment added in v0.4.0 

type VulnerabilityAssessment interface {
	HighestSeverity() string
	HighestFixableSeverity() string
	TotalFixableVulnerabilities() int32
}

VulnerabilityAssessment is used to provide common functions that are required by host or container vulnerability assessments, this is used to treat them both as equal

type VulnerabilityContainer added in v0.25.0 

type VulnerabilityContainer struct {
	EvalCtx struct {
		CveBatchInfo []struct {
			CveBatchID     string `json:"cve_batch_id"`
			CveCreatedTime string `json:"cve_created_time"`
		} `json:"cve_batch_info"`
		ExceptionProps []struct {
			Status string `json:"status"`
		} `json:"exception_props"`
		ImageInfo struct {
			CreatedTime int64    `json:"created_time"`
			Digest      string   `json:"digest"`
			ErrorMsg    []string `json:"error_msg"`
			ID          string   `json:"id"`
			Registry    string   `json:"registry"`
			Repo        string   `json:"repo"`
			Size        int      `json:"size"`
			Status      string   `json:"status"`
			Tags        []string `json:"tags"`
			Type        string   `json:"type"`
		} `json:"image_info"`
		IsDailyJob       string `json:"isDailyJob"`
		IsReeval         bool   `json:"is_reeval"`
		ScanBatchID      string `json:"scan_batch_id"`
		ScanCreatedTime  string `json:"scan_created_time"`
		ScanRequestProps struct {
			DataFormatVersion string `json:"data_format_version"`
			Environment       struct {
				DockerVersion struct {
					ErrorMessage string `json:"error_message"`
				} `json:"docker_version"`
			} `json:"environment"`
			Props struct {
				DataFormatVersion string `json:"data_format_version"`
				ScannerVersion    string `json:"scanner_version"`
			} `json:"props"`
			ScanCompletionUtcTime int    `json:"scanCompletionUtcTime"`
			ScanStartTime         int    `json:"scan_start_time"`
			ScannerVersion        string `json:"scanner_version"`
		} `json:"scan_request_props"`
		VulnBatchID     string `json:"vuln_batch_id"`
		VulnCreatedTime string `json:"vuln_created_time"`
	} `json:"evalCtx"`
	FeatureKey struct {
		Name      string `json:"name"`
		Namespace string `json:"namespace"`
		Version   string `json:"version"`
	} `json:"featureKey"`
	FixInfo struct {
		CompareResult int    `json:"compare_result"`
		FixAvailable  int    `json:"fix_available"`
		FixedVersion  string `json:"fixed_version"`
	} `json:"fixInfo"`
	ImageID   string    `json:"imageId"`
	Severity  string    `json:"severity"`
	StartTime time.Time `json:"startTime"`
	Status    string    `json:"status"`
	VulnID    string    `json:"vulnId"`
}

type VulnerabilityException added in v0.24.0 

type VulnerabilityException struct {
	Guid                  string                               `json:"exceptionGuid,omitempty"`
	Enabled               int                                  `json:"state"`
	ExceptionName         string                               `json:"exceptionName"`
	ExceptionType         string                               `json:"exceptionType"`
	ExceptionReason       string                               `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps          `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria       `json:"vulnerabilityCriteria"`
	ResourceScope         *VulnerabilityExceptionResourceScope `json:"resourceScope,omitempty"`
	CreatedTime           string                               `json:"createdTime,omitempty"`
	UpdatedTime           string                               `json:"updatedTime,omitempty"`
	ExpiryTime            string                               `json:"expiryTime,omitempty"`
}

func NewVulnerabilityException added in v0.24.0 

func NewVulnerabilityException(name string, exception VulnerabilityExceptionConfig) VulnerabilityException

NewVulnerabilityException returns an instance of the VulnerabilityException struct

Basic usage: Initialize a new VulnerabilityException struct, then 

             use the new instance to do CRUD operations

  client, err := api.NewClient("account")
  if err != nil {
    return err
  }

  exception := api.VulnerabilityExceptionConfig{
      Type:            api.VulnerabilityExceptionTypeHost,
      Description:     "This is a vuln exception",
      ExceptionReason: api.VulnerabilityExceptionReasonCompensatingControls,
      Severities:      api.VulnerabilityExceptionSeverities{api.VulnerabilityExceptionSeverityCritical},
      Fixable: 		  true,
      ResourceScope:   api.VulnerabilityExceptionContainerResourceScope{
         ImageID:    []string{""},
         ImageTag:   []string{""},
         Registry:   []string{""},
         Repository: []string{""},
         Namespace:  []string{""},
      },
      ExpiryTime: time.Now().AddDate(0, 1, 0),
  }

