Documentation ¶
Overview ¶
Package capsule8_api_v0 is a reverse proxy.
It translates gRPC into RESTful JSON APIs.
Package capsule8_api_v0 is a generated protocol buffer package.
It is generated from these files:
capsule8/api/v0/types.proto capsule8/api/v0/telemetry_event.proto capsule8/api/v0/telemetry_service.proto capsule8/api/v0/subscription.proto capsule8/api/v0/expression.proto
It has these top-level messages:
IPv4Address IPv4AddressAndPort IPv6Address IPv6AddressAndPort NetworkAddress Credentials TelemetryEvent ChargenEvent TickerEvent ContainerEvent ProcessEvent SyscallEvent FileEvent Process KernelFunctionCallEvent NetworkEvent GetEventsRequest GetEventsResponse ReceivedTelemetryEvent Subscription ContainerFilter EventFilter SyscallEventFilter ProcessEventFilter FileEventFilter KernelFunctionCallFilter NetworkEventFilter ContainerEventFilter ChargenEventFilter TickerEventFilter Modifier ThrottleModifier LimitModifier Value BinaryOp Expression
Index ¶
- Variables
- func RegisterTelemetryServiceHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error
- func RegisterTelemetryServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client TelemetryServiceClient) error
- func RegisterTelemetryServiceHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, ...) (err error)
- func RegisterTelemetryServiceServer(s *grpc.Server, srv TelemetryServiceServer)
- type BinaryOp
- type ChargenEvent
- type ChargenEventFilter
- type ContainerEvent
- func (*ContainerEvent) Descriptor() ([]byte, []int)
- func (m *ContainerEvent) GetDockerConfigJson() string
- func (m *ContainerEvent) GetExitCode() int32
- func (m *ContainerEvent) GetExitCoreDumped() bool
- func (m *ContainerEvent) GetExitSignal() uint32
- func (m *ContainerEvent) GetExitStatus() uint32
- func (m *ContainerEvent) GetHostPid() int32
- func (m *ContainerEvent) GetImageId() string
- func (m *ContainerEvent) GetImageName() string
- func (m *ContainerEvent) GetName() string
- func (m *ContainerEvent) GetOciConfigJson() string
- func (m *ContainerEvent) GetType() ContainerEventType
- func (*ContainerEvent) ProtoMessage()
- func (m *ContainerEvent) Reset()
- func (m *ContainerEvent) String() string
- type ContainerEventFilter
- func (*ContainerEventFilter) Descriptor() ([]byte, []int)
- func (m *ContainerEventFilter) GetFilterExpression() *Expression
- func (m *ContainerEventFilter) GetType() ContainerEventType
- func (m *ContainerEventFilter) GetView() ContainerEventView
- func (*ContainerEventFilter) ProtoMessage()
- func (m *ContainerEventFilter) Reset()
- func (m *ContainerEventFilter) String() string
- type ContainerEventType
- type ContainerEventView
- type ContainerFilter
- func (*ContainerFilter) Descriptor() ([]byte, []int)
- func (m *ContainerFilter) GetIds() []string
- func (m *ContainerFilter) GetImageIds() []string
- func (m *ContainerFilter) GetImageNames() []string
- func (m *ContainerFilter) GetNames() []string
- func (*ContainerFilter) ProtoMessage()
- func (m *ContainerFilter) Reset()
- func (m *ContainerFilter) String() string
- type Credentials
- func (*Credentials) Descriptor() ([]byte, []int)
- func (m *Credentials) GetEgid() uint32
- func (m *Credentials) GetEuid() uint32
- func (m *Credentials) GetFsgid() uint32
- func (m *Credentials) GetFsuid() uint32
- func (m *Credentials) GetGid() uint32
- func (m *Credentials) GetSgid() uint32
- func (m *Credentials) GetSuid() uint32
- func (m *Credentials) GetUid() uint32
- func (*Credentials) ProtoMessage()
- func (m *Credentials) Reset()
- func (m *Credentials) String() string
- type EventFilter
- func (*EventFilter) Descriptor() ([]byte, []int)
- func (m *EventFilter) GetChargenEvents() []*ChargenEventFilter
- func (m *EventFilter) GetContainerEvents() []*ContainerEventFilter
- func (m *EventFilter) GetFileEvents() []*FileEventFilter
- func (m *EventFilter) GetKernelEvents() []*KernelFunctionCallFilter
- func (m *EventFilter) GetNetworkEvents() []*NetworkEventFilter
- func (m *EventFilter) GetProcessEvents() []*ProcessEventFilter
- func (m *EventFilter) GetSyscallEvents() []*SyscallEventFilter
- func (m *EventFilter) GetTickerEvents() []*TickerEventFilter
- func (*EventFilter) ProtoMessage()
- func (m *EventFilter) Reset()
- func (m *EventFilter) String() string
- type Expression
- func (*Expression) Descriptor() ([]byte, []int)
- func (m *Expression) GetBinaryOp() *BinaryOp
- func (m *Expression) GetExpr() isExpression_Expr
- func (m *Expression) GetIdentifier() string
- func (m *Expression) GetType() Expression_ExpressionType
- func (m *Expression) GetUnaryOp() *Expression
- func (m *Expression) GetValue() *Value
- func (*Expression) ProtoMessage()
- func (m *Expression) Reset()
- func (m *Expression) String() string
- func (*Expression) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, ...)
- type Expression_BinaryOp
- type Expression_ExpressionType
- type Expression_Identifier
- type Expression_UnaryOp
- type Expression_Value
- type FileEvent
- func (*FileEvent) Descriptor() ([]byte, []int)
- func (m *FileEvent) GetFilename() string
- func (m *FileEvent) GetOpenFlags() int32
- func (m *FileEvent) GetOpenMode() int32
- func (m *FileEvent) GetType() FileEventType
- func (*FileEvent) ProtoMessage()
- func (m *FileEvent) Reset()
- func (m *FileEvent) String() string
- type FileEventFilter
- func (*FileEventFilter) Descriptor() ([]byte, []int)
- func (m *FileEventFilter) GetCreateModeMask() *google_protobuf1.Int32Value
- func (m *FileEventFilter) GetFilename() *google_protobuf1.StringValue
- func (m *FileEventFilter) GetFilenamePattern() *google_protobuf1.StringValue
- func (m *FileEventFilter) GetFilterExpression() *Expression
- func (m *FileEventFilter) GetOpenFlagsMask() *google_protobuf1.Int32Value
- func (m *FileEventFilter) GetType() FileEventType
- func (*FileEventFilter) ProtoMessage()
- func (m *FileEventFilter) Reset()
- func (m *FileEventFilter) String() string
- type FileEventType
- type GetEventsRequest
- type GetEventsResponse
- type IPv4Address
- type IPv4AddressAndPort
- type IPv6Address
- type IPv6AddressAndPort
- type KernelFunctionCallEvent
- type KernelFunctionCallEventType
- type KernelFunctionCallEvent_FieldType
- type KernelFunctionCallEvent_FieldValue
- func (*KernelFunctionCallEvent_FieldValue) Descriptor() ([]byte, []int)
- func (m *KernelFunctionCallEvent_FieldValue) GetBytesValue() []byte
- func (m *KernelFunctionCallEvent_FieldValue) GetFieldType() KernelFunctionCallEvent_FieldType
- func (m *KernelFunctionCallEvent_FieldValue) GetSignedValue() int64
- func (m *KernelFunctionCallEvent_FieldValue) GetStringValue() string
- func (m *KernelFunctionCallEvent_FieldValue) GetUnsignedValue() uint64
- func (m *KernelFunctionCallEvent_FieldValue) GetValue() isKernelFunctionCallEvent_FieldValue_Value
- func (*KernelFunctionCallEvent_FieldValue) ProtoMessage()
- func (m *KernelFunctionCallEvent_FieldValue) Reset()
- func (m *KernelFunctionCallEvent_FieldValue) String() string
- func (*KernelFunctionCallEvent_FieldValue) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, ...)
- type KernelFunctionCallEvent_FieldValue_BytesValue
- type KernelFunctionCallEvent_FieldValue_SignedValue
- type KernelFunctionCallEvent_FieldValue_StringValue
- type KernelFunctionCallEvent_FieldValue_UnsignedValue
- type KernelFunctionCallFilter
- func (*KernelFunctionCallFilter) Descriptor() ([]byte, []int)
- func (m *KernelFunctionCallFilter) GetArguments() map[string]string
- func (m *KernelFunctionCallFilter) GetFilterExpression() *Expression
- func (m *KernelFunctionCallFilter) GetSymbol() string
- func (m *KernelFunctionCallFilter) GetType() KernelFunctionCallEventType
- func (*KernelFunctionCallFilter) ProtoMessage()
- func (m *KernelFunctionCallFilter) Reset()
- func (m *KernelFunctionCallFilter) String() string
- type LimitModifier
- type Modifier
- type NetworkAddress
- func (*NetworkAddress) Descriptor() ([]byte, []int)
- func (m *NetworkAddress) GetAddress() isNetworkAddress_Address
- func (m *NetworkAddress) GetFamily() NetworkAddressFamily
- func (m *NetworkAddress) GetIpv4Address() *IPv4AddressAndPort
- func (m *NetworkAddress) GetIpv6Address() *IPv6AddressAndPort
- func (m *NetworkAddress) GetLocalAddress() string
- func (*NetworkAddress) ProtoMessage()
- func (m *NetworkAddress) Reset()
- func (m *NetworkAddress) String() string
- func (*NetworkAddress) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, ...)
