structure

package
v2.0.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2019 License: GPL-3.0 Imports: 1 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Host 

type Host struct {
	ID         bson.ObjectId `bson:"_id,omitempty"`
	IP         string        `bson:"ip"`
	Local      bool          `bson:"local"`
	IPv4       bool          `bson:"ipv4"`
	CountSrc   int32         `bson:"count_src"`
	CountDst   int32         `bson:"count_dst"`
	IPv4Binary int64         `bson:"ipv4_binary"`
	// IPv6Binary IPv6Integers  `bson:"ipv6_binary"` // for future ipv6 support
	MaxDuration        float32 `bson:"max_duration"`
	MaxBeaconScore     float64 `bson:"max_beacon_score"`
	MaxBeaconConnCount int     `bson:"max_beacon_conn_count"`
	BlOutCount         int32   `bson:"bl_out_count"`
	BlInCount          int32   `bson:"bl_in_count"`
	BlSumAvgBytes      int32   `bson:"bl_sum_avg_bytes"`
	BlTotalBytes       int32   `bson:"bl_total_bytes"`
	TxtQueryCount      int     `bson:"txt_query_count"`
}

Host describes an IP address found in the network traffic being analyzed

type IPv6Integers added in v1.0.0 

type IPv6Integers struct {
	I1 int64 `bson:"1"`
	I2 int64 `bson:"2"`
	I3 int64 `bson:"3"`
	I4 int64 `bson:"4"`
}

IPv6Integers provides a way to store a binary representation of an IPv6 address in MongoDB. The 128 bit address is split into four 32 bit values. However, MongoDB cannot store unsigned numbers, so we use 64 bit integers to hold the values.

type UniqueConnection 

type UniqueConnection struct {
	ID              bson.ObjectId `bson:"_id,omitempty"`
	ConnectionCount int           `bson:"connection_count"`
	Src             string        `bson:"src"`
	Dst             string        `bson:"dst"`
	LocalSrc        bool          `bson:"local_src"`
	LocalDst        bool          `bson:"local_dst"`
	TotalBytes      int           `bson:"total_bytes"`
	AverageBytes    float32       `bson:"avg_bytes"`
	TsList          []int64       `bson:"ts_list"`         // Connection timestamps for this src, dst pair
	OrigIPBytes     []int64       `bson:"orig_bytes_list"` // Src to dst connection sizes for each connection
	MaxDuration     float32       `bson:"max_duration"`
	TotalDuration   float32       `bson:"total_duration"`
}

UniqueConnection describes a pair of IP addresses which contacted each other over the observation period

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.