compiler

package

v0.0.21 Latest Latest Go to latest Published: Apr 2, 2025 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/prequel-dev/prequel

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func GetLogMatchSubject(ruleId string, depth int, matcherId uint32) string
type AssertParamsT
type CbAssertT
type CbMatchT
- func GetJqMatcher(obj *ObjT) (lm.MatchFunc, CbMatchT, error)
- func GetLogInverseSeqMatcher(obj *ObjT) (*lm.InverseSeq, CbMatchT, error)
- func GetLogSeqMatcher(obj *ObjT) (*lm.MatchSeq, CbMatchT, error)
- func GetLogSingleMatcher(obj *ObjT) (*lm.MatchSingle, CbMatchT, error)
type CbT
type CbType
type CompilerOptT
- func WithDebugTree(path string) CompilerOptT
- func WithPlugin(scope string, plugin PluginI) CompilerOptT
- func WithRuntime(cb RuntimeI) CompilerOptT
type CorrelationsT
type MatchParamsT
type NodePlugin
- func NewNodePlugin() *NodePlugin
- func (p *NodePlugin) Compile(runtime RuntimeI, node *ast.AstNodeT, mid uint32) (ObjsT, error)
type NoopRuntime
- func NewNoopRuntime() *NoopRuntime
- func (f *NoopRuntime) NewCbAssert(params AssertParamsT) CbAssertT
- func (f *NoopRuntime) NewCbMatch(params MatchParamsT) CbMatchT
type ObjT
- func NewObj(node *ast.AstNodeT) *ObjT
- func ObjLogMatcher(runtime RuntimeI, node *ast.AstNodeT, mid uint32) (*ObjT, error)
type ObjsT
- func Compile(data []byte, scope string, opts ...CompilerOptT) (ObjsT, error)
- func CompileTree(pt *parser.TreeT, scope string, opts ...CompilerOptT) (ObjsT, error)
type PluginI
type RuntimeI

Constants ¶

View Source

const (
	SubjectLogMatch = "local.match.log.%s.%d.%d"
)

Variables ¶

View Source

var (
	ErrExpectedReteMatcher   = errors.New("expected rete matcher")
	ErrExpectedJsonMatcher   = errors.New("expected jq json matcher")
	ErrExpectedJsonMatcherCb = errors.New("expected jq json matcher callback")
	ErrExpectedLogMatcher    = errors.New("expected log matcher")
	ErrExpectedLogMatcherCb  = errors.New("expected log matcher callback")
	ErrExpectedCbDetect      = errors.New("expected detect callback")
	ErrInvalidCbArgs         = errors.New("invalid callback arguments")
	ErrNotFound              = errors.New("not found")
)

View Source

var (
	ErrUnsupportedMatcher = errors.New("unsupported matcher")
	ErrUnsupportedScope   = errors.New("unsupported scope")
	ErrInvalidMatcher     = errors.New("invalid matcher")
)

View Source

var (
	ErrUnsupportedNodeType  = errors.New("unsupported node type")
	ErrUnsupportedEventType = errors.New("unsupported event type")
	ErrSequenceSingleMatch  = errors.New("sequence with single match (use set instead)")
	ErrNoFields             = errors.New("no fields")
)

Functions ¶

func GetLogMatchSubject ¶

func GetLogMatchSubject(ruleId string, depth int, matcherId uint32) string

Types ¶

type AssertParamsT ¶

type AssertParamsT struct {
	Descriptor    *ast.AstDescriptorT
	RuleId        string
	RuleHash      string
	MatchId       uint32
	ParentMatchId uint32
	Depth         int
	Subject       string
}

type CbAssertT ¶

type CbAssertT func(ctx context.Context) error

type CbMatchT ¶

type CbMatchT func(ctx context.Context, m matchz.HitsT) error

func GetJqMatcher ¶

func GetJqMatcher(obj *ObjT) (lm.MatchFunc, CbMatchT, error)

func GetLogInverseSeqMatcher ¶

func GetLogInverseSeqMatcher(obj *ObjT) (*lm.InverseSeq, CbMatchT, error)

func GetLogSeqMatcher ¶

func GetLogSeqMatcher(obj *ObjT) (*lm.MatchSeq, CbMatchT, error)

func GetLogSingleMatcher ¶

func GetLogSingleMatcher(obj *ObjT) (*lm.MatchSingle, CbMatchT, error)

type CbT ¶

type CbT struct {
	Callback any
}

type CbType ¶

type CbType uint

type CompilerOptT ¶

type CompilerOptT func(*compilerOptsT)

func WithDebugTree ¶

func WithDebugTree(path string) CompilerOptT

func WithPlugin ¶

func WithPlugin(scope string, plugin PluginI) CompilerOptT

func WithRuntime ¶

func WithRuntime(cb RuntimeI) CompilerOptT

type CorrelationsT ¶

type CorrelationsT map[string]string

type MatchParamsT ¶

type MatchParamsT struct {
	RuleId   string
	RuleHash string
	MatchId  uint32
	Origin   bool
	Subject  string
	NodeType ast.AstNodeTypeT
}

type NodePlugin ¶

type NodePlugin struct{}

func NewNodePlugin ¶

func NewNodePlugin() *NodePlugin

func (*NodePlugin) Compile ¶

func (p *NodePlugin) Compile(runtime RuntimeI, node *ast.AstNodeT, mid uint32) (ObjsT, error)

type NoopRuntime ¶

type NoopRuntime struct{}

-----

func NewNoopRuntime ¶

func NewNoopRuntime() *NoopRuntime

func (*NoopRuntime) NewCbAssert ¶

func (f *NoopRuntime) NewCbAssert(params AssertParamsT) CbAssertT

func (*NoopRuntime) NewCbMatch ¶

func (f *NoopRuntime) NewCbMatch(params MatchParamsT) CbMatchT

type ObjT ¶

type ObjT struct {
	RuleId        string           `json:"rule_id"`
	RuleHash      string           `json:"rule_hash"`
	MatchId       uint32           `json:"match_id"`
	ParentMatchId uint32           `json:"parent_match_id"`
	Depth         int              `json:"depth"`
	Scope         string           `json:"scope"`
	Type          ast.AstNodeTypeT `json:"type"`
	Event         ast.AstEventT    `json:"event"`
	Object        any              `json:"object"`
	Cb            CbT              `json:"cb"`
}

func NewObj ¶

func NewObj(node *ast.AstNodeT) *ObjT

func ObjLogMatcher ¶

func ObjLogMatcher(runtime RuntimeI, node *ast.AstNodeT, mid uint32) (*ObjT, error)

type ObjsT ¶

type ObjsT []*ObjT

func Compile ¶

func Compile(data []byte, scope string, opts ...CompilerOptT) (ObjsT, error)

func CompileTree ¶

func CompileTree(pt *parser.TreeT, scope string, opts ...CompilerOptT) (ObjsT, error)

type PluginI ¶

type PluginI interface {
	Compile(runtime RuntimeI, node *ast.AstNodeT, mid uint32) (ObjsT, error)
}

type RuntimeI ¶

type RuntimeI interface {
	NewCbMatch(params MatchParamsT) CbMatchT
	NewCbAssert(params AssertParamsT) CbAssertT
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL