Documentation
¶
Index ¶
- Constants
- type OrganizationId
- type OrganizationName
- type RulesetCondition
- type SecurityLog
- type SecurityLogMapper
- type SecurityLogTable
- func (t *SecurityLogTable) EnrichRow(row *SecurityLog, sourceEnrichmentFields schema.SourceEnrichment) (*SecurityLog, error)
- func (t *SecurityLogTable) GetDescription() string
- func (t *SecurityLogTable) GetSourceMetadata() ([]*table.SourceMetadata[*SecurityLog], error)
- func (t *SecurityLogTable) Identifier() string
Constants ¶
View Source
const SecurityLogTableIdentifier = "github_security_log"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type OrganizationId ¶
We can have org, and org_id value slice of int64 or int64 - For oauth_authorization.create, user.failed_login we will have slice of int64 > select distinct org from github_security_log +---------------------------------------------------------------+ | org | +---------------------------------------------------------------+ | map[name:turbotio names:<nil>] | | map[name:pro-cloud-49 names:<nil>] | | map[name:turbot names:<nil>] | | map[name:<nil> names:[turbotio turbot pro-cloud-49 do-enter]] | | map[name:<nil> names:<nil>] | | map[name:<nil> names:[]] | +---------------------------------------------------------------+ > select distinct org_id from github_security_log +----------------------------------------------------------+ | org_id | +----------------------------------------------------------+ | map[id:98822760 ids:<nil>] | | map[id:10854165 ids:<nil>] | | map[id:<nil> ids:<nil>] | | map[id:<nil> ids:[]] | | map[id:<nil> ids:[10854165 38865304 98822760 193256578]] | | map[id:38865304 ids:<nil>] | +----------------------------------------------------------+
type OrganizationName ¶
type RulesetCondition ¶
type SecurityLog ¶
type SecurityLog struct {
schema.CommonFields
// Common field for all events
Timestamp *time.Time `json:"timestamp"`
DocumentId *string `json:"document_id"`
Action *string `json:"action"`
// Other fields for events
ActionsCacheId *string `json:"actions_cache_id,omitempty"`
ActionsCacheKey *string `json:"actions_cache_key,omitempty"`
ActionsCacheScope *string `json:"actions_cache_scope,omitempty"`
ActionsCacheVersion *string `json:"actions_cache_version,omitempty"`
Active *string `json:"active,omitempty"`
ActiveWas *string `json:"active_was,omitempty"`
Actor *string `json:"actor,omitempty"`
ActorId *int64 `json:"actor_id,omitempty"`
ActorIsBot *bool `json:"actor_is_bot,omitempty"`
ApplicationClientId *string `json:"application_client_id,omitempty"`
Approvers *string `json:"approvers,omitempty"`
ApproversWas *string `json:"approvers_was,omitempty"`
BlockedUser *string `json:"blocked_user,omitempty"`
Branch *string `json:"branch,omitempty"`
Business *string `json:"business,omitempty"`
BusinessId *int64 `json:"business_id,omitempty"`
CanAdminsBypass *string `json:"can_admins_bypass,omitempty"`
Category *string `json:"category,omitempty"`
Cname *string `json:"cname,omitempty"`
Collaborator *string `json:"collaborator,omitempty"`
CollaboratorType *string `json:"collaborator_type,omitempty"`
ContentType *string `json:"content_type,omitempty"`
CreatedAt *time.Time `json:"created_at,omitempty"`
DevcontainerPath *string `json:"devcontainer_path,omitempty"`
Domain *string `json:"domain,omitempty"`
Email *string `json:"email,omitempty"`
Emoji *string `json:"emoji,omitempty"`
EndDate *time.Time `json:"end_date,omitempty"`
EnvironmentName *string `json:"environment_name,omitempty"`
Events []string `json:"events,omitempty"`
EventsWere *string `json:"events_were,omitempty"`
Explanation *string `json:"explanation,omitempty"`
Filename *string `json:"filename,omitempty"`
Fingerprint *string `json:"fingerprint,omitempty"`
GistId *string `json:"gist_id,omitempty"`
HashedToken *string `json:"hashed_token,omitempty"`
HeadBranch *string `json:"head_branch,omitempty"`
HeadSha *string `json:"head_sha,omitempty"`
HookId *string `json:"hook_id,omitempty"`
Integration *string `json:"integration,omitempty"`
Invitee *string `json:"invitee,omitempty"`
Inviter *string `json:"inviter,omitempty"`
Key *string `json:"key,omitempty"`
Limit *string `json:"limit,omitempty"`
