Documentation
¶
Index ¶
- Constants
- Variables
- func BuildAuditService(instanceName string, namespace string) *corev1.Service
- func BuildCertsForAuditLogging(namespace string, issuer string, name string) *certmgr.Certificate
- func BuildConfigMap(instance *operatorv1alpha1.AuditLogging, name string, namespace string) (*corev1.ConfigMap, error)
- func BuildDaemonForFluentd(instance *operatorv1alpha1.AuditLogging, namespace string) *appsv1.DaemonSet
- func BuildDeploymentForFluentd(instance *operatorv1.CommonAudit) *appsv1.Deployment
- func BuildDeploymentForPolicyController(instance *operatorv1alpha1.AuditLogging, namespace string) *appsv1.Deployment
- func BuildFluentdConfigMap(instance *operatorv1.CommonAudit, name string) (*corev1.ConfigMap, error)
- func BuildGodIssuer(namespace string) *certmgr.Issuer
- func BuildJobForAuditLogging(instance *operatorv1alpha1.AuditLogging, namespace string) *batchv1.Job
- func BuildRootCACert(namespace string) *certmgr.Certificate
- func BuildRootCAIssuer(namespace string) *certmgr.Issuer
- func BuildSecret(instance *operatorv1.CommonAudit) *corev1.Secret
- func BuildServiceAccount(namespace string) *corev1.ServiceAccount
- func BuildWithSIEMConfigs(found *corev1.ConfigMap) (string, error)
- func EqualCerts(expected *certmgr.Certificate, found *certmgr.Certificate) bool
- func EqualConfig(found *corev1.ConfigMap, expected *corev1.ConfigMap, key string) bool
- func EqualContainers(expected corev1.Container, found corev1.Container, allowModify bool) bool
- func EqualDaemonSets(expected *appsv1.DaemonSet, found *appsv1.DaemonSet) bool
- func EqualDeployments(expected *appsv1.Deployment, found *appsv1.Deployment, allowModify bool) bool
- func EqualIssuers(expected *certmgr.Issuer, found *certmgr.Issuer) bool
- func EqualMatchTags(found *corev1.ConfigMap) bool
- func EqualPods(expected corev1.PodTemplateSpec, found corev1.PodTemplateSpec, ...) bool
- func EqualRoleBindings(expected *rbacv1.RoleBinding, found *rbacv1.RoleBinding) bool
- func EqualRoles(expected *rbacv1.Role, found *rbacv1.Role) bool
- func EqualSIEMConfig(instance *operatorv1.CommonAudit, found *corev1.ConfigMap) (bool, bool)
- func EqualServices(expected *corev1.Service, found *corev1.Service) bool
- func EqualSourceConfig(expected *corev1.ConfigMap, found *corev1.ConfigMap) (bool, []string)
- func UpdateMatchTags(found *corev1.ConfigMap) string
- func UpdateSIEMConfig(instance *operatorv1.CommonAudit, found *corev1.ConfigMap) string
- type Data
- type DataQRadar
- type DataS
- type DataSplunk
Constants ¶
const AuditLoggingCertName = "fluentd"
const AuditLoggingClientCertSecName = "audit-certs"
const AuditLoggingHTTPSCertName = "fluentd-https"
const AuditLoggingServerCertSecName = "audit-server-certs"
const AuditPolicyControllerDeploy = "audit-policy-controller"
AuditPolicyControllerDeploy is the name of the audit-policy-controller deployment
const AuditPolicyServiceAccount = "ibm-audit-policy-controller"
AuditPolicyServiceAccount defines the name of the policy controller ServiceAccount
const ConfigName = "config"
ConfigName defines the name of the config configmap
const DefaultIssuer = "cs-ca-issuer"
const EnableAuditLogForwardKey = "ENABLE_AUDIT_LOGGING_FORWARDING"
EnableAuditLogForwardKey defines the key in the source config map for turning audit on or off
const FluentdConfigKey = "fluent.conf"
FluentdConfigKey defines the key for the config configmap
const FluentdConfigName = "main-config"
FluentdConfigName defines the name of the volume for the config configmap
const FluentdDaemonSetName = "audit-logging-fluentd-ds"
FluentdDaemonSetName is the name of the fluentd daemonset name
const FluentdDeploymentName = "audit-logging-fluentd"
FluentdDeploymentName is the name of the fluentd deployment
const GodIssuer = "audit-god-issuer"
const HTTPIngestName = "http-ingesturl"
HTTPIngestName defines the name of the http-ingesturl configmap
const HTTPIngestURLKey = "AuditLoggingHttpIngestURL"
HTTPIngestURLKey defines the Http endpoint
const JobName = "audit-logging-cleanup"
const OperandServiceAccount = "ibm-auditlogging-operand"
OperandServiceAccount defines the name of the operands' ServiceAccount
const OutputPluginMatches = "icp-audit icp-audit.** syslog syslog.**"
OutputPluginMatches defines the match tags for Splunk and QRadar outputs
const QRadarConfigKey = "remoteSyslog.conf"
QRadarConfigKey defines the key for the remote-syslog-config configmap
const QRadarConfigName = "remote-syslog-config"
QRadarConfigName defines the name of the remote-syslog-config configmap
const RoleBindingPostfix = "-rolebinding"
const RolePostfix = "-role"
const RootCert = "audit-root-ca-cert"
const RootIssuer = "audit-root-ca-issuer"
const SourceConfigKey = "source.conf"
SourceConfigKey defines the key for the source-config configmap
const SourceConfigName = "source-config"
SourceConfigName defines the name of the source-config configmap
