v0.0.0-...-7ff2818 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Sep 12, 2020 License: BSD-3-Clause Imports: 3 Imported by: 0




This section is empty.


This section is empty.


This section is empty.


type Event

type Event struct {
	// This string should indicate the type of event, 'email', 'dropped file' etc.
	Type string `json:"type"`
	// A time stamp of the time the event happened
	Timestamp time.Time `json:"timestamp"`
	// An array of samples, (attachments, the file dropped etc).
	Samples []Sample `json:"samples"`
	// The source of the event, (name of the plugin that generated the event, unenforced)
	Source string `json:"source"`
	// Any metadata about the event, an array of tags or a more complicated map detailing
	// the botnet it came from etc etc
	Metadata Metadata `json:"metadata"`

The type that is used to represent events passed through the sinkhole.

type Metadata

type Metadata interface{}

Metadata is defined as an interface{} so that we can use any method for attaching metadata to an event. For example, an array of string tags or a more complicated map of data.

type Sample

type Sample struct {
	// Binary representation of the sample file
	Data []byte `json:"data"`
	// Sha256 of the Data
	Sha256 string `json:"sha256"`
	// Original file name
	FileName string `json:"filename"`

The type used to represent a binary sample file.

func NewSample

func NewSample(filename string, data []byte) *Sample

Used to create a new sample representation

This function will automatically calculate the sha256 sum of the sample

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL