Documentation
¶
Overview ¶
Package types includes the "API" of the rule-engine and includes public facing types that consumers of the rule engine should work with
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Finding ¶
type Finding struct {
Data map[string]interface{}
Context Event
SigMetadata SignatureMetadata
}
Finding is the main output of a signature. It represents a match result for the signature business logic
type SignalSourceComplete ¶
type SignalSourceComplete string
SignalSourceComplete signals that an input source the signature was subscribed to has ended
type Signature ¶
type Signature interface {
//GetMetadata allows the signature to declare information about itself
GetMetadata() (SignatureMetadata, error)
//GetSelectedEvents allows the signature to declare which events it subscribes to
GetSelectedEvents() ([]SignatureEventSelector, error)
//Init allows the signature to initialize its internal state
Init(cb SignatureHandler) error
//Close cleans the signature after Init operation
Close()
//OnEvent allows the signature to process events passed by the Engine. this is the business logic of the signature
OnEvent(event Event) error
//OnSignal allows the signature to handle lifecycle events of the signature
OnSignal(signal Signal) error
}
Signature is the basic unit of business logic for the rule-engine
type SignatureEventSelector ¶
SignatureEventSelector represents events the signature is subscribed to
type SignatureHandler ¶
type SignatureHandler func(found Finding)
SignatureHandler is a callback function that reports a finding
Source Files
Click to show internal directories.
Click to hide internal directories.