- type NetworkAddressFamily
- type NetworkAddress_Ipv4Address
- type NetworkAddress_Ipv6Address
- type NetworkAddress_LocalAddress
- type NetworkEvent
- func (*NetworkEvent) Descriptor() ([]byte, []int)
- func (m *NetworkEvent) GetAddress() *NetworkAddress
- func (m *NetworkEvent) GetBacklog() uint64
- func (m *NetworkEvent) GetResult() int64
- func (m *NetworkEvent) GetSockfd() uint64
- func (m *NetworkEvent) GetType() NetworkEventType
- func (*NetworkEvent) ProtoMessage()
- func (m *NetworkEvent) Reset()
- func (m *NetworkEvent) String() string
- type NetworkEventFilter
- type NetworkEventType
- type Process
- type ProcessEvent
- func (*ProcessEvent) Descriptor() ([]byte, []int)
- func (m *ProcessEvent) GetExecCommandLine() []string
- func (m *ProcessEvent) GetExecFilename() string
- func (m *ProcessEvent) GetExitCode() int32
- func (m *ProcessEvent) GetExitCoreDumped() bool
- func (m *ProcessEvent) GetExitSignal() uint32
- func (m *ProcessEvent) GetExitStatus() uint32
- func (m *ProcessEvent) GetForkChildId() string
- func (m *ProcessEvent) GetForkChildPid() int32
- func (m *ProcessEvent) GetType() ProcessEventType
- func (*ProcessEvent) ProtoMessage()
- func (m *ProcessEvent) Reset()
- func (m *ProcessEvent) String() string
- type ProcessEventFilter
- func (*ProcessEventFilter) Descriptor() ([]byte, []int)
- func (m *ProcessEventFilter) GetExecFilename() *google_protobuf1.StringValue
- func (m *ProcessEventFilter) GetExecFilenamePattern() *google_protobuf1.StringValue
- func (m *ProcessEventFilter) GetExitCode() *google_protobuf1.Int32Value
- func (m *ProcessEventFilter) GetFilterExpression() *Expression
- func (m *ProcessEventFilter) GetType() ProcessEventType
- func (*ProcessEventFilter) ProtoMessage()
- func (m *ProcessEventFilter) Reset()
- func (m *ProcessEventFilter) String() string
- type ProcessEventType
- type ReceivedTelemetryEvent
- func (*ReceivedTelemetryEvent) Descriptor() ([]byte, []int)
- func (m *ReceivedTelemetryEvent) GetAck() []byte
- func (m *ReceivedTelemetryEvent) GetEvent() *TelemetryEvent
- func (m *ReceivedTelemetryEvent) GetPublishTimeMicros() int64
- func (*ReceivedTelemetryEvent) ProtoMessage()
- func (m *ReceivedTelemetryEvent) Reset()
- func (m *ReceivedTelemetryEvent) String() string
- type Subscription
- func (*Subscription) Descriptor() ([]byte, []int)
- func (m *Subscription) GetContainerFilter() *ContainerFilter
- func (m *Subscription) GetEventFilter() *EventFilter
- func (m *Subscription) GetForDuration() *google_protobuf1.Int64Value
- func (m *Subscription) GetModifier() *Modifier
- func (m *Subscription) GetSinceDuration() *google_protobuf1.Int64Value
- func (*Subscription) ProtoMessage()
- func (m *Subscription) Reset()
- func (m *Subscription) String() string
- type SyscallEvent
- func (*SyscallEvent) Descriptor() ([]byte, []int)
- func (m *SyscallEvent) GetArg0() uint64
- func (m *SyscallEvent) GetArg1() uint64
- func (m *SyscallEvent) GetArg2() uint64
- func (m *SyscallEvent) GetArg3() uint64
- func (m *SyscallEvent) GetArg4() uint64
- func (m *SyscallEvent) GetArg5() uint64
- func (m *SyscallEvent) GetId() int64
- func (m *SyscallEvent) GetRet() int64
- func (m *SyscallEvent) GetType() SyscallEventType
- func (*SyscallEvent) ProtoMessage()
- func (m *SyscallEvent) Reset()
- func (m *SyscallEvent) String() string
- type SyscallEventFilter
- func (*SyscallEventFilter) Descriptor() ([]byte, []int)
- func (m *SyscallEventFilter) GetArg0() *google_protobuf1.UInt64Value
- func (m *SyscallEventFilter) GetArg1() *google_protobuf1.UInt64Value
- func (m *SyscallEventFilter) GetArg2() *google_protobuf1.UInt64Value
- func (m *SyscallEventFilter) GetArg3() *google_protobuf1.UInt64Value
- func (m *SyscallEventFilter) GetArg4() *google_protobuf1.UInt64Value
- func (m *SyscallEventFilter) GetArg5() *google_protobuf1.UInt64Value
- func (m *SyscallEventFilter) GetFilterExpression() *Expression
- func (m *SyscallEventFilter) GetId() *google_protobuf1.Int64Value
- func (m *SyscallEventFilter) GetRet() *google_protobuf1.Int64Value
- func (m *SyscallEventFilter) GetType() SyscallEventType
- func (*SyscallEventFilter) ProtoMessage()
- func (m *SyscallEventFilter) Reset()
- func (m *SyscallEventFilter) String() string
- type SyscallEventType
- type TelemetryEvent
- func (*TelemetryEvent) Descriptor() ([]byte, []int)
- func (m *TelemetryEvent) GetChargen() *ChargenEvent
- func (m *TelemetryEvent) GetContainer() *ContainerEvent
- func (m *TelemetryEvent) GetContainerId() string
- func (m *TelemetryEvent) GetContainerName() string
- func (m *TelemetryEvent) GetCpu() int32
- func (m *TelemetryEvent) GetCredentials() *Credentials
- func (m *TelemetryEvent) GetEvent() isTelemetryEvent_Event
- func (m *TelemetryEvent) GetFile() *FileEvent
- func (m *TelemetryEvent) GetId() string
- func (m *TelemetryEvent) GetImageId() string
- func (m *TelemetryEvent) GetImageName() string
- func (m *TelemetryEvent) GetKernelCall() *KernelFunctionCallEvent
- func (m *TelemetryEvent) GetNetwork() *NetworkEvent
- func (m *TelemetryEvent) GetProcess() *ProcessEvent
- func (m *TelemetryEvent) GetProcessId() string
- func (m *TelemetryEvent) GetProcessLineage() []*Process
- func (m *TelemetryEvent) GetProcessPid() int32
- func (m *TelemetryEvent) GetProcessTgid() int32
- func (m *TelemetryEvent) GetSensorId() string
- func (m *TelemetryEvent) GetSensorMonotimeNanos() int64
- func (m *TelemetryEvent) GetSensorSequenceNumber() uint64
- func (m *TelemetryEvent) GetSyscall() *SyscallEvent
- func (m *TelemetryEvent) GetTicker() *TickerEvent
- func (*TelemetryEvent) ProtoMessage()
- func (m *TelemetryEvent) Reset()
- func (m *TelemetryEvent) String() string
- func (*TelemetryEvent) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, ...)
- type TelemetryEvent_Chargen
- type TelemetryEvent_Container
- type TelemetryEvent_File
- type TelemetryEvent_KernelCall
- type TelemetryEvent_Network
- type TelemetryEvent_Process
- type TelemetryEvent_Syscall
- type TelemetryEvent_Ticker
- type TelemetryServiceClient
- type TelemetryServiceServer
- type TelemetryService_GetEventsClient
- type TelemetryService_GetEventsServer
- type ThrottleModifier
- type ThrottleModifier_IntervalType
- type TickerEvent
- type TickerEventFilter
- type Value
- func (*Value) Descriptor() ([]byte, []int)
- func (m *Value) GetBoolValue() bool
- func (m *Value) GetDoubleValue() float64
- func (m *Value) GetSignedValue() int64
- func (m *Value) GetStringValue() string
- func (m *Value) GetTimestampValue() *google_protobuf.Timestamp
- func (m *Value) GetType() ValueType
- func (m *Value) GetUnsignedValue() uint64
- func (m *Value) GetValue() isValue_Value
- func (*Value) ProtoMessage()
- func (m *Value) Reset()
- func (m *Value) String() string
- func (*Value) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, ...)
- type ValueType
- type Value_BoolValue
- type Value_DoubleValue
- type Value_SignedValue
- type Value_StringValue
- type Value_TimestampValue
- type Value_UnsignedValue
Constants ¶
This section is empty.
Variables ¶
var ContainerEventType_name = map[int32]string{
0: "CONTAINER_EVENT_TYPE_UNKNOWN",
1: "CONTAINER_EVENT_TYPE_CREATED",
2: "CONTAINER_EVENT_TYPE_RUNNING",
3: "CONTAINER_EVENT_TYPE_EXITED",
4: "CONTAINER_EVENT_TYPE_DESTROYED",
5: "CONTAINER_EVENT_TYPE_UPDATED",
}
var ContainerEventType_value = map[string]int32{
"CONTAINER_EVENT_TYPE_UNKNOWN": 0,
"CONTAINER_EVENT_TYPE_CREATED": 1,
"CONTAINER_EVENT_TYPE_RUNNING": 2,
"CONTAINER_EVENT_TYPE_EXITED": 3,
"CONTAINER_EVENT_TYPE_DESTROYED": 4,
"CONTAINER_EVENT_TYPE_UPDATED": 5,
}
var ContainerEventView_name = map[int32]string{
0: "BASIC",
1: "FULL",
}
var ContainerEventView_value = map[string]int32{
"BASIC": 0,
"FULL": 1,
}
var Expression_ExpressionType_name = map[int32]string{
0: "EXPRESSIONTYPE_UNSPECIFIED",
1: "IDENTIFIER",
2: "VALUE",
10: "LOGICAL_AND",
11: "LOGICAL_OR",
20: "EQ",
21: "NE",
22: "LT",
23: "LE",
24: "GT",
25: "GE",
26: "LIKE",
27: "IS_NULL",
28: "IS_NOT_NULL",
30: "BITWISE_AND",
}
var Expression_ExpressionType_value = map[string]int32{
"EXPRESSIONTYPE_UNSPECIFIED": 0,
"IDENTIFIER": 1,
"VALUE": 2,
"LOGICAL_AND": 10,
"LOGICAL_OR": 11,
"EQ": 20,
"NE": 21,
"LT": 22,
"LE": 23,
"GT": 24,
"GE": 25,
"LIKE": 26,
"IS_NULL": 27,
"IS_NOT_NULL": 28,
"BITWISE_AND": 30,
}
var FileEventType_name = map[int32]string{
0: "FILE_EVENT_TYPE_UNKNOWN",
1: "FILE_EVENT_TYPE_OPEN",
}
var FileEventType_value = map[string]int32{
"FILE_EVENT_TYPE_UNKNOWN": 0,
"FILE_EVENT_TYPE_OPEN": 1,
}
var KernelFunctionCallEventType_name = map[int32]string{
0: "KERNEL_FUNCTION_CALL_EVENT_TYPE_UNKNOWN",
1: "KERNEL_FUNCTION_CALL_EVENT_TYPE_ENTER",
2: "KERNEL_FUNCTION_CALL_EVENT_TYPE_EXIT",
}
var KernelFunctionCallEventType_value = map[string]int32{
"KERNEL_FUNCTION_CALL_EVENT_TYPE_UNKNOWN": 0,
"KERNEL_FUNCTION_CALL_EVENT_TYPE_ENTER": 1,
"KERNEL_FUNCTION_CALL_EVENT_TYPE_EXIT": 2,
}
var KernelFunctionCallEvent_FieldType_name = map[int32]string{
0: "UNKNOWN",
1: "BYTES",
2: "STRING",
3: "SINT8",
4: "SINT16",
5: "SINT32",
6: "SINT64",
7: "UINT8",
8: "UINT16",
9: "UINT32",
10: "UINT64",
}
var KernelFunctionCallEvent_FieldType_value = map[string]int32{
"UNKNOWN": 0,
"BYTES": 1,
"STRING": 2,
"SINT8": 3,
"SINT16": 4,
"SINT32": 5,
"SINT64": 6,
"UINT8": 7,
"UINT16": 8,
"UINT32": 9,
"UINT64": 10,
}
var NetworkAddressFamily_name = map[int32]string{
0: "NETWORK_ADDRESS_FAMILY_UNKNOWN",
1: "NETWORK_ADDRESS_FAMILY_INET",
2: "NETWORK_ADDRESS_FAMILY_INET6",
3: "NETWORK_ADDRESS_FAMILY_LOCAL",
}
var NetworkAddressFamily_value = map[string]int32{
"NETWORK_ADDRESS_FAMILY_UNKNOWN": 0,
"NETWORK_ADDRESS_FAMILY_INET": 1,
"NETWORK_ADDRESS_FAMILY_INET6": 2,
"NETWORK_ADDRESS_FAMILY_LOCAL": 3,
}
var NetworkEventType_name = map[int32]string{
0: "NETWORK_EVENT_TYPE_UNKNOWN",
1: "NETWORK_EVENT_TYPE_CONNECT_ATTEMPT",
2: "NETWORK_EVENT_TYPE_CONNECT_RESULT",
3: "NETWORK_EVENT_TYPE_BIND_ATTEMPT",
4: "NETWORK_EVENT_TYPE_BIND_RESULT",
5: "NETWORK_EVENT_TYPE_LISTEN_ATTEMPT",
6: "NETWORK_EVENT_TYPE_LISTEN_RESULT",
7: "NETWORK_EVENT_TYPE_ACCEPT_ATTEMPT",
8: "NETWORK_EVENT_TYPE_ACCEPT_RESULT",
9: "NETWORK_EVENT_TYPE_SENDTO_ATTEMPT",
10: "NETWORK_EVENT_TYPE_SENDTO_RESULT",
11: "NETWORK_EVENT_TYPE_RECVFROM_ATTEMPT",
12: "NETWORK_EVENT_TYPE_RECVFROM_RESULT",
}
var NetworkEventType_value = map[string]int32{
"NETWORK_EVENT_TYPE_UNKNOWN": 0,
"NETWORK_EVENT_TYPE_CONNECT_ATTEMPT": 1,
"NETWORK_EVENT_TYPE_CONNECT_RESULT": 2,
"NETWORK_EVENT_TYPE_BIND_ATTEMPT": 3,
"NETWORK_EVENT_TYPE_BIND_RESULT": 4,
"NETWORK_EVENT_TYPE_LISTEN_ATTEMPT": 5,
"NETWORK_EVENT_TYPE_LISTEN_RESULT": 6,
"NETWORK_EVENT_TYPE_ACCEPT_ATTEMPT": 7,
"NETWORK_EVENT_TYPE_ACCEPT_RESULT": 8,
"NETWORK_EVENT_TYPE_SENDTO_ATTEMPT": 9,
"NETWORK_EVENT_TYPE_SENDTO_RESULT": 10,
"NETWORK_EVENT_TYPE_RECVFROM_ATTEMPT": 11,
"NETWORK_EVENT_TYPE_RECVFROM_RESULT": 12,
}
var ProcessEventType_name = map[int32]string{
0: "PROCESS_EVENT_TYPE_UNKNOWN",
1: "PROCESS_EVENT_TYPE_FORK",
2: "PROCESS_EVENT_TYPE_EXEC",
3: "PROCESS_EVENT_TYPE_EXIT",
}
var ProcessEventType_value = map[string]int32{
"PROCESS_EVENT_TYPE_UNKNOWN": 0,
"PROCESS_EVENT_TYPE_FORK": 1,
"PROCESS_EVENT_TYPE_EXEC": 2,
"PROCESS_EVENT_TYPE_EXIT": 3,
}
var SyscallEventType_name = map[int32]string{
0: "SYSCALL_EVENT_TYPE_UNKNOWN",
1: "SYSCALL_EVENT_TYPE_ENTER",
2: "SYSCALL_EVENT_TYPE_EXIT",
}
var SyscallEventType_value = map[string]int32{
"SYSCALL_EVENT_TYPE_UNKNOWN": 0,
"SYSCALL_EVENT_TYPE_ENTER": 1,
"SYSCALL_EVENT_TYPE_EXIT": 2,
}
var ThrottleModifier_IntervalType_name = map[int32]string{
0: "MILLISECOND",
1: "SECOND",
2: "MINUTE",
3: "HOUR",
}
var ThrottleModifier_IntervalType_value = map[string]int32{
"MILLISECOND": 0,
"SECOND": 1,
"MINUTE": 2,
"HOUR": 3,
}
var ValueType_name = map[int32]string{
0: "VALUETYPE_UNSPECIFIED",
1: "STRING",
2: "SINT8",
3: "SINT16",
4: "SINT32",
5: "SINT64",
6: "UINT8",
7: "UINT16",
8: "UINT32",
9: "UINT64",
10: "BOOL",
11: "DOUBLE",
12: "TIMESTAMP",
}
var ValueType_value = map[string]int32{
"VALUETYPE_UNSPECIFIED": 0,
"STRING": 1,
"SINT8": 2,
"SINT16": 3,
"SINT32": 4,
"SINT64": 5,
"UINT8": 6,
"UINT16": 7,
"UINT32": 8,
"UINT64": 9,
"BOOL": 10,
"DOUBLE": 11,
"TIMESTAMP": 12,
}
Functions ¶
func RegisterTelemetryServiceHandler ¶
func RegisterTelemetryServiceHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error
RegisterTelemetryServiceHandler registers the http handlers for service TelemetryService to "mux". The handlers forward requests to the grpc endpoint over "conn".
func RegisterTelemetryServiceHandlerClient ¶
func RegisterTelemetryServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client TelemetryServiceClient) error
RegisterTelemetryServiceHandler registers the http handlers for service TelemetryService to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "TelemetryServiceClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "TelemetryServiceClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "TelemetryServiceClient" to call the correct interceptors.
func RegisterTelemetryServiceHandlerFromEndpoint ¶
func RegisterTelemetryServiceHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)
RegisterTelemetryServiceHandlerFromEndpoint is same as RegisterTelemetryServiceHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.
func RegisterTelemetryServiceServer ¶
func RegisterTelemetryServiceServer(s *grpc.Server, srv TelemetryServiceServer)
Types ¶
type BinaryOp ¶
type BinaryOp struct { Lhs *Expression `protobuf:"bytes,1,opt,name=lhs" json:"lhs,omitempty"` Rhs *Expression `protobuf:"bytes,2,opt,name=rhs" json:"rhs,omitempty"` }
func (*BinaryOp) Descriptor ¶
func (*BinaryOp) GetLhs ¶
func (m *BinaryOp) GetLhs() *Expression
func (*BinaryOp) GetRhs ¶
func (m *BinaryOp) GetRhs() *Expression
func (*BinaryOp) ProtoMessage ¶
func (*BinaryOp) ProtoMessage()
type ChargenEvent ¶
type ChargenEvent struct { // Index of the first character in this Event in relation to all of // the characters that have been generated in this stream. Index uint64 `protobuf:"varint,1,opt,name=index" json:"index,omitempty"` // The next one or more characters in the autogenerated stream Characters string `protobuf:"bytes,2,opt,name=characters" json:"characters,omitempty"` }
func (*ChargenEvent) Descriptor ¶
func (*ChargenEvent) Descriptor() ([]byte, []int)
func (*ChargenEvent) GetCharacters ¶
func (m *ChargenEvent) GetCharacters() string
func (*ChargenEvent) GetIndex ¶
func (m *ChargenEvent) GetIndex() uint64
func (*ChargenEvent) ProtoMessage ¶
func (*ChargenEvent) ProtoMessage()
func (*ChargenEvent) Reset ¶
func (m *ChargenEvent) Reset()
func (*ChargenEvent) String ¶
func (m *ChargenEvent) String() string
type ChargenEventFilter ¶
type ChargenEventFilter struct { // Required; the length of character sequence strings to generate Length uint64 `protobuf:"varint,1,opt,name=length" json:"length,omitempty"` }
The ChargenEventFilter configures a character stream generator and includes events from it in the Subscription.
func (*ChargenEventFilter) Descriptor ¶
func (*ChargenEventFilter) Descriptor() ([]byte, []int)
func (*ChargenEventFilter) GetLength ¶
func (m *ChargenEventFilter) GetLength() uint64
func (*ChargenEventFilter) ProtoMessage ¶
func (*ChargenEventFilter) ProtoMessage()
func (*ChargenEventFilter) Reset ¶
func (m *ChargenEventFilter) Reset()
func (*ChargenEventFilter) String ¶
func (m *ChargenEventFilter) String() string
type ContainerEvent ¶
type ContainerEvent struct { Type ContainerEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.ContainerEventType" json:"type,omitempty"` Name string `protobuf:"bytes,2,opt,name=name" json:"name,omitempty"` // Unique identifier of the container image ImageId string `protobuf:"bytes,10,opt,name=image_id,json=imageId" json:"image_id,omitempty"` // // Name of the container image (i.e. "busybox" or // "gcr.io/google_containers/nginx-ingress-controller") // ImageName string `protobuf:"bytes,11,opt,name=image_name,json=imageName" json:"image_name,omitempty"` // Host process identifier of the container's init process. HostPid int32 `protobuf:"zigzag32,20,opt,name=host_pid,json=hostPid" json:"host_pid,omitempty"` // Optional, only included on CONTAINER_EVENT_TYPE_EXIT events ExitCode int32 `protobuf:"zigzag32,30,opt,name=exit_code,json=exitCode" json:"exit_code,omitempty"` // The exit status will typically one of the values defined in // stdlib.h like EXIT_SUCCESS, EXIT_FAILURE, or EXIT_USAGE. ExitStatus uint32 `protobuf:"varint,31,opt,name=exit_status,json=exitStatus" json:"exit_status,omitempty"` // If non-zero, this is the signal number that the process // was terminated with. ExitSignal uint32 `protobuf:"varint,32,opt,name=exit_signal,json=exitSignal" json:"exit_signal,omitempty"` // If true, indicates that the process dumped a core when // it terminated. ExitCoreDumped bool `protobuf:"varint,33,opt,name=exit_core_dumped,json=exitCoreDumped" json:"exit_core_dumped,omitempty"` // Docker container configuration file DockerConfigJson string `protobuf:"bytes,100,opt,name=docker_config_json,json=dockerConfigJson" json:"docker_config_json,omitempty"` // OCI container configuration file OciConfigJson string `protobuf:"bytes,101,opt,name=oci_config_json,json=ociConfigJson" json:"oci_config_json,omitempty"` }
ContainerEvent describes a Docker container or Rkt App lifecycle event
func (*ContainerEvent) Descriptor ¶
func (*ContainerEvent) Descriptor() ([]byte, []int)
func (*ContainerEvent) GetDockerConfigJson ¶
func (m *ContainerEvent) GetDockerConfigJson() string
func (*ContainerEvent) GetExitCode ¶
func (m *ContainerEvent) GetExitCode() int32
func (*ContainerEvent) GetExitCoreDumped ¶
func (m *ContainerEvent) GetExitCoreDumped() bool
func (*ContainerEvent) GetExitSignal ¶
func (m *ContainerEvent) GetExitSignal() uint32
func (*ContainerEvent) GetExitStatus ¶
func (m *ContainerEvent) GetExitStatus() uint32
func (*ContainerEvent) GetHostPid ¶
func (m *ContainerEvent) GetHostPid() int32
func (*ContainerEvent) GetImageId ¶
func (m *ContainerEvent) GetImageId() string
func (*ContainerEvent) GetImageName ¶
func (m *ContainerEvent) GetImageName() string
func (*ContainerEvent) GetName ¶
func (m *ContainerEvent) GetName() string
func (*ContainerEvent) GetOciConfigJson ¶
func (m *ContainerEvent) GetOciConfigJson() string
func (*ContainerEvent) GetType ¶
func (m *ContainerEvent) GetType() ContainerEventType
func (*ContainerEvent) ProtoMessage ¶
func (*ContainerEvent) ProtoMessage()
func (*ContainerEvent) Reset ¶
func (m *ContainerEvent) Reset()
func (*ContainerEvent) String ¶
func (m *ContainerEvent) String() string
type ContainerEventFilter ¶
type ContainerEventFilter struct { // Required, specify the particular type of event type to match Type ContainerEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.ContainerEventType" json:"type,omitempty"` // Optional, specifies how much detail to include in container events View ContainerEventView `protobuf:"varint,2,opt,name=view,enum=capsule8.api.v0.ContainerEventView" json:"view,omitempty"` // Optional; a filter to apply to events. Only events for which the // evaluation of the filter expression is true will be returned. FilterExpression *Expression `protobuf:"bytes,100,opt,name=filter_expression,json=filterExpression" json:"filter_expression,omitempty"` }
The ContainerEventFilter specifies which container lifecycle events to include in the Subscription. In order to restrict them to specific containers, use the ContainerFilter.
func (*ContainerEventFilter) Descriptor ¶
func (*ContainerEventFilter) Descriptor() ([]byte, []int)
func (*ContainerEventFilter) GetFilterExpression ¶
func (m *ContainerEventFilter) GetFilterExpression() *Expression
func (*ContainerEventFilter) GetType ¶
func (m *ContainerEventFilter) GetType() ContainerEventType
func (*ContainerEventFilter) GetView ¶
func (m *ContainerEventFilter) GetView() ContainerEventView
func (*ContainerEventFilter) ProtoMessage ¶
func (*ContainerEventFilter) ProtoMessage()
func (*ContainerEventFilter) Reset ¶
func (m *ContainerEventFilter) Reset()
func (*ContainerEventFilter) String ¶
func (m *ContainerEventFilter) String() string
type ContainerEventType ¶
type ContainerEventType int32
const ( ContainerEventType_CONTAINER_EVENT_TYPE_UNKNOWN ContainerEventType = 0 ContainerEventType_CONTAINER_EVENT_TYPE_CREATED ContainerEventType = 1 ContainerEventType_CONTAINER_EVENT_TYPE_RUNNING ContainerEventType = 2 ContainerEventType_CONTAINER_EVENT_TYPE_EXITED ContainerEventType = 3 ContainerEventType_CONTAINER_EVENT_TYPE_DESTROYED ContainerEventType = 4 ContainerEventType_CONTAINER_EVENT_TYPE_UPDATED ContainerEventType = 5 )
func (ContainerEventType) EnumDescriptor ¶
func (ContainerEventType) EnumDescriptor() ([]byte, []int)
func (ContainerEventType) String ¶
func (x ContainerEventType) String() string
type ContainerEventView ¶
type ContainerEventView int32
The ContainerEventView specifies the level of detail to include for ContainerEvents.
const ( // Default view of a ContainerEvent includes just basic information ContainerEventView_BASIC ContainerEventView = 0 // Full view of a ContainerEvent includes raw Docker and OCI config JSON // payloads ContainerEventView_FULL ContainerEventView = 1 )
func (ContainerEventView) EnumDescriptor ¶
func (ContainerEventView) EnumDescriptor() ([]byte, []int)
func (ContainerEventView) String ¶
func (x ContainerEventView) String() string
type ContainerFilter ¶
type ContainerFilter struct { // Zero or more container IDs (e.g. // 254dd98a7bf1581560ddace9f98b7933bfb3c2f5fc0504ec1b8dcc9614bc7062) Ids []string `protobuf:"bytes,1,rep,name=ids" json:"ids,omitempty"` // Zero or more container names (e.g. /ecstatic_darwin) Names []string `protobuf:"bytes,2,rep,name=names" json:"names,omitempty"` // Zero or more container image IDs (e.g. // d462265d362c919b7dd37f8ba80caa822d13704695f47c8fc42a1c2266ecd164) ImageIds []string `protobuf:"bytes,3,rep,name=image_ids,json=imageIds" json:"image_ids,omitempty"` // Container image name (shell-style globs are supported). May be of the // form "busybox", "foo/bar" or // "sha256:d462265d362c919b7dd37f8ba80caa822d13704695f47c8fc42a1c2266ecd164" ImageNames []string `protobuf:"bytes,4,rep,name=image_names,json=imageNames" json:"image_names,omitempty"` }
The ContainerFilter restricts events in the Subscription to the running containers indicated. All of the fields in this message are effectively "ORed" together to create the list of containers to monitor for the subscription.
