Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateConfig ¶
CreateConfig generates dpluger config file
func CreateDirective ¶ added in v0.15.0
func CreateDirective(tsvFile, outFile, kingdom, category string, priority, reliability, dirNumber int) (err error)
CreateDirective starts directive creation
Types ¶
type FieldMapping ¶
type FieldMapping struct { Title string `json:"title,omitempty"` Timestamp string `json:"timestamp"` TimestampFormat string `json:"timestamp_format"` Sensor string `json:"sensor"` PluginID string `json:"plugin_id,omitempty"` PluginSID string `json:"plugin_sid,omitempty"` Product string `json:"product,omitempty"` Category string `json:"category,omitempty"` SubCategory string `json:"subcategory,omitempty"` SrcIP string `json:"src_ip"` SrcPort string `json:"src_port"` DstIP string `json:"dst_ip"` DstPort string `json:"dst_port"` Protocol string `json:"protocol,omitempty"` CustomData1 string `json:"custom_data1,omitempty"` CustomLabel1 string `json:"custom_label1,omitempty"` CustomData2 string `json:"custom_data2,omitempty"` CustomLabel2 string `json:"custom_label2,omitempty"` CustomData3 string `json:"custom_data3,omitempty"` CustomLabel3 string `json:"custom_label3,omitempty"` }
FieldMapping defines field mapping
type Plugin ¶
type Plugin struct { Name string `json:"name"` Type string `json:"type"` // SID || Taxonomy Output string `json:"output_file"` Index string `json:"index_pattern"` ES string `json:"elasticsearch_address"` IdentifierField string `json:"identifier_field"` IdentifierValue string `json:"identifier_value"` IdentifierFilter string `json:"identifier_filter"` ESCollectionFilter string `json:"es_collect_filter"` Fields FieldMapping `json:"field_mapping"` }
Plugin defines field mapping
Click to show internal directories.
Click to hide internal directories.