README
¶
validations
Documentation
¶
Index ¶
- Constants
- Variables
- func GenerateSHA3256(value string) string
- func ValidateAdversary(value interface{}) (string, string, error)
- func ValidateBase64(value interface{}) (string, string, error)
- func ValidateBoolean(value interface{}) (bool, string, error)
- func ValidateCIDR(value interface{}) (string, string, error)
- func ValidateCity(value interface{}) (string, string, error)
- func ValidateCountry(value interface{}) (string, string, error)
- func ValidateDate(value interface{}) (string, string, error)
- func ValidateDatetime(value interface{}) (string, string, error)
- func ValidateEmail(value interface{}) (string, string, error)
- func ValidateFQDN(value interface{}) (string, string, error)
- func ValidateFloat(value interface{}) (float64, string, error)
- func ValidateHexadecimal(value interface{}) (string, string, error)
- func ValidateIP(value interface{}) (string, string, error)
- func ValidateIdentifier(value interface{}) (string, string, error)
- func ValidateInteger(value interface{}) (int64, string, error)
- func ValidateMAC(value interface{}) (string, string, error)
- func ValidateMD5(value interface{}) (string, string, error)
- func ValidateMime(value interface{}) (string, string, error)
- func ValidatePath(value interface{}) (string, string, error)
- func ValidatePhone(value interface{}) (string, string, error)
- func ValidatePort(value interface{}) (string, string, error)
- func ValidateRegEx(regex, value string) error
- func ValidateRegexComp(value interface{}) (string, string, error)
- func ValidateSHA1(value interface{}) (string, string, error)
- func ValidateSHA224(value interface{}) (string, string, error)
- func ValidateSHA256(value interface{}) (string, string, error)
- func ValidateSHA3224(value interface{}) (string, string, error)
- func ValidateSHA3256(value interface{}) (string, string, error)
- func ValidateSHA3384(value interface{}) (string, string, error)
- func ValidateSHA3512(value interface{}) (string, string, error)
- func ValidateSHA384(value interface{}) (string, string, error)
- func ValidateSHA512(value interface{}) (string, string, error)
- func ValidateSHA512224(value interface{}) (string, string, error)
- func ValidateSHA512256(value interface{}) (string, string, error)
- func ValidateString(value interface{}, insensitive bool) (string, string, error)
- func ValidateURL(value interface{}) (string, string, error)
- func ValidateUUID(value interface{}) (uuid.UUID, string, error)
- func ValidateValue(value interface{}, t string) (interface{}, string, error)
- type Attributes
- type Comment
- type Definition
- type Entity
- type EntityAssociation
- type EntityConsolidated
- type EntityHistory
- type RelationConsolidated
- type RelationHistory
Constants ¶
const ( STR = "Case-sensitive string" IP = "IP" EMAIL = "Email" FQDN = "FQDN" INTEGER = "Integer" CIDR = "CIDR" CITY = "City" COUNTRY = "Country" FLOAT = "Float" URL = "URL" MD5 = "MD5" HEXADECIMAL = "Hexadecimal" BASE64 = "BASE64" DATE = "Date" MAC = "MAC" MIME = "MIME type" PHONE = "Phone" SHA1 = "SHA-1" SHA224 = "SHA-224" SHA256 = "SHA-256" SHA384 = "SHA-384" SHA512 = "SHA-512" SHA3_224 = "SHA3-224" SHA3_256 = "SHA3-256" SHA3_384 = "SHA3-384" SHA3_512 = "SHA3-512" SHA512_224 = "SHA512-224" SHA512_256 = "SHA512-256" DATETIME = "Datetime" UUID = "UUID" BOOLEAN = "Boolean" ISTR = "String" PATH = "Path" IDENTIFIER = "UUID|MD5|SHA3-256" ADVERSARY = "Adversary" REGEX = "Regex" PORT = "Port" )
Variables ¶
var Definitions = []Definition{}/* 128 elements not displayed */
Functions ¶
func GenerateSHA3256 ¶
GenerateSHA3256 generates a SHA3-256 hash from the given string.
func ValidateAdversary ¶
ValidateAdversary validates if the given value is a valid adversary. It checks if the value is a valid URL, UUID, email, IP, phone, or FQDN. If any of these validations pass, it returns an error. If the value isn't a string, it returns an error. Otherwise, it returns the value and its SHA3-256 hash.
func ValidateBase64 ¶
ValidateBase64 validates if a given string is a valid base64 encoded string. It returns the original string, its SHA3-256 hash and an error if the validation fails.
func ValidateBoolean ¶
ValidateBoolean validates if a given value is a boolean and generates a SHA3-256 hash of the value. Returns a boolean indicating if the value is a boolean, the SHA3-256 hash of the value and an error if any.
func ValidateCIDR ¶
ValidateCIDR validates if a given string is a valid CIDR notation and returns the CIDR string and its SHA3-256 hash.
func ValidateCity ¶
ValidateCity validates a city name by converting it to title case and generating a SHA3-256 hash. It takes a value of type interface{} and returns the validated city name, its SHA3-256 hash, and an error (if any).
func ValidateCountry ¶
ValidateCountry validates a given country string value by converting it to title case and generating a SHA3-256 hash. Returns the validated country string value, its SHA3-256 hash, and an error if the value is not a string.
func ValidateDate ¶
ValidateDate validates a date string in the format "2006-01-02" and returns the formatted date string and its SHA3-256 hash.
func ValidateDatetime ¶
ValidateDatetime validates a datetime string in the RFC3339Nano format and returns the formatted datetime string and its SHA3-256 hash.
func ValidateEmail ¶
ValidateEmail validates if a given string is a valid email address. It returns the email address, its SHA3-256 hash and an error if any.
func ValidateFQDN ¶
ValidateFQDN validates a fully qualified domain name (FQDN) string. It returns the validated FQDN, its SHA3-256 hash, and an error if the validation fails.
func ValidateFloat ¶
ValidateFloat validates if the given value is a float64 or an int64 that can be converted to a float64. It returns the validated float64 value, its SHA3-256 hash, and an error if the value is not a float64 or an int64.
func ValidateHexadecimal ¶
ValidateHexadecimal validates if the given value is a valid hexadecimal string. It returns the hexadecimal string in lowercase format, its SHA3-256 hash and an error if any.
func ValidateIP ¶
ValidateIP validates if the given IP address is valid and not private, multicast, loopback, or unspecified. It returns the validated IP address and its SHA3-256 hash.
func ValidateIdentifier ¶ added in v1.0.14
ValidateIdentifier validates a value by checking if it's a valid UUID, MD5 or SHA3256 hash. If the value is valid, it returns the string representation of the hash, the hash itself and no error. If the value is invalid, it returns empty strings and an error.
func ValidateInteger ¶
ValidateInteger validates if a value is an integer and returns its int64 representation, its SHA3-256 hash and an error if the value is not an integer.
func ValidateMAC ¶
ValidateMAC validates if a given string is a valid MAC address and returns the MAC address in uppercase and its SHA3-256 hash.
func ValidateMD5 ¶
ValidateMD5 validates if a given string is a valid MD5 hash. It receives a value of type interface{} and returns the validated string, its SHA3-256 hash and an error.
func ValidateMime ¶
ValidateMime validates if a given string is a valid MIME type and returns the validated string, its SHA3-256 hash and an error if any.
func ValidatePath ¶
ValidatePath validates if the given value is a valid path and returns the path in lowercase and its SHA3-256 hash. If the value is not a string or contains "://" it returns an error.
func ValidatePhone ¶
ValidatePhone validates a phone number and returns the validated phone number and its SHA3-256 hash. If the value is not a string, it returns an error.
func ValidatePort ¶ added in v1.0.1
ValidatePort validates a port with protocol. It returns the validated PORT, its SHA3-256 hash, and an error if the validation fails.
func ValidateRegEx ¶
ValidateRegEx validates if a given value matches a regular expression. It returns an error if the value does not match the expression.
func ValidateRegexComp ¶
ValidateRegexComp validates if a given value is a valid regular expression. It returns the validated value, its SHA3-256 hash, and an error if the value is not a string or is not a valid regular expression.
func ValidateSHA1 ¶
ValidateSHA1 validates if a given value is a valid SHA1 hash. It receives a value of any type and returns the validated SHA1 hash as a string, its SHA3-256 hash as a string and an error if the value is not a string or if it is not a valid SHA1 hash.
