Documentation
¶
Index ¶
- type AgentPrivilegeRequirements
- type AgentRequirements
- type BuildManifest
- type Change
- type Changelog
- type Conditions
- type DataStream
- type DataStreamManifest
- type DataStreamOptions
- type ElasticsearchPrivilegeRequirements
- type ElasticsearchPrivileges
- type ElasticsearchRequirements
- type ElasticsearchSettings
- type Field
- type FieldsFile
- type FileMetadata
- type Icons
- type IndexTemplateOptions
- type IngestPipeline
- type IngestPipelineOptions
- type Input
- type Integration
- type Manifest
- type Option
- type Owner
- type PolicyTemplate
- type Processor
- type Release
- type SampleEvent
- type Screenshots
- type Source
- type Stream
- type Var
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AgentPrivilegeRequirements ¶ added in v0.0.10
type AgentPrivilegeRequirements struct {
// Set to true if collection requires root privileges in the agent.
Root bool `json:"root,omitempty" yaml:"root,omitempty"`
}
type AgentRequirements ¶ added in v0.0.10
type AgentRequirements struct {
Privileges AgentPrivilegeRequirements `json:"privileges,omitempty" yaml:"privileges,omitempty"`
}
AgentRequirements declares related Agent configurations or requirements.
type BuildManifest ¶
type BuildManifest struct {
Dependencies struct {
ECS struct {
// Source reference (pattern '^git@.+').
Reference string `json:"reference,omitempty" yaml:"reference,omitempty"`
// Whether to import common used dynamic templates and properties into the package.
ImportMappings *bool `json:"import_mappings,omitempty" yaml:"import_mappings,omitempty"`
} `json:"ecs,omitempty" yaml:"ecs,omitempty"`
} `json:"dependencies,omitempty" yaml:"dependencies,omitempty"`
// contains filtered or unexported fields
}
func (BuildManifest) Path ¶ added in v0.0.2
func (m BuildManifest) Path() string
Path returns the path to the build.yml file.
type Change ¶ added in v0.0.7
type Change struct {
Description string `json:"description,omitempty" yaml:"description,omitempty"`
Type string `json:"type,omitempty" yaml:"type,omitempty"`
Link string `json:"link,omitempty" yaml:"link,omitempty"`
FileMetadata `json:"-" yaml:"-"`
}
func (*Change) UnmarshalYAML ¶ added in v0.0.7
type Changelog ¶ added in v0.0.7
type Changelog struct {
Releases []Release `json:"releases,omitempty" yaml:"releases,omitempty"`
// contains filtered or unexported fields
}
func (*Changelog) UnmarshalYAML ¶ added in v0.0.7
type Conditions ¶
type Conditions struct {
Elastic struct {
Subscription string `json:"subscription,omitempty" yaml:"subscription,omitempty"`
} `json:"elastic,omitempty" yaml:"elastic,omitempty"`
Kibana struct {
Version string `json:"version,omitempty" yaml:"version,omitempty"`
} `json:"kibana,omitempty" yaml:"kibana,omitempty"`
}
func (*Conditions) UnmarshalYAML ¶
func (c *Conditions) UnmarshalYAML(value *yaml.Node) error
UnmarshalYAML implement special YAML unmarshal handling for Conditions to allow it to accept flattened key names which have been observed in packages.
type DataStream ¶
type DataStream struct {
Manifest DataStreamManifest `json:"manifest,omitempty" yaml:"manifest,omitempty"`
Pipelines map[string]IngestPipeline `json:"pipelines,omitempty" yaml:"pipelines,omitempty"`
SampleEvent *SampleEvent `json:"sample_event,omitempty" yaml:"sample_event,omitempty"`
Fields map[string]FieldsFile `json:"fields,omitempty" yaml:"fields,omitempty"`
// contains filtered or unexported fields
}
func (DataStream) AllFields ¶ added in v0.0.2
func (ds DataStream) AllFields() []Field
AllFields returns a slice containing all fields declared in the DataStream.
