Documentation ¶
Index ¶
- Constants
- Variables
- func CountFiles(directory string) (cnt int)
- func DisableAuditPolicy(subCatOrGuid string) error
- func EnableAuditPolicy(subCatOrGuid string) error
- func ExpandEnvs(s ...string) (o []string)
- func GetCurFuncName() string
- func GzipFileBestSpeed(path string) (err error)
- func HashEventBytes(b []byte) string
- func HashInterface(i interface{}) (h string, err error)
- func HidsCreateFile(filename string) (*os.File, error)
- func HidsMkTmpDir() (dir string, err error)
- func HidsMkdirAll(dir string) error
- func HidsWriteData(dest string, data []byte) error
- func HidsWriteReader(dst string, content io.Reader, compress bool) (err error)
- func IsDirEmpty(dir string) (empty bool, err error)
- func IsPipePath(path string) bool
- func IsValidUUID(uuid string) bool
- func Json(i interface{}) []byte
- func JsonString(i interface{}) string
- func NextIP(ip net.IP) net.IP
- func PrettyJson(i interface{}) string
- func PrevIP(ip net.IP) net.IP
- func ReadFileString(path string) (string, error)
- func RegQuery(key, value string) (string, error)
- func RelativePath(path string) string
- func RemoveEDRAuditACL(directories ...string) (err error)
- func Round(f float64, precision int) float64
- func SetAuditPolicy(subCatOrGuid string, success, failure bool) error
- func SetEDRAuditACL(directories ...string) (err error)
- func Sha256StringArray(array []string) string
- func StdDir(dir string) string
- func StdDirs(directories ...string) (o []string)
- func Toml(i interface{}) (b []byte, err error)
- func TomlString(i any) (s string, err error)
- func UnsafeKeyGen(size int) string
- func UnsafeUUIDGen() uuid.UUID
- func Unzip(zipfile, dest string) (err error)
- func Utf16ToUtf8(b []byte) ([]byte, error)
- type ByteSlice
- type WindowsLogger
Constants ¶
const ( Kilo Mega Giga )
const (
// DefaultPerms default permissions for output files
DefaultPerms = 0740
)
Variables ¶
var (
RegexUuid = regexp.MustCompile(`^(?i:[A-F0-9]{8}-[A-F0-9]{4}-[A-F0-9]{4}-[A-F0-9]{4}-[A-F0-9]{12})$`)
)
Functions ¶
func CountFiles ¶ added in v1.5.0
CountFiles counts files in a directory
func DisableAuditPolicy ¶
func EnableAuditPolicy ¶
func ExpandEnvs ¶
ExpandEnvs expands several strings with environment variable it is just a loop calling os.ExpandEnv for every element
func GetCurFuncName ¶
func GetCurFuncName() string
func GzipFileBestSpeed ¶
GzipFileBestSpeed compresses a file to gzip and deletes the original file
func HashEventBytes ¶
HashEventBytes return a hash from a byte slice assuming the event has been JSON encoded with the json.Marshal
func HashInterface ¶
HashInterface return a sha1 hash from an interface
func HidsCreateFile ¶
HidsCreateFile creates a file with the good permissions
func HidsMkTmpDir ¶
func HidsMkdirAll ¶
HidsMkdirAll is a wrapper around os.MkdirAll with appropriate permissions
func HidsWriteData ¶
HidsWriteData is a wrapper around ioutil.WriteFile to write a file with the good permissions
func HidsWriteReader ¶
HidsWriteReader writes the content of a reader to a destination file. If compress is true .gz extension is added to destination file name.
func IsDirEmpty ¶
func IsPipePath ¶ added in v1.5.0
IsPipePath checks whether the argument path is a pipe
func IsValidUUID ¶
func NextIP ¶
derived from: https://gist.github.com/kotakanbe/d3059af990252ba89a82
func PrettyJson ¶
func PrettyJson(i interface{}) string
PrettyJson returns a JSON pretty string out of i
func PrevIP ¶
derived from: https://gist.github.com/kotakanbe/d3059af990252ba89a82
func ReadFileString ¶ added in v1.5.0
ReadFileString reads bytes from a file
func RelativePath ¶
func RemoveEDRAuditACL ¶
func SetAuditPolicy ¶
func SetEDRAuditACL ¶
func TomlString ¶
func UnsafeKeyGen ¶
UnsafeKeyGen is an API key generator, supposed to generate an [[:alnum:]] key
func Unzip ¶
Unzip helper function to unzip a file to a destination folder source code from : https://stackoverflow.com/questions/20357223/easy-way-to-unzip-file-with-golang
func Utf16ToUtf8 ¶ added in v1.7.0
Utf16ToUtf8 converts a utf16 encoded byte slice to utf8 byte slice it returns error if there is any decoding / encoding issue Inspired by: https://gist.github.com/bradleypeabody/185b1d7ed6c0c2ab6cec#file-gistfile1-go
Types ¶
type WindowsLogger ¶
type WindowsLogger struct { Channel string Source string // contains filtered or unexported fields }
WindowsLogger structure definition
func NewWindowsLogger ¶
func NewWindowsLogger(channel, source string) (wl *WindowsLogger, err error)
NewWindowsLogger creates a new WindowsLogger structure
func (*WindowsLogger) Close ¶
func (w *WindowsLogger) Close() error
Close closes the logger in a clean fashion
func (*WindowsLogger) Log ¶
func (w *WindowsLogger) Log(eventid int, entrytype, message string)
Log logs a message through powershell Write-EventLog