func (*ContainerFilter) Descriptor ¶
func (*ContainerFilter) Descriptor() ([]byte, []int)
func (*ContainerFilter) GetIds ¶
func (m *ContainerFilter) GetIds() []string
func (*ContainerFilter) GetImageIds ¶
func (m *ContainerFilter) GetImageIds() []string
func (*ContainerFilter) GetImageNames ¶
func (m *ContainerFilter) GetImageNames() []string
func (*ContainerFilter) GetNames ¶
func (m *ContainerFilter) GetNames() []string
func (*ContainerFilter) ProtoMessage ¶
func (*ContainerFilter) ProtoMessage()
func (*ContainerFilter) Reset ¶
func (m *ContainerFilter) Reset()
func (*ContainerFilter) String ¶
func (m *ContainerFilter) String() string
type Credentials ¶
type Credentials struct { // The real user ID Uid uint32 `protobuf:"varint,1,opt,name=uid" json:"uid,omitempty"` // The real group ID Gid uint32 `protobuf:"varint,2,opt,name=gid" json:"gid,omitempty"` // The effective user ID Euid uint32 `protobuf:"varint,3,opt,name=euid" json:"euid,omitempty"` // The effective group ID Egid uint32 `protobuf:"varint,4,opt,name=egid" json:"egid,omitempty"` // The saved user ID Suid uint32 `protobuf:"varint,5,opt,name=suid" json:"suid,omitempty"` // The saved group ID Sgid uint32 `protobuf:"varint,6,opt,name=sgid" json:"sgid,omitempty"` // The user ID for filesystem operations Fsuid uint32 `protobuf:"varint,7,opt,name=fsuid" json:"fsuid,omitempty"` // The group ID for filesystem operations Fsgid uint32 `protobuf:"varint,8,opt,name=fsgid" json:"fsgid,omitempty"` }
Process credentials (uid, gid, etc.)
func (*Credentials) Descriptor ¶
func (*Credentials) Descriptor() ([]byte, []int)
func (*Credentials) GetEgid ¶
func (m *Credentials) GetEgid() uint32
func (*Credentials) GetEuid ¶
func (m *Credentials) GetEuid() uint32
func (*Credentials) GetFsgid ¶
func (m *Credentials) GetFsgid() uint32
func (*Credentials) GetFsuid ¶
func (m *Credentials) GetFsuid() uint32
func (*Credentials) GetGid ¶
func (m *Credentials) GetGid() uint32
func (*Credentials) GetSgid ¶
func (m *Credentials) GetSgid() uint32
func (*Credentials) GetSuid ¶
func (m *Credentials) GetSuid() uint32
func (*Credentials) GetUid ¶
func (m *Credentials) GetUid() uint32
func (*Credentials) ProtoMessage ¶
func (*Credentials) ProtoMessage()
func (*Credentials) Reset ¶
func (m *Credentials) Reset()
func (*Credentials) String ¶
func (m *Credentials) String() string
type EventFilter ¶
type EventFilter struct { // Zero or more filters specifying which system calls to include SyscallEvents []*SyscallEventFilter `protobuf:"bytes,1,rep,name=syscall_events,json=syscallEvents" json:"syscall_events,omitempty"` // Zero or more filters specifying which process events to include ProcessEvents []*ProcessEventFilter `protobuf:"bytes,2,rep,name=process_events,json=processEvents" json:"process_events,omitempty"` // Zero or more filters specifying which file events to include FileEvents []*FileEventFilter `protobuf:"bytes,3,rep,name=file_events,json=fileEvents" json:"file_events,omitempty"` // Zero or more kernel functional calls to include KernelEvents []*KernelFunctionCallFilter `protobuf:"bytes,4,rep,name=kernel_events,json=kernelEvents" json:"kernel_events,omitempty"` // Zero or more network events to include NetworkEvents []*NetworkEventFilter `protobuf:"bytes,5,rep,name=network_events,json=networkEvents" json:"network_events,omitempty"` // Zero or more container events to include ContainerEvents []*ContainerEventFilter `protobuf:"bytes,10,rep,name=container_events,json=containerEvents" json:"container_events,omitempty"` // Zero or more character generators to configure and return events from // (for debugging) ChargenEvents []*ChargenEventFilter `protobuf:"bytes,100,rep,name=chargen_events,json=chargenEvents" json:"chargen_events,omitempty"` // Zero or more ticker generators to configure and return events from // (for debugging) TickerEvents []*TickerEventFilter `protobuf:"bytes,101,rep,name=ticker_events,json=tickerEvents" json:"ticker_events,omitempty"` }
The EventFilter specifies events to include. All of the specified fields are effectively "ORed" together to create the list of events included in the Subscription.
func (*EventFilter) Descriptor ¶
func (*EventFilter) Descriptor() ([]byte, []int)
func (*EventFilter) GetChargenEvents ¶
func (m *EventFilter) GetChargenEvents() []*ChargenEventFilter
func (*EventFilter) GetContainerEvents ¶
func (m *EventFilter) GetContainerEvents() []*ContainerEventFilter
func (*EventFilter) GetFileEvents ¶
func (m *EventFilter) GetFileEvents() []*FileEventFilter
func (*EventFilter) GetKernelEvents ¶
func (m *EventFilter) GetKernelEvents() []*KernelFunctionCallFilter
func (*EventFilter) GetNetworkEvents ¶
func (m *EventFilter) GetNetworkEvents() []*NetworkEventFilter
func (*EventFilter) GetProcessEvents ¶
func (m *EventFilter) GetProcessEvents() []*ProcessEventFilter
func (*EventFilter) GetSyscallEvents ¶
func (m *EventFilter) GetSyscallEvents() []*SyscallEventFilter
func (*EventFilter) GetTickerEvents ¶
func (m *EventFilter) GetTickerEvents() []*TickerEventFilter
func (*EventFilter) ProtoMessage ¶
func (*EventFilter) ProtoMessage()
func (*EventFilter) Reset ¶
func (m *EventFilter) Reset()
func (*EventFilter) String ¶
func (m *EventFilter) String() string
type Expression ¶
type Expression struct { Type Expression_ExpressionType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.Expression_ExpressionType" json:"type,omitempty"` // Types that are valid to be assigned to Expr: // *Expression_Identifier // *Expression_Value // *Expression_BinaryOp // *Expression_UnaryOp Expr isExpression_Expr `protobuf_oneof:"expr"` }
func (*Expression) Descriptor ¶
func (*Expression) Descriptor() ([]byte, []int)
func (*Expression) GetBinaryOp ¶
func (m *Expression) GetBinaryOp() *BinaryOp
func (*Expression) GetExpr ¶
func (m *Expression) GetExpr() isExpression_Expr
func (*Expression) GetIdentifier ¶
func (m *Expression) GetIdentifier() string
func (*Expression) GetType ¶
func (m *Expression) GetType() Expression_ExpressionType
func (*Expression) GetUnaryOp ¶
func (m *Expression) GetUnaryOp() *Expression
func (*Expression) GetValue ¶
func (m *Expression) GetValue() *Value
func (*Expression) ProtoMessage ¶
func (*Expression) ProtoMessage()
func (*Expression) Reset ¶
func (m *Expression) Reset()
func (*Expression) String ¶
func (m *Expression) String() string
func (*Expression) XXX_OneofFuncs ¶
func (*Expression) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})
XXX_OneofFuncs is for the internal use of the proto package.
type Expression_BinaryOp ¶
type Expression_BinaryOp struct {
BinaryOp *BinaryOp `protobuf:"bytes,12,opt,name=binary_op,json=binaryOp,oneof"`
}
type Expression_ExpressionType ¶
type Expression_ExpressionType int32
const ( Expression_EXPRESSIONTYPE_UNSPECIFIED Expression_ExpressionType = 0 Expression_IDENTIFIER Expression_ExpressionType = 1 Expression_VALUE Expression_ExpressionType = 2 Expression_LOGICAL_AND Expression_ExpressionType = 10 Expression_LOGICAL_OR Expression_ExpressionType = 11 Expression_EQ Expression_ExpressionType = 20 Expression_NE Expression_ExpressionType = 21 Expression_LT Expression_ExpressionType = 22 Expression_LE Expression_ExpressionType = 23 Expression_GT Expression_ExpressionType = 24 Expression_GE Expression_ExpressionType = 25 Expression_LIKE Expression_ExpressionType = 26 Expression_IS_NULL Expression_ExpressionType = 27 Expression_IS_NOT_NULL Expression_ExpressionType = 28 Expression_BITWISE_AND Expression_ExpressionType = 30 )
func (Expression_ExpressionType) EnumDescriptor ¶
func (Expression_ExpressionType) EnumDescriptor() ([]byte, []int)
func (Expression_ExpressionType) String ¶
func (x Expression_ExpressionType) String() string
type Expression_Identifier ¶
type Expression_Identifier struct {
Identifier string `protobuf:"bytes,10,opt,name=identifier,oneof"`
}
type Expression_UnaryOp ¶
type Expression_UnaryOp struct {
UnaryOp *Expression `protobuf:"bytes,13,opt,name=unary_op,json=unaryOp,oneof"`
}
type Expression_Value ¶
type Expression_Value struct {
Value *Value `protobuf:"bytes,11,opt,name=value,oneof"`
}
type FileEvent ¶
type FileEvent struct { // The type of event described by this FileEvent message Type FileEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.FileEventType" json:"type,omitempty"` // Present when the event is a file open event. This is the filename of // the file being opened. Filename string `protobuf:"bytes,10,opt,name=filename" json:"filename,omitempty"` // Present when the event is a file open event. This is the set of // flags with which the file was opened (e.g., O_RDONLY, O_NONBLOCK, // etc.). OpenFlags int32 `protobuf:"zigzag32,11,opt,name=open_flags,json=openFlags" json:"open_flags,omitempty"` // Present when the event is a file open event. This is the set of file // permissions used in a creat(2) system call. OpenMode int32 `protobuf:"zigzag32,12,opt,name=open_mode,json=openMode" json:"open_mode,omitempty"` }
FileEvent describes an event that occurred related to file operations occurring as detected by the Sensor.
func (*FileEvent) Descriptor ¶
func (*FileEvent) GetFilename ¶
func (*FileEvent) GetOpenFlags ¶
func (*FileEvent) GetOpenMode ¶
func (*FileEvent) GetType ¶
func (m *FileEvent) GetType() FileEventType
func (*FileEvent) ProtoMessage ¶
func (*FileEvent) ProtoMessage()
type FileEventFilter ¶
type FileEventFilter struct { // Required; the file event type to match Type FileEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.FileEventType" json:"type,omitempty"` FilterExpression *Expression `protobuf:"bytes,100,opt,name=filter_expression,json=filterExpression" json:"filter_expression,omitempty"` // Optional; require exact match on the filename being acted upon Filename *google_protobuf1.StringValue `protobuf:"bytes,10,opt,name=filename" json:"filename,omitempty"` // Optional; require pattern match on the filename being acted upon FilenamePattern *google_protobuf1.StringValue `protobuf:"bytes,11,opt,name=filename_pattern,json=filenamePattern" json:"filename_pattern,omitempty"` // Optional; for file open events, require a match of the bits set // for the open(2) flags argument OpenFlagsMask *google_protobuf1.Int32Value `protobuf:"bytes,12,opt,name=open_flags_mask,json=openFlagsMask" json:"open_flags_mask,omitempty"` // Optional; for file open events, require a match of the bits set // for the open(2) or creat(2) mode argument CreateModeMask *google_protobuf1.Int32Value `protobuf:"bytes,13,opt,name=create_mode_mask,json=createModeMask" json:"create_mode_mask,omitempty"` }
The FileEventFilter specifies which file events to include in the Subscription. The specified fields are effectively "ANDed" to specify a matching event.
func (*FileEventFilter) Descriptor ¶
func (*FileEventFilter) Descriptor() ([]byte, []int)
func (*FileEventFilter) GetCreateModeMask ¶
func (m *FileEventFilter) GetCreateModeMask() *google_protobuf1.Int32Value
func (*FileEventFilter) GetFilename ¶
func (m *FileEventFilter) GetFilename() *google_protobuf1.StringValue
func (*FileEventFilter) GetFilenamePattern ¶
func (m *FileEventFilter) GetFilenamePattern() *google_protobuf1.StringValue
func (*FileEventFilter) GetFilterExpression ¶
func (m *FileEventFilter) GetFilterExpression() *Expression
func (*FileEventFilter) GetOpenFlagsMask ¶
func (m *FileEventFilter) GetOpenFlagsMask() *google_protobuf1.Int32Value
func (*FileEventFilter) GetType ¶
func (m *FileEventFilter) GetType() FileEventType
func (*FileEventFilter) ProtoMessage ¶
func (*FileEventFilter) ProtoMessage()
func (*FileEventFilter) Reset ¶
func (m *FileEventFilter) Reset()
func (*FileEventFilter) String ¶
func (m *FileEventFilter) String() string
type FileEventType ¶
type FileEventType int32
Possible FileEvent types
const ( // The type of event is unknown FileEventType_FILE_EVENT_TYPE_UNKNOWN FileEventType = 0 // The event is a file open event FileEventType_FILE_EVENT_TYPE_OPEN FileEventType = 1 )
func (FileEventType) EnumDescriptor ¶
func (FileEventType) EnumDescriptor() ([]byte, []int)
func (FileEventType) String ¶
func (x FileEventType) String() string
type GetEventsRequest ¶
type GetEventsRequest struct { // The Subscription message defines which events should be // returned in the stream. Subscription *Subscription `protobuf:"bytes,1,opt,name=subscription" json:"subscription,omitempty"` }
A request message to initiate the streaming of telemetry events
func (*GetEventsRequest) Descriptor ¶
func (*GetEventsRequest) Descriptor() ([]byte, []int)
func (*GetEventsRequest) GetSubscription ¶
func (m *GetEventsRequest) GetSubscription() *Subscription
func (*GetEventsRequest) ProtoMessage ¶
func (*GetEventsRequest) ProtoMessage()
func (*GetEventsRequest) Reset ¶
func (m *GetEventsRequest) Reset()
func (*GetEventsRequest) String ¶
func (m *GetEventsRequest) String() string
type GetEventsResponse ¶
type GetEventsResponse struct { // Can publish one or more message(s) at a time Events []*ReceivedTelemetryEvent `protobuf:"bytes,1,rep,name=events" json:"events,omitempty"` }
A response message containing telemetry events
func (*GetEventsResponse) Descriptor ¶
func (*GetEventsResponse) Descriptor() ([]byte, []int)
func (*GetEventsResponse) GetEvents ¶
func (m *GetEventsResponse) GetEvents() []*ReceivedTelemetryEvent
func (*GetEventsResponse) ProtoMessage ¶
func (*GetEventsResponse) ProtoMessage()
func (*GetEventsResponse) Reset ¶
func (m *GetEventsResponse) Reset()
func (*GetEventsResponse) String ¶
func (m *GetEventsResponse) String() string
type IPv4Address ¶
type IPv4Address struct { // The IPv4 address is network byte order (big endian) Address uint32 `protobuf:"fixed32,1,opt,name=address" json:"address,omitempty"` }
An IPv4 address
func (*IPv4Address) Descriptor ¶
func (*IPv4Address) Descriptor() ([]byte, []int)
func (*IPv4Address) GetAddress ¶
func (m *IPv4Address) GetAddress() uint32
func (*IPv4Address) ProtoMessage ¶
func (*IPv4Address) ProtoMessage()
func (*IPv4Address) Reset ¶
func (m *IPv4Address) Reset()
func (*IPv4Address) String ¶
func (m *IPv4Address) String() string
type IPv4AddressAndPort ¶
type IPv4AddressAndPort struct { // The IPv4 address Address *IPv4Address `protobuf:"bytes,1,opt,name=address" json:"address,omitempty"` // The port Port uint32 `protobuf:"varint,2,opt,name=port" json:"port,omitempty"` }
An IPv4 address and port
func (*IPv4AddressAndPort) Descriptor ¶
func (*IPv4AddressAndPort) Descriptor() ([]byte, []int)
func (*IPv4AddressAndPort) GetAddress ¶
func (m *IPv4AddressAndPort) GetAddress() *IPv4Address
func (*IPv4AddressAndPort) GetPort ¶
func (m *IPv4AddressAndPort) GetPort() uint32
func (*IPv4AddressAndPort) ProtoMessage ¶
func (*IPv4AddressAndPort) ProtoMessage()
func (*IPv4AddressAndPort) Reset ¶
func (m *IPv4AddressAndPort) Reset()
func (*IPv4AddressAndPort) String ¶
func (m *IPv4AddressAndPort) String() string
type IPv6Address ¶
type IPv6Address struct { // The high-order bytes of the IPv6 address High uint64 `protobuf:"fixed64,1,opt,name=high" json:"high,omitempty"` // The low-order bytes of the IPv6 address Low uint64 `protobuf:"fixed64,2,opt,name=low" json:"low,omitempty"` }
An IPv6 address
func (*IPv6Address) Descriptor ¶
func (*IPv6Address) Descriptor() ([]byte, []int)
func (*IPv6Address) GetHigh ¶
func (m *IPv6Address) GetHigh() uint64
func (*IPv6Address) GetLow ¶
func (m *IPv6Address) GetLow() uint64
func (*IPv6Address) ProtoMessage ¶
func (*IPv6Address) ProtoMessage()
func (*IPv6Address) Reset ¶
func (m *IPv6Address) Reset()
func (*IPv6Address) String ¶
func (m *IPv6Address) String() string
type IPv6AddressAndPort ¶
type IPv6AddressAndPort struct { // The IPv6 address Address *IPv6Address `protobuf:"bytes,1,opt,name=address" json:"address,omitempty"` // The port Port uint32 `protobuf:"varint,2,opt,name=port" json:"port,omitempty"` }
An IPv6 address and port
func (*IPv6AddressAndPort) Descriptor ¶
func (*IPv6AddressAndPort) Descriptor() ([]byte, []int)
func (*IPv6AddressAndPort) GetAddress ¶
func (m *IPv6AddressAndPort) GetAddress() *IPv6Address
func (*IPv6AddressAndPort) GetPort ¶
func (m *IPv6AddressAndPort) GetPort() uint32
func (*IPv6AddressAndPort) ProtoMessage ¶
func (*IPv6AddressAndPort) ProtoMessage()
func (*IPv6AddressAndPort) Reset ¶
func (m *IPv6AddressAndPort) Reset()
func (*IPv6AddressAndPort) String ¶
func (m *IPv6AddressAndPort) String() string
type KernelFunctionCallEvent ¶
type KernelFunctionCallEvent struct { // Label repeated w/ a `mapEntry` option set to `true`. // This is a map of argument names and values. The keys are strings // that are the names of the arguments, and the values are the actual // values for each field. Arguments map[string]*KernelFunctionCallEvent_FieldValue `` /* 138-byte string literal not displayed */ }
KernelFunctionCallEvent describes an event that occurred related to kernel functions being entered or exited.
func (*KernelFunctionCallEvent) Descriptor ¶
func (*KernelFunctionCallEvent) Descriptor() ([]byte, []int)
func (*KernelFunctionCallEvent) GetArguments ¶
func (m *KernelFunctionCallEvent) GetArguments() map[string]*KernelFunctionCallEvent_FieldValue
func (*KernelFunctionCallEvent) ProtoMessage ¶
func (*KernelFunctionCallEvent) ProtoMessage()
func (*KernelFunctionCallEvent) Reset ¶
func (m *KernelFunctionCallEvent) Reset()
func (*KernelFunctionCallEvent) String ¶
func (m *KernelFunctionCallEvent) String() string
type KernelFunctionCallEventType ¶
type KernelFunctionCallEventType int32
Possible KernelFunctionCallEvent types
const ( // The type of event is unknown KernelFunctionCallEventType_KERNEL_FUNCTION_CALL_EVENT_TYPE_UNKNOWN KernelFunctionCallEventType = 0 // The event is a kernel function being entered. KernelFunctionCallEventType_KERNEL_FUNCTION_CALL_EVENT_TYPE_ENTER KernelFunctionCallEventType = 1 // The event is a kernel function being exited. KernelFunctionCallEventType_KERNEL_FUNCTION_CALL_EVENT_TYPE_EXIT KernelFunctionCallEventType = 2 )
func (KernelFunctionCallEventType) EnumDescriptor ¶
func (KernelFunctionCallEventType) EnumDescriptor() ([]byte, []int)
func (KernelFunctionCallEventType) String ¶
func (x KernelFunctionCallEventType) String() string
type KernelFunctionCallEvent_FieldType ¶
type KernelFunctionCallEvent_FieldType int32
Possible field types
const ( // The field type is unknown KernelFunctionCallEvent_UNKNOWN KernelFunctionCallEvent_FieldType = 0 // The field type is an array of bytes KernelFunctionCallEvent_BYTES KernelFunctionCallEvent_FieldType = 1 // The field type is a string KernelFunctionCallEvent_STRING KernelFunctionCallEvent_FieldType = 2 // The field type is a signed 8-bit integer KernelFunctionCallEvent_SINT8 KernelFunctionCallEvent_FieldType = 3 // The field type is a signed 16-bit integer KernelFunctionCallEvent_SINT16 KernelFunctionCallEvent_FieldType = 4 // The field type is a signed 32-bit integer KernelFunctionCallEvent_SINT32 KernelFunctionCallEvent_FieldType = 5 // The field type is a signed 64-bit integer KernelFunctionCallEvent_SINT64 KernelFunctionCallEvent_FieldType = 6 // The field type is an unsigned 8-bit integer KernelFunctionCallEvent_UINT8 KernelFunctionCallEvent_FieldType = 7 // The field type is an unsigned 16-bit integer KernelFunctionCallEvent_UINT16 KernelFunctionCallEvent_FieldType = 8 // The field type is an unsigned 32-bit integer KernelFunctionCallEvent_UINT32 KernelFunctionCallEvent_FieldType = 9 // The field type is an unsigned 64-bit integer KernelFunctionCallEvent_UINT64 KernelFunctionCallEvent_FieldType = 10 )
func (KernelFunctionCallEvent_FieldType) EnumDescriptor ¶
func (KernelFunctionCallEvent_FieldType) EnumDescriptor() ([]byte, []int)
func (KernelFunctionCallEvent_FieldType) String ¶
func (x KernelFunctionCallEvent_FieldType) String() string
type KernelFunctionCallEvent_FieldValue ¶
type KernelFunctionCallEvent_FieldValue struct { // The type represented by this field value. FieldType KernelFunctionCallEvent_FieldType `` /* 137-byte string literal not displayed */ // Types that are valid to be assigned to Value: // *KernelFunctionCallEvent_FieldValue_BytesValue // *KernelFunctionCallEvent_FieldValue_StringValue // *KernelFunctionCallEvent_FieldValue_SignedValue // *KernelFunctionCallEvent_FieldValue_UnsignedValue Value isKernelFunctionCallEvent_FieldValue_Value `protobuf_oneof:"value"` }
The representation of a field value, which is composed of type information and the value itself.
func (*KernelFunctionCallEvent_FieldValue) Descriptor ¶
func (*KernelFunctionCallEvent_FieldValue) Descriptor() ([]byte, []int)
func (*KernelFunctionCallEvent_FieldValue) GetBytesValue ¶
func (m *KernelFunctionCallEvent_FieldValue) GetBytesValue() []byte
func (*KernelFunctionCallEvent_FieldValue) GetFieldType ¶
func (m *KernelFunctionCallEvent_FieldValue) GetFieldType() KernelFunctionCallEvent_FieldType
func (*KernelFunctionCallEvent_FieldValue) GetSignedValue ¶
func (m *KernelFunctionCallEvent_FieldValue) GetSignedValue() int64
func (*KernelFunctionCallEvent_FieldValue) GetStringValue ¶
func (m *KernelFunctionCallEvent_FieldValue) GetStringValue() string
func (*KernelFunctionCallEvent_FieldValue) GetUnsignedValue ¶
func (m *KernelFunctionCallEvent_FieldValue) GetUnsignedValue() uint64
func (*KernelFunctionCallEvent_FieldValue) GetValue ¶
func (m *KernelFunctionCallEvent_FieldValue) GetValue() isKernelFunctionCallEvent_FieldValue_Value
func (*KernelFunctionCallEvent_FieldValue) ProtoMessage ¶
func (*KernelFunctionCallEvent_FieldValue) ProtoMessage()
func (*KernelFunctionCallEvent_FieldValue) Reset ¶
func (m *KernelFunctionCallEvent_FieldValue) Reset()
func (*KernelFunctionCallEvent_FieldValue) String ¶
func (m *KernelFunctionCallEvent_FieldValue) String() string
func (*KernelFunctionCallEvent_FieldValue) XXX_OneofFuncs ¶
func (*KernelFunctionCallEvent_FieldValue) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})
XXX_OneofFuncs is for the internal use of the proto package.