func (DataStream) Path ¶ added in v0.0.2
func (ds DataStream) Path() string
Path returns the path to the data stream dir.
type DataStreamManifest ¶
type DataStreamManifest struct {
Dataset string `json:"dataset,omitempty" yaml:"dataset,omitempty"`
DatasetIsPrefix *bool `json:"dataset_is_prefix,omitempty" yaml:"dataset_is_prefix,omitempty"`
ILMPolicy string `json:"ilm_policy,omitempty" yaml:"ilm_policy,omitempty"`
Release string `json:"release,omitempty" yaml:"release,omitempty"`
Title string `json:"title,omitempty" yaml:"title,omitempty"`
Type string `json:"type,omitempty" yaml:"type,omitempty"`
Streams []Stream `json:"streams,omitempty" yaml:"streams,omitempty"`
Elasticsearch *ElasticsearchSettings `json:"elasticsearch,omitempty" yaml:"elasticsearch,omitempty"`
// contains filtered or unexported fields
}
func (DataStreamManifest) Path ¶ added in v0.0.2
func (m DataStreamManifest) Path() string
Path returns the path to the data stream manifest.yml.
func (*DataStreamManifest) UnmarshalYAML ¶ added in v0.0.4
func (m *DataStreamManifest) UnmarshalYAML(value *yaml.Node) error
type DataStreamOptions ¶ added in v0.0.4
type DataStreamOptions struct {
Hidden *bool `json:"hidden,omitempty" yaml:"hidden,omitempty"`
}
type ElasticsearchPrivilegeRequirements ¶ added in v0.0.10
type ElasticsearchPrivilegeRequirements struct {
// Cluster privilege requirements.
Cluster []string `json:"cluster,omitempty" yaml:"cluster,omitempty"`
}
type ElasticsearchPrivileges ¶ added in v0.0.4
type ElasticsearchPrivileges struct {
Properties []string `json:"properties,omitempty" yaml:"properties,omitempty"`
}
type ElasticsearchRequirements ¶ added in v0.0.10
type ElasticsearchRequirements struct {
Privileges ElasticsearchPrivilegeRequirements `json:"privileges,omitempty" yaml:"privileges,omitempty"`
}
type ElasticsearchSettings ¶ added in v0.0.4
type ElasticsearchSettings struct {
IndexMode string `json:"index_mode,omitempty" yaml:"index_mode,omitempty"`
IndexTemplate *IndexTemplateOptions `json:"index_template,omitempty" yaml:"index_template,omitempty"`
Privileges *ElasticsearchPrivileges `json:"privileges,omitempty" yaml:"privileges,omitempty"`
SourceMode string `json:"source_mode,omitempty" yaml:"source_mode,omitempty"`
DynamicDataset *bool `json:"dynamic_dataset,omitempty" yaml:"dynamic_dataset,omitempty"`
DynamicNamespace *bool `json:"dynamic_namespace,omitempty" yaml:"dynamic_namespace,omitempty"`
}
type Field ¶ added in v0.0.2
type Field struct {
Name string `json:"name,omitempty" yaml:"name,omitempty"`
Type string `json:"type,omitempty" yaml:"type,omitempty"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
Value string `json:"value,omitempty" yaml:"value,omitempty"`
Example any `json:"example,omitempty" yaml:"example,omitempty"`
MetricType string `json:"metric_type,omitempty" yaml:"metric_type,omitempty"`
Unit string `json:"unit,omitempty" yaml:"unit,omitempty"`
DateFormat string `json:"date_format,omitempty" yaml:"date_format,omitempty"`
Dimension *bool `json:"dimension,omitempty" yaml:"dimension,omitempty"`
Pattern string `json:"pattern,omitempty" yaml:"pattern,omitempty"`
External string `json:"external,omitempty" yaml:"external,omitempty"`
Fields []Field `json:"fields,omitempty" yaml:"fields,omitempty"`
DocValues *bool `json:"doc_values,omitempty" yaml:"doc_values,omitempty"`
Index *bool `json:"index,omitempty" yaml:"index,omitempty"`
CopyTo string `json:"copy_to,omitempty" yaml:"copy_to,omitempty"`
Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty"`
