Documentation ¶
Index ¶
- Constants
- Variables
- func GetFakeDNSTap(dnsquery []byte) *dnstap.Dnstap
- func GetName(name string) string
- func GetResolverIP(dm *dnsutils.DNSMessage) string
- func GetRoutes(routes []Worker) ([]chan dnsutils.DNSMessage, []string)
- func GetStreamGlobal(dm *dnsutils.DNSMessage) string
- func GetStreamID(dm *dnsutils.DNSMessage) string
- func IsStdoutValidMode(mode string) bool
- func IsValid(mode string) bool
- func IsValidMode(mode string) bool
- type AfpacketSniffer
- type ClickhouseClient
- type ClickhouseData
- type DNSMessage
- func (w *DNSMessage) LoadData(matchSource string, srcKind string) (MatchSource, error)
- func (w *DNSMessage) LoadFromFile(filePath string, srcKind string) (MatchSource, error)
- func (w *DNSMessage) LoadFromURL(matchSource string, srcKind string) (MatchSource, error)
- func (w *DNSMessage) ReadConfig()
- func (w *DNSMessage) ReadConfigMatching(value interface{})
- func (w *DNSMessage) StartCollect()
- type DNSProcessor
- type DNSTapProcessor
- type DevNull
- type DnstapProxifier
- type DnstapSender
- type DnstapServer
- type ElasticSearchClient
- type EpsCounters
- type FalcoClient
- type FileIngestor
- func (w *FileIngestor) CheckConfig()
- func (w *FileIngestor) ProcessDnstap(filePath string) error
- func (w *FileIngestor) ProcessFile(filePath string)
- func (w *FileIngestor) ProcessPcap(filePath string)
- func (w *FileIngestor) RegisterEvent(filePath string)
- func (w *FileIngestor) RemoveEvent(filePath string)
- func (w *FileIngestor) StartCollect()
- type FluentdClient
- type GenericWorker
- func (w *GenericWorker) AddDefaultRoute(wrk Worker)
- func (w *GenericWorker) AddDroppedRoute(wrk Worker)
- func (w *GenericWorker) CollectDone()
- func (w *GenericWorker) CountEgressTraffic()
- func (w *GenericWorker) CountIngressTraffic()
- func (w *GenericWorker) GetConfig() *pkgconfig.Config
- func (w *GenericWorker) GetDefaultRoutes() []Worker
- func (w *GenericWorker) GetDroppedRoutes() []Worker
- func (w *GenericWorker) GetInputChannel() chan dnsutils.DNSMessage
- func (w *GenericWorker) GetInputChannelAsList() []chan dnsutils.DNSMessage
- func (w *GenericWorker) GetLogger() *logger.Logger
- func (w *GenericWorker) GetName() string
- func (w *GenericWorker) GetOutputChannel() chan dnsutils.DNSMessage
- func (w *GenericWorker) GetOutputChannelAsList() []chan dnsutils.DNSMessage
- func (w *GenericWorker) LogError(msg string, v ...interface{})
- func (w *GenericWorker) LogFatal(v ...interface{})
- func (w *GenericWorker) LogInfo(msg string, v ...interface{})
- func (w *GenericWorker) LogWarning(msg string, v ...interface{})
- func (w *GenericWorker) Loggers() ([]chan dnsutils.DNSMessage, []string)
- func (w *GenericWorker) LoggingDone()
- func (w *GenericWorker) Monitor()
- func (w *GenericWorker) NewConfig() chan *pkgconfig.Config
- func (w *GenericWorker) OnLoggerStopped() chan bool
- func (w *GenericWorker) OnStop() chan bool
- func (w *GenericWorker) ReadConfig()
- func (w *GenericWorker) ReloadConfig(config *pkgconfig.Config)
- func (w *GenericWorker) SendDroppedTo(routes []chan dnsutils.DNSMessage, routesName []string, dm dnsutils.DNSMessage)
- func (w *GenericWorker) SendForwardedTo(routes []chan dnsutils.DNSMessage, routesName []string, dm dnsutils.DNSMessage)
- func (w *GenericWorker) SetConfig(config *pkgconfig.Config)
- func (w *GenericWorker) SetDefaultDropped(workers []Worker)
- func (w *GenericWorker) SetDefaultRoutes(workers []Worker)
- func (w *GenericWorker) SetLoggers(loggers []Worker)
- func (w *GenericWorker) SetMetrics(metrics *telemetry.PrometheusCollector)
- func (w *GenericWorker) StartCollect()
- func (w *GenericWorker) StartLogging()
- func (w *GenericWorker) Stop()
- func (w *GenericWorker) StopLogger()
- func (w *GenericWorker) WorkerIsBusy(name string)
- type HitsRecord
- type HitsStream
- type HitsUniq
- type InfluxDBClient
- type KafkaProducer
- type KeyHit
- type LogFile
- func (w *LogFile) Cleanup() error
- func (w *LogFile) CompressFile()
- func (w *LogFile) CompressPostRotateCommand(filename string)
- func (w *LogFile) FlushWriters()
- func (w *LogFile) GetMaxSize() int64
- func (w *LogFile) OpenFile() error
- func (w *LogFile) PostRotateCommand(filename string)
- func (w *LogFile) ReadConfig()
- func (w *LogFile) RotateFile() error
- func (w *LogFile) StartCollect()
- func (w *LogFile) StartLogging()
- func (w *LogFile) WriteToDnstap(data []byte)
- func (w *LogFile) WriteToPcap(dm dnsutils.DNSMessage, pkt []gopacket.SerializableLayer)
- func (w *LogFile) WriteToPlain(data []byte)
- type LokiClient
- type LokiStream
- type MatchSource
- type PdnsProcessor
- type PdnsServer
- type PromCounterCatalogueContainer
- type Prometheus
- type PrometheusCountersCatalogue
- type PrometheusCountersSet
- func (w *PrometheusCountersSet) Collect(ch chan<- prometheus.Metric)
- func (w *PrometheusCountersSet) ComputeEventsPerSecond()
- func (w *PrometheusCountersSet) Describe(ch chan<- *prometheus.Desc)
- func (w *PrometheusCountersSet) GetCountersSet(dm *dnsutils.DNSMessage) PrometheusCountersCatalogue
- func (w *PrometheusCountersSet) Record(dm dnsutils.DNSMessage)
- type RedisPub
- type RestAPI
- func (w *RestAPI) BasicAuth(httpWriter http.ResponseWriter, r *http.Request) bool
- func (w *RestAPI) DeleteResetHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetClientsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetNxDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetSearchHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetSfDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetStreamsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetSuspiciousHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetTLDsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetTopClientsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetTopDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetTopNxDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetTopSfDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) GetTopTLDsHandler(httpWriter http.ResponseWriter, r *http.Request)
- func (w *RestAPI) ListenAndServe()
- func (w *RestAPI) ReadConfig()
- func (w *RestAPI) RecordDNSMessage(dm dnsutils.DNSMessage)
- func (w *RestAPI) StartCollect()
- func (w *RestAPI) StartLogging()
- type ScalyrClient
- type SearchBy
- type StatsPerStream
- type StatsdClient
- type StdOut
- type StreamStats
- type Syslog
- type TCPClient
- type TZSPSniffer
- type Tail
- type Worker
- type XDPSniffer
Constants ¶
const ( SeverityFinest scalyrSeverity = iota SeverityFiner SeverityFine SeverityInfo SeverityWarning SeverityError SeverityFatal )
Variables ¶
var (
ProtobufPowerDNSToDNSTap = map[string]string{
"DNSQueryType": "CLIENT_QUERY",
"DNSResponseType": "CLIENT_RESPONSE",
"DNSOutgoingQueryType": "RESOLVER_QUERY",
"DNSIncomingResponseType": "RESOLVER_RESPONSE",
}
)
Functions ¶
func GetFakeDNSTap ¶
func GetFakeDNSTap(dnsquery []byte) *dnstap.Dnstap
func GetResolverIP ¶
func GetResolverIP(dm *dnsutils.DNSMessage) string
func GetRoutes ¶ added in v0.45.0
func GetRoutes(routes []Worker) ([]chan dnsutils.DNSMessage, []string)
func GetStreamID ¶
func GetStreamID(dm *dnsutils.DNSMessage) string
func IsStdoutValidMode ¶
func IsValidMode ¶
Types ¶
type AfpacketSniffer ¶
type AfpacketSniffer struct { *GenericWorker // contains filtered or unexported fields }
func NewAfpacketSniffer ¶
func NewAfpacketSniffer(next []Worker, config *pkgconfig.Config, logger *logger.Logger, name string) *AfpacketSniffer
func (*AfpacketSniffer) Listen ¶
func (w *AfpacketSniffer) Listen() error
func (*AfpacketSniffer) StartCollect ¶
func (w *AfpacketSniffer) StartCollect()
type ClickhouseClient ¶
type ClickhouseClient struct {
*GenericWorker
}
func NewClickhouseClient ¶
func NewClickhouseClient(config *pkgconfig.Config, console *logger.Logger, name string) *ClickhouseClient
func (*ClickhouseClient) StartCollect ¶
func (w *ClickhouseClient) StartCollect()
func (*ClickhouseClient) StartLogging ¶
func (w *ClickhouseClient) StartLogging()
type ClickhouseData ¶
type ClickhouseData struct { Identity string `json:"identity"` QueryIP string `json:"query_ip"` QName string `json:"q_name"` Operation string `json:"operation"` Family string `json:"family"` Protocol string `json:"protocol"` QType string `json:"q_type"` RCode string `json:"r_code"` TimeNSec string `json:"timensec"` TimeStamp string `json:"timestamp"` }
type DNSMessage ¶
type DNSMessage struct {
*GenericWorker
}
func NewDNSMessage ¶
func NewDNSMessage(next []Worker, config *pkgconfig.Config, logger *logger.Logger, name string) *DNSMessage
func (*DNSMessage) LoadData ¶
func (w *DNSMessage) LoadData(matchSource string, srcKind string) (MatchSource, error)
func (*DNSMessage) LoadFromFile ¶
func (w *DNSMessage) LoadFromFile(filePath string, srcKind string) (MatchSource, error)
func (*DNSMessage) LoadFromURL ¶
func (w *DNSMessage) LoadFromURL(matchSource string, srcKind string) (MatchSource, error)
func (*DNSMessage) ReadConfig ¶
func (w *DNSMessage) ReadConfig()
func (*DNSMessage) ReadConfigMatching ¶
func (w *DNSMessage) ReadConfigMatching(value interface{})
func (*DNSMessage) StartCollect ¶
func (w *DNSMessage) StartCollect()
type DNSProcessor ¶
type DNSProcessor struct {
*GenericWorker
}
func NewDNSProcessor ¶
func NewDNSProcessor(config *pkgconfig.Config, logger *logger.Logger, name string, size int) DNSProcessor
func (*DNSProcessor) StartCollect ¶ added in v0.45.0
func (w *DNSProcessor) StartCollect()
type DNSTapProcessor ¶
type DNSTapProcessor struct { *GenericWorker ConnID int PeerName string // contains filtered or unexported fields }
func NewDNSTapProcessor ¶
func (*DNSTapProcessor) GetDataChannel ¶ added in v0.45.0
func (w *DNSTapProcessor) GetDataChannel() chan []byte
func (*DNSTapProcessor) StartCollect ¶ added in v0.45.0
func (w *DNSTapProcessor) StartCollect()
type DevNull ¶
type DevNull struct {
*GenericWorker
}
func NewDevNull ¶
func (*DevNull) StartCollect ¶
func (w *DevNull) StartCollect()
type DnstapProxifier ¶
type DnstapProxifier struct { *GenericWorker // contains filtered or unexported fields }
func NewDnstapProxifier ¶
func NewDnstapProxifier(next []Worker, config *pkgconfig.Config, logger *logger.Logger, name string) *DnstapProxifier
func (*DnstapProxifier) CheckConfig ¶
func (w *DnstapProxifier) CheckConfig()
func (*DnstapProxifier) HandleConn ¶
func (*DnstapProxifier) HandleFrame ¶
func (w *DnstapProxifier) HandleFrame(recvFrom chan []byte, sendTo []chan dnsutils.DNSMessage)
func (*DnstapProxifier) StartCollect ¶
func (w *DnstapProxifier) StartCollect()
type DnstapSender ¶
type DnstapSender struct { *GenericWorker // contains filtered or unexported fields }
func NewDnstapSender ¶
func NewDnstapSender(config *pkgconfig.Config, logger *logger.Logger, name string) *DnstapSender
func (*DnstapSender) ConnectToRemote ¶
func (w *DnstapSender) ConnectToRemote()
func (*DnstapSender) Disconnect ¶
func (w *DnstapSender) Disconnect()
func (*DnstapSender) FlushBuffer ¶
func (w *DnstapSender) FlushBuffer(buf *[]dnsutils.DNSMessage)
func (*DnstapSender) ReadConfig ¶
func (w *DnstapSender) ReadConfig()
func (*DnstapSender) StartCollect ¶
func (w *DnstapSender) StartCollect()
func (*DnstapSender) StartLogging ¶
func (w *DnstapSender) StartLogging()
type DnstapServer ¶
type DnstapServer struct { *GenericWorker // contains filtered or unexported fields }
func NewDnstapServer ¶
func NewDnstapServer(next []Worker, config *pkgconfig.Config, logger *logger.Logger, name string) *DnstapServer
func (*DnstapServer) CheckConfig ¶
func (w *DnstapServer) CheckConfig()
func (*DnstapServer) HandleConn ¶
func (*DnstapServer) StartCollect ¶
func (w *DnstapServer) StartCollect()
type ElasticSearchClient ¶
type ElasticSearchClient struct { *GenericWorker // contains filtered or unexported fields }
func NewElasticSearchClient ¶
func NewElasticSearchClient(config *pkgconfig.Config, console *logger.Logger, name string) *ElasticSearchClient
func (*ElasticSearchClient) ReadConfig ¶
func (w *ElasticSearchClient) ReadConfig()
func (*ElasticSearchClient) StartCollect ¶
func (w *ElasticSearchClient) StartCollect()
func (*ElasticSearchClient) StartLogging ¶
func (w *ElasticSearchClient) StartLogging()
type EpsCounters ¶
type EpsCounters struct {
Eps, EpsMax uint64
TotalEvents, TotalEventsPrev uint64
TotalRcodes, TotalQtypes map[string]float64
TotalIPVersion, TotalIPProtocol map[string]float64
TotalDNSMessages float64
TotalQueries, TotalReplies int
TotalBytes, TotalBytesSent, TotalBytesReceived int
TotalTC, TotalAA, TotalRA, TotalAD float64
TotalMalformed, TotalFragmented, TotalReasembled float64
}
EpsCounters (Events Per Second) - is a set of metrics we calculate on per-second basis. For others we rely on averaging by collector
type FalcoClient ¶
type FalcoClient struct {
*GenericWorker
}
func NewFalcoClient ¶
func NewFalcoClient(config *pkgconfig.Config, console *logger.Logger, name string) *FalcoClient
func (*FalcoClient) StartCollect ¶
func (w *FalcoClient) StartCollect()
func (*FalcoClient) StartLogging ¶
func (w *FalcoClient) StartLogging()
type FileIngestor ¶
type FileIngestor struct { *GenericWorker // contains filtered or unexported fields }
func NewFileIngestor ¶
