audit

package
v0.9.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 10, 2022 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	WithBufferSize = func(bufferSize int) EventStreamOption {
		return func(cfg *eventStreamCfg) {
			cfg.bufferSize = bufferSize
		}
	}
	WithGeneratorIndex = func(generatorIndex int64) EventStreamOption {
		return func(cfg *eventStreamCfg) {
			cfg.generatorIndex = generatorIndex
		}
	}
	WithSinkBufferSize = func(bufferSize int) EventStreamOption {
		return func(cfg *eventStreamCfg) {
			cfg.sinkBuffersize = bufferSize
		}
	}
	WithSinkConsumptionTimeout = func(timeout time.Duration) EventStreamOption {
		return func(cfg *eventStreamCfg) {
			cfg.sinkConsumptionTimeout = timeout
		}
	}
	WithDistributeParallelization = func(parallelization int) EventStreamOption {
		return func(cfg *eventStreamCfg) {
			if parallelization <= 0 || parallelization > runtime.NumCPU() {
				return
			}
			cfg.distributeParallelization = parallelization
		}
	}
)
View Source 
var ErrSinkAlreadyRegistered = errors.New("sink with same name already registered")
View Source 
var ErrValueMostNotBeNil = errors.New("event value must not be nil")

Functions

func AddMapping added in v0.9.0 

func AddMapping(t reflect.Type, mapper func(msg *auditv1.EventEntity) Details)

func EmittingHandler added in v0.6.0 

func EmittingHandler(emitter Emitter, app auditv1.AppProtocol, delegate http.Handler) http.Handler

func LocalAddr added in v0.6.0 

func LocalAddr(ctx context.Context) net.Addr

func RemoteAddr added in v0.6.0 

func RemoteAddr(ctx context.Context) net.Addr

func StoreConnPropertiesInContext added in v0.6.0 

func StoreConnPropertiesInContext(ctx context.Context, c net.Conn) context.Context

func TLSConnectionState added in v0.6.0 

func TLSConnectionState(ctx context.Context) (tls.ConnectionState, bool)

func TLSVersionToEntity added in v0.2.0 

func TLSVersionToEntity(version uint16) auditv1.TLSVersion

Types

type DHCP added in v0.9.0 

type DHCP struct {
	HopCount uint8
	OpCode   auditv1.DHCPOpCode
	HWType   auditv1.DHCPHwType
}

func (DHCP) AddToMsg added in v0.9.0 

func (d DHCP) AddToMsg(msg *auditv1.EventEntity)

type DNS added in v0.9.0 

type DNS struct {
	OPCode    auditv1.DNSOpCode
	Questions []DNSQuestion
}

func (DNS) AddToMsg added in v0.9.0 

func (d DNS) AddToMsg(msg *auditv1.EventEntity)

type DNSQuestion added in v0.9.0 

type DNSQuestion struct {
	RRType auditv1.ResourceRecordType
	Name   string
}

type Details 

type Details interface {
	AddToMsg(msg *auditv1.EventEntity)
}

type Emitter 

type Emitter interface {
	Emit(ev Event)
}

type EmitterFunc added in v0.7.0 

type EmitterFunc func(ev Event)

func (EmitterFunc) Emit added in v0.7.0 

func (ef EmitterFunc) Emit(ev Event)

type Event 

type Event struct {
	ID              int64
	Timestamp       time.Time
	Transport       auditv1.TransportProtocol
	Application     auditv1.AppProtocol
	SourceIP        net.IP
	DestinationIP   net.IP
	SourcePort      uint16
	DestinationPort uint16
	ProtocolDetails Details
	TLS             *TLSDetails
}

func NewEventFromProto 

func NewEventFromProto(msg *auditv1.EventEntity) (ev Event)

func (*Event) ApplyDefaults 

func (e *Event) ApplyDefaults(id int64)

func (*Event) ProtoMessage 

func (e *Event) ProtoMessage() *auditv1.EventEntity

func (*Event) SetDestinationIPFromAddr 

func (e *Event) SetDestinationIPFromAddr(localAddr net.Addr) error

func (*Event) SetSourceIPFromAddr 

func (e *Event) SetSourceIPFromAddr(remoteAddr net.Addr) error

type EventReaderOption 

type EventReaderOption func(reader *eventReader)

type EventStream 

type EventStream interface {
	io.Closer
	Emitter
	RegisterSink(ctx context.Context, s Sink) error
	Sinks() []string
	RemoveSink(name string) (exists bool)
}

func MustNewEventStream added in v0.6.0 

func MustNewEventStream(logger logging.Logger, options ...EventStreamOption) EventStream

func NewEventStream 

func NewEventStream(logger logging.Logger, options ...EventStreamOption) (EventStream, error)

type EventStreamOption 

type EventStreamOption func(cfg *eventStreamCfg)

type EventWriterOption 

type EventWriterOption func(writer *eventWriter)

type HTTP added in v0.9.0 

type HTTP struct {
	Method  string
	Host    string
	URI     string
	Proto   string
	Headers http.Header
}

func (*HTTP) AddToMsg added in v0.9.0 

func (d *HTTP) AddToMsg(msg *auditv1.EventEntity)

type Reader 

type Reader interface {
	Read() (Event, error)
}

func NewEventReader 

func NewEventReader(source io.Reader, opts ...EventReaderOption) Reader

type Sink 

type Sink interface {
	Name() string
	OnSubscribe(evs <-chan Event)
}

type TLSDetails 

type TLSDetails struct {
	Version     string
	CipherSuite string
	ServerName  string
}

func NewTLSDetailsFromProto 

func NewTLSDetailsFromProto(entity *auditv1.TLSDetailsEntity) *TLSDetails

func (TLSDetails) ProtoMessage 

func (d TLSDetails) ProtoMessage() *auditv1.TLSDetailsEntity

type Writer 

type Writer interface {
	io.Closer
	Write(ev *Event) error
}

func NewEventWriter 

func NewEventWriter(target io.Writer, opts ...EventWriterOption) Writer

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.