outputs

package
v0.0.0-...-9caf705 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 29, 2024 License: MIT Imports: 78 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	OK            string = "ok"
	Warning       string = "warning"
	Alert         string = "alert"
	Error         string = "error"
	Critical      string = "critical"
	Emergency     string = "emergency"
	Notice        string = "notice"
	Informational string = "informational"
	Debug         string = "debug"
	Info          string = "info"
	None          string = "none"

	All      string = "all"
	Fields   string = "fields"
	Total    string = "total"
	Rejected string = "rejected"
	Accepted string = "accepted"
	Outputs  string = "outputs"

	Rule      string = "rule"
	Priority  string = "priority"
	Source    string = "source"
	Tags      string = "tags"
	Time      string = "time"
	Text      string = "text"
	Plaintext string = "plaintext"
	JSON      string = "json"
	Markdown  string = "markdown"
	Hostname  string = "hostname"

	DefaultFooter  string = "https://github.com/kubearmor/KubeArmor"
	DefaultIconURL string = "https://github.com/kubearmor/KubeArmor/assets/47106543/2db0b636-5c82-49c0-bf7d-535e4ad0a991"

	// Colors
	PaleCyan  string = "#ccfff2"
	Yellow    string = "#ffc700"
	Red       string = "#e20b0b"
	LigthBlue string = "#68c2ff"
	Lightcyan string = "#5bffb5"
	Orange    string = "#ff5400"

	Kubeless  string = "Kubeless"
	Openfaas  string = "OpenFaas"
	Fission   string = "Fission"
	Kubearmor string = "Kubearmor"
	MQTT      string = "MQTT"

	UDP string = "udp"
	TCP string = "tcp"

	// SASL Auth mechanisms for SMTP
	Plain       string = "plain"
	OAuthBearer string = "oauthbearer"
	External    string = "external"
	Anonymous   string = "anonymous"
)
View Source 
const (
	USEndpoint string = "https://events.pagerduty.com"
	EUEndpoint string = "https://events.eu.pagerduty.com"
)
View Source 
const AuthorizationHeaderKey = "Authorization"
View Source 
const ContentTypeHeaderKey = "Content-Type"

Some common header values that may be needed in other files

View Source 
const (
	// DatadogPath is the path of Datadog's event API
	DatadogPath string = "/api/v1/events"
)
View Source 
const DefaultContentType = "application/json; charset=utf-8"

DefaultContentType is the default Content-Type header to send along with the Client's POST Request

View Source 
const FissionContentType = "application/json"
View Source 
const FissionEventIDKey = "event-id"

Some constant strings to use in request headers

View Source 
const FissionEventNamespaceKey = "event-namespace"
View Source 
const GrafanaContentType = "application/json"

The Content-Type to send along with the request

View Source 
const HttpPost = "POST"

HTTP Methods

View Source 
const HttpPut = "PUT"
View Source 
const KubelessContentType = "application/json"
View Source 
const KubelessEventIDKey = "event-id"

Some constant strings to use in request headers

View Source 
const KubelessEventNamespaceKey = "event-namespace"
View Source 
const KubelessEventTypeKey = "event-type"
View Source 
const KubelessEventTypeValue = "kubearmor"
View Source 
const KubelessUserAgentKey = "User-Agent"
View Source 
const LokiContentType = "application/json"

The Content-Type to send along with the request

View Source 
const MutualTLSCacertFilename = "/ca.crt"
View Source 
const MutualTLSClientCertFilename = "/client.crt"

files names are static fo the shake of helm and single docker compatibility

View Source 
const MutualTLSClientKeyFilename = "/client.key"
View Source 
const Schema = "kubearmor_alert::1.0.0"
View Source 
const UserAgentHeaderKey = "User-Agent"
View Source 
const UserAgentHeaderValue = "sidekick"

Variables

View Source 
var AlertBufferChannel chan *pb.Alert

AlertBufferChannel store incoming data from msg stream in buffer

View Source 
var AlertLock *sync.RWMutex

AlertLock Lock

View Source 
var AlertRunning bool

Running bool

View Source 
var AlertStructs map[string]AlertStruct

AlertStructs Map

View Source 
var EnabledOutputs []string

EnabledOutputs list all enabled outputs

View Source 
var ErrBadGateway = errors.New("bad gateway")

ErrBadGateway = 502

View Source 
var ErrClientAuthenticationError = errors.New("authentication error")

ErrClientAuthenticationError = 401

View Source 
var ErrClientCreation = errors.New("client creation error")

ErrClientCreation is returned if client can't be created

View Source 
var ErrForbidden = errors.New("access denied")

ErrForbidden = 403

View Source 
var ErrHeaderMissing = errors.New("header missing")

ErrHeaderMissing = 400

View Source 
var ErrInternalServer = errors.New("internal server error")

ErrInternalServer = 500

View Source 
var ErrNotFound = errors.New("resource not found")

ErrNotFound = 404

View Source 
var ErrSASLAuthCreation = errors.New("sasl auth: wrong mechanism")
View Source 
var ErrTooManyRequest = errors.New("exceeding post rate limit")

ErrTooManyRequest = 429

View Source 
var ErrUnprocessableEntityError = errors.New("bad request")

ErrUnprocessableEntityError = 422

View Source 
var LogBufferChannel chan *pb.Log

LogBufferChannel store incoming data from log stream in buffer

View Source 
var LogLock *sync.RWMutex
View Source 
var LogRunning bool
View Source 
var LogStructs map[string]LogStruct

LogStructs Map

View Source 
var PriorityMap = map[string]string{
	"types.Emergency": "critical",
	"Alert":           "high",
	"types.Critical":  "critical",
	"types.Error":     "high",
	"types.Warning":   "medium",
	"types.Notice":    "low",
	"Log":             "info",
	"types.Debug":     "info",
}

Functions

func Initvariable 

func Initvariable(logrunning bool)

func NewStatsdClient 

func NewStatsdClient(outputType string, config *types.Configuration, stats *types.Statistics) (*statsd.Client, error)

NewStatsdClient returns a new output.Client for sending metrics to StatsD.

Types

type AlertStruct 

type AlertStruct struct {
	Broadcast chan types.KubearmorPayload
}

AlertStruct Structure

type Client 

type Client struct {
	OutputType              string
	EndpointURL             *url.URL
	MutualTLSEnabled        bool
	CheckCert               bool
	HeaderList              []Header
	ContentType             string
	Config                  *types.Configuration
	Stats                   *types.Statistics
	PromStats               *types.PromStatistics
	AWSSession              *session.Session
	StatsdClient            *statsd.Client
	DogstatsdClient         *statsd.Client
	GCPTopicClient          *pubsub.Topic
	GCPCloudFunctionsClient *gcpfunctions.CloudFunctionsClient

	GCSStorageClient  *storage.Client
	KafkaProducer     *kafka.Writer
	CloudEventsClient cloudevents.Client
	KubernetesClient  kubernetes.Interface
	RabbitmqClient    *amqp.Channel
	WavefrontSender   *wavefront.Sender
	Crdclient         *crdClient.Clientset
	MQTTClient        mqtt.Client
	TimescaleDBClient *timescaledb.Pool
	RedisClient       *redis.Client

	// connection
	Conn *grpc.ClientConn

	// alerts
	AlertStream pb.LogService_WatchAlertsClient

	// logs
	LogStream pb.LogService_WatchLogsClient

	// wait group
	WgServer sync.WaitGroup

	GetLogs bool
	//
	Running bool
	// contains filtered or unexported fields
}

Client communicates with the different API.

func NewAWSClient 

func NewAWSClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewAWSClient returns a new output.Client for accessing the AWS API.

func NewClient 

func NewClient(outputType string, defaultEndpointURL string, mutualTLSEnabled bool, checkCert bool, config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewClient returns a new output.Client for accessing the different API.

func NewEventHubClient 

func NewEventHubClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewEventHubClient returns a new output.Client for accessing the Azure Event Hub.

func NewFissionClient 

func NewFissionClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics,
	statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewFissionClient returns a new output.Client for accessing Kubernetes.

func NewGCPClient 

func NewGCPClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewGCPClient returns a new output.Client for accessing the GCP API.

func NewKafkaClient 

func NewKafkaClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewKafkaClient returns a new output.Client for accessing the Apache Kafka.

func NewKubelessClient 

func NewKubelessClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewKubelessClient returns a new output.Client for accessing Kubernetes.

func NewMQTTClient 

func NewMQTTClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics,
	statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewMQTTClient returns a new output.Client for accessing Kubernetes.

func NewOpenfaasClient 

func NewOpenfaasClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewOpenfaasClient returns a new output.Client for accessing Kubernetes.

func NewPolicyReportClient 

func NewPolicyReportClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

func NewRabbitmqClient 

func NewRabbitmqClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewRabbitmqClient returns a new output.Client for accessing the RabbitmMQ API.

func NewRedisClient 

func NewRedisClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics,
	statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

func NewSMTPClient 

func NewSMTPClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewSMTPClient returns a new output.Client for accessing a SMTP server.

func NewSpyderbatClient 

func NewSpyderbatClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics,
	statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

func NewSyslogClient 

func NewSyslogClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

func NewTimescaleDBClient 

func NewTimescaleDBClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics,
	statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

func NewWavefrontClient 

func NewWavefrontClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewWavefrontClient returns a new output.Client for accessing the Wavefront API.

func NewYandexClient 

func NewYandexClient(config *types.Configuration, stats *types.Statistics, promStats *types.PromStatistics, statsdClient, dogstatsdClient *statsd.Client) (*Client, error)

NewYandexClient returns a new output.Client for accessing the Yandex API.

func (*Client) AddAlertFromBuffChan 

func (c *Client) AddAlertFromBuffChan()

AddAlertFromBuffChan Adds ALert from AlertBufferChannel into AlertStructs

func (*Client) AddHeader 

func (c *Client) AddHeader(key, value string)

AddHeader adds an HTTP Header to the Client.

func (*Client) AddLogFromBuffChan 

func (c *Client) AddLogFromBuffChan()

AddLogFromBuffChan Adds Log from LogBufferChannel into LogStructs

func (*Client) AlertmanagerPost 

func (c *Client) AlertmanagerPost(kubearmorpayload types.KubearmorPayload)

AlertmanagerPost posts event to AlertManager

func (*Client) BasicAuth 

func (c *Client) BasicAuth(username, password string)

BasicAuth adds an HTTP Basic Authentication compliant header to the Client.

func (*Client) CliqPost 

func (c *Client) CliqPost(kubearmorpayload types.KubearmorPayload)

CliqPost posts event to cliq

func (*Client) CloudEventsSend 

func (c *Client) CloudEventsSend(kubearmorpayload types.KubearmorPayload)

CloudEventsSend produces a CloudEvent and sends to the CloudEvents consumers.

func (*Client) CloudRunFunctionPost 

func (c *Client) CloudRunFunctionPost(kubearmorpayload types.KubearmorPayload)

CloudRunFunctionPost call Cloud Function

func (*Client) CountMetric 

func (c *Client) CountMetric(metric string, value int64, tags []string)

CountMetric sends metrics to StatsD/DogStatsD.

func (*Client) DatadogPost 

func (c *Client) DatadogPost(kubearmorpayload types.KubearmorPayload)

DatadogPost posts event to Datadog

func (*Client) DestroyClient 

func (c *Client) DestroyClient() error

DestroyClient Function

func (*Client) DiscordPost 

func (c *Client) DiscordPost(kubearmor types.KubearmorPayload)

DiscordPost posts events to discord

func (*Client) ElasticsearchPost 

func (c *Client) ElasticsearchPost(kubearmorpayload types.KubearmorPayload)

ElasticsearchPost posts event to Elasticsearch

func (*Client) EnqueueSecurityLake 

func (c *Client) EnqueueSecurityLake(kubearmorpayload types.KubearmorPayload)

func (*Client) EventHubPost 

func (c *Client) EventHubPost(kubearmorpayload types.KubearmorPayload)

EventHubPost posts event to Azure Event Hub

func (*Client) FissionCall 

func (c *Client) FissionCall(kubearmorpayload types.KubearmorPayload)

FissionCall .

func (*Client) GCPCallCloudFunction 

func (c *Client) GCPCallCloudFunction(kubearmorpayload types.KubearmorPayload)

GCPCallCloudFunction calls the given Cloud Function

func (*Client) GCPPublishTopic 

func (c *Client) GCPPublishTopic(kubearmorpayload types.KubearmorPayload)

GCPPublishTopic sends a message to a GCP PubSub Topic

func (*Client) GetAuth 

func (c *Client) GetAuth() (sasl.Client, error)

func (*Client) GooglechatPost 

func (c *Client) GooglechatPost(kubearmorpayload types.KubearmorPayload)

GooglechatPost posts event to Google Chat

func (*Client) GotifyPost 

func (c *Client) GotifyPost(kubearmorpayload types.KubearmorPayload)

GotifyPost posts event to Gotify

func (*Client) GrafanaOnCallPost 

func (c *Client) GrafanaOnCallPost(kubearmorpayload types.KubearmorPayload)

GrafanaOnCallPost posts event to grafana onCall

func (*Client) GrafanaPost 

func (c *Client) GrafanaPost(kubearmorpayload types.KubearmorPayload)

GrafanaPost posts event to grafana

func (*Client) InfluxdbPost 

func (c *Client) InfluxdbPost(kubearmorpayload types.KubearmorPayload)

InfluxdbPost posts event to InfluxDB

func (*Client) InvokeLambda 

func (c *Client) InvokeLambda(kubearmorpayload types.KubearmorPayload)

InvokeLambda invokes a lambda function

func (*Client) KafkaProduce 

func (c *Client) KafkaProduce(kubearmorpayload types.KubearmorPayload)

KafkaProduce sends a message to a Apach Kafka Topic

func (*Client) KafkaRestPost 

func (c *Client) KafkaRestPost(kubearmorpayload types.KubearmorPayload)

KafkaRestPost posts event the Kafka Rest Proxy

func (*Client) KubelessCall 

func (c *Client) KubelessCall(kubearmorpayload types.KubearmorPayload)

KubelessCall .

func (*Client) LokiPost 

func (c *Client) LokiPost(kubearmorpayload types.KubearmorPayload)

LokiPost posts event to Loki

func (*Client) MQTTPublish 

func (c *Client) MQTTPublish(kubearmorpayload types.KubearmorPayload)

MQTTPublish .

func (*Client) MattermostPost 

func (c *Client) MattermostPost(kubearmorpayload types.KubearmorPayload)

MattermostPost posts event to Mattermost

func (*Client) N8NPost 

func (c *Client) N8NPost(kubearmorpayload types.KubearmorPayload)

N8NPost posts event to an URL

func (*Client) NatsPublish 

func (c *Client) NatsPublish(kubearmorpayload types.KubearmorPayload)

NatsPublish publishes event to NATS

func (*Client) NodeRedPost 

func (c *Client) NodeRedPost(kubearmorpayload types.KubearmorPayload)

NodeRedPost posts event to Slack

func (*Client) OpenObservePost 

func (c *Client) OpenObservePost(kubearmorpayload types.KubearmorPayload)

OpenObservePost posts event to OpenObserve

func (*Client) OpenfaasCall 

func (c *Client) OpenfaasCall(kubearmorpayload types.KubearmorPayload)

OpenfaasCall .

func (*Client) OpsgeniePost 

func (c *Client) OpsgeniePost(kubearmorpayload types.KubearmorPayload)

OpsgeniePost posts event to OpsGenie

func (*Client) PagerdutyPost 

func (c *Client) PagerdutyPost(kubearmorpayload types.KubearmorPayload)

PagerdutyPost posts alert event to Pagerduty

func (*Client) Post 

func (c *Client) Post(payload interface{}) error

Post sends event (payload) to Output with POST http method.

func (*Client) Publish 

func (c *Client) Publish(kubearmorpayload types.KubearmorPayload)

Publish sends a message to a Rabbitmq

func (*Client) PublishTopic 

func (c *Client) PublishTopic(kubearmorpayload types.KubearmorPayload)