func NewFileIngestor(next []Worker, config *pkgconfig.Config, logger *logger.Logger, name string) *FileIngestor
func (*FileIngestor) CheckConfig ¶
func (w *FileIngestor) CheckConfig()
func (*FileIngestor) ProcessDnstap ¶
func (w *FileIngestor) ProcessDnstap(filePath string) error
func (*FileIngestor) ProcessFile ¶
func (w *FileIngestor) ProcessFile(filePath string)
func (*FileIngestor) ProcessPcap ¶
func (w *FileIngestor) ProcessPcap(filePath string)
func (*FileIngestor) RegisterEvent ¶
func (w *FileIngestor) RegisterEvent(filePath string)
func (*FileIngestor) RemoveEvent ¶
func (w *FileIngestor) RemoveEvent(filePath string)
func (*FileIngestor) StartCollect ¶
func (w *FileIngestor) StartCollect()
type FluentdClient ¶
type FluentdClient struct { *GenericWorker // contains filtered or unexported fields }
func NewFluentdClient ¶
func NewFluentdClient(config *pkgconfig.Config, logger *logger.Logger, name string) *FluentdClient
func (*FluentdClient) ConnectToRemote ¶
func (w *FluentdClient) ConnectToRemote()
func (*FluentdClient) Disconnect ¶
func (w *FluentdClient) Disconnect()
func (*FluentdClient) FlushBuffer ¶
func (w *FluentdClient) FlushBuffer(buf *[]dnsutils.DNSMessage)
func (*FluentdClient) ReadConfig ¶
func (w *FluentdClient) ReadConfig()
func (*FluentdClient) StartCollect ¶
func (w *FluentdClient) StartCollect()
func (*FluentdClient) StartLogging ¶
func (w *FluentdClient) StartLogging()
type GenericWorker ¶ added in v0.45.0
type GenericWorker struct {
// contains filtered or unexported fields
}
func GetWorkerForTest ¶ added in v0.45.0
func GetWorkerForTest(bufferSize int) *GenericWorker
func NewGenericWorker ¶ added in v0.45.0
func (*GenericWorker) AddDefaultRoute ¶ added in v0.45.0
func (w *GenericWorker) AddDefaultRoute(wrk Worker)
func (*GenericWorker) AddDroppedRoute ¶ added in v0.45.0
func (w *GenericWorker) AddDroppedRoute(wrk Worker)
func (*GenericWorker) CollectDone ¶ added in v0.45.0
func (w *GenericWorker) CollectDone()
func (*GenericWorker) CountEgressTraffic ¶ added in v0.46.0
func (w *GenericWorker) CountEgressTraffic()
func (*GenericWorker) CountIngressTraffic ¶ added in v0.46.0
func (w *GenericWorker) CountIngressTraffic()
func (*GenericWorker) GetConfig ¶ added in v0.45.0
func (w *GenericWorker) GetConfig() *pkgconfig.Config
func (*GenericWorker) GetDefaultRoutes ¶ added in v0.45.0
func (w *GenericWorker) GetDefaultRoutes() []Worker
func (*GenericWorker) GetDroppedRoutes ¶ added in v0.45.0
func (w *GenericWorker) GetDroppedRoutes() []Worker
func (*GenericWorker) GetInputChannel ¶ added in v0.45.0
func (w *GenericWorker) GetInputChannel() chan dnsutils.DNSMessage
func (*GenericWorker) GetInputChannelAsList ¶ added in v0.45.0
func (w *GenericWorker) GetInputChannelAsList() []chan dnsutils.DNSMessage
func (*GenericWorker) GetLogger ¶ added in v0.45.0
func (w *GenericWorker) GetLogger() *logger.Logger
func (*GenericWorker) GetName ¶ added in v0.45.0
func (w *GenericWorker) GetName() string
func (*GenericWorker) GetOutputChannel ¶ added in v0.45.0
func (w *GenericWorker) GetOutputChannel() chan dnsutils.DNSMessage
func (*GenericWorker) GetOutputChannelAsList ¶ added in v0.45.0
func (w *GenericWorker) GetOutputChannelAsList() []chan dnsutils.DNSMessage
func (*GenericWorker) LogError ¶ added in v0.45.0
func (w *GenericWorker) LogError(msg string, v ...interface{})
func (*GenericWorker) LogFatal ¶ added in v0.45.0
func (w *GenericWorker) LogFatal(v ...interface{})
func (*GenericWorker) LogInfo ¶ added in v0.45.0
func (w *GenericWorker) LogInfo(msg string, v ...interface{})
func (*GenericWorker) LogWarning ¶ added in v1.0.0
func (w *GenericWorker) LogWarning(msg string, v ...interface{})
func (*GenericWorker) Loggers ¶ added in v0.45.0
func (w *GenericWorker) Loggers() ([]chan dnsutils.DNSMessage, []string)
func (*GenericWorker) LoggingDone ¶ added in v0.45.0
func (w *GenericWorker) LoggingDone()
func (*GenericWorker) Monitor ¶ added in v0.45.0
func (w *GenericWorker) Monitor()
func (*GenericWorker) NewConfig ¶ added in v0.45.0
func (w *GenericWorker) NewConfig() chan *pkgconfig.Config
func (*GenericWorker) OnLoggerStopped ¶ added in v0.45.0
func (w *GenericWorker) OnLoggerStopped() chan bool
func (*GenericWorker) OnStop ¶ added in v0.45.0
func (w *GenericWorker) OnStop() chan bool
func (*GenericWorker) ReadConfig ¶ added in v0.45.0
func (w *GenericWorker) ReadConfig()
func (*GenericWorker) ReloadConfig ¶ added in v0.45.0
