structure

package

v2.0.0+incompatible Latest Latest Go to latest Published: Feb 15, 2019 License: GPL-3.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ocmdev/rita

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Host ¶

type Host struct {
	ID         bson.ObjectId `bson:"_id,omitempty"`
	IP         string        `bson:"ip"`
	Local      bool          `bson:"local"`
	IPv4       bool          `bson:"ipv4"`
	CountSrc   int32         `bson:"count_src"`
	CountDst   int32         `bson:"count_dst"`
	IPv4Binary int64         `bson:"ipv4_binary"`
	// IPv6Binary IPv6Integers  `bson:"ipv6_binary"` // for future ipv6 support
	MaxDuration        float32 `bson:"max_duration"`
	MaxBeaconScore     float64 `bson:"max_beacon_score"`
	MaxBeaconConnCount int     `bson:"max_beacon_conn_count"`
	BlOutCount         int32   `bson:"bl_out_count"`
	BlInCount          int32   `bson:"bl_in_count"`
	BlSumAvgBytes      int32   `bson:"bl_sum_avg_bytes"`
	BlTotalBytes       int32   `bson:"bl_total_bytes"`
	TxtQueryCount      int     `bson:"txt_query_count"`
}

Host describes an IP address found in the network traffic being analyzed

type IPv6Integers ¶ added in v1.0.0

type IPv6Integers struct {
	I1 int64 `bson:"1"`
	I2 int64 `bson:"2"`
	I3 int64 `bson:"3"`
	I4 int64 `bson:"4"`
}

IPv6Integers provides a way to store a binary representation of an IPv6 address in MongoDB. The 128 bit address is split into four 32 bit values. However, MongoDB cannot store unsigned numbers, so we use 64 bit integers to hold the values.

type UniqueConnection ¶

type UniqueConnection struct {
	ID              bson.ObjectId `bson:"_id,omitempty"`
	ConnectionCount int           `bson:"connection_count"`
	Src             string        `bson:"src"`
	Dst             string        `bson:"dst"`
	LocalSrc        bool          `bson:"local_src"`
	LocalDst        bool          `bson:"local_dst"`
	TotalBytes      int           `bson:"total_bytes"`
	AverageBytes    float32       `bson:"avg_bytes"`
	TsList          []int64       `bson:"ts_list"`         // Connection timestamps for this src, dst pair
	OrigIPBytes     []int64       `bson:"orig_bytes_list"` // Src to dst connection sizes for each connection
	MaxDuration     float32       `bson:"max_duration"`
	TotalDuration   float32       `bson:"total_duration"`
}

UniqueConnection describes a pair of IP addresses which contacted each other over the observation period

Source Files ¶

View all Source files

structure.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL