Documentation ¶
Index ¶
- Constants
- Variables
- func GetDmarcChartData(start, end, domain string) (chartReturn, error)
- func GetDmarcReportGeneral(startdate, endate, domain string) getSummaryReturn
- func GetDomainList() pq.StringArray
- func GetOrgDomain(domain string) (orgDomain string, err error)
- func GetReportingDB() *runner.DB
- func GetTheRunner(prefix string) (theRunner *runner.DB)
- func InitDBRunner(prefix string) (db *runner.DB)
- func InitSQLDB(prefix string) (sqlDB *sql.DB)
- func QSummary(domain string, start int64, end int64) ([]DmarcReportingSummary, DomainSummaryCounts)
- type AggregateReport
- type AggregateReportRecord
- type ChartContainer
- type DBConnectInfo
- type DBHandle
- type DKIMAuthResult
- type DMARCStats
- type DmarcDailyBuckets
- type DmarcReportingDefault
- type DmarcReportingForwarded
- type DmarcReportingFull
- type DmarcReportingSummary
- type DmarcReportingSummaryList
- type DomainSummaryCounts
- type POReason
- type SBGeo
- type SPFAuthResult
- type Values
- type Volume
Constants ¶
const MAX_ROWS = 2500
Variables ¶
var ( DB *sql.DB ARRTable = os.Getenv("ARRTable") ARTable = os.Getenv("ARTable") // variables that are settable from outside routines: // SetMaxIdleConns maximum number of idle connections to DB SetMaxIdleConns = 4 // SetMaxOpenConns maximum number of open connections to DB SetMaxOpenConns = 16 AppName string DBreporting *runner.DB SessionReady = false Sess *session.Session SvcSNS *sns.SNS SvcLambda *lambda.Lambda SnsRegion = os.Getenv("AWS_REGION") LambdaRegion = os.Getenv("AWS_REGION") DreTable = "dmarc_reporting_entries" RecordChunk = 10000 AwsConfig = aws.Config{ Credentials: credentials.NewChainCredentials( []credentials.Provider{ &credentials.EnvProvider{}, &ec2rolecreds.EC2RoleProvider{ ExpiryWindow: 5 * time.Minute, }, }, ), } )
Functions ¶
func GetDmarcChartData ¶
func GetDmarcReportGeneral ¶
func GetDmarcReportGeneral(startdate, endate, domain string) getSummaryReturn
func GetDomainList ¶
func GetDomainList() pq.StringArray
GetDomainList returns the array of domains users have set up the dmarc policy for
func GetOrgDomain ¶
GetOrgDomain returns the org domain for the input domain according to the mechanisms of code in the publicsuffix package
func GetReportingDB ¶
func GetTheRunner ¶
func InitDBRunner ¶
func QSummary ¶
func QSummary(domain string, start int64, end int64) ([]DmarcReportingSummary, DomainSummaryCounts)
QSummary is a summary view of dmarc evaluations per sender Possible cases to consider: 1. Sender company name is resolved -> use name 2. Sender domain but not name is resolved -> use domain 3. Sender domain and name both unresolved -> use IP
Types ¶
type AggregateReport ¶
type AggregateReport struct { MessageId string `db:"MessageId"` Organization string `xml:"report_metadata>org_name" db:"Organization"` Email string `xml:"report_metadata>email" db:"Email"` ExtraContact string `xml:"report_metadata>extra_contact_info" db:"ExtraContact"` // minOccurs="0" ReportID string `xml:"report_metadata>report_id" db:"ReportID"` RawDateRangeBegin string `xml:"report_metadata>date_range>begin" db:"RawDateRangeBegin"` RawDateRangeEnd string `xml:"report_metadata>date_range>end" db:"RawDateRangeEnd"` DateRangeBegin int64 `db:"DateRangeBegin"` DateRangeEnd int64 `db:"DateRangeEnd"` Errors []string `xml:"report_metadata>error" db:"Errors"` Domain string `xml:"policy_published>domain" db:"Domain"` AlignDKIM string `xml:"policy_published>adkim" db:"AlignDKIM"` // minOccurs="0" AlignSPF string `xml:"policy_published>aspf" db:"AlignSPF"` // minOccurs="0" Policy string `xml:"policy_published>p" db:"Policy"` SubdomainPolicy string `xml:"policy_published>sp" db:"SubdomainPolicy"` Percentage int `xml:"policy_published>pct" db:"Percentage"` FailureReport string `xml:"policy_published>fo" db:"FailureReport"` Records []AggregateReportRecord `xml:"record" db:"Records"` }
type AggregateReportRecord ¶
type AggregateReportRecord struct { SourceIP string `xml:"row>source_ip" db:"SourceIP"` Count int64 `xml:"row>count" db:"Count"` Disposition string `xml:"row>policy_evaluated>disposition" db:"Disposition"` // ignore, quarantine, reject EvalDKIM string `xml:"row>policy_evaluated>dkim" db:"EvalDKIM"` // pass, fail EvalSPF string `xml:"row>policy_evaluated>spf" db:"EvalSPF"` // pass, fail POReason []POReason `xml:"row>policy_evaluated>reason" db:"POReason"` HeaderFrom string `xml:"identifiers>header_from" db:"HeaderFrom"` EnvelopeFrom string `xml:"identifiers>envelope_from" db:"EnvelopeFrom"` EnvelopeTo string `xml:"identifiers>envelope_to" db:"EnvelopeTo"` // min 0 AuthDKIM []DKIMAuthResult `xml:"auth_results>dkim" db:"AuthDKIM"` // min 0 AuthSPF []SPFAuthResult `xml:"auth_results>spf" db:"AuthSPF"` AggregateReport_id string `db:"AggregateReport_id"` RecordNumber int64 `db:"RecordNumber"` }
type ChartContainer ¶
type ChartContainer struct { Full []result `json:"full"` Pass []result `json:"pass"` Fail []result `json:"fail"` }
ChartContainer structure of result
func GetDmarcDatedWeeklyChart ¶
func GetDmarcDatedWeeklyChart(domain string, start, end int64) (ChartContainer, error)
GetDmarcDatedWeeklyChart returns the weekly dmarc data
type DBConnectInfo ¶
type DBConnectInfo struct {
// contains filtered or unexported fields
}
type DKIMAuthResult ¶
type DKIMAuthResult struct { Domain string `xml:"domain" db:"Domain"` Selector string `xml:"selector" db:"Selector"` Result string `xml:"result" db:"Result"` HumanResult string `xml:"human_result" db:"HumanResult"` AggregateReport_id string `db:"AggregateReport_id"` RecordNumber int64 `db:"RecordNumber"` }
type DMARCStats ¶
type DmarcDailyBuckets ¶
type DmarcReportingDefault ¶
type DmarcReportingDefault struct { SourceIP string `json:"source_ip" db:"source_ip"` ESP string `json:"esp" db:"esp"` HostName string `json:"host_name" db:"host_name"` DomainName string `json:"domain_name" db:"domain_name"` Country string `json:"country" db:"country"` MessageCount int64 `json:"message_count" db:"message_count"` Disposition string `json:"disposition" db:"disposition"` EvalDKIM string `json:"eval_dkim" db:"eval_dkim"` EvalSPF string `json:"eval_spf" db:"eval_spf"` ReverseLookup []string `json:"reverse_lookup" db:"reverse_lookup"` }
DmarcReportingDefault structure used to
func (DmarcReportingDefault) Label ¶
func (d DmarcReportingDefault) Label() (source string, sourceType string)
type DmarcReportingForwarded ¶
type DmarcReportingForwarded struct { SourceIP string `json:"source_ip" db:"source_ip"` ESP string `json:"esp" db:"esp"` DomainName string `json:"domain_name" db:"domain_name"` HostName string `json:"host_name" db:"host_name"` ReverseLookup []string `json:"reverse_lookup" db:"reverse_lookup"` Country string `json:"country" db:"country"` MessageCount int64 `json:"message_count" db:"message_count"` Disposition string `json:"disposition" db:"disposition"` EvalDKIM string `json:"eval_dkim" db:"eval_dkim"` EvalSPF string `json:"eval_spf" db:"eval_spf"` HeaderFrom string `json:"header_from" db:"header_from"` EnvelopeFrom string `json:"envelope_from" db:"envelope_from"` EnvelopeTo string `json:"envelope_to" db:"envelope_to"` AuthDKIMDomain []string `json:"auth_dkim_domain" db:"auth_dkim_domain"` AuthDKIMSelector []string `json:"auth_dkim_selector" db:"auth_dkim_selector"` AuthDKIMResult []string `json:"auth_dkim_result" db:"auth_dkim_result"` AuthSPFDomain []string `json:"auth_spf_domain" db:"auth_spf_domain"` AuthSPFScope []string `json:"auth_spf_scope" db:"auth_spf_scope"` AuthSPFResult []string `json:"auth_spf_result" db:"auth_spf_result"` POReason []string `json:"po_reason" db:"po_reason"` POComment []string `json:"po_comment" db:"po_comment"` Count int64 `json:"count,omitempty" db:"count"` // used with queries involving SUM(message_count) AS count }
DmarcReportingForwarded structure feeds the data used to generate detail table
func GetDmarcReportDetail ¶
func GetDmarcReportDetail(startdate, endate, domain, source, sourcetype string) []DmarcReportingForwarded
GetDmarcReportDetail returns the dmarc report details used to be shown on detail panel
type DmarcReportingFull ¶