func (w *GenericWorker) ReloadConfig(config *pkgconfig.Config)
func (*GenericWorker) SendDroppedTo ¶ added in v0.46.0
func (w *GenericWorker) SendDroppedTo(routes []chan dnsutils.DNSMessage, routesName []string, dm dnsutils.DNSMessage)
func (*GenericWorker) SendForwardedTo ¶ added in v0.46.0
func (w *GenericWorker) SendForwardedTo(routes []chan dnsutils.DNSMessage, routesName []string, dm dnsutils.DNSMessage)
func (*GenericWorker) SetConfig ¶ added in v0.45.0
func (w *GenericWorker) SetConfig(config *pkgconfig.Config)
func (*GenericWorker) SetDefaultDropped ¶ added in v0.45.0
func (w *GenericWorker) SetDefaultDropped(workers []Worker)
func (*GenericWorker) SetDefaultRoutes ¶ added in v0.45.0
func (w *GenericWorker) SetDefaultRoutes(workers []Worker)
func (*GenericWorker) SetLoggers ¶ added in v0.45.0
func (w *GenericWorker) SetLoggers(loggers []Worker)
func (*GenericWorker) SetMetrics ¶ added in v0.46.0
func (w *GenericWorker) SetMetrics(metrics *telemetry.PrometheusCollector)
func (*GenericWorker) StartCollect ¶ added in v0.45.0
func (w *GenericWorker) StartCollect()
func (*GenericWorker) StartLogging ¶ added in v0.45.0
func (w *GenericWorker) StartLogging()
func (*GenericWorker) Stop ¶ added in v0.45.0
func (w *GenericWorker) Stop()
func (*GenericWorker) StopLogger ¶ added in v0.45.0
func (w *GenericWorker) StopLogger()
func (*GenericWorker) WorkerIsBusy ¶ added in v0.45.0
func (w *GenericWorker) WorkerIsBusy(name string)
type HitsRecord ¶
type HitsStream ¶
type InfluxDBClient ¶
type InfluxDBClient struct { *GenericWorker // contains filtered or unexported fields }
func NewInfluxDBClient ¶
func NewInfluxDBClient(config *pkgconfig.Config, logger *logger.Logger, name string) *InfluxDBClient
func (*InfluxDBClient) StartCollect ¶
func (w *InfluxDBClient) StartCollect()
func (*InfluxDBClient) StartLogging ¶
func (w *InfluxDBClient) StartLogging()
type KafkaProducer ¶
type KafkaProducer struct { *GenericWorker // contains filtered or unexported fields }
func NewKafkaProducer ¶
func NewKafkaProducer(config *pkgconfig.Config, logger *logger.Logger, name string) *KafkaProducer
func (*KafkaProducer) ConnectToKafka ¶
func (w *KafkaProducer) ConnectToKafka(ctx context.Context, readyTimer *time.Timer)
func (*KafkaProducer) Disconnect ¶
func (w *KafkaProducer) Disconnect()
func (*KafkaProducer) FlushBuffer ¶
func (w *KafkaProducer) FlushBuffer(buf *[]dnsutils.DNSMessage)
func (*KafkaProducer) ReadConfig ¶
func (w *KafkaProducer) ReadConfig()
func (*KafkaProducer) StartCollect ¶
func (w *KafkaProducer) StartCollect()
func (*KafkaProducer) StartLogging ¶
func (w *KafkaProducer) StartLogging()
type LogFile ¶
type LogFile struct { *GenericWorker // contains filtered or unexported fields }
func NewLogFile ¶
func (*LogFile) CompressFile ¶
func (w *LogFile) CompressFile()
func (*LogFile) CompressPostRotateCommand ¶
func (*LogFile) FlushWriters ¶
func (w *LogFile) FlushWriters()
func (*LogFile) GetMaxSize ¶
func (*LogFile) PostRotateCommand ¶
func (*LogFile) ReadConfig ¶
func (w *LogFile) ReadConfig()
func (*LogFile) RotateFile ¶
func (*LogFile) StartCollect ¶
func (w *LogFile) StartCollect()
func (*LogFile) StartLogging ¶
func (w *LogFile) StartLogging()
func (*LogFile) WriteToDnstap ¶
func (*LogFile) WriteToPcap ¶
func (w *LogFile) WriteToPcap(dm dnsutils.DNSMessage, pkt []gopacket.SerializableLayer)
func (*LogFile) WriteToPlain ¶
type LokiClient ¶
type LokiClient struct { *GenericWorker // contains filtered or unexported fields }
func NewLokiClient ¶
func NewLokiClient(config *pkgconfig.Config, logger *logger.Logger, name string) *LokiClient
func (*LokiClient) ReadConfig ¶
func (w *LokiClient) ReadConfig()
func (*LokiClient) SendEntries ¶
func (w *LokiClient) SendEntries(buf []byte)
func (*LokiClient) StartCollect ¶
func (w *LokiClient) StartCollect()
func (*LokiClient) StartLogging ¶
func (w *LokiClient) StartLogging()
type LokiStream ¶
type LokiStream struct {
// contains filtered or unexported fields
}
func (*LokiStream) Encode2Proto ¶
func (w *LokiStream) Encode2Proto() ([]byte, error)
func (*LokiStream) Init ¶
func (w *LokiStream) Init()
func (*LokiStream) ResetEntries ¶
func (w *LokiStream) ResetEntries()
type MatchSource ¶
type MatchSource struct {
// contains filtered or unexported fields
}
type PdnsProcessor ¶
type PdnsProcessor struct { *GenericWorker ConnID int PeerName string // contains filtered or unexported fields }
func NewPdnsProcessor ¶
func (*PdnsProcessor) GetDataChannel ¶ added in v0.45.0
func (w *PdnsProcessor) GetDataChannel() chan []byte
func (*PdnsProcessor) StartCollect ¶ added in v0.45.0
func (w *PdnsProcessor) StartCollect()
type PdnsServer ¶
type PdnsServer struct { *GenericWorker // contains filtered or unexported fields }
func NewPdnsServer ¶
func NewPdnsServer(next []Worker, config *pkgconfig.Config, logger *logger.Logger, name string) *PdnsServer
func (*PdnsServer) CheckConfig ¶
func (w *PdnsServer) CheckConfig()
func (*PdnsServer) HandleConn ¶
func (*PdnsServer) StartCollect ¶
func (w *PdnsServer) StartCollect()
type PromCounterCatalogueContainer ¶
type PromCounterCatalogueContainer struct { sync.RWMutex // contains filtered or unexported fields }
PromCounterCatalogueContainer is the implementation of PrometheusCountersCatalogue interface That maps a single label into other Containers or CounterSet The 'chain' of nested Containers keep track of labelNames requested by the config to figure out whether nested Container should be created, or, if all labels but the last one already considered at the upper levels, it is time to create individual CounterSet
func CreateSystemCatalogue ¶
func CreateSystemCatalogue(w *Prometheus) ([]string, *PromCounterCatalogueContainer)
This function checks the configuration, to determine which label dimensions were requested by configuration, and returns correct implementation of Catalogue.
func NewPromCounterCatalogueContainer ¶
func NewPromCounterCatalogueContainer(w *Prometheus, selLabels []string, l map[string]string) *PromCounterCatalogueContainer
func (*PromCounterCatalogueContainer) GetAllCounterSets ¶
func (w *PromCounterCatalogueContainer) GetAllCounterSets() []*PrometheusCountersSet
Returns a slice of all PrometheusCountersSet in a Container
func (*PromCounterCatalogueContainer) GetCountersSet ¶
func (w *PromCounterCatalogueContainer) GetCountersSet(dm *dnsutils.DNSMessage) PrometheusCountersCatalogue
Searches for an existing element for a label value, creating one if not found
type Prometheus ¶
type Prometheus struct { *GenericWorker sync.Mutex // contains filtered or unexported fields }
func NewPrometheus ¶
func NewPrometheus(config *pkgconfig.Config, logger *logger.Logger, name string) *Prometheus
func (*Prometheus) ComputeEventsPerSecond ¶
func (w *Prometheus) ComputeEventsPerSecond()
func (*Prometheus) InitProm ¶
func (w *Prometheus) InitProm()
func (*Prometheus) ListenAndServe ¶
func (w *Prometheus) ListenAndServe()
func (*Prometheus) ReadConfig ¶
func (w *Prometheus) ReadConfig()
func (*Prometheus) Record ¶
func (w *Prometheus) Record(dm dnsutils.DNSMessage)
func (*Prometheus) StartCollect ¶
func (w *Prometheus) StartCollect()
func (*Prometheus) StartLogging ¶
func (w *Prometheus) StartLogging()
type PrometheusCountersCatalogue ¶
type PrometheusCountersCatalogue interface { // Prometheus logger encapsulates stats counters (PrometheusCounterSet) inside // PromCounterCatalogueContainer's. For each label the logger creates a nested level // of containers. // Containers and CounterSets must implemnent PrometheusCountersCatalogue interface // to allow fetching a CounterSet by the list of metric/values by fetching values from // the DNS message it logs. // There is a schematic sample layout when there are 2 labels considered at the end of this file GetCountersSet(*dnsutils.DNSMessage) PrometheusCountersCatalogue }
type PrometheusCountersSet ¶
type PrometheusCountersSet struct { sync.Mutex // Each PrometheusCountersSet locks independently // contains filtered or unexported fields }
This type represents a set of counters for a unique set of label name=value pairs. By default, we create a set per setream_id for backward compatibility However, we can allow slicing and dicing data using more dimensions. Each CounterSet is registered with Prometheus collection independently (wrapping label values)
func (*PrometheusCountersSet) Collect ¶
func (w *PrometheusCountersSet) Collect(ch chan<- prometheus.Metric)
func (*PrometheusCountersSet) ComputeEventsPerSecond ¶
func (w *PrometheusCountersSet) ComputeEventsPerSecond()
func (*PrometheusCountersSet) Describe ¶
func (w *PrometheusCountersSet) Describe(ch chan<- *prometheus.Desc)
each CounterSet has the same list of timeseries descriptors, so it uses descriptros from the Prometheus instance the set belongs to.
