enrich

package
v0.0.0-...-712da53 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 17, 2025 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AlertEnricher 

type AlertEnricher struct {
	*alert.SourceFrom
	Enrichers []Enricher

	// RuleID -> Enricher
	EnricherMap sync.Map
	// contains filtered or unexported fields
}

func (*AlertEnricher) Enrich 

func (e *AlertEnricher) Enrich(events []alert.AlertEvent) error

func (*AlertEnricher) RemoveRuleByDeletedSchema 

func (e *AlertEnricher) RemoveRuleByDeletedSchema(schema string)

type Enricher 

type Enricher interface {
	RuleID() string
	RuleOrder() int
	Enrich(*alert.AlertEvent)
}

type JQParser 

type JQParser struct {
	FromJQExpression string // JQ expression composed of condition and fromField
	JQParser         *gojq.Query
}

type TagEnricher 

type TagEnricher struct {
	ID    string
	Order int

	RType string

	*JQParser

	DBRepo database.Repo

	// ---------------- tagMapping ----------------
	TargetTagId int
	CustomTag   string

	// ---------------- schemaMapping ----------------
	Schema       string
	SchemaSource string
	SchemaTarget []alert.AlertEnrichSchemaTarget

	TargetTags []alert.TargetTag
	// contains filtered or unexported fields
}

func NewTagEnricher 

func NewTagEnricher(
	enrichRule alert.AlertEnrichRuleVO,
	dbRepo database.Repo,
	Order int,
) (*TagEnricher, error)

func (*TagEnricher) Enrich 

func (e *TagEnricher) Enrich(alertEvent *alert.AlertEvent)

func (*TagEnricher) RuleID 

func (e *TagEnricher) RuleID() string

func (*TagEnricher) RuleOrder 

func (e *TagEnricher) RuleOrder() int

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.