resources

package
v0.0.0-...-6e31670 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 22, 2019 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package resources contains common objects and conversion functions.

Index

Constants

View Source 
const (

	// LocationNamePrefix is the Fleetspeak label prefix for sensor location name.
	LocationNamePrefix = fleetspeakPrefix + "location-name-"
	// LocationZonePrefix is the Fleetspeak label prefix for sensor location zone.
	LocationZonePrefix = fleetspeakPrefix + "location-zone-"
)

Variables

This section is empty.

Functions

func LocationToProto 

func LocationToProto(l *Location) *pb.Location

LocationToProto converts an internal Location to proto Location.

func MakeRuleFile 

func MakeRuleFile(rules []*Rule) []byte

MakeRuleFile builds a rule file given Rule objects.

func MutationsMapping 

func MutationsMapping(obj interface{}) (map[string]bool, error)

MutationsMapping returns a map of fields and their mutability for Rule, Location, and SensorMessage objects.

Fields are in the form "field_name" where "struct.FieldName" = "field_name". obj must not be a pointer.

func RuleToProto 

func RuleToProto(r *Rule) *pb.Rule

RuleToProto converts an internal Rule to a proto Rule.

Types

type Location 

type Location struct {
	// The unique name of the location, e.g. "company1".
	Name string `mutable:"false"`
	// The list of zones or "segments" to organize sensors, e.g. {"dmz", "prod"}.
	Zones []string `mutable:"true"`
	// Last modified time of the message. Applied by the Store.
	LastModified string `mutable:"true"`
}

Location defines an arbirary organization of sensors, segmented into a least one zone.

func ProtoToLocation 

func ProtoToLocation(l *pb.Location) *Location

ProtoToLocation converts a proto Location to an internal Location.

type LocationSelector 

type LocationSelector struct {
	// The unique name of the location.
	Name string
	// Define how the location zones will be selected.
	Mode ZoneFilterMode
	// List of zones which to be filtered in or out of the location zones, depending on the Mode.
	Zones []string
}

LocationSelector represents a way to select zones from a given location.

type Rule 

type Rule struct {
	// The unique rule ID.
	ID int64 `mutable:"false"`
	// The rule itself.
	Body string `mutable:"true"`
	// Select in which organization and zone the rule is enabled, e.g. "google:dmz".
	LocZones []string `mutable:"true"`
	// Last modified time of the message. Applied by the Store.
	LastModified string `mutable:"true"`
}

Rule is an IDS rule, e.g. Snort or Suricata.

func ProtoToRule 

func ProtoToRule(r *pb.Rule) *Rule

ProtoToRule converts a proto Rule to an internal Rule.

type SensorMessage 

type SensorMessage struct {
	// The message ID.
	ID string `mutable:"false"`
	// The creation time of the message.
	Time string `mutable:"false"`
	// Fleetspeak client ID (Hex-encoded bytes).
	ClientID string `mutable:"false"`
	// Type of message.
	Type SensorMessageType `mutable:"false"`
	// Host information of sender.
	Host string `mutable:"false"`
	// Status of the request.
	Status string `mutable:"false"`
}

SensorMessage contains the details and state of a sensor message.

func ProtoToSensorMessage 

func ProtoToSensorMessage(m *spb.SensorMessage) *SensorMessage

ProtoToSensorMessage converts a proto sensor message to an internal SensorMessage.

type SensorMessageType 

type SensorMessageType string

SensorMessageType represents the type of message issued from a sensor. 

const (
	// Response represents a sensor response to a sensor request.
	Response SensorMessageType = "Response"
	// Alert represents a sensor alert.
	Alert SensorMessageType = "Alert"
	// Heartbeat represents a sensor heartbeat.
	Heartbeat SensorMessageType = "Heartbeat"
)

type SensorRequest 

type SensorRequest struct {
	// The request message ID.
	ID string `mutable:"false"`
	// The creation time of the message.
	Time string `mutable:"false"`
	// Fleetspeak client ID (Hex-encoded bytes).
	ClientID string `mutable:"false"`
	// Type of message.
	Type SensorRequestType `mutable:"false"`
	// Status of the request.
	Status string `mutable:"true"`
	// Last modified time of the message. Applied by the Store.
	LastModified string `mutable:"true"`
}

SensorRequest contains the details and state of a sensor request message.

func ProtoToSensorRequest 

func ProtoToSensorRequest(m *spb.SensorMessage) *SensorRequest

ProtoToSensorRequest converts a proto SensorMessage to an internal SensorRequest.

type SensorRequestType 

type SensorRequestType string

SensorRequestType represents the type of sensor request message. 

const (
	DeployRules SensorRequestType = "DeployRules"
	ReloadRules SensorRequestType = "ReloadRules"
)

Sensor request types as described in the sensor proto.

type ZoneFilterMode 

type ZoneFilterMode string

ZoneFilterMode defines how the location zones will be selected. 

const (
	// All is to select all zones.
	All ZoneFilterMode = "all"
	// Include is to select only a specific subset of zones.
	Include ZoneFilterMode = "include"
	// Exclude is to select all zones except a specific subset of zones.
	Exclude ZoneFilterMode = "exclude"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.