	 vulnerabilityException := api.NewVulnerabilityException("vulnerabilityException", exception)

  client.V2.VulnerabilityExceptions.Create(vulnerabilityException)

func (VulnerabilityException) Status added in v0.24.0 

func (exception VulnerabilityException) Status() string

type VulnerabilityExceptionConfig added in v0.24.0 

type VulnerabilityExceptionConfig struct {
	Description     string
	Type            vulnerabilityExceptionType
	ExceptionReason vulnerabilityExceptionReason
	Severities      VulnerabilityExceptionSeverities
	Cve             []string
	Package         []VulnerabilityExceptionPackage
	Fixable         *bool
	ResourceScope   vulnerabilityExceptionResourceScope
	ExpiryTime      time.Time
}

func (VulnerabilityExceptionConfig) FixableEnabled added in v0.24.0 

func (cfg VulnerabilityExceptionConfig) FixableEnabled() []int

type VulnerabilityExceptionContainer added in v0.24.0 

type VulnerabilityExceptionContainer struct {
	Guid                  string                                       `json:"exceptionGuid,omitempty"`
	Enabled               int                                          `json:"state"`
	ExceptionName         string                                       `json:"exceptionName"`
	ExceptionType         string                                       `json:"exceptionType"`
	ExceptionReason       string                                       `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps                  `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria               `json:"vulnerabilityCriteria"`
	ResourceScope         VulnerabilityExceptionResourceScopeContainer `json:"resourceScope,omitempty"`
	CreatedTime           string                                       `json:"createdTime,omitempty"`
	UpdatedTime           string                                       `json:"updatedTime,omitempty"`
	ExpiryTime            string                                       `json:"expiryTime,omitempty"`
}

type VulnerabilityExceptionContainerResourceScope added in v0.24.0 

type VulnerabilityExceptionContainerResourceScope struct {
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`
	Namespace  []string `json:"namespace,omitempty"`
}

func (VulnerabilityExceptionContainerResourceScope) Scope added in v0.24.0 

func (ctr VulnerabilityExceptionContainerResourceScope) Scope() VulnerabilityExceptionResourceScope

func (VulnerabilityExceptionContainerResourceScope) Type added in v0.24.0 

func (ctr VulnerabilityExceptionContainerResourceScope) Type() vulnerabilityExceptionType

type VulnerabilityExceptionContainerResponse added in v0.24.0 

type VulnerabilityExceptionContainerResponse struct {
	Data VulnerabilityExceptionContainer `json:"data"`
}

type VulnerabilityExceptionCriteria added in v0.24.0 

type VulnerabilityExceptionCriteria struct {
	Cve      []string              `json:"cve,omitempty"`
	Package  []map[string][]string `json:"package,omitempty"`
	Severity []string              `json:"severity,omitempty"`
	Fixable  []int                 `json:"fixable,omitempty"`
}

func (VulnerabilityExceptionCriteria) FixableEnabled added in v0.37.0 

func (vc VulnerabilityExceptionCriteria) FixableEnabled() *bool

type VulnerabilityExceptionHost added in v0.24.0 

type VulnerabilityExceptionHost struct {
	Guid                  string                                  `json:"exceptionGuid,omitempty"`
	Enabled               int                                     `json:"state"`
	ExceptionName         string                                  `json:"exceptionName"`
	ExceptionType         string                                  `json:"exceptionType"`
	ExceptionReason       string                                  `json:"exceptionReason"`
	Props                 VulnerabilityExceptionProps             `json:"props"`
	VulnerabilityCriteria VulnerabilityExceptionCriteria          `json:"vulnerabilityCriteria"`
	ResourceScope         VulnerabilityExceptionResourceScopeHost `json:"resourceScope,omitempty"`
	CreatedTime           string                                  `json:"createdTime,omitempty"`
	UpdatedTime           string                                  `json:"updatedTime,omitempty"`
	ExpiryTime            string                                  `json:"expiryTime,omitempty"`
}

type VulnerabilityExceptionHostResourceScope added in v0.24.0 

type VulnerabilityExceptionHostResourceScope struct {
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`
	Namespace   []string `json:"namespace,omitempty"`
}

func (VulnerabilityExceptionHostResourceScope) Scope added in v0.24.0 

func (host VulnerabilityExceptionHostResourceScope) Scope() VulnerabilityExceptionResourceScope

func (VulnerabilityExceptionHostResourceScope) Type added in v0.24.0 

func (host VulnerabilityExceptionHostResourceScope) Type() vulnerabilityExceptionType