LimitedAvailability *string `json:"limited_availability,omitempty"`
MachineType *string `json:"machine_type,omitempty"`
Manager *string `json:"manager,omitempty"`
MarketplaceListing *string `json:"marketplace_listing,omitempty"`
MergeQueueEnforcementLevel *string `json:"merge_queue_enforcement_level,omitempty"`
Message *string `json:"message,omitempty"`
Name *string `json:"name,omitempty"`
NewAccess *string `json:"new_access,omitempty"`
NewNwo *string `json:"new_nwo,omitempty"`
NewPolicy *string `json:"new_policy,omitempty"`
NewRepoBaseRole *string `json:"new_repo_base_role,omitempty"`
NewRepoPermission *string `json:"new_repo_permission,omitempty"`
NewValue *string `json:"new_value,omitempty"`
Nickname *string `json:"nickname,omitempty"`
OauthApplication *string `json:"oauth_application,omitempty"`
OauthApplicationId *string `json:"oauth_application_id,omitempty"`
OauthApplicationName *string `json:"oauth_application_name,omitempty"`
OldAccess *string `json:"old_access,omitempty"`
OldBaseRole *string `json:"old_base_role,omitempty"`
OldCname *string `json:"old_cname,omitempty"`
OldLogin *string `json:"old_login,omitempty"`
OldName *string `json:"old_name,omitempty"`
OldPermission *string `json:"old_permission,omitempty"`
OldPolicy *string `json:"old_policy,omitempty"`
OldProjectRole *string `json:"old_project_role,omitempty"`
OldRepoBaseRole *string `json:"old_repo_base_role,omitempty"`
OldRepoPermission *string `json:"old_repo_permission,omitempty"`
OldUser *string `json:"old_user,omitempty"`
OperationType *string `json:"operation_type,omitempty"`
Org OrganizationName `json:"org,omitempty"`
OrgId OrganizationId `json:"org_id,omitempty"`
OriginRepository *string `json:"origin_repository,omitempty"`
Owner *string `json:"owner,omitempty"`
OwnerType *string `json:"owner_type,omitempty"`
PasskeyNickname *string `json:"passkey_nickname,omitempty"`
PatreonEmail *string `json:"patreon_email,omitempty"`
PatreonUsername *string `json:"patreon_username,omitempty"`
Permissions map[string]string `json:"permissions,omitempty"`
PermissionsAdded map[string]string `json:"permissions_added,omitempty"`
PermissionsUnchanged map[string]string `json:"permissions_unchanged,omitempty"`
PermissionsUpgraded map[string]string `json:"permissions_upgraded,omitempty"`
Policy *string `json:"policy,omitempty"`
PreventSelfReview *string `json:"prevent_self_review,omitempty"`
PreviousVisibility *string `json:"previous_visibility,omitempty"`
PrimaryCategory *string `json:"primary_category,omitempty"`
ProgrammaticAccessType *string `json:"programmatic_access_type,omitempty"`
ProjectId *string `json:"project_id,omitempty"`
ProjectKind *string `json:"project_kind,omitempty"`
ProjectName *string `json:"project_name,omitempty"`
ProjectRole *string `json:"project_role,omitempty"`
PublicProject *string `json:"public_project,omitempty"`
PublicRepo *string `json:"public_repo,omitempty"`
PullRequestId *string `json:"pull_request_id,omitempty"`
Query *string `json:"query,omitempty"`
ReadOnly *string `json:"read_only,omitempty"`
Repo *string `json:"repo,omitempty"`
RepoId *int64 `json:"repo_id,omitempty"`
RepoWas *string `json:"repo_was,omitempty"`
RepositoriesAdded []int64 `json:"repositories_added,omitempty"`
RepositoriesAddedNames []string `json:"repositories_added_names,omitempty"`
RepositoriesRemoved *string `json:"repositories_removed,omitempty"`
RepositoriesRemovedNames *string `json:"repositories_removed_names,omitempty"`
Repository *string `json:"repository,omitempty"`
RepositoryId *int64 `json:"repository_id,omitempty"`
RepositorySelection *string `json:"repository_selection,omitempty"`
RequestAccessSecurityHeader *string `json:"request_access_security_header,omitempty"`
RequestCategory *string `json:"request_category,omitempty"`
RequestId *string `json:"request_id,omitempty"`
RequestMethod *string `json:"request_method,omitempty"`
RequestedAt *time.Time `json:"requested_at,omitempty"`
Requester *string `json:"requester,omitempty"`
RequesterId *string `json:"requester_id,omitempty"`
// Present in personal access token events
Repositories []int64 `json:"repositories,omitempty"`
// Present in environment-related events
EnvironmentId *int64 `json:"environment_id,omitempty"`
// Present in events with value changes
OldValue *string `json:"old_value,omitempty"`
RulesetBypassActors *string `json:"ruleset_bypass_actors,omitempty"`
RulesetBypassActorsAdded *string `json:"ruleset_bypass_actors_added,omitempty"`
RulesetBypassActorsDeleted *string `json:"ruleset_bypass_actors_deleted,omitempty"`
RulesetBypassActorsUpdated *string `json:"ruleset_bypass_actors_updated,omitempty"`
RulesetConditions []map[string]interface{} `json:"ruleset_conditions,omitempty"`
RulesetConditionsAdded *string `json:"ruleset_conditions_added,omitempty"`
RulesetConditionsDeleted *string `json:"ruleset_conditions_deleted,omitempty"`
RulesetConditionsUpdated *string `json:"ruleset_conditions_updated,omitempty"`
RulesetEnforcement *string `json:"ruleset_enforcement,omitempty"`
RulesetId *int64 `json:"ruleset_id,omitempty"`
RulesetName *string `json:"ruleset_name,omitempty"`
RulesetOldEnforcement *string `json:"ruleset_old_enforcement,omitempty"`
RulesetOldName *string `json:"ruleset_old_name,omitempty"`
RulesetRules []map[string]interface{} `json:"ruleset_rules,omitempty"`
RulesetRulesAdded *string `json:"ruleset_rules_added,omitempty"`
RulesetRulesDeleted *string `json:"ruleset_rules_deleted,omitempty"`
RulesetRulesUpdated *string `json:"ruleset_rules_updated,omitempty"`
RulesetSourceType *string `json:"ruleset_source_type,omitempty"`
RunNumber *string `json:"run_number,omitempty"`
SeatAssignment *string `json:"seat_assignment,omitempty"`
SecondaryCategory *string `json:"secondary_category,omitempty"`
SponsorsListingId *string `json:"sponsors_listing_id,omitempty"`
StartDate *time.Time `json:"start_date,omitempty"`
StartedAt *string `json:"started_at,omitempty"`
State *string `json:"state,omitempty"`
Team *string `json:"team,omitempty"`
Title *string `json:"title,omitempty"`
TokenId *int64 `json:"token_id,omitempty"`
TokenScopes *string `json:"token_scopes,omitempty"`
Tool *string `json:"tool,omitempty"`
Topic *string `json:"topic,omitempty"`
TransferFrom *string `json:"transfer_from,omitempty"`
TransferFromId *string `json:"transfer_from_id,omitempty"`
TransferFromType *string `json:"transfer_from_type,omitempty"`
TransferTo *string `json:"transfer_to,omitempty"`
TransferToId *string `json:"transfer_to_id,omitempty"`
TransferToType *string `json:"transfer_to_type,omitempty"`
TriggerId *string `json:"trigger_id,omitempty"`
UpdatedAccessPolicy *string `json:"updated_access_policy,omitempty"`
User *string `json:"user,omitempty"`
UserAgent *string `json:"user_agent,omitempty"`
UserId *int64 `json:"user_id,omitempty"`
UserProgrammaticAccessId *string `json:"user_programmatic_access_id,omitempty"`
UserProgrammaticAccessName *string `json:"user_programmatic_access_name,omitempty"`
UserProgrammaticAccessRequestId *int64 `json:"user_programmatic_access_request_id,omitempty"`
Visibility *string `json:"visibility,omitempty"`
WorkflowId *int64 `json:"workflow_id,omitempty"`
WorkflowRunId *string `json:"workflow_run_id,omitempty"`
}
https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/security-log-events
func (*SecurityLog) GetColumnDescriptions ¶
func (s *SecurityLog) GetColumnDescriptions() map[string]string
type SecurityLogMapper ¶
type SecurityLogMapper struct{}
func (*SecurityLogMapper) Identifier ¶
func (m *SecurityLogMapper) Identifier() string
func (*SecurityLogMapper) Map ¶
func (m *SecurityLogMapper) Map(ctx context.Context, a any, _ ...mappers.MapOption[*SecurityLog]) (*SecurityLog, error)
type SecurityLogTable ¶
type SecurityLogTable struct{}
SecurityLogTable - table for GitHub security logs
func (*SecurityLogTable) EnrichRow ¶
func (t *SecurityLogTable) EnrichRow(row *SecurityLog, sourceEnrichmentFields schema.SourceEnrichment) (*SecurityLog, error)
EnrichRow implements table.Table
func (*SecurityLogTable) GetDescription ¶
func (t *SecurityLogTable) GetDescription() string
func (*SecurityLogTable) GetSourceMetadata ¶
func (t *SecurityLogTable) GetSourceMetadata() ([]*table.SourceMetadata[*SecurityLog], error)
func (*SecurityLogTable) Identifier ¶
func (t *SecurityLogTable) Identifier() string
Identifier implements table.Table
Source Files
Click to show internal directories.
Click to hide internal directories.