const SplunkConfigKey = "splunkHEC.conf"
SplunkConfigKey defines the key for the splunk-hec-config configmap
const SplunkConfigName = "splunk-hec-config"
SplunkConfigName defines the name of the splunk-hec-config configmap
const SyslogIngestURLKey = "AuditLoggingSyslogIngestURL"
SyslogIngestURLKey defines the Http endpoint
Variables ¶
var FluentdConfigMaps = []string{ FluentdDaemonSetName + "-" + ConfigName, FluentdDaemonSetName + "-" + SourceConfigName, FluentdDaemonSetName + "-" + SplunkConfigName, FluentdDaemonSetName + "-" + QRadarConfigName, FluentdDaemonSetName + "-" + HTTPIngestName, }
FluentdConfigMaps defines the names of the fluentd configmaps
var Protocols = map[bool]string{ // contains filtered or unexported fields }
var QradarPlugin = `@include /fluentd/etc/remoteSyslog.conf`
var RegexHecHost = regexp.MustCompile(hecHost + `.*`)
var RegexHecPort = regexp.MustCompile(hecPort + `.*`)
var RegexHecToken = regexp.MustCompile(hecToken + `.*`)
var RegexHost = regexp.MustCompile(host + `.*`)
var RegexHostname = regexp.MustCompile(hostname + `.*`)
var RegexPort = regexp.MustCompile(port + `.*`)
var RegexProtocol = regexp.MustCompile(protocol + `.*`)
var RegexTLS = regexp.MustCompile(tls + `.*`)
var SplunkPlugin = `@include /fluentd/etc/splunkHEC.conf`
Functions ¶
func BuildAuditService ¶
BuildAuditService returns a Service object
func BuildCertsForAuditLogging ¶
func BuildCertsForAuditLogging(namespace string, issuer string, name string) *certmgr.Certificate
BuildCertsForAuditLogging returns a Certificate object
func BuildConfigMap ¶
func BuildConfigMap(instance *operatorv1alpha1.AuditLogging, name string, namespace string) (*corev1.ConfigMap, error)
BuildConfigMap returns a ConfigMap object
func BuildDaemonForFluentd ¶
func BuildDaemonForFluentd(instance *operatorv1alpha1.AuditLogging, namespace string) *appsv1.DaemonSet
BuildDaemonForFluentd returns a Daemonset object
func BuildDeploymentForFluentd ¶
func BuildDeploymentForFluentd(instance *operatorv1.CommonAudit) *appsv1.Deployment
BuildDeploymentForFluentd returns a Deployment object
func BuildDeploymentForPolicyController ¶
func BuildDeploymentForPolicyController(instance *operatorv1alpha1.AuditLogging, namespace string) *appsv1.Deployment
BuildDeploymentForPolicyController returns a Deployment object
func BuildFluentdConfigMap ¶
func BuildFluentdConfigMap(instance *operatorv1.CommonAudit, name string) (*corev1.ConfigMap, error)
BuildFluentdConfigMap returns a ConfigMap object
func BuildGodIssuer ¶
BuildGodIssuer returns an Issuer object
func BuildJobForAuditLogging ¶
func BuildJobForAuditLogging(instance *operatorv1alpha1.AuditLogging, namespace string) *batchv1.Job
func BuildRootCACert ¶
func BuildRootCACert(namespace string) *certmgr.Certificate
BuildRootCACert returns a Certificate object
func BuildRootCAIssuer ¶
BuildRootCAIssuer returns an Issuer object
func BuildSecret ¶
func BuildSecret(instance *operatorv1.CommonAudit) *corev1.Secret
BuildSecret returns a Secret object
func BuildServiceAccount ¶
func BuildServiceAccount(namespace string) *corev1.ServiceAccount
BuildServiceAccount returns a ServiceAccoutn object
func BuildWithSIEMConfigs ¶
BuildWithSIEMConfigs returns a String and an Error
func EqualCerts ¶
func EqualCerts(expected *certmgr.Certificate, found *certmgr.Certificate) bool
EqualCerts returns a Boolean
func EqualConfig ¶
EqualConfig returns a Boolean
func EqualContainers ¶
EqualContainers returns a Boolean
func EqualDaemonSets ¶
EqualDaemonSets returns a Boolean
func EqualDeployments ¶
func EqualDeployments(expected *appsv1.Deployment, found *appsv1.Deployment, allowModify bool) bool
EqualDeployments returns a Boolean
func EqualIssuers ¶
EqualIssuers returns a boolean
func EqualMatchTags ¶
EqualMatchTags returns a Boolean
func EqualPods ¶
func EqualPods(expected corev1.PodTemplateSpec, found corev1.PodTemplateSpec, allowModify bool) bool
EqualPods returns a Boolean
func EqualRoleBindings ¶
func EqualRoleBindings(expected *rbacv1.RoleBinding, found *rbacv1.RoleBinding) bool
EqualRoleBindings returns a Boolean
func EqualRoles ¶
EqualRoles returns a Boolean
func EqualSIEMConfig ¶
func EqualSIEMConfig(instance *operatorv1.CommonAudit, found *corev1.ConfigMap) (bool, bool)
EqualSIEMConfig returns a Boolean
func EqualServices ¶
EqualServices returns a Boolean
func EqualSourceConfig ¶
EqualSourceConfig returns a Boolean and a String slice
func UpdateMatchTags ¶
UpdateMatchTags returns a String
func UpdateSIEMConfig ¶
func UpdateSIEMConfig(instance *operatorv1.CommonAudit, found *corev1.ConfigMap) string
UpdateSIEMConfig returns a String
Types ¶
type DataQRadar ¶
type DataQRadar struct {
Value string `yaml:"remoteSyslog.conf"`
}
DataQRadar defines the struct for remote-syslog-config
type DataSplunk ¶
type DataSplunk struct {
Value string `yaml:"splunkHEC.conf"`
}
DataSplunk defines the struct for splunk-hec-config
Source Files