Documentation
¶
Index ¶
- Constants
- type AttachType
- type CloseEvent
- type ConnectEvent
- type DataEvent
- func (se *DataEvent) CGroupName() string
- func (se *DataEvent) Decode(payload []byte) (err error)
- func (se *DataEvent) IsBlank() bool
- func (se *DataEvent) Key() string
- func (se *DataEvent) Payload() []byte
- func (se *DataEvent) PayloadLen() int
- func (se *DataEvent) PayloadTrimmed(n int) []byte
- func (se *DataEvent) SSL() bool
- func (se *DataEvent) Source() string
- func (se *DataEvent) Type() string
- type DebugEvent
- type EventType
- type GetsocknameEvent
- type IEvent
Constants ¶
View Source
const ( TypeEgress = "egress" TypeIngress = "ingress" )
View Source
const MaxDataSize = 1024 * 4
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CloseEvent ¶
type CloseEvent struct {
EventType uint64 `json:"eventType"`
TimestampNs uint64 `json:"timestampNs"`
PID uint32 `json:"pid"`
TID uint32 `json:"tid"`
FD uint32 `json:"fd"`
}
CloseEvent is sent from ebpf when a socket is closed, see corresponding: struct close_event_t
func (*CloseEvent) Decode ¶
func (ce *CloseEvent) Decode(payload []byte) (err error)
func (*CloseEvent) Key ¶
func (ce *CloseEvent) Key() string
type ConnectEvent ¶
type ConnectEvent struct {
EventType uint64 `json:"eventType"`
Type uint64 `json:"type"`
TimestampNs uint64 `json:"timestampNs"`
PID uint32 `json:"pid"`
TID uint32 `json:"tid"`
FD uint32 `json:"fd"`
SourceHost uint32 `json:"source_host"`
SourcePort uint16 `json:"source_port"`
DestHost uint32 `json:"dest_host"`
DestPort uint16 `json:"dest_port"`
CGroup [128]byte `json:"cgroup"`
}
ConnectEvent is sent from ebpf when a socket is connected, see corresponding: struct connect_event_t
func (*ConnectEvent) CGroupName ¶
func (ce *ConnectEvent) CGroupName() string
func (*ConnectEvent) Decode ¶
func (ce *ConnectEvent) Decode(payload []byte) (err error)
func (*ConnectEvent) DestAddr ¶
func (ce *ConnectEvent) DestAddr() string
func (*ConnectEvent) Key ¶
func (ce *ConnectEvent) Key() string
func (*ConnectEvent) SourceAddr ¶
func (ce *ConnectEvent) SourceAddr() string
func (*ConnectEvent) TypeStr ¶
func (ce *ConnectEvent) TypeStr() string
type DataEvent ¶
type DataEvent struct {
EventType uint64 `json:"eventType"`
DataType uint64 `json:"dataType"`
Timestamp uint64 `json:"timestamp"`
PID uint32 `json:"pid"`
TID uint32 `json:"tid"`
CGroup [128]byte `json:"cgroup"`
FD uint32 `json:"fd"`
Version int32 `json:"version"`
SSLPtr int64 `json:"sslPtr"`
DataLen int32 `json:"dataLen"`
Data [MaxDataSize]byte `json:"data"`
}
DataEvent is sent from ebpf when data is sent or received over a socket, see corresponding: struct data_event_t
func (*DataEvent) CGroupName ¶
func (*DataEvent) IsBlank ¶
IsBlank returns true if the event's payload contains only zero bytes, for some reason we get sent this from ebpf..
func (*DataEvent) PayloadLen ¶
func (*DataEvent) PayloadTrimmed ¶
type DebugEvent ¶
type DebugEvent struct {
EventType uint64 `json:"eventType"`
TimestampNs uint64 `json:"timestampNs"`
PID uint32 `json:"pid"`
TID uint32 `json:"tid"`
FD uint32 `json:"fd"`
DataLen int32 `json:"dataLen"`
Data [300]byte `json:"data"`
}
CloseEvent is sent from ebpf when a socket is closed, see corresponding: struct close_event_t
func (*DebugEvent) Decode ¶
func (de *DebugEvent) Decode(payload []byte) (err error)
func (*DebugEvent) Key ¶
func (de *DebugEvent) Key() string
func (*DebugEvent) Payload ¶
func (de *DebugEvent) Payload() []byte
type GetsocknameEvent ¶
type GetsocknameEvent struct {
EventType uint64 `json:"eventType"`
TimestampNs uint64 `json:"timestampNs"`
PID uint32 `json:"pid"`
TID uint32 `json:"tid"`
FD uint32 `json:"fd"`
Host uint32 `json:"host"`
Port uint16 `json:"port"`
}
CloseEvent is sent from ebpf when a socket is closed, see corresponding: struct close_event_t
func (*GetsocknameEvent) Addr ¶
func (de *GetsocknameEvent) Addr() string
func (*GetsocknameEvent) Decode ¶
func (de *GetsocknameEvent) Decode(payload []byte) (err error)
func (*GetsocknameEvent) Key ¶
func (de *GetsocknameEvent) Key() string
Source Files
Click to show internal directories.
Click to hide internal directories.