func ValidateSHA224 ¶
ValidateSHA224 validates if a given string is a valid SHA-224 hash and returns the hash in lowercase and its SHA3-256 hash.
func ValidateSHA256 ¶
ValidateSHA256 validates that a given value is a valid SHA256 hash. It takes an interface{} value and returns the validated value as a string, the SHA3256 hash of the value as a string, and an error if the value is not a valid SHA256 hash.
func ValidateSHA3224 ¶
ValidateSHA3224 validates if a given string is a valid SHA3-224 hash and returns the hash in lowercase and its SHA3-256 hash.
func ValidateSHA3256 ¶
ValidateSHA3256 validates if the given value is a valid SHA3-256 hash.
func ValidateSHA3384 ¶
ValidateSHA3256 validates if a given string is a valid SHA3-256 hash and returns the hash in lowercase and its SHA3-256 hash.
func ValidateSHA3512 ¶
ValidateSHA3512 validates if a given string is a valid SHA3-512 hash and returns the hash in lowercase and its SHA3-256 hash.
func ValidateSHA384 ¶
ValidateSHA384 validates a string value as a SHA384 hash and returns the hash value, its SHA3256 hash, and an error if any.
func ValidateSHA512 ¶
ValidateSHA512 validates if a given value is a valid SHA512 hash. It receives a value of any type and returns the validated hash as a string, its SHA3256 hash as a string and an error if the value is not a valid SHA512 hash.
func ValidateSHA512224 ¶
ValidateSHA512224 validates if a given value is a valid SHA512/224 hash. It receives a value of any type and returns the validated hash as a string, the hash generated using SHA3-256 and an error if the value is not a string or if it doesn't match the expected format.
func ValidateSHA512256 ¶
ValidateSHA512256 validates that a given value is a valid SHA512-256 hash. It takes an interface{} value and returns the validated hash as a string, the hash generated by the GenerateSHA3256 function, and an error if any.
func ValidateString ¶
ValidateString validates a string value and returns the original value, its SHA3-256 hash and an error. If the insensitive flag is set to true, the value is converted to lowercase before hashing.
func ValidateURL ¶
ValidateURL validates a given URL string and returns the URL in lowercase and its SHA3-256 hash. If the value is not a string, it returns an error.
func ValidateUUID ¶
ValidateUUID validates if a given value is a valid UUID string and returns the UUID, its SHA3-256 hash and an error if any.
func ValidateValue ¶
ValidateValue validates a value against a specified type. It takes a value of any type and a string representing the type to validate against. It returns the validated value, its SHA3-256 hash, and an error if validation fails. The function looks up the type in the Definitions and calls the appropriate validation function.
Types ¶
type Attributes ¶ added in v1.0.10
type Attributes struct {
AbaRtn *int `json:"aba-rtn,omitempty" example:"123456789"`
Adversary *string `json:"adversary,omitempty" example:"APT1"`
Airport *string `json:"airport-name,omitempty" example:"London"`
Asn *int `json:"asn,omitempty" example:"12345"`
Aso *string `json:"aso,omitempty" example:"AS12345"`
AuthentiHash *string `json:"authentihash,omitempty" example:""`
BankAccountNr *int `json:"bank-account-nr,omitempty" example:"987654321"`
Base64 *string `json:"base64,omitempty" example:"SGVsbG8gV29ybGQ="`
Bic *string `json:"bic,omitempty" example:"BOFAUS3N"`
Bin *int `json:"bin,omitempty" example:"411111"`
Breach *string `json:"breach,omitempty" example:"3a7c9d8e-1b2f-4g5h-6j7k-8l9m0n1o2p3q"`
BreachCount *int `json:"breach-count,omitempty" example:"1000000"`
BreachDate *string `json:"breach-date,omitempty" example:"2023-01-15"`
BreachDescription *string `json:"breach-description,omitempty" example:"A major data breach exposing user credentials and personal information"`
Btc *string `json:"btc,omitempty" example:"1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa"`
Category *string `json:"category,omitempty" example:"malware"`
CcNumber *int `json:"cc-number,omitempty" example:"4111111111111111"`
CdHash *string `json:"cdhash,omitempty" example:"a3b9e2f18c6d5b4a7d8e9f1a2b3c4d5e"`
CertificateFingerprint *string `json:"certificate-fingerprint,omitempty" example:"5E:FF:56:A2:AF:15:88:DD:F1:D5:B9:A3:E9:BD:1F:48:5F:EE:CB:1E"`
ChromeExtension *string `json:"chrome-extension-id,omitempty" example:"mhjfbmdgcfjbbpaeojofohoefgiehjai"`
Cidr *string `json:"cidr,omitempty" example:"192.168.1.0/24"`
City *string `json:"city,omitempty" example:"New York"`
Command *string `json:"command,omitempty" example:"ping -c 4 example.com"`
Cookie *string `json:"cookie,omitempty" example:"sessionid=abc123; Path=/; HttpOnly"`
Country *string `json:"country,omitempty" example:"United States"`
Cpe *string `json:"cpe,omitempty" example:"cpe:2.3:a:microsoft:windows:10:*:*:*:*:*:*:*"`
Cve *string `json:"cve,omitempty" example:"CVE-2021-44228"`
Dash *string `json:"dash,omitempty" example:"XpAy7Zm6aPDPWaJeHHRQ4YECqD1F7bVqhL"`
Date *string `json:"date,omitempty" example:"2023-05-20"`
DateOfIssue *string `json:"date-of-issue,omitempty" example:"2020-01-01"`
Datetime *string `json:"datetime,omitempty" example:"2023-05-20T14:30:15.123456789Z"`
Dkim *string `json:"dkim,omitempty" example:"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC"`
DkimSignature *string `` /* 143-byte string literal not displayed */
Domain *string `json:"domain,omitempty" example:"example.com"`
Email *string `json:"email,omitempty" example:"<CAE01+9=7sg@mail.example.com>"`
EmailAddress *string `json:"email-address,omitempty" example:"user@example.com"`
EmailBody *string `json:"email-body,omitempty" example:"Hello, this is the body of the email message."`
EmailDisplayName *string `json:"email-display-name,omitempty" example:"John Doe"`
EmailHeader *string `json:"email-header,omitempty" example:"From: sender@example.com\r\nTo: recipient@example.com\r\nSubject: Test Email"`
EmailMimeBoundary *string `json:"email-mime-boundary,omitempty" example:"----=_NextPart_000_0012_01D7A988.9A5F0E30"`
EmailSubject *string `json:"email-subject,omitempty" example:"Important Security Alert"`
EmailThreadIndex *string `json:"email-thread-index,omitempty" example:"AQHSR8AAAA=="`
EmailXMailer *string `json:"email-x-mailer,omitempty" example:"Microsoft Outlook 16.0"`
Eppn *string `json:"eppn,omitempty" example:"user@university.edu"`
ExpirationDate *string `json:"expiration-date,omitempty" example:"2025-12-31"`
FacebookProfile *string `json:"facebook-profile,omitempty" example:"https://www.facebook.com/username"`
Ffn *string `json:"ffn,omitempty" example:"ABC123456"`
File *string `json:"file,omitempty" example:"21a1610ce915d5d5a8ab5b1f5b6d6715cf4f4e3bc0c868352a175279b1881afe"`
FileData *string `json:"file-data,omitempty" example:"https://example.com/files/sample.exe"`
Filename *string `json:"filename,omitempty" example:"malware_sample.exe"`
FilenamePattern *string `json:"filename-pattern,omitempty" example:".*\\.exe$"`
Flight *string `json:"flight,omitempty" example:"AA1234"`
GitHubOrganization *string `json:"github-organization,omitempty" example:"https://github.com/threatwinds"`
GitHubRepository *string `json:"github-repository,omitempty" example:"https://github.com/threatwinds/platform"`
GitHubUser *string `json:"github-user,omitempty" example:"https://github.com/username"`
Group *string `json:"group,omitempty" example:"APT29"`
Hex *string `json:"hex,omitempty" example:"0xDEADBEEF"`
Hostname *string `json:"hostname,omitempty" example:"server01.example.com"`
Iban *string `json:"iban,omitempty" example:"DE89370400440532013000"`
IdNumber *string `json:"id-number,omitempty" example:"AB123456"`
IP *string `json:"ip,omitempty" example:"1.65.1.1"`
Issuer *string `json:"issuer,omitempty" example:"Department of State"`