PublishTopic sends a message to a SNS Topic

func (*Client) Put 

func (c *Client) Put(payload interface{}) error

Put sends event (payload) to Output with PUT http method.

func (*Client) PutRecord 

func (c *Client) PutRecord(kubearmorpayload types.KubearmorPayload)

PutRecord puts a record in Kinesis

func (*Client) RedisPost 

func (c *Client) RedisPost(kubearmorpayload types.KubearmorPayload)

func (*Client) ReportErr 

func (c *Client) ReportErr(message string, err error)

func (*Client) ReportError 

func (c *Client) ReportError(err error)

func (*Client) RocketchatPost 

func (c *Client) RocketchatPost(kubearmorpayload types.KubearmorPayload)

RocketchatPost posts event to Rocketchat

func (*Client) SendCloudWatchLog 

func (c *Client) SendCloudWatchLog(kubearmorpayload types.KubearmorPayload)

SendCloudWatchLog sends a message to CloudWatch Log

func (*Client) SendMail 

func (c *Client) SendMail(kubearmorpayload types.KubearmorPayload)

SendMail sends email to SMTP server

func (*Client) SendMessage 

func (c *Client) SendMessage(kubearmorpayload types.KubearmorPayload)

SendMessage sends a message to SQS Queue

func (*Client) SlackPost 

func (c *Client) SlackPost(kubearmorpayload types.KubearmorPayload)

SlackPost posts event to Slack

func (*Client) SpyderbatPost 

func (c *Client) SpyderbatPost(kubearmorpayload types.KubearmorPayload)

func (*Client) StanPublish 

func (c *Client) StanPublish(kubearmorpayload types.KubearmorPayload)

StanPublish publishes event to NATS Streaming

func (*Client) StartSecurityLakeWorker 

func (c *Client) StartSecurityLakeWorker()

func (*Client) SyslogPost 

func (c *Client) SyslogPost(kubearmorpayload types.KubearmorPayload)

func (*Client) TeamsPost 

func (c *Client) TeamsPost(kubearmorpayload types.KubearmorPayload)

TeamsPost posts event to Teams

func (*Client) TektonPost 

func (c *Client) TektonPost(kubearmorpayload types.KubearmorPayload)

TektonPost posts event to EventListner

func (*Client) TelegramPost 

func (c *Client) TelegramPost(kubearmorpayload types.KubearmorPayload)

TelegramPost posts event to Telegram

func (*Client) TimescaleDBPost 

func (c *Client) TimescaleDBPost(kubearmorpayload types.KubearmorPayload)

func (*Client) UpdateOrCreatePolicyReport 

func (c *Client) UpdateOrCreatePolicyReport(payload types.KubearmorPayload)

UpdateOrCreatePolicyReport creates/updates PolicyReport/ClusterPolicyReport Resource in Kubernetes

func (*Client) UploadGCS 

func (c *Client) UploadGCS(kubearmorpayload types.KubearmorPayload)

UploadGCS upload payload to

func (*Client) UploadS3 

func (c *Client) UploadS3(kubearmorpayload types.KubearmorPayload)

UploadS3 upload payload to S3

func (*Client) UploadYandexDataStreams 

func (c *Client) UploadYandexDataStreams(kubearmorpayload types.KubearmorPayload)

UploadYandexDataStreams uploads payload to Yandex Data Streams

func (*Client) UploadYandexS3 

func (c *Client) UploadYandexS3(kubearmorpayload types.KubearmorPayload)

UploadYandexS3 uploads payload to Yandex S3

func (*Client) WatchAlertmanagerPostAlerts 

func (c *Client) WatchAlertmanagerPostAlerts() error

func (*Client) WatchAlerts 

func (c *Client) WatchAlerts() error

func (*Client) WatchCliqPostAlerts 

func (c *Client) WatchCliqPostAlerts() error

func (*Client) WatchCliqPostLogs 

func (c *Client) WatchCliqPostLogs() error

func (*Client) WatchCloudEventsSendAlerts 

func (c *Client) WatchCloudEventsSendAlerts() error

func (*Client) WatchCloudEventsSendLogs 

func (c *Client) WatchCloudEventsSendLogs() error

func (*Client) WatchDatadogPostAlerts 

func (c *Client) WatchDatadogPostAlerts() error

func (*Client) WatchDatadogPostLogs 

func (c *Client) WatchDatadogPostLogs() error

func (*Client) WatchDiscordAlerts 

func (c *Client) WatchDiscordAlerts() error

func (*Client) WatchDiscordLogs 

func (c *Client) WatchDiscordLogs() error

func (*Client) WatchElasticsearchPostAlerts 

func (c *Client) WatchElasticsearchPostAlerts() error

func (*Client) WatchElasticsearchPostLogs 

func (c *Client) WatchElasticsearchPostLogs() error

func (*Client) WatchEnqueueSecurityLakeAlerts 

func (c *Client) WatchEnqueueSecurityLakeAlerts() error

EnqueueSecurityLake

func (*Client) WatchEnqueueSecurityLakeLogs 

func (c *Client) WatchEnqueueSecurityLakeLogs() error

func (*Client) WatchEventHubPostLogs 

func (c *Client) WatchEventHubPostLogs() error

func (*Client) WatchEventHubPostlerts 

func (c *Client) WatchEventHubPostlerts() error

EnqueueSecurityLake

func (*Client) WatchGrafanaOnCallPostAlerts 

func (c *Client) WatchGrafanaOnCallPostAlerts() error

func (*Client) WatchGrafanaOnCallPostLogs 

func (c *Client) WatchGrafanaOnCallPostLogs() error

func (*Client) WatchGrafanaPostAlerts 

func (c *Client) WatchGrafanaPostAlerts() error

func (*Client) WatchGrafanaPostLogs 

func (c *Client) WatchGrafanaPostLogs() error

func (*Client) WatchInfluxdbPostAlerts 

func (c *Client) WatchInfluxdbPostAlerts() error

func (*Client) WatchInfluxdbPostLogs 

func (c *Client) WatchInfluxdbPostLogs() error

func (*Client) WatchInvokeLambdaAlerts 

func (c *Client) WatchInvokeLambdaAlerts() error

lambda

func (*Client) WatchInvokeLambdaLogs 

func (c *Client) WatchInvokeLambdaLogs() error

func (*Client) WatchKafkaProduceAlerts 

func (c *Client) WatchKafkaProduceAlerts() error

func (*Client) WatchKafkaProduceLogs 

func (c *Client) WatchKafkaProduceLogs() error

func (*Client) WatchLogmanagerPostAlerts 

func (c *Client) WatchLogmanagerPostAlerts() error

func (*Client) WatchLogs 

func (c *Client) WatchLogs() error

WatchLogs Function

func (*Client) WatchMQTTPublishAlerts 

func (c *Client) WatchMQTTPublishAlerts() error

func (*Client) WatchMQTTPublishLogs 

func (c *Client) WatchMQTTPublishLogs() error

func (*Client) WatchNatsPublishAlerts 

func (c *Client) WatchNatsPublishAlerts() error

func (*Client) WatchNatsPublishLogs 

func (c *Client) WatchNatsPublishLogs() error

func (*Client) WatchPolicyAlerts 

func (c *Client) WatchPolicyAlerts() error

func (*Client) WatchPublishTopicAlerts 

func (c *Client) WatchPublishTopicAlerts() error

PublishTopic

func (*Client) WatchPublishTopicLogs 

func (c *Client) WatchPublishTopicLogs() error

func (*Client) WatchPutRecordAlerts 

func (c *Client) WatchPutRecordAlerts() error

func (*Client) WatchPutRecordLogs 

func (c *Client) WatchPutRecordLogs() error

func (*Client) WatchRabbitmqPublishAlerts 

func (c *Client) WatchRabbitmqPublishAlerts() error

func (*Client) WatchRabbitmqPublishLogs 

func (c *Client) WatchRabbitmqPublishLogs() error