func (*PrometheusCountersSet) GetCountersSet ¶
func (w *PrometheusCountersSet) GetCountersSet(dm *dnsutils.DNSMessage) PrometheusCountersCatalogue
func (*PrometheusCountersSet) Record ¶
func (w *PrometheusCountersSet) Record(dm dnsutils.DNSMessage)
Updates all counters for a specific set of labelName=labelValue
type RedisPub ¶
type RedisPub struct { *GenericWorker // contains filtered or unexported fields }
func NewRedisPub ¶
func (*RedisPub) ConnectToRemote ¶
func (w *RedisPub) ConnectToRemote()
func (*RedisPub) Disconnect ¶
func (w *RedisPub) Disconnect()
func (*RedisPub) FlushBuffer ¶
func (w *RedisPub) FlushBuffer(buf *[]dnsutils.DNSMessage)
func (*RedisPub) ReadConfig ¶
func (w *RedisPub) ReadConfig()
func (*RedisPub) ReadFromConnection ¶
func (w *RedisPub) ReadFromConnection()
func (*RedisPub) StartCollect ¶
func (w *RedisPub) StartCollect()
func (*RedisPub) StartLogging ¶
func (w *RedisPub) StartLogging()
type RestAPI ¶
type RestAPI struct { *GenericWorker HitsStream HitsStream HitsUniq HitsUniq Streams map[string]int `json:"streams"` TopQnames *topmap.TopMap TopClients *topmap.TopMap TopTLDs *topmap.TopMap TopNonExistent *topmap.TopMap TopServFail *topmap.TopMap sync.RWMutex // contains filtered or unexported fields }
func NewRestAPI ¶
func (*RestAPI) DeleteResetHandler ¶
func (w *RestAPI) DeleteResetHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetClientsHandler ¶
func (w *RestAPI) GetClientsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetDomainsHandler ¶
func (w *RestAPI) GetDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetNxDomainsHandler ¶
func (w *RestAPI) GetNxDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetSearchHandler ¶
func (w *RestAPI) GetSearchHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetSfDomainsHandler ¶
func (w *RestAPI) GetSfDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetStreamsHandler ¶
func (w *RestAPI) GetStreamsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetSuspiciousHandler ¶
func (w *RestAPI) GetSuspiciousHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetTLDsHandler ¶
func (w *RestAPI) GetTLDsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetTopClientsHandler ¶
func (w *RestAPI) GetTopClientsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetTopDomainsHandler ¶
func (w *RestAPI) GetTopDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetTopNxDomainsHandler ¶
func (w *RestAPI) GetTopNxDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetTopSfDomainsHandler ¶
func (w *RestAPI) GetTopSfDomainsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) GetTopTLDsHandler ¶
func (w *RestAPI) GetTopTLDsHandler(httpWriter http.ResponseWriter, r *http.Request)
func (*RestAPI) ListenAndServe ¶
func (w *RestAPI) ListenAndServe()
func (*RestAPI) ReadConfig ¶
func (w *RestAPI) ReadConfig()
func (*RestAPI) RecordDNSMessage ¶
func (w *RestAPI) RecordDNSMessage(dm dnsutils.DNSMessage)
func (*RestAPI) StartCollect ¶
func (w *RestAPI) StartCollect()
func (*RestAPI) StartLogging ¶
func (w *RestAPI) StartLogging()
type ScalyrClient ¶
type ScalyrClient struct { *GenericWorker // contains filtered or unexported fields }
ScalyrClient is a client for Scalyr(https://www.dataset.com/) This client is using the addEvents endpoint, described here: https://app.scalyr.com/help/api#addEvents
func NewScalyrClient ¶
func NewScalyrClient(config *pkgconfig.Config, console *logger.Logger, name string) *ScalyrClient
func (*ScalyrClient) ReadConfig ¶
func (w *ScalyrClient) ReadConfig()
func (*ScalyrClient) StartCollect ¶
func (w *ScalyrClient) StartCollect()
func (*ScalyrClient) StartLogging ¶
func (w *ScalyrClient) StartLogging()
type SearchBy ¶