Dynamic string `json:"dynamic,omitempty" yaml:"dynamic,omitempty"`
ScalingFactor *int `json:"scaling_factor,omitempty" yaml:"scaling_factor,omitempty"`
Analyzer string `json:"analyzer,omitempty" yaml:"analyzer,omitempty"`
SearchAnalyzer string `json:"search_analyzer,omitempty" yaml:"search_analyzer,omitempty"`
MultiFields []Field `json:"multi_fields,omitempty" yaml:"multi_fields,omitempty"`
NullValue string `json:"null_value,omitempty" yaml:"null_value,omitempty"`
IgnoreMalformed *bool `json:"ignore_malformed,omitempty" yaml:"ignore_malformed,omitempty"`
IgnoreAbove int `json:"ignore_above,omitempty" yaml:"ignore_above,omitempty"`
ObjectType string `json:"object_type,omitempty" yaml:"object_type,omitempty"`
ObjectTypeMappingType string `json:"object_type_mapping_type,omitempty" yaml:"object_type_mapping_type,omitempty"`
AliasTargetPath string `json:"path,omitempty" yaml:"path,omitempty"`
Normalize []string `json:"normalize,omitempty" yaml:"normalize,omitempty"`
Normalizer string `json:"normalizer,omitempty" yaml:"normalizer,omitempty"`
IncludeInParent *bool `json:"include_in_parent,omitempty" yaml:"include_in_parent,omitempty"`
DefaultMetric string `json:"default_metric,omitempty" yaml:"default_metric,omitempty"`
// AdditionalProperties contains additional properties that are not
// explicitly specified in the package-spec and are not used by Fleet.
AdditionalAttributes map[string]any `json:"_additional_attributes,omitempty" yaml:",inline"`
FileMetadata `json:"-" yaml:"-"`
YAMLPath string `json:"-" yaml:"-"` // YAML path
}
func FlattenFields ¶ added in v0.0.2
FlattenFields returns a flat representation of the fields. It removes all nested fields and creates top-level fields whose name is constructed by joining the parts with dots. The returned slice is sorted by name.
func ReadFields ¶ added in v0.0.2
ReadFields reads all files matching the given globs and returns a slice containing all fields.
func (*Field) UnmarshalYAML ¶ added in v0.0.2
type FieldsFile ¶ added in v0.0.2
type FieldsFile struct {
Fields []Field `json:"fields" yaml:"fields"`
// contains filtered or unexported fields
}
func (FieldsFile) Path ¶ added in v0.0.2
func (f FieldsFile) Path() string
Path returns the path to the fields file.
type FileMetadata ¶ added in v0.0.3
type FileMetadata struct {
// contains filtered or unexported fields
}
func (FileMetadata) Column ¶ added in v0.0.3
func (m FileMetadata) Column() int
func (FileMetadata) Line ¶ added in v0.0.3
func (m FileMetadata) Line() int
func (FileMetadata) Path ¶ added in v0.0.3
func (m FileMetadata) Path() string
type Icons ¶
type Icons struct {
Src string `json:"src,omitempty" yaml:"src,omitempty"`
Title string `json:"title,omitempty" yaml:"title,omitempty"`
Size string `json:"size,omitempty" yaml:"size,omitempty"`
Type string `json:"type,omitempty" yaml:"type,omitempty"`
DarkMode *bool `json:"dark_mode,omitempty" yaml:"dark_mode,omitempty"`
}
type IndexTemplateOptions ¶ added in v0.0.4
type IndexTemplateOptions struct {
Settings map[string]any `json:"settings,omitempty" yaml:"settings,omitempty"`
Mappings map[string]any `json:"mappings,omitempty" yaml:"mappings,omitempty"`
IngestPipeline *IngestPipelineOptions `json:"ingest_pipeline,omitempty" yaml:"ingest_pipeline,omitempty"`
DataStream *DataStreamOptions `json:"data_stream,omitempty" yaml:"data_stream,omitempty"`
}
type IngestPipeline ¶ added in v0.0.2
type IngestPipeline struct {
// Description of the ingest pipeline.