type VulnerabilityExceptionHostResponse added in v0.24.0 

type VulnerabilityExceptionHostResponse struct {
	Data VulnerabilityExceptionHost `json:"data"`
}

type VulnerabilityExceptionPackage added in v0.24.0 

type VulnerabilityExceptionPackage struct {
	Name    string
	Version string
}

func NewVulnerabilityExceptionPackages added in v0.24.0 

func NewVulnerabilityExceptionPackages(packageMap []map[string]string) []VulnerabilityExceptionPackage

type VulnerabilityExceptionProps added in v0.24.0 

type VulnerabilityExceptionProps struct {
	Description string `json:"description,omitempty"`
	CreatedBy   string `json:"createdBy,omitempty"`
	UpdatedBy   string `json:"updatedBy,omitempty"`
}

type VulnerabilityExceptionResourceScope added in v0.24.0 

type VulnerabilityExceptionResourceScope struct {
	// Container properties
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`

	// Host properties
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`

	// Shared properties
	Namespace []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResourceScopeContainer added in v0.24.0 

type VulnerabilityExceptionResourceScopeContainer struct {
	ImageID    []string `json:"imageId,omitempty"`
	ImageTag   []string `json:"imageTag,omitempty"`
	Registry   []string `json:"registry,omitempty"`
	Repository []string `json:"repository,omitempty"`
	Namespace  []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResourceScopeHost added in v0.24.0 

type VulnerabilityExceptionResourceScopeHost struct {
	Hostname    []string `json:"hostname,omitempty"`
	ExternalIP  []string `json:"externalIp,omitempty"`
	ClusterName []string `json:"clusterName,omitempty"`
	Namespace   []string `json:"namespace,omitempty"`
}

type VulnerabilityExceptionResponse added in v0.24.0 

type VulnerabilityExceptionResponse struct {
	Data VulnerabilityException `json:"data"`
}

type VulnerabilityExceptionSeverities added in v0.24.0 

type VulnerabilityExceptionSeverities []vulnerabilityExceptionSeverity

func NewVulnerabilityExceptionSeverities added in v0.24.0 

func NewVulnerabilityExceptionSeverities(sevSlice []string) VulnerabilityExceptionSeverities

func (VulnerabilityExceptionSeverities) ToStringSlice added in v0.24.0 

func (sevs VulnerabilityExceptionSeverities) ToStringSlice() []string

type VulnerabilityExceptionsResponse added in v0.24.0 

type VulnerabilityExceptionsResponse struct {
	Data []VulnerabilityException `json:"data"`
}

type VulnerabilityExceptionsService added in v0.24.0 

type VulnerabilityExceptionsService struct {
	// contains filtered or unexported fields
}

VulnerabilityExceptionsService is the service that interacts with the VulnerabilityExceptions schema from the Lacework APIv2 Server

func (*VulnerabilityExceptionsService) Create added in v0.24.0 

func (svc *VulnerabilityExceptionsService) Create(vuln VulnerabilityException) (
	response VulnerabilityExceptionResponse,
	err error,
)

Create creates a single Vulnerability Exception

func (*VulnerabilityExceptionsService) CreateVulnerabilityExceptionsContainer added in v0.24.0 

func (svc *VulnerabilityExceptionsService) CreateVulnerabilityExceptionsContainer(vuln VulnerabilityException) (
	response VulnerabilityExceptionContainerResponse, err error)

func (*VulnerabilityExceptionsService) CreateVulnerabilityExceptionsHost added in v0.24.0 

func (svc *VulnerabilityExceptionsService) CreateVulnerabilityExceptionsHost(vuln VulnerabilityException) (
	response VulnerabilityExceptionHostResponse, err error)

func (*VulnerabilityExceptionsService) Delete added in v0.24.0 

func (svc *VulnerabilityExceptionsService) Delete(guid string) error

Delete deletes a Vulnerability Exception that matches the provided guid

func (*VulnerabilityExceptionsService) Get added in v0.24.0 

func (svc *VulnerabilityExceptionsService) Get(guid string, response interface{}) error

Get returns a raw response of the Vulnerability Exception with the matching guid.

func (*VulnerabilityExceptionsService) GetVulnerabilityExceptionsContainer added in v0.24.0 

func (svc *VulnerabilityExceptionsService) GetVulnerabilityExceptionsContainer(guid string) (response VulnerabilityExceptionContainerResponse, err error)

func (*VulnerabilityExceptionsService) GetVulnerabilityExceptionsHost added in v0.24.0 

func (svc *VulnerabilityExceptionsService) GetVulnerabilityExceptionsHost(guid string) (response VulnerabilityExceptionHostResponse, err error)

func (*VulnerabilityExceptionsService) List added in v0.24.0 

func (svc *VulnerabilityExceptionsService) List() (response VulnerabilityExceptionsResponse, err error)

