segments

package

v0.1.1-alpha Latest Latest Go to latest Published: Nov 4, 2021 License: GPL-3.0 Imports: 3 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

Documentation ¶

Overview ¶

This package is home to all pipeline segment implementations. Generally, every segment lives in its own package, implements the Segment interface, embeds the BaseSegment to take care of the I/O side of things, and has an additional init() function to register itself using RegisterSegment.

Index ¶

Variables
func RegisterSegment(name string, s Segment)
func TestSegment(name string, config map[string]string, msg *flow.FlowMessage) *flow.FlowMessage
type BaseSegment
- func (segment *BaseSegment) Rewire(in <-chan *flow.FlowMessage, out chan<- *flow.FlowMessage)
type Segment
- func LookupSegment(name string) Segment

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ContainerVolumePrefix = ""
)

Functions ¶

func RegisterSegment ¶

func RegisterSegment(name string, s Segment)

Used by Segments to register themselves in their init() functions. Errors and exits immediately on conflicts.

func TestSegment ¶

func TestSegment(name string, config map[string]string, msg *flow.FlowMessage) *flow.FlowMessage

Used by the tests to run single flow messages through a segment.

Types ¶

type BaseSegment ¶

type BaseSegment struct {
	In  <-chan *flow.FlowMessage
	Out chan<- *flow.FlowMessage
}

Serves as a basis for any Segment implementations. Segments embedding this type only need the New and the Run methods to be compliant to the Segment interface.

func (*BaseSegment) Rewire ¶

func (segment *BaseSegment) Rewire(in <-chan *flow.FlowMessage, out chan<- *flow.FlowMessage)

This function rewires this Segment with the provided channels. This is typically called only by pipeline.New() and present in any Segment implementation.

type Segment ¶

type Segment interface {
	New(config map[string]string) Segment                      // for reading the provided config
	Run(wg *sync.WaitGroup)                                    // goroutine, must close(segment.Out) when segment.In is closed
	Rewire(<-chan *flow.FlowMessage, chan<- *flow.FlowMessage) // embed this using BaseSegment
}

This interface is central to an Pipeline object, as it operates on a list of them. In general, Segments should embed the BaseSegment to provide the Rewire function and the associated vars.

func LookupSegment ¶

func LookupSegment(name string) Segment

Used by the pipeline package to convert segment names in configuration to actual Segment objects.

Source Files ¶

View all Source files

segments.go

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
alert
http This segment is used to alert on flows using webhooks - WIP, but basically usable.	This segment is used to alert on flows using webhooks - WIP, but basically usable.
export
influx Collects and exports all flows to influxdb for long term storage.	Collects and exports all flows to influxdb for long term storage.
prometheus Collects and serves statistics about flows.	Collects and serves statistics about flows.
filter Runs flows through a filter and forwards only matching flows.	Runs flows through a filter and forwards only matching flows.
io
goflow Captures Netflow v9 and feeds flows to the following segments.	Captures Netflow v9 and feeds flows to the following segments.
kafkaconsumer Consumes flows from a Kafka instance and passes them to the following segments.	Consumes flows from a Kafka instance and passes them to the following segments.
kafkaproducer Produces all received flows to Kafka instance.	Produces all received flows to Kafka instance.
sqlite Dumps all incoming flow messages to a local sqlite database.	Dumps all incoming flow messages to a local sqlite database.
stdin Receives flows from stdin in JSON format, as exported by the stdout segment.	Receives flows from stdin in JSON format, as exported by the stdout segment.
stdout Prints all flows to stdout, for consumption by the stdin segment or for debugging.	Prints all flows to stdout, for consumption by the stdin segment or for debugging.
modify
addcid Enriches any passing flow message with a customer id field based on a CIDR match.	Enriches any passing flow message with a customer id field based on a CIDR match.
dropfields Drops fields from any passing flow.	Drops fields from any passing flow.
geolocation Enriches flows with a geolocation.	Enriches flows with a geolocation.
normalize Rewrites passing flows with all sampling rate affected fields normalized.	Rewrites passing flows with all sampling rate affected fields normalized.
protomap Enriches any passing flow message with the human readable protocol.	Enriches any passing flow message with the human readable protocol.
remoteaddress Determines the remote address of flows based on different criteria.	Determines the remote address of flows based on different criteria.
snmp Enriches passing flows with human-readable versions of interface ids, sourced from SNMP.	Enriches passing flows with human-readable versions of interface ids, sourced from SNMP.
noop Serves as a template for new segments and forwards flows, otherwise does nothing.	Serves as a template for new segments and forwards flows, otherwise does nothing.
print
count Counts the number of passing flows and prints the result on termination.	Counts the number of passing flows and prints the result on termination.
printdots Prints a dot every n flows.	Prints a dot every n flows.
printflowdump Prints all incoming flows in a specific flowdump format.	Prints all incoming flows in a specific flowdump format.