Documentation
¶
Overview ¶
Package analytics is a generated GoMock package.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func LooksCompressed ¶
LooksCompressed indicate whenever given data looks compressed or not
func LooksEncrypted ¶
LooksEncrypted indicate whenever given data looks encrypted or not.
func SetupObservability ¶
SetupObservability will configure the various observers for C2. currently register an opencensus exporter
Types ¶
type LoggedMessage ¶
type LoggedMessage struct {
Timestamp time.Time `json:"timestamp"`
Duplicate bool `json:"duplicate"`
Qos byte `json:"qos"`
Retained bool `json:"retained"`
Topic string `json:"topic"`
MessageID uint16 `json:"messageid"`
Payload []byte `json:"payload"`
LooksEncrypted bool `json:"looksencrypted"`
LooksCompressed bool `json:"lookscompressed"`
IsBase64 bool `json:"isbase64"`
IsUTF8 bool `json:"isutf8"`
IsJSON bool `json:"isjson"`
}
LoggedMessage defines a type holding the data to be logged on C2 messages
type MessageMonitor ¶
type MessageMonitor interface {
OnMessage(ctx context.Context, msg LoggedMessage)
Enabled() bool
}
MessageMonitor defines an interface able to monitor C2 messages
func NewESMessageMonitor ¶
func NewESMessageMonitor(esClient *elastic.Client, logger log.FieldLogger, enabled bool, esIndexName string) MessageMonitor
NewESMessageMonitor creates a new message monitor backed by elasticSearch
type MockMessageMonitor ¶
type MockMessageMonitor struct {
// contains filtered or unexported fields
}
MockMessageMonitor is a mock of MessageMonitor interface
func NewMockMessageMonitor ¶
func NewMockMessageMonitor(ctrl *gomock.Controller) *MockMessageMonitor
NewMockMessageMonitor creates a new mock instance
func (*MockMessageMonitor) EXPECT ¶
func (m *MockMessageMonitor) EXPECT() *MockMessageMonitorMockRecorder
EXPECT returns an object that allows the caller to indicate expected use
func (*MockMessageMonitor) Enabled ¶
func (m *MockMessageMonitor) Enabled() bool
Enabled mocks base method
func (*MockMessageMonitor) OnMessage ¶
func (m *MockMessageMonitor) OnMessage(arg0 context.Context, arg1 LoggedMessage)
OnMessage mocks base method
type MockMessageMonitorMockRecorder ¶
type MockMessageMonitorMockRecorder struct {
// contains filtered or unexported fields
}
MockMessageMonitorMockRecorder is the mock recorder for MockMessageMonitor
func (*MockMessageMonitorMockRecorder) Enabled ¶
func (mr *MockMessageMonitorMockRecorder) Enabled() *gomock.Call
Enabled indicates an expected call of Enabled
func (*MockMessageMonitorMockRecorder) OnMessage ¶
func (mr *MockMessageMonitorMockRecorder) OnMessage(arg0, arg1 interface{}) *gomock.Call
OnMessage indicates an expected call of OnMessage
Source Files