type DmarcReportingFull struct { MessageId string `json:"message_id" db:"message_id"` RecordNumber int64 `json:"record_number" db:"record_number"` Domain string `json:"domain" db:"domain"` Policy string `json:"policy" db:"policy"` SubdomainPolicy string `json:"subdomain_policy" db:"subdomain_policy"` AlignDKIM string `json:"align_dkim" db:"align_dkim"` AlignSPF string `json:"align_spf" db:"align_spf"` Pct int `json:"pct" db:"pct"` SourceIP string `json:"source_ip" db:"source_ip"` ESP string `json:"esp" db:"esp"` OrgName string `json:"org_name" db:"org_name"` OrgId string `json:"org_id" db:"org_id"` HostName string `json:"host_name" db:"host_name"` DomainName string `json:"domain_name" db:"domain_name"` HostnameMatchesIP string `json:"host_name_matches_ip" db:"host_name_matches_ip"` City string `json:"city" db:"city"` State string `json:"state" db:"state"` Country string `json:"country" db:"country"` Longitude string `json:"longitude" db:"longitude"` Latitude string `json:"latitude" db:"latitude"` ReverseLookup []string `json:"reverse_lookup" db:"reverse_lookup"` MessageCount int64 `json:"message_count" db:"message_count"` Disposition string `json:"disposition" db:"disposition"` EvalDKIM string `json:"eval_dkim" db:"eval_dkim"` EvalSPF string `json:"eval_spf" db:"eval_spf"` HeaderFrom string `json:"header_from" db:"header_from"` EnvelopeFrom string `json:"envelope_from" db:"envelope_from"` EnvelopeTo string `json:"envelope_to" db:"envelope_to"` AuthDKIMDomain []string `json:"auth_dkim_domain" db:"auth_dkim_domain"` AuthDKIMSelector []string `json:"auth_dkim_selector" db:"auth_dkim_selector"` AuthDKIMResult []string `json:"auth_dkim_result" db:"auth_dkim_result"` AuthSPFDomain []string `json:"auth_spf_domain" db:"auth_spf_domain"` AuthSPFScope []string `json:"auth_spf_scope" db:"auth_spf_scope"` AuthSPFResult []string `json:"auth_spf_result" db:"auth_spf_result"` POReason []string `json:"po_reason" db:"po_reason"` POComment []string `json:"po_comment" db:"po_comment"` StartDate int64 `json:"start_date" db:"start_date"` EndDate int64 `json:"end_date" db:"end_date"` LastUpdate string `json:"last_update" db:"last_update"` Id int64 `json:"id" db:"id"` } // DmarcReportingFull
DmarcReportingFull ...
type DmarcReportingSummary ¶
type DmarcReportingSummary struct { Source string `json:"source"` // could be name, domain_name, or IP TotalCount int64 `json:"total_count"` DispositionPassCount int64 `json:"pass_count"` SPFAlignedCount int64 `json:"spf_aligned_count"` DKIMAlignedCount int64 `json:"dkim_aligned_count"` FullyAlignedCount int64 `json:"fully_aligned_count"` SourceType string `json:"source_type"` }
DmarcReportingSummary structure used on summary table
type DmarcReportingSummaryList ¶
type DmarcReportingSummaryList []DmarcReportingSummary
func (DmarcReportingSummaryList) Len ¶
func (d DmarcReportingSummaryList) Len() int
func (DmarcReportingSummaryList) Less ¶
func (d DmarcReportingSummaryList) Less(i, j int) bool
func (DmarcReportingSummaryList) Swap ¶
func (d DmarcReportingSummaryList) Swap(i, j int)
type DomainSummaryCounts ¶
type DomainSummaryCounts struct { ReportCount int64 `json:"report_count"` MessageCount int64 `json:"message_count"` DKIMAlignedCount int64 `json:"dkim_aligned_count"` SPFAlignedCount int64 `json:"spf_aligned_count"` FullyAlignedCount int64 `json:"fully_aligned_count"` }
DomainSummaryCounts structure used on calculating the whole volume and passing rate in the time range of one domain
type SBGeo ¶
type SBGeo struct { OrgName string `json:"org_name" db:"org_name"` OrgID string `json:"org_id" db:"org_id"` OrgCategory string `json:"org_category" db:"org_category"` Hostname string `json:"hostname" db:"hostname"` DomainName string `json:"domain_name" db:"domain_name"` HostnameMatchesIP string `json:"hostname_matches_ip" db:"hostname_matches_ip"` City string `json:"city" db:"city"` State string `json:"state" db:"state"` Country string `json:"country" db:"country"` Longitude string `json:"longitude" db:"longitude"` Latitude string `json:"latitude" db:"latitude"` }