Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ProcessItems = struct { Commandline ProcessItem Executable ProcessItem Executablepath ProcessItem }{ "CommandLine", "Executable", "ExecutablePath", }
Functions ¶
This section is empty.
Types ¶
type DetectionCondition ¶
type DetectionCondition struct {
Condition string `json:"condition"` // - $contains(svc) – Matches if svc appears anywhere in the process property value.\n- $eq(svc.exe) – Matches if svc.exe matches the process property value exactly.\n- $prefix(svc) – Matches if app matches the prefix of the process property value.\n- $suffix(svc.py) – Matches if svc.py matches the suffix of the process property value.\n\nFor example, $suffix(svc.py) would detect processes named loyaltysvc.py and paymentssvc.py.\n\nFor more details, see [Process availability](https://dt-url.net/v923x37).
Property ProcessItem `json:"property"` // Possible Values: `Executable`, `ExecutablePath`, `CommandLine`
}
func (*DetectionCondition) MarshalHCL ¶
func (me *DetectionCondition) MarshalHCL(properties hcl.Properties) error
func (*DetectionCondition) Schema ¶
func (me *DetectionCondition) Schema() map[string]*schema.Schema
func (*DetectionCondition) UnmarshalHCL ¶
func (me *DetectionCondition) UnmarshalHCL(decoder hcl.Decoder) error
type DetectionConditions ¶
type DetectionConditions []*DetectionCondition
func (DetectionConditions) MarshalHCL ¶
func (me DetectionConditions) MarshalHCL(properties hcl.Properties) error
func (*DetectionConditions) Schema ¶
func (me *DetectionConditions) Schema() map[string]*schema.Schema
func (*DetectionConditions) UnmarshalHCL ¶
func (me *DetectionConditions) UnmarshalHCL(decoder hcl.Decoder) error
type MetadataItem ¶
type MetadataItem struct {
MetadataKey string `json:"metadataKey"` // Type 'dt.' for key hints.
MetadataValue string `json:"metadataValue"`
}
func (*MetadataItem) MarshalHCL ¶
func (me *MetadataItem) MarshalHCL(properties hcl.Properties) error
func (*MetadataItem) UnmarshalHCL ¶
func (me *MetadataItem) UnmarshalHCL(decoder hcl.Decoder) error
type MetadataItems ¶
type MetadataItems []*MetadataItem
func (MetadataItems) MarshalHCL ¶
func (me MetadataItems) MarshalHCL(properties hcl.Properties) error
func (*MetadataItems) UnmarshalHCL ¶
func (me *MetadataItems) UnmarshalHCL(decoder hcl.Decoder) error
type ProcessItem ¶
type ProcessItem string
type Settings ¶
type Settings struct {
Enabled bool `json:"enabled"` // This setting is enabled (`true`) or disabled (`false`)
Metadata MetadataItems `json:"metadata,omitempty"` // Set of additional key-value properties to be attached to the triggered event.
Name string `json:"name"` // Monitored rule name
Rules DetectionConditions `json:"rules,omitempty"` // Define process detection rules by selecting a process property and a condition. Each monitoring rule can have multiple detection rules associated with it.
Scope *string `json:"-" scope:"scope"` // The scope of this setting (HOST, HOST_GROUP). Omit this property if you want to cover the whole environment.
}
func (*Settings) MarshalHCL ¶
func (me *Settings) MarshalHCL(properties hcl.Properties) error
Source Files
Click to show internal directories.
Click to hide internal directories.