func (*Client) WatchRedisPostAlerts 

func (c *Client) WatchRedisPostAlerts() error

func (*Client) WatchRedisPostLogs 

func (c *Client) WatchRedisPostLogs() error

func (*Client) WatchRocketchatPostAlerts 

func (c *Client) WatchRocketchatPostAlerts() error

func (*Client) WatchRocketchatPostLogs 

func (c *Client) WatchRocketchatPostLogs() error

func (*Client) WatchSendCloudWatchLogAlerts 

func (c *Client) WatchSendCloudWatchLogAlerts() error

SendCloudWatchLog

func (*Client) WatchSendCloudWatchLogLogs 

func (c *Client) WatchSendCloudWatchLogLogs() error

func (*Client) WatchSendMailAlerts 

func (c *Client) WatchSendMailAlerts() error

func (*Client) WatchSendMailLogs 

func (c *Client) WatchSendMailLogs() error

func (*Client) WatchSendMessageAlerts 

func (c *Client) WatchSendMessageAlerts() error

SendMessage

func (*Client) WatchSendMessageLogs 

func (c *Client) WatchSendMessageLogs() error

func (*Client) WatchSlackAlerts 

func (c *Client) WatchSlackAlerts() error

func (*Client) WatchSlackLogs 

func (c *Client) WatchSlackLogs() error

func (*Client) WatchSyslogLogs 

func (c *Client) WatchSyslogLogs() error

func (*Client) WatchSyslogsAlerts 

func (c *Client) WatchSyslogsAlerts() error

func (*Client) WatchTeamsPostAlerts 

func (c *Client) WatchTeamsPostAlerts() error

func (*Client) WatchTeamsPostLogs 

func (c *Client) WatchTeamsPostLogs() error

func (*Client) WatchTimescaleDBPostAlerts 

func (c *Client) WatchTimescaleDBPostAlerts() error

func (*Client) WatchTimescaleDBPostLogs 

func (c *Client) WatchTimescaleDBPostLogs() error

func (*Client) WatchUploadS3Alerts 

func (c *Client) WatchUploadS3Alerts() error

UploadS3

func (*Client) WatchUploadS3Logs 

func (c *Client) WatchUploadS3Logs() error

func (*Client) WavefrontPost 

func (c *Client) WavefrontPost(kubearmorpayload types.KubearmorPayload)

WavefrontPost sends metrics to WaveFront.

func (*Client) WebUIPost 

func (c *Client) WebUIPost(kubearmorpayload types.KubearmorPayload)

WebUIPost posts event to Slack

func (*Client) WebhookPost 

func (c *Client) WebhookPost(kubearmorpayload types.KubearmorPayload)

WebhookPost posts event to an URL

func (*Client) ZincsearchPost 

func (c *Client) ZincsearchPost(kubearmorpayload types.KubearmorPayload)

ZincsearchPost posts event to Zincsearch 

type Header struct {
	Key   string
	Value string
}

Headers to add to the client before sending the request

type KafkaRestPayload 

type KafkaRestPayload struct {
	Records []Records `json:"records"`
}

KafkaRestPayload is the request wrapper for Kafka Rest

type LogStruct 

type LogStruct struct {
	Filter    string
	Broadcast chan types.KubearmorPayload
}

LogStruct Structure

type OCSFFIndingDetails 

type OCSFFIndingDetails struct {
	CreatedTime int64    `json:"created_time" parquet:"name=created_time, type=INT64"`
	Desc        string   `json:"desc" parquet:"name=desc, type=BYTE_ARRAY, convertedtype=UTF8"`
	Title       string   `json:"title" parquet:"name=title, type=BYTE_ARRAY, convertedtype=UTF8"`
	Types       []string `json:"types" parquet:"name=types, type=BYTE_ARRAY, convertedtype=UTF8, repetitiontype=REPEATED"`
	UID         string   `json:"uid" parquet:"name=uid, type=BYTE_ARRAY, convertedtype=UTF8"`
}

https://schema.ocsf.io/objects/finding

type OCSFMetadata 

type OCSFMetadata struct {
	Version string      `json:"version" parquet:"name=version, type=BYTE_ARRAY, convertedtype=UTF8"`
	Product OCSFProduct `json:"product" parquet:"name=product"`
	Labels  []string    `json:"labels" parquet:"name=labels, type=BYTE_ARRAY, convertedtype=UTF8, repetitiontype=REPEATED"`
}