IssuingCountry *string `json:"issuing-country,omitempty" example:"United States"`
Ja3Fingerprint *string `json:"ja3-fingerprint,omitempty" example:"e7d705a3286e19ea42f587b344ee6865"`
JabberId *string `json:"jabber-id,omitempty" example:"user@jabber.org"`
JarmFingerprint *string `json:"jarm-fingerprint,omitempty" example:"27d40d40d29d40d1dc42d43d00041d4689ee210389f4f6b4b5b1b93f92252d"`
LastAnalysis *string `json:"last-analysis,omitempty" example:"2023-06-15T10:30:00.000Z"`
Latitude *float64 `json:"latitude,omitempty" example:"40.7128"`
Link *string `json:"link,omitempty" example:"https://example.com/reference/doc123"`
Longitude *float64 `json:"longitude,omitempty" example:"-74.0060"`
MacAddress *string `json:"mac-address,omitempty" example:"00:1A:2B:3C:4D:5E"`
Malware *string `json:"malware,omitempty" example:"pdf dropper agent"`
MalwareFamily *string `json:"malware-family,omitempty" example:"pdf"`
MalwareSample *string `json:"malware-sample,omitempty" example:"https://malware.example.com/samples/trojan.exe"`
MalwareType *string `json:"malware-type,omitempty" example:"dropper"`
Md5 *string `json:"md5,omitempty" example:"d41d8cd98f00b204e9800998ecf8427e"`
MimeType *string `json:"mime-type,omitempty" example:"application/pdf"`
MobileAppId *string `json:"mobile-app-id,omitempty" example:"com.example.maliciousapp"`
Os *string `json:"os,omitempty" example:"Windows 10"`
Passport *string `json:"passport,omitempty" example:"AB1234567"`
Path *string `json:"path,omitempty" example:"/var/log/suspicious.log"`
PatternInFile *string `json:"pattern-in-file,omitempty" example:"eval\\(base64_decode\\(.*\\)\\)"`
PatternInMemory *string `json:"pattern-in-memory,omitempty" example:"password=[a-zA-Z0-9]{8,}"`
PatternInTraffic *string `json:"pattern-in-traffic,omitempty" example:"User-Agent: Mozilla\\/5\\.0 \\(compatible; MSIE 9\\.0;"`
Payload *string `json:"payload,omitempty" example:"7a28a1d6ac5b4a7e8c9d0e3f2b1a4c5d6e8f7a9b0c1d2e3f4a5b6c7d8e9f0a1"`
PgpPrivateKey *string `json:"pgp-private-key,omitempty" example:"-----BEGIN PGP PRIVATE KEY BLOCK----- ... -----END PGP PRIVATE KEY BLOCK-----"`
PgpPublicKey *string `json:"pgp-public-key,omitempty" example:"-----BEGIN PGP PUBLIC KEY BLOCK----- ... -----END PGP PUBLIC KEY BLOCK-----"`
Phone *string `json:"phone,omitempty" example:"+1-555-123-4567"`
Pnr *string `json:"pnr,omitempty" example:"ABC123"`
Port *int `json:"port,omitempty" example:"443"`
PostalAddress *string `json:"postal-address,omitempty" example:"123 Main St, Anytown, CA 12345"`
Process *string `json:"process,omitempty" example:"svchost.exe"`
ProcessState *string `json:"process-state,omitempty" example:"running"`
ProfilePhoto *string `json:"profile-photo,omitempty" example:"https://example.com/photos/user123.jpg"`
PRtn *string `json:"prtn,omitempty" example:"1-900-123-4567"`
RedressNumber *string `json:"redress-number,omitempty" example:"987654321"`
RegKey *string `json:"regkey,omitempty" example:"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run"`
Sha1 *string `json:"sha1,omitempty" example:"da39a3ee5e6b4b0d3255bfef95601890afd80709"`
Sha224 *string `json:"sha224,omitempty" example:"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"`
Sha256 *string `json:"sha256,omitempty" example:"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"`
Sha384 *string `` /* 130-byte string literal not displayed */
Sha3224 *string `json:"sha3-224,omitempty" example:"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"`
Sha3256 *string `json:"sha3-256,omitempty" example:"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"`
Sha3384 *string `` /* 132-byte string literal not displayed */
Sha3512 *string `` /* 164-byte string literal not displayed */
Sha512 *string `` /* 162-byte string literal not displayed */
Sha512224 *string `json:"sha512-224,omitempty" example:"6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4"`
