Documentation
¶
Index ¶
- Constants
- func ChangeRaspMethodDB()
- func RaspConfigCronJob()
- func RaspHbDeal(raspData RaspHbType)
- func RaspInit()
- func RaspSync(calcuType string)
- func RaspTaskCronJob()
- type ProbeConfig
- type ProbeConfigBlock
- type ProbeConfigData
- type ProbeConfigFilter
- type ProbeConfigLimit
- type ProbeConfigPatch
- type ProbeConfigRules
- type RaspConfig
- type RaspConfigRule
- type RaspHbType
- type RaspHeartBeat
- type RaspMethod
- type RaspPluginCommand
- type RaspPluginTask
- type RaspProbeStruct
- type RaspProcess
- type RaspProcessVuln
- type RaspTaskConfig
Constants ¶
View Source
const ( RaspFilterType = 6 RaspBlockType = 7 RaspLimitType = 8 RaspPatchType = 9 )
View Source
const ( RaspStateAttached = "ATTACHED" RaspStateInspected = "INSPECTED" RaspStateWaitAtt = "WAIT_ATTACH" RaspStateClose = "CLOSING" RaspStateWaitIns = "WAIT_INSPECT" RaspStateAttFail = "WAIT_ATTACH_failed" RaspRuntimePython = "Python" RaspRuntimeJava = "Java" RaspRuntimePhp = "PHP" RaspRuntimeNodeJS = "NodeJS" RaspRuntimeGolang = "Golang" HeartBeartPython = "CPython" HeartBeartJava = "JVM" HeartBeartPhp = "PHP" HeartBeartNodeJS = "NodeJS" HeartBeartGolang = "Golang" RaspTaskDataType = 2005 RaspVulnUnSafe = "unsafe" RaspVulnHotFix = "hotfix" )
View Source
const RaspSyncLock = "RaspSyncLock"
rasp进程定期同步
View Source
const (
RaspTypeConfig = "rasp_config"
)
Variables ¶
This section is empty.
Functions ¶
func RaspConfigCronJob ¶
func RaspConfigCronJob()
Types ¶
type ProbeConfig ¶
type ProbeConfig struct { MessageType int `json:"message_type" bson:"message_type"` Data ProbeConfigData `json:"data" bson:"data"` }
type ProbeConfigBlock ¶
type ProbeConfigBlock struct { ClassId int `json:"class_id" bson:"class_id"` MethodId int `json:"method_id" bson:"method_id"` Rules []ProbeConfigRules `json:"rules" bson:"rules"` }
type ProbeConfigData ¶
type ProbeConfigData struct { Uuid string `json:"uuid" bson:"uuid"` Blocks []ProbeConfigBlock `json:"blocks,omitempty" bson:"blocks"` Filters []ProbeConfigFilter `json:"filters,omitempty" bson:"filters"` Limits []ProbeConfigLimit `json:"limits,omitempty" bson:"limits"` Patches []ProbeConfigPatch `json:"patches,omitempty" bson:"patches"` }
type ProbeConfigFilter ¶
type ProbeConfigFilter struct { ClassId int `json:"class_id" bson:"class_id"` MethodId int `json:"method_id" bson:"method_id"` Include []ProbeConfigRules `json:"include" bson:"include"` Exclude []ProbeConfigRules `json:"exclude" bson:"exclude"` }
type ProbeConfigLimit ¶
type ProbeConfigPatch ¶
type ProbeConfigRules ¶
type RaspConfig ¶
type RaspConfig struct { Id primitive.ObjectID `json:"id" bson:"_id,omitempty"` User string `json:"user" bson:"user"` IfProtect bool `json:"if_protect" bson:"if_protect"` IpList []string `json:"ip_list" bson:"ip_list"` Tag string `json:"tag" bson:"tag"` Cmd string `json:"cmd" bson:"cmd"` EnvList []string `json:"env_list" bson:"env_list"` AliveTime int `json:"alive_time" bson:"alive_time"` Runtime []string `json:"runtime" bson:"runtime"` Block []RaspConfigRule `json:"block" bson:"block"` Filter []RaspConfigRule `json:"filter" bson:"filter"` }
type RaspConfigRule ¶
type RaspConfigRule struct { Runtime string `json:"runtime" bson:"runtime"` HookFunc []string `json:"hook_func" bson:"hook_func"` HookParam int `json:"hook_param" bson:"hook_param"` Rules []struct { Type string `json:"type" bson:"type"` Rule string `json:"rule" bson:"rule"` } `json:"rules" bson:"rules"` }
type RaspHbType ¶
type RaspHbType struct { DataType string `json:"data_type" bson:"data_type"` Tag string `json:"tags" bson:"tags"` AgentId string `json:"agent_id" bson:"agent_id"` Pid string `json:"pid" bson:"pid"` Env map[string]string `json:"environ_json" bson:"environ_json"` Runtime string `json:"runtime" bson:"runtime"` Cmd string `json:"cmdline" bson:"cmdline"` Uptime string `json:"uptime" bson:"uptime"` Ipv4Data string `json:"in_ipv4_list" bson:"in_ipv4_list"` Exv4Data string `json:"ex_ipv4_list" bson:"ex_ipv4_list"` Ipv4List []string `json:"ipv4_list" bson:"ipv4_list"` Exv4List []string `json:"exv4_list" bson:"exv4_list"` TraceState string `json:"trace_state" bson:"trace_state"` Filter string `json:"filter" bson:"filter"` Block string `json:"block" bson:"block"` Patch string `json:"patch" bson:"patch"` Limit string `json:"limit" bson:"limit"` Action string `json:"action" bson:"action"` Reason string `json:"reason" bson:"reason"` TryAttachCount string `json:"try_attach_count" bson:"try_attach_count"` }