type SearchBy struct { Clients map[string]*HitsRecord Domains map[string]*HitsRecord }
type StatsPerStream ¶
type StatsdClient ¶
type StatsdClient struct { *GenericWorker Stats StreamStats sync.RWMutex }
func NewStatsdClient ¶
func NewStatsdClient(config *pkgconfig.Config, logger *logger.Logger, name string) *StatsdClient
func (*StatsdClient) ReadConfig ¶
func (w *StatsdClient) ReadConfig()
func (*StatsdClient) RecordDNSMessage ¶
func (w *StatsdClient) RecordDNSMessage(dm dnsutils.DNSMessage)
func (*StatsdClient) StartCollect ¶
func (w *StatsdClient) StartCollect()
func (*StatsdClient) StartLogging ¶
func (w *StatsdClient) StartLogging()
type StdOut ¶
type StdOut struct { *GenericWorker // contains filtered or unexported fields }
func (*StdOut) ReadConfig ¶
func (w *StdOut) ReadConfig()
func (*StdOut) SetPcapWriter ¶
func (*StdOut) SetTextWriter ¶
func (*StdOut) StartCollect ¶
func (w *StdOut) StartCollect()
func (*StdOut) StartLogging ¶
func (w *StdOut) StartLogging()
type StreamStats ¶
type StreamStats struct {
Streams map[string]*StatsPerStream
}
type Syslog ¶
type Syslog struct { *GenericWorker // contains filtered or unexported fields }
func (*Syslog) ConnectToRemote ¶
func (w *Syslog) ConnectToRemote()
func (*Syslog) FlushBuffer ¶
func (w *Syslog) FlushBuffer(buf *[]dnsutils.DNSMessage)
func (*Syslog) ReadConfig ¶
func (w *Syslog) ReadConfig()
func (*Syslog) StartCollect ¶
func (w *Syslog) StartCollect()
func (*Syslog) StartLogging ¶
func (w *Syslog) StartLogging()
type TCPClient ¶
type TCPClient struct { *GenericWorker // contains filtered or unexported fields }
func NewTCPClient ¶
func (*TCPClient) ConnectToRemote ¶
func (w *TCPClient) ConnectToRemote()
func (*TCPClient) Disconnect ¶
func (w *TCPClient) Disconnect()
func (*TCPClient) FlushBuffer ¶
func (w *TCPClient) FlushBuffer(buf *[]dnsutils.DNSMessage)
func (*TCPClient) ReadConfig ¶
func (w *TCPClient) ReadConfig()
func (*TCPClient) ReadFromConnection ¶
func (w *TCPClient) ReadFromConnection()
func (*TCPClient) StartCollect ¶
func (w *TCPClient) StartCollect()
func (*TCPClient) StartLogging ¶
func (w *TCPClient) StartLogging()
type TZSPSniffer ¶
type TZSPSniffer struct { *GenericWorker // contains filtered or unexported fields }
func NewTZSP ¶
func NewTZSP(next []Worker, config *pkgconfig.Config, logger *logger.Logger, name string) *TZSPSniffer
func (*TZSPSniffer) Listen ¶
func (w *TZSPSniffer) Listen() error
func (*TZSPSniffer) StartCollect ¶
func (w *TZSPSniffer) StartCollect()
type Tail ¶
type Tail struct { *GenericWorker // contains filtered or unexported fields }
func (*Tail) StartCollect ¶
func (w *Tail) StartCollect()
type Worker ¶ added in v0.45.0
type Worker interface { SetMetrics(metrics *telemetry.PrometheusCollector) AddDefaultRoute(wrk Worker) AddDroppedRoute(wrk Worker) SetLoggers(loggers []Worker) GetName() string Stop() StartCollect() CountIngressTraffic() CountEgressTraffic() GetInputChannel() chan dnsutils.DNSMessage ReadConfig() ReloadConfig(config *pkgconfig.Config) }
type XDPSniffer ¶
type XDPSniffer struct {
*GenericWorker
}
func NewXDPSniffer ¶
func NewXDPSniffer(next []Worker, config *pkgconfig.Config, logger *logger.Logger, name string) *XDPSniffer
func (*XDPSniffer) StartCollect ¶
func (w *XDPSniffer) StartCollect()
Source Files ¶
- clickhouse.go
- devnull.go
- dnsmessage.go
- dnsprocessor.go
- dnstap_relay.go
- dnstapclient.go
- dnstapserver.go
- elasticsearch.go
- falco.go
- file_ingestor.go
- file_tail.go
- fluentd.go
- influxdb.go
- kafkaproducer.go
- logfile.go
- lokiclient.go
- powerdns.go
- prometheus.go
- redispub.go
- restapi.go
- scalyr.go
- sniffer_afpacket_linux.go
- sniffer_xdp.go
- statsd.go
- stdout.go
- syslog.go
- tcpclient.go
- tzsp_linux.go
- worker.go