Documentation ¶
Index ¶
- Variables
- func AddMapping(t reflect.Type, mapper func(msg *auditv1.EventEntity) Details)
- func EmittingHandler(emitter Emitter, app auditv1.AppProtocol, delegate http.Handler) http.Handler
- func LocalAddr(ctx context.Context) net.Addr
- func RemoteAddr(ctx context.Context) net.Addr
- func StoreConnPropertiesInContext(ctx context.Context, c net.Conn) context.Context
- func TLSConnectionState(ctx context.Context) (tls.ConnectionState, bool)
- func TLSVersionToEntity(version uint16) auditv1.TLSVersion
- type DHCP
- type DNS
- type DNSQuestion
- type Details
- type Emitter
- type EmitterFunc
- type Event
- type EventReaderOption
- type EventStream
- type EventStreamOption
- type EventWriterOption
- type HTTP
- type Reader
- type Sink
- type TLSDetails
- type Writer
Constants ¶
This section is empty.
Variables ¶
View Source
var ( WithBufferSize = func(bufferSize int) EventStreamOption { return func(cfg *eventStreamCfg) { cfg.bufferSize = bufferSize } } WithGeneratorIndex = func(generatorIndex int64) EventStreamOption { return func(cfg *eventStreamCfg) { cfg.generatorIndex = generatorIndex } } WithSinkBufferSize = func(bufferSize int) EventStreamOption { return func(cfg *eventStreamCfg) { cfg.sinkBuffersize = bufferSize } } WithSinkConsumptionTimeout = func(timeout time.Duration) EventStreamOption { return func(cfg *eventStreamCfg) { cfg.sinkConsumptionTimeout = timeout } } WithDistributeParallelization = func(parallelization int) EventStreamOption { return func(cfg *eventStreamCfg) { if parallelization <= 0 || parallelization > runtime.NumCPU() { return } cfg.distributeParallelization = parallelization } } )
View Source
var ErrSinkAlreadyRegistered = errors.New("sink with same name already registered")
View Source
var ErrValueMostNotBeNil = errors.New("event value must not be nil")
Functions ¶
func AddMapping ¶ added in v0.9.0
func AddMapping(t reflect.Type, mapper func(msg *auditv1.EventEntity) Details)
func EmittingHandler ¶ added in v0.6.0
func StoreConnPropertiesInContext ¶ added in v0.6.0
func TLSConnectionState ¶ added in v0.6.0
func TLSConnectionState(ctx context.Context) (tls.ConnectionState, bool)
func TLSVersionToEntity ¶ added in v0.2.0
func TLSVersionToEntity(version uint16) auditv1.TLSVersion
Types ¶
type DHCP ¶ added in v0.9.0
type DHCP struct { HopCount uint8 OpCode auditv1.DHCPOpCode HWType auditv1.DHCPHwType }
func (DHCP) AddToMsg ¶ added in v0.9.0
func (d DHCP) AddToMsg(msg *auditv1.EventEntity)
type DNS ¶ added in v0.9.0
type DNS struct { OPCode auditv1.DNSOpCode Questions []DNSQuestion }
func (DNS) AddToMsg ¶ added in v0.9.0
func (d DNS) AddToMsg(msg *auditv1.EventEntity)
type DNSQuestion ¶ added in v0.9.0
type DNSQuestion struct { RRType auditv1.ResourceRecordType Name string }
type Details ¶
type Details interface {
AddToMsg(msg *auditv1.EventEntity)
}
type EmitterFunc ¶ added in v0.7.0
type EmitterFunc func(ev Event)
func (EmitterFunc) Emit ¶ added in v0.7.0
func (ef EmitterFunc) Emit(ev Event)
type Event ¶
type Event struct { ID int64 Timestamp time.Time Transport auditv1.TransportProtocol Application auditv1.AppProtocol SourceIP net.IP DestinationIP net.IP SourcePort uint16 DestinationPort uint16 ProtocolDetails Details TLS *TLSDetails }
func NewEventFromProto ¶
func NewEventFromProto(msg *auditv1.EventEntity) (ev Event)
func (*Event) ApplyDefaults ¶
func (*Event) ProtoMessage ¶
func (e *Event) ProtoMessage() *auditv1.EventEntity
func (*Event) SetDestinationIPFromAddr ¶
type EventReaderOption ¶
type EventReaderOption func(reader *eventReader)
type EventStream ¶
type EventStream interface { io.Closer Emitter RegisterSink(ctx context.Context, s Sink) error Sinks() []string RemoveSink(name string) (exists bool) }
func MustNewEventStream ¶ added in v0.6.0
func MustNewEventStream(logger logging.Logger, options ...EventStreamOption) EventStream
func NewEventStream ¶
func NewEventStream(logger logging.Logger, options ...EventStreamOption) (EventStream, error)
type EventStreamOption ¶
type EventStreamOption func(cfg *eventStreamCfg)
type EventWriterOption ¶
type EventWriterOption func(writer *eventWriter)
type HTTP ¶ added in v0.9.0
func (*HTTP) AddToMsg ¶ added in v0.9.0
func (d *HTTP) AddToMsg(msg *auditv1.EventEntity)
type Reader ¶
func NewEventReader ¶
func NewEventReader(source io.Reader, opts ...EventReaderOption) Reader
type TLSDetails ¶
func NewTLSDetailsFromProto ¶
func NewTLSDetailsFromProto(entity *auditv1.TLSDetailsEntity) *TLSDetails
func (TLSDetails) ProtoMessage ¶
func (d TLSDetails) ProtoMessage() *auditv1.TLSDetailsEntity
Source Files ¶
Click to show internal directories.
Click to hide internal directories.