2997
func RaspHbFormat ¶
func RaspHbFormat(raspData map[string]interface{}) (retRaspHbType RaspHbType, err error)
rasp心跳数据格式化
type RaspHeartBeat ¶
type RaspHeartBeat struct { Pid string `json:"pid" bson:"pid"` AgentId string `json:"agent_id" bson:"agent_id"` Runtime string `json:"runtime" bson:"runtime"` ExeName string `json:"exe_name" bson:"exe_name"` TraceState string `json:"trace_state" bson:"trace_state"` }
rasp心跳key数据
type RaspMethod ¶
type RaspMethod struct { Runtime string `json:"runtime" bson:"runtime"` ClassId int `json:"class_id" bson:"class_id"` MethodId int `json:"method_id" bson:"method_id"` ClassName string `json:"class_name" bson:"class_name"` MethodName string `json:"method_name" bson:"method_name"` ProbeHook string `json:"probe_hook" bson:"probe_hook"` MaxIndexCount int `json:"max_index_count" bson:"max_index_count"` DefaultIndex int `json:"default_index" bson:"default_index"` ZhName string `json:"zh_name" bson:"zh_name"` }
type RaspPluginCommand ¶
type RaspPluginTask ¶
type RaspPluginTask struct { Name string `json:"name" bson:"name"` Commands []RaspPluginCommand `json:"commands" bson:"commands"` }
type RaspProbeStruct ¶
type RaspProbeStruct struct { Pid string `json:"pid" bson:"pid"` AgentId string `json:"agent_id" bson:"agent_id"` Filter string `json:"filter" bson:"filter"` Block string `json:"block" bson:"block"` Limit string `json:"limit" bson:"limit"` Patch string `json:"patch" bson:"patch"` }
rasp探针key数据
type RaspProcess ¶
type RaspProcess struct { ExeName string `json:"exe_name" bson:"exe_name"` LastTime int64 `json:"last_time" bson:"update_time"` Runtime string `json:"runtime" bson:"runtime"` ExtranetIpv4 []string `json:"extranet_ipv4" bson:"extranet_ipv4"` IntranetIpv4 []string `json:"intranet_ipv4" bson:"intranet_ipv4"` AgentId string `json:"agent_id" bson:"agent_id"` TraceState string `json:"status" bson:"trace_state"` Pid string `json:"pid" bson:"pid"` Hostname string `json:"hostname" bson:"hostname"` Cmdline string `json:"cmdline" bson:"cmdline"` RuntimeVersion string `json:"runtime_version" bson:"runtime_version"` ProtectTime string `json:"protect_time" bson:"attach_end_time"` EnvironJson map[string]string `json:"environ_json" bson:"environ_json"` Filter string `json:"filter" bson:"filter"` Block string `json:"block" bson:"block"` Limit string `json:"limit" bson:"limit"` Patch string `json:"patch" bson:"patch"` }
type RaspProcessVuln ¶
type RaspProcessVuln struct { AgentId string `json:"agent_id" bson:"agent_id"` VulnId int64 `json:"vuln_id" bson:"vuln_id"` VulnName string `json:"vuln_name" bson:"vuln_name"` Pid string `json:"pid" bson:"pid"` Cmd string `json:"cmd" bson:"cmd"` CveId string `json:"cve_id" bson:"cve_id"` Status string `json:"status" bson:"status"` Level string `json:"level" bson:"level"` Tag []string `json:"tag" bson:"tag"` CreateTime int64 `json:"create_time" bson:"create_time"` UpdateTime int64 `json:"update_time" bson:"update_time"` ControlTime int64 `json:"control_time" bson:"control_time"` }
type RaspTaskConfig ¶
type RaspTaskConfig struct { Id primitive.ObjectID `json:"id" bson:"_id,omitempty"` User string `json:"user" bson:"user"` IfProtect bool `json:"if_protect" bson:"if_protect"` IpList []string `json:"ip_list" bson:"ip_list"` Tag string `json:"tag" bson:"tag"` Cmd string `json:"cmd" bson:"cmd"` EnvList []string `json:"env_list" bson:"env_list"` AliveTime int `json:"alive_time" bson:"alive_time"` Runtime []string `json:"runtime" bson:"runtime"` Block []RaspConfigRule `json:"block" bson:"block"` Filter []RaspConfigRule `json:"filter" bson:"filter"` EnvJson map[string]string `json:"env_json" bson:"env_json"` BlockUuid string `json:"block_uuid" bson:"block_uuid"` FilterUuid string `json:"filter_uuid" bson:"filter_uuid"` LimitUuid string `json:"limit_uuid" bson:"limit_uuid"` PatchUuid string `json:"patch_uuid" bson:"patch_uuid"` TaskStr string `json:"task_str" bson:"task_str"` }
Click to show internal directories.
Click to hide internal directories.