Sha512256 *string `json:"sha512-256,omitempty" example:"c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a"`
SizeInBytes *float64 `json:"size-in-bytes,omitempty" example:"1048576"`
SshBanner *string `json:"ssh-banner,omitempty" example:"SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1"`
SshFingerprint *string `json:"ssh-fingerprint,omitempty" example:"SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s"`
Ssr *string `json:"ssr,omitempty" example:"WCHR"`
Text *string `json:"text,omitempty" example:"This is a sample text content"`
Threat *string `json:"threat,omitempty" example:"ransomware"`
TikTokProfile *string `json:"tiktok-profile,omitempty" example:"https://www.tiktok.com/@username"`
TwitterProfile *string `json:"twitter-profile,omitempty" example:"https://twitter.com/username"`
Url *string `json:"url,omitempty" example:"https://malicious-site.example.com/payload.php"`
Username *string `json:"username,omitempty" example:"johndoe"`
Value *string `json:"value,omitempty" example:"sensitive-data-value"`
Visa *string `json:"visa,omitempty" example:"A12345678"`
WhoisRegistrant *string `json:"whois-registrant,omitempty" example:"Example Organization Inc."`
WhoisRegistrar *string `json:"whois-registrar,omitempty" example:"GoDaddy.com, LLC"`
WindowsScheduledTask *string `json:"windows-scheduled-task,omitempty" example:"\\Microsoft\\Windows\\Defrag\\ScheduledDefrag"`
WindowsServiceDisplayName *string `json:"windows-service-displayname,omitempty" example:"Windows Update"`
WindowsServiceName *string `json:"windows-service-name,omitempty" example:"wuauserv"`
Xmr *string `` /* 126-byte string literal not displayed */
ZipCode *string `json:"zip-code,omitempty" example:"10001"`
}
Attributes represent a collection of various attribute types that can be associated with entities.
func (*Attributes) GetAttribute ¶ added in v1.0.12
func (d *Attributes) GetAttribute(tagName string) (interface{}, bool)
GetAttribute returns the value of the attribute with the specified JSON tag name. It returns the attribute value and a boolean indicating whether the attribute was found. If the attribute isn't found, it returns nil and false.
func (*Attributes) SetAttribute ¶ added in v1.0.13
func (d *Attributes) SetAttribute(tagName string, value interface{}) bool
SetAttribute sets the value of the attribute with the specified JSON tag name. It returns a boolean indicating whether the attribute was found and set successfully. If the attribute isn't found, it returns false.
func (*Attributes) ToMap ¶ added in v1.0.12
func (d *Attributes) ToMap() map[string]interface{}
ToMap returns all existing attributes and values of the Definition as a map[string]interface{}
type Comment ¶ added in v1.0.11
type Comment struct {
ID *string `json:"id,omitempty" example:"f47ac10b-58cc-4372-a567-0e02b2c3d479"`
Timestamp string `json:"@timestamp" example:"2021-09-29T15:59:59.000Z"`
EntityID string `json:"entityID" example:"ip-fe0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
Comment string `json:"comment" example:"This is a comment"`
UserID uuid.UUID `json:"userID" example:"f47ac10b-58cc-4372-a567-0e02b2c3d479"`
ParentID uuid.UUID `json:"parentID,omitempty" example:"f47ac10b-58cc-4372-a567-0e02b2c3d479"`
VisibleBy []string `json:"visibleBy" example:"[\"public\",\"quantfall\"]"`
}
type Definition ¶
type Definition struct {
Type string `json:"type" example:"object"`
Description string `json:"description" example:"Important description about the type"`
DataType string `json:"dataType" example:"String"`
Example *Entity `json:"example,omitempty"`
Attributes []Definition `json:"attributes,omitempty"`
Associations []Definition `json:"associations,omitempty"`
Tags []string `json:"tags,omitempty"`
Correlate []string `json:"correlate,omitempty"`
Label string `json:"label,omitempty"`
}
type Entity ¶
type Entity struct {
Type string `json:"type" example:"object"`