List returns a list of Vulnerability Exceptions

func (*VulnerabilityExceptionsService) ListVulnerabilityExceptionsContainers added in v0.24.0 

func (svc *VulnerabilityExceptionsService) ListVulnerabilityExceptionsContainers() (response VulnerabilityExceptionContainerResponse, err error)

func (*VulnerabilityExceptionsService) ListVulnerabilityExceptionsHosts added in v0.24.0 

func (svc *VulnerabilityExceptionsService) ListVulnerabilityExceptionsHosts() (response VulnerabilityExceptionHostResponse, err error)

func (*VulnerabilityExceptionsService) Update added in v0.24.0 

func (svc *VulnerabilityExceptionsService) Update(data VulnerabilityException) (
	response VulnerabilityExceptionResponse,
	err error,
)

Update updates a single Vulnerability Exception.

func (*VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsContainer added in v0.24.0 

func (svc *VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsContainer(data VulnerabilityException, id string) (
	response VulnerabilityExceptionContainerResponse,
	err error,
)

func (*VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsHost added in v0.24.0 

func (svc *VulnerabilityExceptionsService) UpdateVulnerabilityExceptionsHost(data VulnerabilityException, id string) (
	response VulnerabilityExceptionHostResponse,
	err error,
)

type VulnerabilityHost added in v0.25.0 

type VulnerabilityHost struct {
	CveProps struct {
		CveBatchID  string `json:"cve_batch_id"`
		Description string `json:"description"`
		Link        string `json:"link"`
	} `json:"cveProps"`
	EndTime time.Time `json:"endTime"`
	EvalCtx struct {
		ExceptionProps []interface{} `json:"exception_props"`
		Hostname       string        `json:"hostname"`
		McEvalGUID     string        `json:"mc_eval_guid"`
	} `json:"evalCtx"`
	FeatureKey struct {
		Name             string `json:"name"`
		Namespace        string `json:"namespace"`
		PackageActive    int    `json:"package_active"`
		VersionInstalled string `json:"version_installed"`
	} `json:"featureKey"`
	FixInfo struct {
		CompareResult               string `json:"compare_result"`
		EvalStatus                  string `json:"eval_status"`
		FixAvailable                string `json:"fix_available"`
		FixedVersion                string `json:"fixed_version"`
		FixedVersionComparisonInfos []struct {
			CurrFixVer                         string `json:"curr_fix_ver"`
			IsCurrFixVerGreaterThanOtherFixVer string `json:"is_curr_fix_ver_greater_than_other_fix_ver"`
			OtherFixVer                        string `json:"other_fix_ver"`
		} `json:"fixed_version_comparison_infos"`
		FixedVersionComparisonScore int    `json:"fixed_version_comparison_score"`
		VersionInstalled            string `json:"version_installed"`
	} `json:"fixInfo"`
	MachineTags struct {
		Account                               string `json:"Account"`
		AmiID                                 string `json:"AmiId"`
		Env                                   string `json:"Env"`
		ExternalIP                            string `json:"ExternalIp"`
		Hostname                              string `json:"Hostname"`
		InstanceID                            string `json:"InstanceId"`
		InternalIP                            string `json:"InternalIp"`
		LwTokenShort                          string `json:"LwTokenShort"`
		Name                                  string `json:"Name"`
		SubnetID                              string `json:"SubnetId"`
		VMInstanceType                        string `json:"VmInstanceType"`
		VMProvider                            string `json:"VmProvider"`
		VpcID                                 string `json:"VpcId"`
		Zone                                  string `json:"Zone"`
		AlphaEksctlIoNodegroupName            string `json:"alpha.eksctl.io/nodegroup-name"`
		AlphaEksctlIoNodegroupType            string `json:"alpha.eksctl.io/nodegroup-type"`
		Arch                                  string `json:"arch"`
		AwsAutoscalingGroupName               string `json:"aws:autoscaling:groupName"`
		AwsEc2FleetID                         string `json:"aws:ec2:fleet-id"`
		AwsEc2LaunchtemplateID                string `json:"aws:ec2launchtemplate:id"`
		AwsEc2LaunchtemplateVersion           string `json:"aws:ec2launchtemplate:version"`
		EksClusterName                        string `json:"eks:cluster-name"`
		EksNodegroupName                      string `json:"eks:nodegroup-name"`
		K8SIoClusterAutoscalerEnabled         int    `json:"k8s.io/cluster-autoscaler/enabled"`
		K8SIoClusterAutoscalerTechallySandbox string `json:"k8s.io/cluster-autoscaler/techally-sandbox"`
		KubernetesIoClusterTechallySandbox    string `json:"kubernetes.io/cluster/techally-sandbox"`
		LwKubernetesCluster                   string `json:"lw_KubernetesCluster"`
		Os                                    string `json:"os"`
	} `json:"machineTags"`
	Mid       int       `json:"mid"`
	Severity  string    `json:"severity"`
	StartTime time.Time `json:"startTime"`
	Status    string    `json:"status"`
	VulnID    string    `json:"vulnId"`
}