Description string `json:"description,omitempty" yaml:"description,omitempty"`
// Processors used to perform transformations on documents before indexing.
// Processors run sequentially in the order specified.
Processors []*Processor `json:"processors,omitempty" yaml:"processors,omitempty"`
// Processors to run immediately after a processor failure.
OnFailure []*Processor `json:"on_failure,omitempty" yaml:"on_failure,omitempty"`
// Version number used by external systems to track ingest pipelines.
Version *int `json:"version,omitempty" yaml:"version,omitempty"`
// Optional metadata about the ingest pipeline. May have any contents.
Meta map[string]any `json:"_meta,omitempty" yaml:"_meta,omitempty"`
// contains filtered or unexported fields
}
func (IngestPipeline) Path ¶ added in v0.0.2
func (p IngestPipeline) Path() string
Path returns the path to the ingest node pipeline file.
type IngestPipelineOptions ¶ added in v0.0.4
type IngestPipelineOptions struct {
Name string `json:"name,omitempty" yaml:"name,omitempty"`
}
type Input ¶
type Input struct {
Type string `json:"type,omitempty" yaml:"type,omitempty"`
Title string `json:"title,omitempty" yaml:"title,omitempty"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
InputGroup string `json:"input_group,omitempty" yaml:"input_group,omitempty"`
TemplatePath string `json:"template_path,omitempty" yaml:"template_path,omitempty"`
Multi *bool `json:"multi,omitempty" yaml:"multi,omitempty"`
Vars []Var `json:"vars,omitempty" yaml:"vars,omitempty"`
}
type Integration ¶
type Integration struct {
Build *BuildManifest `json:"build,omitempty" yaml:"build,omitempty"`
Manifest Manifest `json:"manifest,omitempty" yaml:"manifest,omitempty"`
Input *DataStream `json:"input,omitempty" yaml:"input,omitempty"`
DataStreams map[string]*DataStream `json:"data_streams,omitempty" yaml:"data_streams,omitempty"`
Changelog Changelog `json:"changelog,omitempty" yaml:"changelog,omitempty"`
// contains filtered or unexported fields
}
func Read ¶
func Read(path string) (*Integration, error)
Read reads the Fleet integration at the specified path. The path should point to the directory containing the integration's main manifest.yml.
func (Integration) Path ¶ added in v0.0.2
func (i Integration) Path() string
Path returns the path to the integration dir.