Attributes Attributes `json:"attributes"`
Associations []EntityAssociation `json:"associations"`
Reputation int `json:"reputation" example:"-1"`
Correlate []string `json:"correlate" example:"[\"md5\", \"sha1\", \"sha256\", \"sha3-256\"]"`
Tags []string `json:"tags" example:"[\"malware\", \"common-file\"]"`
VisibleBy []string `json:"visibleBy" example:"[\"public\"]"`
}
type EntityAssociation ¶ added in v1.0.10
type EntityConsolidated ¶ added in v1.0.11
type EntityConsolidated struct {
ID *string `json:"id,omitempty" example:"ip-ad0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
Timestamp string `json:"@timestamp" example:"2021-09-29T15:59:59.000Z"`
LastSeen string `json:"lastSeen" example:"2021-09-29T15:59:59.000Z"`
Type string `json:"type" example:"ip"`
Reputation int `json:"reputation" example:"-3"`
BestReputation int `json:"bestReputation" example:"-1"`
WorstReputation int `json:"worstReputation" example:"-3"`
Accuracy int `json:"accuracy" example:"3"`
Attributes Attributes `json:"attributes"`
Tags []string `json:"tags" example:"[\"web-server\",\"mail-server\"]"`
VisibleBy []string `json:"visibleBy" example:"[\"public\",\"quantfall\"]"`
WellKnown bool `json:"wellKnown" example:"false"`
}
type EntityHistory ¶ added in v1.0.11
type EntityHistory struct {
ID *uuid.UUID `json:"id,omitempty" example:"f47ac10b-58cc-4372-a567-0e02b2c3d479"`
Timestamp string `json:"@timestamp" example:"2021-09-29T15:59:59.000Z"`
EntityID string `json:"entityID" example:"ip-ad0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
Type string `json:"type" example:"ip"`
UserID uuid.UUID `json:"userID" example:"f47ac10b-58cc-4372-a567-0e02b2c3d479"`
Reputation int `json:"reputation" example:"-3"`
Attributes Attributes `json:"attributes"`
Tags []string `json:"tags" example:"[\"web-server\",\"mail-server\"]"`
VisibleBy []string `json:"visibleBy" example:"[\"public\",\"quantfall\"]"`
WellKnown bool `json:"wellKnown" example:"false"`
}
type RelationConsolidated ¶ added in v1.0.11
type RelationConsolidated struct {
ID *string `json:"id,omitempty" example:"ad0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
Timestamp string `json:"@timestamp" example:"2021-09-29T15:59:59.000Z"`
LastSeen string `json:"lastSeen" example:"2021-09-29T15:59:59.000Z"`
EntityID string `json:"entityID" example:"ip-fe0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
RelatedEntityID string `json:"relatedEntityID" example:"domain-da0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
Mode string `json:"mode" example:"aggregation"`
VisibleBy []string `json:"visibleBy" example:"[\"public\",\"quantfall\"]"`
}
type RelationHistory ¶ added in v1.0.11
type RelationHistory struct {
ID *uuid.UUID `json:"id,omitempty" example:"f47ac10b-58cc-4372-a567-0e02b2c3d479"`
Timestamp string `json:"@timestamp" example:"2021-09-29T15:59:59.000Z"`
RelationID string `json:"relationID" example:"ad0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
EntityID string `json:"entityID" example:"ip-fe0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
RelatedEntityID string `json:"relatedEntityID" example:"domain-da0c2ed9a0a9b23822e5907b0d009bcaf8f969db793cd1d94c40e17e0287c04b"`
UserID uuid.UUID `json:"userID" example:"f47ac10b-58cc-4372-a567-0e02b2c3d479"`
Mode string `json:"mode" example:"association"`
VisibleBy []string `json:"visibleBy" example:"[\"public\",\"quantfall\"]"`
}
Source Files
¶
- adversary.go
- attributes.go
- base64.go
- boolean.go
- cidr.go
- city.go
- country.go
- date.go
- definitions.go
- email.go
- float.go
- fqdn.go
- hexadecimal.go
- integer.go
- ip.go
- mac.go
- md5.go
- mime.go
- object.go
- path.go
- phone.go
- port.go
- regex.go
- schema.go
- sha1.go
- sha224.go
- sha256.go
- sha3-224.go
- sha3-256.go
- sha3-384.go
- sha3-512.go
- sha384.go
- sha512-224.go
- sha512-256.go
- sha512.go
- string.go
- url.go
- uuid.go
- validations.go