https://schema.ocsf.io/objects/metadata

type OCSFObservable 

type OCSFObservable struct {
	Name   string `json:"name" parquet:"name=name, type=BYTE_ARRAY, convertedtype=UTF8"`
	Type   string `json:"type" parquet:"name=type, type=BYTE_ARRAY, convertedtype=UTF8"`
	TypeID int32  `json:"type_id" parquet:"name=type_id, type=INT32"`
	Value  string `json:"value" parquet:"name=value, type=BYTE_ARRAY, convertedtype=UTF8"`
}

https://schema.ocsf.io/objects/observable

type OCSFProduct 

type OCSFProduct struct {
	VendorName string `json:"vendor_name" parquet:"name=vendor_name, type=BYTE_ARRAY, convertedtype=UTF8"`
	Name       string `json:"name" parquet:"name=name, type=BYTE_ARRAY, convertedtype=UTF8"`
}

https://schema.ocsf.io/objects/product

type OCSFSecurityFinding 

type OCSFSecurityFinding struct {
	// Attacks      []OCSFAttack     `json:"attacks,omitempty" parquet:"name=attacks, type=MAP, convertedtype=LIST, valuetype=BYTE_ARRAY, valueconvertedtype=UTF8"`
	ActivityID   int32              `json:"activity_id" parquet:"name=activity_id, type=INT32"`
	ActivityName string             `json:"activity_name" parquet:"name=activity_name, type=BYTE_ARRAY, convertedtype=UTF8"`
	CategoryName string             `json:"category_name" parquet:"name=category_name, type=BYTE_ARRAY, convertedtype=UTF8"`
	CategoryUID  int32              `json:"category_uid" parquet:"name=category_uid, type=INT32"`
	ClassName    string             `json:"class_name" parquet:"name=classname, type=BYTE_ARRAY, convertedtype=UTF8"`
	ClassUID     int32              `json:"class_uid" parquet:"name=class_uid, type=INT32"`
	Finding      OCSFFIndingDetails `json:"finding" parquet:"name=finding"`
	Message      string             `json:"message" parquet:"name=message, type=BYTE_ARRAY, convertedtype=UTF8"`
	Metadata     OCSFMetadata       `json:"metadata" parquet:"name=metadata"`
	Observables  []OCSFObservable   `json:"observables" parquet:"name=observables, repetitiontype=REPEATED"`
	RawData      string             `json:"raw_data" parquet:"name=raw_data, type=BYTE_ARRAY, convertedtype=UTF8"`
	Severity     string             `json:"severity" parquet:"name=severity, type=BYTE_ARRAY, convertedtype=UTF8"`
	SeverityID   int32              `json:"severity_id" parquet:"name=severity_id, type=INT32"`
	State        string             `json:"state" parquet:"name=state, type=BYTE_ARRAY, convertedtype=UTF8"`
	StateID      int32              `json:"state_id" parquet:"name=state_id, type=INT32"`
	Status       string             `json:"status" parquet:"name=status, type=BYTE_ARRAY, convertedtype=UTF8"`
	Timestamp    int64              `json:"time" parquet:"name=time, type=INT64"`
	TypeName     string             `json:"type_name" parquet:"name=type_name, type=BYTE_ARRAY, convertedtype=UTF8"`
	TypeUID      int32              `json:"type_uid" parquet:"name=type_uid, type=INT32"`
}

Security Finding [2001] Class https://schema.ocsf.io/classes/security_finding

func NewOCSFSecurityFinding 

func NewOCSFSecurityFinding(kubearmorpayload types.KubearmorPayload) OCSFSecurityFinding

type Records 

type Records struct {
	Value string `json:"value"`
}

Records are the items inside the request wrapper

type SMTPPayload 

type SMTPPayload struct {
	From    string
	To      string
	Subject string
	Body    string
}

SMTPPayload is payload for SMTP Output

type SourceBody 

type SourceBody struct {
	Name        string `json:"name"`
	Description string `json:"description"`
	UID         string `json:"uid"`
}

type WebUIPayload 

type WebUIPayload struct {
	Event   types.KubearmorPayload `json:"event"`
	Outputs []string               `json:"outputs"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.