type Manifest ¶
type Manifest struct {
Name string `json:"name,omitempty" yaml:"name,omitempty"`
Title string `json:"title,omitempty" yaml:"title,omitempty"`
Version string `json:"version,omitempty" yaml:"version,omitempty"`
Release string `json:"release,omitempty" yaml:"release,omitempty"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
Type string `json:"type,omitempty" yaml:"type,omitempty"`
Icons []Icons `json:"icons,omitempty" yaml:"icons,omitempty"`
FormatVersion string `json:"format_version,omitempty" yaml:"format_version,omitempty"`
License string `json:"license,omitempty" yaml:"license,omitempty"`
Categories []string `json:"categories,omitempty" yaml:"categories,omitempty"`
Conditions Conditions `json:"conditions,omitempty" yaml:"conditions,omitempty"`
Screenshots []Screenshots `json:"screenshots,omitempty" yaml:"screenshots,omitempty"`
Source Source `json:"source,omitempty" yaml:"source,omitempty"`
Vars []Var `json:"vars,omitempty" yaml:"vars,omitempty"`
PolicyTemplates []PolicyTemplate `json:"policy_templates,omitempty" yaml:"policy_templates,omitempty"`
Owner Owner `json:"owner,omitempty" yaml:"owner,omitempty"`
Elasticsearch *ElasticsearchRequirements `json:"elasticsearch,omitempty" yaml:"elasticsearch,omitempty"`
Agent *AgentRequirements `json:"agent,omitempty" yaml:"agent,omitempty"`
// contains filtered or unexported fields
}
type PolicyTemplate ¶
type PolicyTemplate struct {
Name string `json:"name,omitempty" yaml:"name,omitempty"`
Title string `json:"title,omitempty" yaml:"title,omitempty"`
Categories []string `json:"categories,omitempty" yaml:"categories,omitempty"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
DataStreams []string `json:"data_streams,omitempty" yaml:"data_streams,omitempty"`
Inputs []Input `json:"inputs,omitempty" yaml:"inputs,omitempty"`
Icons []Icons `json:"icons,omitempty" yaml:"icons,omitempty"`
Screenshots []Screenshots `json:"screenshots,omitempty" yaml:"screenshots,omitempty"`
Multiple *bool `json:"multiple,omitempty" yaml:"multiple,omitempty"`
Type string `json:"type,omitempty" yaml:"type,omitempty"` // Type of data stream.
Input string `json:"input,omitempty" yaml:"input,omitempty"`
TemplatePath string `json:"template_path,omitempty" yaml:"template_path,omitempty"`
Vars []Var `json:"vars,omitempty" yaml:"vars,omitempty"` // Policy template level variables.
}
type Processor ¶ added in v0.0.2
func (*Processor) MarshalJSON ¶ added in v0.0.2
func (*Processor) MarshalYAML ¶ added in v0.0.2
func (*Processor) UnmarshalYAML ¶ added in v0.0.2
type Release ¶ added in v0.0.7
type Release struct {
Version string `json:"version,omitempty" yaml:"version,omitempty"`
Changes []Change `json:"changes,omitempty" yaml:"changes,omitempty"`
FileMetadata `json:"-" yaml:"-"`
}
func (*Release) UnmarshalYAML ¶ added in v0.0.7
type SampleEvent ¶ added in v0.0.2
type SampleEvent struct {
Event map[string]any `json:"event" yaml:"event"`
// contains filtered or unexported fields
}
func (SampleEvent) Path ¶ added in v0.0.2
func (e SampleEvent) Path() string
type Screenshots ¶
type Source ¶
type Source struct {
License string `json:"license,omitempty" yaml:"license,omitempty"`
}
type Stream ¶
type Stream struct {
Input string `json:"input,omitempty" yaml:"input,omitempty"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
Title string `json:"title,omitempty" yaml:"title,omitempty"`
TemplatePath string `json:"template_path,omitempty" yaml:"template_path,omitempty"`
Vars []Var `json:"vars,omitempty" yaml:"vars,omitempty"`
Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty"`
}
type Var ¶
type Var struct {
Name string `json:"name,omitempty" yaml:"name,omitempty"`
Default any `json:"default,omitempty" yaml:"default,omitempty"`
Description string `json:"description,omitempty" yaml:"description,omitempty"`
Type string `json:"type,omitempty" yaml:"type,omitempty"`
Title string `json:"title,omitempty" yaml:"title,omitempty"`
Multi *bool `json:"multi,omitempty" yaml:"multi,omitempty"`
Required *bool `json:"required,omitempty" yaml:"required,omitempty"`
Secret *bool `json:"secret,omitempty" yaml:"secret,omitempty"`
ShowUser *bool `json:"show_user,omitempty" yaml:"show_user,omitempty"`
Options []Option `json:"options,omitempty" yaml:"options,omitempty"` // List of options for 'type: select'.
FileMetadata `json:"-" yaml:"-"`
}
func (*Var) UnmarshalYAML ¶ added in v0.0.3
Source Files
Click to show internal directories.
Click to hide internal directories.