dpluger

package
v0.32.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 27, 2022 License: GPL-3.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateConfig

func CreateConfig(confFile, address, index, name, typ string) error

CreateConfig generates dpluger config file

func CreateDirective added in v0.15.0

func CreateDirective(tsvFile, outFile, kingdom, titleTemplate string, priority, reliability, dirNumber int) error

CreateDirective starts directive creation

func CreatePlugin

func CreatePlugin(plugin Plugin, confFile, creator string, validate, usePipeline bool) (err error)

CreatePlugin starts plugin creation

func Merge added in v0.32.1

func Merge(cmd Commander, cfg MergeConfig, options ...MergeOptionFunc) error

func SplitDirective added in v0.28.0

func SplitDirective(target string, suffix string, count int, delete bool) (err error)

SplitDirective Split single directive json file into multiple json files

Types

type Commander added in v0.32.1

type Commander interface {
	PromptBool(string, bool) bool
	Log(string)
}

type FieldMapping

type FieldMapping struct {
	Title           string `json:"title,omitempty"`
	Timestamp       string `json:"timestamp"`
	TimestampFormat string `json:"timestamp_format"`
	Sensor          string `json:"sensor"`
	PluginID        string `json:"plugin_id,omitempty"`
	PluginSID       string `json:"plugin_sid,omitempty"`
	Product         string `json:"product,omitempty"`
	Category        string `json:"category,omitempty"`
	SubCategory     string `json:"subcategory,omitempty"`
	SrcIP           string `json:"src_ip"`
	SrcPort         string `json:"src_port"`
	DstIP           string `json:"dst_ip"`
	DstPort         string `json:"dst_port"`
	Protocol        string `json:"protocol,omitempty"`
	CustomData1     string `json:"custom_data1,omitempty"`
	CustomLabel1    string `json:"custom_label1,omitempty"`
	CustomData2     string `json:"custom_data2,omitempty"`
	CustomLabel2    string `json:"custom_label2,omitempty"`
	CustomData3     string `json:"custom_data3,omitempty"`
	CustomLabel3    string `json:"custom_label3,omitempty"`
}

FieldMapping defines field mapping

type FileReader added in v0.32.1

type FileReader interface {
	Read(string) ([]byte, error)
}

type MergeConfig added in v0.32.1

type MergeConfig struct {
	Host       string
	SourceJSON string
	TargetJSON string
}

type MergeOptionFunc added in v0.32.1

type MergeOptionFunc func(*mergeOption)

func WithCustomFileReader added in v0.32.1

func WithCustomFileReader(fr FileReader) MergeOptionFunc

func WithCustomTransport added in v0.32.1

func WithCustomTransport(tr http.RoundTripper) MergeOptionFunc

type Plugin

type Plugin struct {
	Name               string       `json:"name"`
	Type               string       `json:"type"` // SID || Taxonomy
	Output             string       `json:"output_file"`
	Index              string       `json:"index_pattern"`
	ES                 string       `json:"elasticsearch_address"`
	IdentifierField    string       `json:"identifier_field"`
	IdentifierValue    string       `json:"identifier_value"`
	IdentifierFilter   string       `json:"identifier_filter"`
	ESCollectionFilter string       `json:"es_collect_filter"`
	Fields             FieldMapping `json:"field_mapping"`
}

Plugin defines field mapping

func Parse

func Parse(confFile string) (plugin Plugin, err error)

Parse read dpluger config from confFile and returns a Plugin

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL