README
¶
List of Handlers
Below is a list of Handlers that exists with a short description. They are sectioned after package name, each packagename is related to the topic the handler is related to.
Databases
PutElasticSearch - Takes incomming payloads and sends them to an ElasticSearch index.
| Properties | Type | Description |
|---|---|---|
| index | string | A string that represents the index name (will automatically add a yy-mm-dd timestamp to index) |
| ip | string | The ip address of the elastic node |
| port | int | The port of the elastic node |
| type | string | The elastic type to use, this is related to the mapping of elasticsearch. |
| version | string | The elastic version to use, current supported versions are 6.x and 7.x |
Files
ListDirectory - Monitors a directory for files, any new files is sent out on the topics.
| Properties | Type | Description |
|---|---|---|
| buffertime | int | An integer in seconds on how long to store found files in memory, stored files will not be outputted during this duration. |
| path | string | The path to the directory to monitor. |
ReadFile - Reads a file on the system and outputs the content. Expects payloads that come in to be a string with the path.
| Properties | Type | Description |
|---|---|---|
| remove_after | boolean | Setting this to true will remove the file after its read |
WriteFile - Outputs the content of incomming payloads into files.
| Properties | Type | Description |
|---|---|---|
| path | string | The path to where the files will be written. |
| append | boolean | Setting it to true it will append the content of payloads into a single file. False value will generate new files per payload. |
| forward | boolean | Setting it to true will send payloads onto topics after written. |
| pid | int | Set the PID for the written files. Defaults to 1000. |
| gid | int | Set the GID for the written files. Defaults to 1000. |
Network
NetworkInterface - Start listening on a network interface for Packets and output them as payloads
| Properties | Type | Description |
|---|---|---|
| bpf | string | If a Bpf filter should be applied. |
| snapshotlength | int | The length of snapshots. |
| promiscuousmode | boolean | If promiscuousmode should be enabled or not. |
| interface | string | the interface to read packets from |
OpenPcap - Reads pcap files and output packets.
| Properties | Type | Description |
|---|---|---|
| bpf | string | If a Bpf filter should be applied. |
Filters
Filter - Reads incomming payloads and see if they are Filterable. Then applies configured filters on the payloads, only outputs payloads that matches the filters.
| Properties | Type | Description |
|---|---|---|
| strict | []string | A slice of the filter groups to apply strict mode to, strict mode means that all filters in that group has to match. |
| filterDirectory | string | A path to a directory containing filter files. A Filter file is named after the filter group and contains key:regexp rows. |
| filters | map[string][]string | Filters is a configuration that can be used to apply filters inline. The map key is the filter group, then a slice of key:regexp values. |
Parsers
ParseCSV - Reads incomming payloads and tries to parse them as CSV. Reading them and extracting header information, will output CSVPayloads. Available configurable properties
| Properties | Type | Description |
|---|---|---|
| delimiter | string | The delimiter to use on the incomming payloads |
| headerlength | int | How many rows the header is. |
| skiprows | int | How many rows in the payload to skip before starting to parse |
Terminal
ExecCMD - Used to execute terminal commands.
Available configurable properties
| Properties | Type | Description |
|---|---|---|
| command | string | The command to run from terminal, etc echo |
| arguments | map[string]interface | The arguments to add to the command, if this list of arguments contains the word payload, It will print the payload of the incomming payload as an argument. |
Stdout - Prints payloads to stdout Available configurable properties
| Properties | Type | Description |
|---|---|---|
| forward | boolean | Setting it to true will forward payload onto configured topics. |
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Handler ¶
type Handler interface {
// Handle is the function that will be performed on the incomming Payloads
// topics is the topics to push output onto
Handle(ctx context.Context, payload payload.Payload, topics ...string) error
// ValidateConfiguration is used to make sure everything that is needed by the handler is set
ValidateConfiguration() (bool, []string)
// GetConfiguration will return the configuration slice
GetConfiguration() *property.Configuration
//GetHandlerName will return the name used to reference a handler
GetHandlerName() string
// Subscriptionless should return true/false wether the handler itself is a self generating handler
// This is true for handlers like ListDirectory etc, which does not need
// any inputs to function
// Setting Subscriptionless to true will actually disable the processor needing subscriptions to work and rely on the Handler to publish itself
Subscriptionless() bool
// SetMetricProvider is a function that is used to set a metric provider to a handler.
// This should be used if you want to output metrics from your handler. Bydefault we use prometheusprovider as a metric provider.
// A unique prefix also has to be attached since we dont want handler metrics to collide. Bydefault most Processors use Processor.Name + Processor.ID
SetMetricProvider(p metric.Provider, prefix string) error
// GetErrorChannel() chan error
GetErrorChannel() chan error
}
Handler is a interface that allows users to create structs with certain functions attached that can be used inside a processor to handle payloads between them.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package databases is generated by Handlergenerator tooling Make sure to insert real Description here
|
Package databases is generated by Handlergenerator tooling Make sure to insert real Description here |
|
Package files is generated by Handlergenerator tooling Make sure to insert real Description here Package files is generated by Handlergenerator tooling Make sure to insert real Description here Package files is generated by Handlergenerator tooling This Handler is used to print Payloads onto a file
|
Package files is generated by Handlergenerator tooling Make sure to insert real Description here Package files is generated by Handlergenerator tooling Make sure to insert real Description here Package files is generated by Handlergenerator tooling This Handler is used to print Payloads onto a file |
|
Package filters contains all there is to the Filterable interface.
|
Package filters contains all there is to the Filterable interface. |
|
Package network is generated by Handlergenerator tooling Make sure to insert real Description here Package network is generated by Handlergenerator tooling OpenPcap will open up a pcap and output all network packets to the next processor
|
Package network is generated by Handlergenerator tooling Make sure to insert real Description here Package network is generated by Handlergenerator tooling OpenPcap will open up a pcap and output all network packets to the next processor |
|
Package parsers is generated by Handlergenerator tooling Make sure to insert real Description here
|
Package parsers is generated by Handlergenerator tooling Make sure to insert real Description here |
|
Package terminal is generated by Handlergenerator tooling Make sure to insert real Description here Package terminal contains Handlers related to STDOUT
|
Package terminal is generated by Handlergenerator tooling Make sure to insert real Description here Package terminal contains Handlers related to STDOUT |
Click to show internal directories.
Click to hide internal directories.