type WebhookAlertChannel added in v0.2.11 

type WebhookAlertChannel struct {
	Data WebhookChannelData `json:"DATA"`
	// contains filtered or unexported fields
}

func NewWebhookAlertChannel added in v0.2.11 

func NewWebhookAlertChannel(name string, data WebhookChannelData) WebhookAlertChannel

NewWebhookAlertChannel returns an instance of WebhookAlertChannel with the provided name and data.

Basic usage: Initialize a new WebhookAlertChannel struct, then 

           use the new instance to do CRUD operations

client, err := api.NewClient("account")
if err != nil {
  return err
}

webhookChannel := api.NewWebhookAlertChannel("foo",
  api.WebhookChannelData{
    WebhookUrl: "https://mywebhook.com/?api-token=123",
  },
)

client.Integrations.CreateWebhookAlertChannel(webhookChannel)

func (WebhookAlertChannel) StateString added in v0.2.11 

func (c WebhookAlertChannel) StateString() string

func (WebhookAlertChannel) Status added in v0.2.11 

func (c WebhookAlertChannel) Status() string

type WebhookAlertChannelResponse added in v0.2.11 

type WebhookAlertChannelResponse struct {
	Data    []WebhookAlertChannel `json:"data"`
	Ok      bool                  `json:"ok"`
	Message string                `json:"message"`
}

type WebhookAlertChannelResponseV2 added in v0.17.0 

type WebhookAlertChannelResponseV2 struct {
	Data WebhookAlertChannelV2 `json:"data"`
}

type WebhookAlertChannelV2 added in v0.17.0 

type WebhookAlertChannelV2 struct {
	Data WebhookDataV2 `json:"data"`
	// contains filtered or unexported fields
}

func (WebhookAlertChannelV2) ID added in v0.17.0 

func (c WebhookAlertChannelV2) ID() string

func (WebhookAlertChannelV2) StateString added in v0.34.0 

func (c WebhookAlertChannelV2) StateString() string

func (WebhookAlertChannelV2) Status added in v0.34.0 

func (c WebhookAlertChannelV2) Status() string

type WebhookChannelData added in v0.2.11 

type WebhookChannelData struct {
	WebhookUrl string `json:"WEBHOOK_URL" mapstructure:"WEBHOOK_URL"`
}

type WebhookDataV2 added in v0.17.0 

type WebhookDataV2 struct {
	WebhookUrl string `json:"webhookUrl"`
}

type WeeklyEventsReportRuleNotifications added in v0.21.0 

type WeeklyEventsReportRuleNotifications struct {
	TrendReport bool `json:"trendReport"`
}

func (WeeklyEventsReportRuleNotifications) ToMap added in v0.21.0 

func (weekly WeeklyEventsReportRuleNotifications) ToMap() map[string]bool

Source Files

View all Source files

Directories

Path Synopsis
_examples
agent-access-token
alert-channels-v2
alert-profiles
alert-rules
aws-cloudwatch-alert-channel
aws-s3-alert-channel
cisco-webex-alert-channel
cloud-accounts/aws-agentless-scanning
cloud-accounts/aws-cfg
cloud-accounts/aws-ct-sqs
cloud-accounts/aws-eks-audit
cloud-accounts/gcp-gke-audit
container-vuln-search
data-export-rules
datadog-alert-channel
gcp_pub_sub-alert-channel
host-vuln-list-cves
jira-cloud-with-custom-template-alert-channel
microsoft-teams-alert-channel
new-relic-alert-channel
pagerduty-alert-channel
pagination
policy-exceptions
qradar-alert-channel
recommendations-v1
report-rules
resource-groups
service-now-alert-channel
slack-alert-channel
splunk-alert-channel
team-members
team-members-org
token-generation
victorops-alert-channel
vulnerability-exceptions
webhook-alert-channel

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.