type KernelFunctionCallEvent_FieldValue_BytesValue ¶
type KernelFunctionCallEvent_FieldValue_BytesValue struct {
BytesValue []byte `protobuf:"bytes,2,opt,name=bytes_value,json=bytesValue,proto3,oneof"`
}
type KernelFunctionCallEvent_FieldValue_SignedValue ¶
type KernelFunctionCallEvent_FieldValue_SignedValue struct {
SignedValue int64 `protobuf:"zigzag64,4,opt,name=signed_value,json=signedValue,oneof"`
}
type KernelFunctionCallEvent_FieldValue_StringValue ¶
type KernelFunctionCallEvent_FieldValue_StringValue struct {
StringValue string `protobuf:"bytes,3,opt,name=string_value,json=stringValue,oneof"`
}
type KernelFunctionCallEvent_FieldValue_UnsignedValue ¶
type KernelFunctionCallEvent_FieldValue_UnsignedValue struct {
UnsignedValue uint64 `protobuf:"varint,5,opt,name=unsigned_value,json=unsignedValue,oneof"`
}
type KernelFunctionCallFilter ¶
type KernelFunctionCallFilter struct { // Required; the kernel function call event type to match Type KernelFunctionCallEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.KernelFunctionCallEventType" json:"type,omitempty"` // Required; the kernel symbol to match on Symbol string `protobuf:"bytes,10,opt,name=symbol" json:"symbol,omitempty"` // Optional; the field names and data to be returned by the kernel // when the event triggers. Note that this is a map. The keys are the // names to assign to the returned fields, and the values are a string // describing the data to return, usually an expression involving the // register containing the desired data and a suffix indicating the // type of the data (e.g., "s32", "string", "u64", etc.). This map is // used to construct the "fetchargs" passed to the kernel when creating // the kernel probe. Arguments map[string]string `` /* 139-byte string literal not displayed */ // Optional; a filter to apply to kernel probe. FilterExpression *Expression `protobuf:"bytes,100,opt,name=filter_expression,json=filterExpression" json:"filter_expression,omitempty"` }
The KernelFunctionCallFilter specifies which kernel function call events to include in the Subscription. The arguments map defines values that will be fetched at each call and returned along with the event. In order to minimize event volume, a filter may be included that filters the kernel function calls based on the observed values of the specified arguments at the time of the kernel function call.
func (*KernelFunctionCallFilter) Descriptor ¶
func (*KernelFunctionCallFilter) Descriptor() ([]byte, []int)
func (*KernelFunctionCallFilter) GetArguments ¶
func (m *KernelFunctionCallFilter) GetArguments() map[string]string
func (*KernelFunctionCallFilter) GetFilterExpression ¶
func (m *KernelFunctionCallFilter) GetFilterExpression() *Expression
func (*KernelFunctionCallFilter) GetSymbol ¶
func (m *KernelFunctionCallFilter) GetSymbol() string
func (*KernelFunctionCallFilter) GetType ¶
func (m *KernelFunctionCallFilter) GetType() KernelFunctionCallEventType
func (*KernelFunctionCallFilter) ProtoMessage ¶
func (*KernelFunctionCallFilter) ProtoMessage()
func (*KernelFunctionCallFilter) Reset ¶
func (m *KernelFunctionCallFilter) Reset()
func (*KernelFunctionCallFilter) String ¶
func (m *KernelFunctionCallFilter) String() string
type LimitModifier ¶
type LimitModifier struct { // Limit the number of events Limit int64 `protobuf:"varint,1,opt,name=limit" json:"limit,omitempty"` }
The LimitModifier cancels the subscription on each Sensor after the specified number of events. The entire Subscription may return more events that this depending on how many active Sensors there are.
func (*LimitModifier) Descriptor ¶
func (*LimitModifier) Descriptor() ([]byte, []int)
func (*LimitModifier) GetLimit ¶
func (m *LimitModifier) GetLimit() int64
func (*LimitModifier) ProtoMessage ¶
func (*LimitModifier) ProtoMessage()
func (*LimitModifier) Reset ¶
func (m *LimitModifier) Reset()
func (*LimitModifier) String ¶
func (m *LimitModifier) String() string
type Modifier ¶
type Modifier struct { Throttle *ThrottleModifier `protobuf:"bytes,1,opt,name=throttle" json:"throttle,omitempty"` Limit *LimitModifier `protobuf:"bytes,2,opt,name=limit" json:"limit,omitempty"` }
Modifier specifies which stream modifiers to apply if any. For a given stream, a modifier can apply a throttle or limit etc. Modifiers can be used together.
func (*Modifier) Descriptor ¶
func (*Modifier) GetLimit ¶
func (m *Modifier) GetLimit() *LimitModifier
func (*Modifier) GetThrottle ¶
func (m *Modifier) GetThrottle() *ThrottleModifier
func (*Modifier) ProtoMessage ¶
func (*Modifier) ProtoMessage()
type NetworkAddress ¶
type NetworkAddress struct { // The address family that specifies which address format is in use Family NetworkAddressFamily `protobuf:"varint,1,opt,name=family,enum=capsule8.api.v0.NetworkAddressFamily" json:"family,omitempty"` // Types that are valid to be assigned to Address: // *NetworkAddress_Ipv4Address // *NetworkAddress_Ipv6Address // *NetworkAddress_LocalAddress Address isNetworkAddress_Address `protobuf_oneof:"address"` }
A network address
func (*NetworkAddress) Descriptor ¶
func (*NetworkAddress) Descriptor() ([]byte, []int)
func (*NetworkAddress) GetAddress ¶
func (m *NetworkAddress) GetAddress() isNetworkAddress_Address
func (*NetworkAddress) GetFamily ¶
func (m *NetworkAddress) GetFamily() NetworkAddressFamily
func (*NetworkAddress) GetIpv4Address ¶
func (m *NetworkAddress) GetIpv4Address() *IPv4AddressAndPort
func (*NetworkAddress) GetIpv6Address ¶
func (m *NetworkAddress) GetIpv6Address() *IPv6AddressAndPort
func (*NetworkAddress) GetLocalAddress ¶
func (m *NetworkAddress) GetLocalAddress() string
func (*NetworkAddress) ProtoMessage ¶
func (*NetworkAddress) ProtoMessage()
func (*NetworkAddress) Reset ¶
func (m *NetworkAddress) Reset()
func (*NetworkAddress) String ¶
func (m *NetworkAddress) String() string
func (*NetworkAddress) XXX_OneofFuncs ¶
func (*NetworkAddress) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})
XXX_OneofFuncs is for the internal use of the proto package.
type NetworkAddressFamily ¶
type NetworkAddressFamily int32
Supported network address families
const ( // The network address family is unknown NetworkAddressFamily_NETWORK_ADDRESS_FAMILY_UNKNOWN NetworkAddressFamily = 0 // AF_INET; IPv4 address formats NetworkAddressFamily_NETWORK_ADDRESS_FAMILY_INET NetworkAddressFamily = 1 // AF_INET6; IPv6 address formats NetworkAddressFamily_NETWORK_ADDRESS_FAMILY_INET6 NetworkAddressFamily = 2 // AF_LOCAL / AF_UNIX; local filesystem address formats NetworkAddressFamily_NETWORK_ADDRESS_FAMILY_LOCAL NetworkAddressFamily = 3 )
func (NetworkAddressFamily) EnumDescriptor ¶
func (NetworkAddressFamily) EnumDescriptor() ([]byte, []int)
func (NetworkAddressFamily) String ¶
func (x NetworkAddressFamily) String() string
type NetworkAddress_Ipv4Address ¶
type NetworkAddress_Ipv4Address struct {
Ipv4Address *IPv4AddressAndPort `protobuf:"bytes,10,opt,name=ipv4_address,json=ipv4Address,oneof"`
}
type NetworkAddress_Ipv6Address ¶
type NetworkAddress_Ipv6Address struct {
Ipv6Address *IPv6AddressAndPort `protobuf:"bytes,20,opt,name=ipv6_address,json=ipv6Address,oneof"`
}
type NetworkAddress_LocalAddress ¶
type NetworkAddress_LocalAddress struct {
LocalAddress string `protobuf:"bytes,30,opt,name=local_address,json=localAddress,oneof"`
}
type NetworkEvent ¶
type NetworkEvent struct { // The type of event described by this NetworkEvent message. Type NetworkEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.NetworkEventType" json:"type,omitempty"` // Present when the event describes a network event that is an attempt // to perform a network related action. This is the socket descriptor // used to perform the action. Sockfd uint64 `protobuf:"varint,10,opt,name=sockfd" json:"sockfd,omitempty"` // Present when the event describes a network event that is an attempt // to perform a network related action that includes an address. This // is that address. Address *NetworkAddress `protobuf:"bytes,11,opt,name=address" json:"address,omitempty"` // Present when the event describes a network event that is the result // of an attempted network related action. This is the return code from // the system call. Result int64 `protobuf:"zigzag64,12,opt,name=result" json:"result,omitempty"` // Present only when the event describes a listen attempt. This is the // value of the backlog argument passed to listen(2). Backlog uint64 `protobuf:"varint,13,opt,name=backlog" json:"backlog,omitempty"` }
NetworkEvent describes an event that occurred related to network activity occurring as detected by the Sensor.
func (*NetworkEvent) Descriptor ¶
func (*NetworkEvent) Descriptor() ([]byte, []int)
func (*NetworkEvent) GetAddress ¶
func (m *NetworkEvent) GetAddress() *NetworkAddress
func (*NetworkEvent) GetBacklog ¶
func (m *NetworkEvent) GetBacklog() uint64
func (*NetworkEvent) GetResult ¶
func (m *NetworkEvent) GetResult() int64
func (*NetworkEvent) GetSockfd ¶
func (m *NetworkEvent) GetSockfd() uint64
func (*NetworkEvent) GetType ¶
func (m *NetworkEvent) GetType() NetworkEventType
func (*NetworkEvent) ProtoMessage ¶
func (*NetworkEvent) ProtoMessage()
func (*NetworkEvent) Reset ¶
func (m *NetworkEvent) Reset()
func (*NetworkEvent) String ¶
func (m *NetworkEvent) String() string
type NetworkEventFilter ¶
type NetworkEventFilter struct { // Required; the network event type to match Type NetworkEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.NetworkEventType" json:"type,omitempty"` // Optional; a filter to apply to events. Only events for which the // evaluation of the filter expression is true will be returned. FilterExpression *Expression `protobuf:"bytes,100,opt,name=filter_expression,json=filterExpression" json:"filter_expression,omitempty"` }
The NetworkEventFilter specifies which network events to include in the Subscription. The included filter can be used to specify precisely which network events should be included.
func (*NetworkEventFilter) Descriptor ¶
func (*NetworkEventFilter) Descriptor() ([]byte, []int)
func (*NetworkEventFilter) GetFilterExpression ¶
func (m *NetworkEventFilter) GetFilterExpression() *Expression
func (*NetworkEventFilter) GetType ¶
func (m *NetworkEventFilter) GetType() NetworkEventType
func (*NetworkEventFilter) ProtoMessage ¶
func (*NetworkEventFilter) ProtoMessage()
func (*NetworkEventFilter) Reset ¶
func (m *NetworkEventFilter) Reset()
func (*NetworkEventFilter) String ¶
func (m *NetworkEventFilter) String() string
type NetworkEventType ¶
type NetworkEventType int32
Possible network event types
const ( // The type of event is unknown NetworkEventType_NETWORK_EVENT_TYPE_UNKNOWN NetworkEventType = 0 // The event is an attempt to connect to an address NetworkEventType_NETWORK_EVENT_TYPE_CONNECT_ATTEMPT NetworkEventType = 1 // The event is the result of an attempt to connect to an address NetworkEventType_NETWORK_EVENT_TYPE_CONNECT_RESULT NetworkEventType = 2 // The event is an attempt to bind to a local address NetworkEventType_NETWORK_EVENT_TYPE_BIND_ATTEMPT NetworkEventType = 3 // The event is the result of an attempt to bind to a local address NetworkEventType_NETWORK_EVENT_TYPE_BIND_RESULT NetworkEventType = 4 // The event is an attempt to listen for connections NetworkEventType_NETWORK_EVENT_TYPE_LISTEN_ATTEMPT NetworkEventType = 5 // The event is the result of an attempt to listen for connections NetworkEventType_NETWORK_EVENT_TYPE_LISTEN_RESULT NetworkEventType = 6 // The event is an attempt to accept an incoming connection NetworkEventType_NETWORK_EVENT_TYPE_ACCEPT_ATTEMPT NetworkEventType = 7 // The event is the result of an attempt to accept an incoming // connection NetworkEventType_NETWORK_EVENT_TYPE_ACCEPT_RESULT NetworkEventType = 8 // The event is an attempt to send data to a specific address NetworkEventType_NETWORK_EVENT_TYPE_SENDTO_ATTEMPT NetworkEventType = 9 // The event is the result of an attempt to send data to a specific // address NetworkEventType_NETWORK_EVENT_TYPE_SENDTO_RESULT NetworkEventType = 10 // The event is an attempt to receive data from a specific address NetworkEventType_NETWORK_EVENT_TYPE_RECVFROM_ATTEMPT NetworkEventType = 11 // The event is the result of an attempt to receive data from a // specific address NetworkEventType_NETWORK_EVENT_TYPE_RECVFROM_RESULT NetworkEventType = 12 )
func (NetworkEventType) EnumDescriptor ¶
func (NetworkEventType) EnumDescriptor() ([]byte, []int)
func (NetworkEventType) String ¶
func (x NetworkEventType) String() string
type Process ¶
type Process struct { Pid int32 `protobuf:"zigzag32,1,opt,name=pid" json:"pid,omitempty"` Command string `protobuf:"bytes,2,opt,name=command" json:"command,omitempty"` }
func (*Process) Descriptor ¶
func (*Process) GetCommand ¶
func (*Process) ProtoMessage ¶
func (*Process) ProtoMessage()
type ProcessEvent ¶
type ProcessEvent struct { // The type of event described by this ProcessEvent message Type ProcessEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.ProcessEventType" json:"type,omitempty"` // Present when the event is a fork event. This is the PID of the // new child process. ForkChildPid int32 `protobuf:"zigzag32,10,opt,name=fork_child_pid,json=forkChildPid" json:"fork_child_pid,omitempty"` // Present when the event is a fork event. This is the Sensor's process // ID of the new child process. ForkChildId string `protobuf:"bytes,11,opt,name=fork_child_id,json=forkChildId" json:"fork_child_id,omitempty"` // Present when the event is an exec event. This is the filename of the // executable that was executed. ExecFilename string `protobuf:"bytes,20,opt,name=exec_filename,json=execFilename" json:"exec_filename,omitempty"` // Present when the event is an exec event. Repeated for each argument // passed to the executable on the command-line. ExecCommandLine []string `protobuf:"bytes,21,rep,name=exec_command_line,json=execCommandLine" json:"exec_command_line,omitempty"` // Present when the event is an exit event. This is the exit code that // the process exited with. ExitCode int32 `protobuf:"zigzag32,30,opt,name=exit_code,json=exitCode" json:"exit_code,omitempty"` // Present when the event is an exit event. This will typically be one9 // of the values defined in stdlib.h like EXIT_SUCCESS, EXIT_FAILURE, // or EXIT_USAGE. ExitStatus uint32 `protobuf:"varint,31,opt,name=exit_status,json=exitStatus" json:"exit_status,omitempty"` // Present when the event is an exit event. If non-zero, this is the // signal number that the process was terminated with. ExitSignal uint32 `protobuf:"varint,32,opt,name=exit_signal,json=exitSignal" json:"exit_signal,omitempty"` // Present when the event is an exit event. If true, indicates that the // process dumped a core when it terminated. ExitCoreDumped bool `protobuf:"varint,33,opt,name=exit_core_dumped,json=exitCoreDumped" json:"exit_core_dumped,omitempty"` }
ProcessEvent describes an event that occurred related to processes starting and exiting as detected by the Sensor.
func (*ProcessEvent) Descriptor ¶
func (*ProcessEvent) Descriptor() ([]byte, []int)
func (*ProcessEvent) GetExecCommandLine ¶
func (m *ProcessEvent) GetExecCommandLine() []string
func (*ProcessEvent) GetExecFilename ¶
func (m *ProcessEvent) GetExecFilename() string
func (*ProcessEvent) GetExitCode ¶
func (m *ProcessEvent) GetExitCode() int32
func (*ProcessEvent) GetExitCoreDumped ¶
func (m *ProcessEvent) GetExitCoreDumped() bool
func (*ProcessEvent) GetExitSignal ¶
func (m *ProcessEvent) GetExitSignal() uint32
func (*ProcessEvent) GetExitStatus ¶
func (m *ProcessEvent) GetExitStatus() uint32
func (*ProcessEvent) GetForkChildId ¶
func (m *ProcessEvent) GetForkChildId() string
func (*ProcessEvent) GetForkChildPid ¶
func (m *ProcessEvent) GetForkChildPid() int32
func (*ProcessEvent) GetType ¶
func (m *ProcessEvent) GetType() ProcessEventType
func (*ProcessEvent) ProtoMessage ¶
func (*ProcessEvent) ProtoMessage()
func (*ProcessEvent) Reset ¶
func (m *ProcessEvent) Reset()
func (*ProcessEvent) String ¶
func (m *ProcessEvent) String() string
type ProcessEventFilter ¶
type ProcessEventFilter struct { // Required; the process event type to match Type ProcessEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.ProcessEventType" json:"type,omitempty"` FilterExpression *Expression `protobuf:"bytes,100,opt,name=filter_expression,json=filterExpression" json:"filter_expression,omitempty"` // Optional; require exact match on the filename passed to execve(2) ExecFilename *google_protobuf1.StringValue `protobuf:"bytes,12,opt,name=exec_filename,json=execFilename" json:"exec_filename,omitempty"` // Optional; require pattern match on the filename passed to execve(2) ExecFilenamePattern *google_protobuf1.StringValue `protobuf:"bytes,13,opt,name=exec_filename_pattern,json=execFilenamePattern" json:"exec_filename_pattern,omitempty"` // Optional; require exact match on exit code ExitCode *google_protobuf1.Int32Value `protobuf:"bytes,14,opt,name=exit_code,json=exitCode" json:"exit_code,omitempty"` }
The ProcessEventFilter specifies which process events to include in the Subscription. The specified fields are effectively "ANDed" to specify a matching event.
func (*ProcessEventFilter) Descriptor ¶
func (*ProcessEventFilter) Descriptor() ([]byte, []int)
func (*ProcessEventFilter) GetExecFilename ¶
func (m *ProcessEventFilter) GetExecFilename() *google_protobuf1.StringValue
func (*ProcessEventFilter) GetExecFilenamePattern ¶
func (m *ProcessEventFilter) GetExecFilenamePattern() *google_protobuf1.StringValue
func (*ProcessEventFilter) GetExitCode ¶
func (m *ProcessEventFilter) GetExitCode() *google_protobuf1.Int32Value
func (*ProcessEventFilter) GetFilterExpression ¶
func (m *ProcessEventFilter) GetFilterExpression() *Expression
func (*ProcessEventFilter) GetType ¶
func (m *ProcessEventFilter) GetType() ProcessEventType
func (*ProcessEventFilter) ProtoMessage ¶
func (*ProcessEventFilter) ProtoMessage()
func (*ProcessEventFilter) Reset ¶
func (m *ProcessEventFilter) Reset()
func (*ProcessEventFilter) String ¶
func (m *ProcessEventFilter) String() string
type ProcessEventType ¶
type ProcessEventType int32
Possible ProcessEvent types
const ( // The type of event is unknown ProcessEventType_PROCESS_EVENT_TYPE_UNKNOWN ProcessEventType = 0 // The event is a process fork event ProcessEventType_PROCESS_EVENT_TYPE_FORK ProcessEventType = 1 // The event is a process exec event ProcessEventType_PROCESS_EVENT_TYPE_EXEC ProcessEventType = 2 // The event is a process exit event ProcessEventType_PROCESS_EVENT_TYPE_EXIT ProcessEventType = 3 )
func (ProcessEventType) EnumDescriptor ¶
func (ProcessEventType) EnumDescriptor() ([]byte, []int)
func (ProcessEventType) String ¶
func (x ProcessEventType) String() string
type ReceivedTelemetryEvent ¶
type ReceivedTelemetryEvent struct { // The time that the event was received by the backplane (in micros // since Unix epoch) PublishTimeMicros int64 `protobuf:"varint,1,opt,name=publish_time_micros,json=publishTimeMicros" json:"publish_time_micros,omitempty"` // The actual event observed by the Sensor. For historical // event subscriptions, this event may be sent from the // Recorder. Event *TelemetryEvent `protobuf:"bytes,2,opt,name=event" json:"event,omitempty"` // An opaque ack for the event. If present, this ack must be sent to // the PubsubService's Acknowledge method or else the TelemetryService // will re-transmit the event. Ack []byte `protobuf:"bytes,3,opt,name=ack,proto3" json:"ack,omitempty"` }
A telemetry event received from a Sensor or Recorder.
func (*ReceivedTelemetryEvent) Descriptor ¶
func (*ReceivedTelemetryEvent) Descriptor() ([]byte, []int)
func (*ReceivedTelemetryEvent) GetAck ¶
func (m *ReceivedTelemetryEvent) GetAck() []byte
func (*ReceivedTelemetryEvent) GetEvent ¶
func (m *ReceivedTelemetryEvent) GetEvent() *TelemetryEvent
func (*ReceivedTelemetryEvent) GetPublishTimeMicros ¶
func (m *ReceivedTelemetryEvent) GetPublishTimeMicros() int64
func (*ReceivedTelemetryEvent) ProtoMessage ¶
func (*ReceivedTelemetryEvent) ProtoMessage()
func (*ReceivedTelemetryEvent) Reset ¶
func (m *ReceivedTelemetryEvent) Reset()
func (*ReceivedTelemetryEvent) String ¶
func (m *ReceivedTelemetryEvent) String() string
type Subscription ¶
type Subscription struct { // Return events matching one or more of the specified event // filters. If no event filters are specified, then no events // will be returned. EventFilter *EventFilter `protobuf:"bytes,1,opt,name=event_filter,json=eventFilter" json:"event_filter,omitempty"` // If not empty, then only return events from containers matched // by one or more of the specified container filters. ContainerFilter *ContainerFilter `protobuf:"bytes,2,opt,name=container_filter,json=containerFilter" json:"container_filter,omitempty"` // If not empty, then only return events that occurred after // the specified relative duration subtracted from the current // time (recorder time). If the resulting time is in the past, then the // subscription will search for historic events before streaming // live ones. SinceDuration *google_protobuf1.Int64Value `protobuf:"bytes,10,opt,name=since_duration,json=sinceDuration" json:"since_duration,omitempty"` // If not empty, then only return events that occurred before // the specified relative duration added to `since_duration`. // If `since_duration` is not supplied, return events from now and until // the specified relative duration is hit. ForDuration *google_protobuf1.Int64Value `protobuf:"bytes,11,opt,name=for_duration,json=forDuration" json:"for_duration,omitempty"` // If not empty, apply the specified modifier to the subscription. Modifier *Modifier `protobuf:"bytes,20,opt,name=modifier" json:"modifier,omitempty"` }
The Subscription message identifies a subscriber's interest in telemetry events.
func (*Subscription) Descriptor ¶
func (*Subscription) Descriptor() ([]byte, []int)
func (*Subscription) GetContainerFilter ¶
func (m *Subscription) GetContainerFilter() *ContainerFilter
func (*Subscription) GetEventFilter ¶
func (m *Subscription) GetEventFilter() *EventFilter
func (*Subscription) GetForDuration ¶
func (m *Subscription) GetForDuration() *google_protobuf1.Int64Value
func (*Subscription) GetModifier ¶
func (m *Subscription) GetModifier() *Modifier
func (*Subscription) GetSinceDuration ¶
func (m *Subscription) GetSinceDuration() *google_protobuf1.Int64Value
func (*Subscription) ProtoMessage ¶
func (*Subscription) ProtoMessage()
func (*Subscription) Reset ¶
func (m *Subscription) Reset()
func (*Subscription) String ¶
func (m *Subscription) String() string
type SyscallEvent ¶
type SyscallEvent struct { // The type of event described by this SyscallEvent message Type SyscallEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.SyscallEventType" json:"type,omitempty"` // The syscall number for either enter or exit events. Id int64 `protobuf:"varint,2,opt,name=id" json:"id,omitempty"` // Present when the event is an enter event. This is the first // argument passed to the system call. Arg0 uint64 `protobuf:"varint,10,opt,name=arg0" json:"arg0,omitempty"` // Present when the event is an enter event. This is the second // argument passed to the system call. Arg1 uint64 `protobuf:"varint,11,opt,name=arg1" json:"arg1,omitempty"` // Present when the event is an enter event. This is the third // argument passed to the system call. Arg2 uint64 `protobuf:"varint,12,opt,name=arg2" json:"arg2,omitempty"` // Present when the event is an enter event. This is the fourth // argument passed to the system call. Arg3 uint64 `protobuf:"varint,13,opt,name=arg3" json:"arg3,omitempty"` // Present when the event is an enter event. This is the fifth // argument passed to the system call. Arg4 uint64 `protobuf:"varint,14,opt,name=arg4" json:"arg4,omitempty"` // Present when the event is an enter event. This is the sixth // argument passed to the system call. Arg5 uint64 `protobuf:"varint,15,opt,name=arg5" json:"arg5,omitempty"` // Present when the event is an exit event. This is the value that was // returned from the system call. Ret int64 `protobuf:"varint,20,opt,name=ret" json:"ret,omitempty"` }
SyscallEvent describes an event that occurred related to system calls being made or returning as detected by the Sensor.
func (*SyscallEvent) Descriptor ¶
func (*SyscallEvent) Descriptor() ([]byte, []int)
func (*SyscallEvent) GetArg0 ¶
func (m *SyscallEvent) GetArg0() uint64
func (*SyscallEvent) GetArg1 ¶
func (m *SyscallEvent) GetArg1() uint64
func (*SyscallEvent) GetArg2 ¶
func (m *SyscallEvent) GetArg2() uint64
func (*SyscallEvent) GetArg3 ¶
func (m *SyscallEvent) GetArg3() uint64
func (*SyscallEvent) GetArg4 ¶
func (m *SyscallEvent) GetArg4() uint64
func (*SyscallEvent) GetArg5 ¶
func (m *SyscallEvent) GetArg5() uint64
func (*SyscallEvent) GetId ¶
func (m *SyscallEvent) GetId() int64
func (*SyscallEvent) GetRet ¶
func (m *SyscallEvent) GetRet() int64
func (*SyscallEvent) GetType ¶
func (m *SyscallEvent) GetType() SyscallEventType
func (*SyscallEvent) ProtoMessage ¶
func (*SyscallEvent) ProtoMessage()
func (*SyscallEvent) Reset ¶
func (m *SyscallEvent) Reset()
func (*SyscallEvent) String ¶
func (m *SyscallEvent) String() string
type SyscallEventFilter ¶
type SyscallEventFilter struct { // Required; type of system call event (entry or exit) Type SyscallEventType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.SyscallEventType" json:"type,omitempty"` FilterExpression *Expression `protobuf:"bytes,100,opt,name=filter_expression,json=filterExpression" json:"filter_expression,omitempty"` // Required; system call number from // arch/x86/entry/syscalls/syscall_64.tbl Id *google_protobuf1.Int64Value `protobuf:"bytes,2,opt,name=id" json:"id,omitempty"` // Optional; precise value of a particular system call argument Arg0 *google_protobuf1.UInt64Value `protobuf:"bytes,10,opt,name=arg0" json:"arg0,omitempty"` Arg1 *google_protobuf1.UInt64Value `protobuf:"bytes,11,opt,name=arg1" json:"arg1,omitempty"` Arg2 *google_protobuf1.UInt64Value `protobuf:"bytes,12,opt,name=arg2" json:"arg2,omitempty"` Arg3 *google_protobuf1.UInt64Value `protobuf:"bytes,13,opt,name=arg3" json:"arg3,omitempty"` Arg4 *google_protobuf1.UInt64Value `protobuf:"bytes,14,opt,name=arg4" json:"arg4,omitempty"` Arg5 *google_protobuf1.UInt64Value `protobuf:"bytes,15,opt,name=arg5" json:"arg5,omitempty"` // Optional; return value of the system call (if type indicates exit). Ret *google_protobuf1.Int64Value `protobuf:"bytes,20,opt,name=ret" json:"ret,omitempty"` }
The SyscallEventFilter specifies which system call events to include in the Subscription. The specified fields are effectively "ANDed" to specify a matching event.
func (*SyscallEventFilter) Descriptor ¶
func (*SyscallEventFilter) Descriptor() ([]byte, []int)
func (*SyscallEventFilter) GetArg0 ¶
func (m *SyscallEventFilter) GetArg0() *google_protobuf1.UInt64Value
func (*SyscallEventFilter) GetArg1 ¶
func (m *SyscallEventFilter) GetArg1() *google_protobuf1.UInt64Value
func (*SyscallEventFilter) GetArg2 ¶
func (m *SyscallEventFilter) GetArg2() *google_protobuf1.UInt64Value
func (*SyscallEventFilter) GetArg3 ¶
func (m *SyscallEventFilter) GetArg3() *google_protobuf1.UInt64Value
func (*SyscallEventFilter) GetArg4 ¶
func (m *SyscallEventFilter) GetArg4() *google_protobuf1.UInt64Value
func (*SyscallEventFilter) GetArg5 ¶
func (m *SyscallEventFilter) GetArg5() *google_protobuf1.UInt64Value
func (*SyscallEventFilter) GetFilterExpression ¶
func (m *SyscallEventFilter) GetFilterExpression() *Expression
func (*SyscallEventFilter) GetId ¶
func (m *SyscallEventFilter) GetId() *google_protobuf1.Int64Value
func (*SyscallEventFilter) GetRet ¶
func (m *SyscallEventFilter) GetRet() *google_protobuf1.Int64Value
func (*SyscallEventFilter) GetType ¶
func (m *SyscallEventFilter) GetType() SyscallEventType
func (*SyscallEventFilter) ProtoMessage ¶
func (*SyscallEventFilter) ProtoMessage()
func (*SyscallEventFilter) Reset ¶
func (m *SyscallEventFilter) Reset()
func (*SyscallEventFilter) String ¶
func (m *SyscallEventFilter) String() string
type SyscallEventType ¶
type SyscallEventType int32
Possible SyscallEvent types
const ( // The type of event is unknown SyscallEventType_SYSCALL_EVENT_TYPE_UNKNOWN SyscallEventType = 0 // The event is a syscall enter event SyscallEventType_SYSCALL_EVENT_TYPE_ENTER SyscallEventType = 1 // The event is a syscall exit event SyscallEventType_SYSCALL_EVENT_TYPE_EXIT SyscallEventType = 2 )
func (SyscallEventType) EnumDescriptor ¶
func (SyscallEventType) EnumDescriptor() ([]byte, []int)
func (SyscallEventType) String ¶
func (x SyscallEventType) String() string
type TelemetryEvent ¶
type TelemetryEvent struct { // Unique identifier for the event Id string `protobuf:"bytes,1,opt,name=id" json:"id,omitempty"` // Unique process identifier associated with the event to differentiate // reused values of the pid below. ProcessId string `protobuf:"bytes,2,opt,name=process_id,json=processId" json:"process_id,omitempty"` // Kernel's PID of the task associated with the event. This // corresponds the userland's TID. ProcessPid int32 `protobuf:"varint,3,opt,name=process_pid,json=processPid" json:"process_pid,omitempty"` // Container identifier associated with the event ContainerId string `protobuf:"bytes,4,opt,name=container_id,json=containerId" json:"container_id,omitempty"` // Sensor identifier of the sensor instance that observed the event SensorId string `protobuf:"bytes,5,opt,name=sensor_id,json=sensorId" json:"sensor_id,omitempty"` // Sequence number from some unspecified starting point unique // to the Sensor. Provides a strict linear ordering of events with // the same sensor_id where no two events can have the same sequence // number. If it is present, it must be greater than zero. A zero // value indicates that there is no sequence number associated with // the event. SensorSequenceNumber uint64 `protobuf:"varint,6,opt,name=sensor_sequence_number,json=sensorSequenceNumber" json:"sensor_sequence_number,omitempty"` // Monotonic nanosecond timestamp from some unspecified starting // point unique to the Sensor. Can only be used to calculate time // intervals between events with the same sensor_id. SensorMonotimeNanos int64 `protobuf:"varint,7,opt,name=sensor_monotime_nanos,json=sensorMonotimeNanos" json:"sensor_monotime_nanos,omitempty"` // Process Lineage contains one process context for each process in the // hierarchy, starting with the current process, up to the root of the // process namespace. ProcessLineage []*Process `protobuf:"bytes,8,rep,name=process_lineage,json=processLineage" json:"process_lineage,omitempty"` // Name of container associated with the event ContainerName string `protobuf:"bytes,30,opt,name=container_name,json=containerName" json:"container_name,omitempty"` // Unique identifier of the container image ImageId string `protobuf:"bytes,31,opt,name=image_id,json=imageId" json:"image_id,omitempty"` // // Name of the container image (i.e. "busybox" or // "gcr.io/google_containers/nginx-ingress-controller") // ImageName string `protobuf:"bytes,32,opt,name=image_name,json=imageName" json:"image_name,omitempty"` // Types that are valid to be assigned to Event: // *TelemetryEvent_Syscall // *TelemetryEvent_Process // *TelemetryEvent_File // *TelemetryEvent_KernelCall // *TelemetryEvent_Network // *TelemetryEvent_Container // *TelemetryEvent_Chargen // *TelemetryEvent_Ticker Event isTelemetryEvent_Event `protobuf_oneof:"event"` // CPU on which the event occurred Cpu int32 `protobuf:"varint,201,opt,name=cpu" json:"cpu,omitempty"` // Credentials for the process associated with the event Credentials *Credentials `protobuf:"bytes,202,opt,name=credentials" json:"credentials,omitempty"` // Kernel's TGID of the task associated with the event. This // corresponds the userland's PID. ProcessTgid int32 `protobuf:"varint,203,opt,name=process_tgid,json=processTgid" json:"process_tgid,omitempty"` }
An event observed by the Sensor.
func (*TelemetryEvent) Descriptor ¶
func (*TelemetryEvent) Descriptor() ([]byte, []int)
func (*TelemetryEvent) GetChargen ¶
func (m *TelemetryEvent) GetChargen() *ChargenEvent
func (*TelemetryEvent) GetContainer ¶
func (m *TelemetryEvent) GetContainer() *ContainerEvent
func (*TelemetryEvent) GetContainerId ¶
func (m *TelemetryEvent) GetContainerId() string
func (*TelemetryEvent) GetContainerName ¶
func (m *TelemetryEvent) GetContainerName() string
func (*TelemetryEvent) GetCpu ¶
func (m *TelemetryEvent) GetCpu() int32
func (*TelemetryEvent) GetCredentials ¶
func (m *TelemetryEvent) GetCredentials() *Credentials
func (*TelemetryEvent) GetEvent ¶
func (m *TelemetryEvent) GetEvent() isTelemetryEvent_Event
func (*TelemetryEvent) GetFile ¶
func (m *TelemetryEvent) GetFile() *FileEvent
func (*TelemetryEvent) GetId ¶
func (m *TelemetryEvent) GetId() string
func (*TelemetryEvent) GetImageId ¶
func (m *TelemetryEvent) GetImageId() string
func (*TelemetryEvent) GetImageName ¶
func (m *TelemetryEvent) GetImageName() string
func (*TelemetryEvent) GetKernelCall ¶
func (m *TelemetryEvent) GetKernelCall() *KernelFunctionCallEvent
func (*TelemetryEvent) GetNetwork ¶
func (m *TelemetryEvent) GetNetwork() *NetworkEvent
func (*TelemetryEvent) GetProcess ¶
func (m *TelemetryEvent) GetProcess() *ProcessEvent
func (*TelemetryEvent) GetProcessId ¶
func (m *TelemetryEvent) GetProcessId() string
func (*TelemetryEvent) GetProcessLineage ¶
func (m *TelemetryEvent) GetProcessLineage() []*Process
func (*TelemetryEvent) GetProcessPid ¶
func (m *TelemetryEvent) GetProcessPid() int32
func (*TelemetryEvent) GetProcessTgid ¶
func (m *TelemetryEvent) GetProcessTgid() int32
func (*TelemetryEvent) GetSensorId ¶
func (m *TelemetryEvent) GetSensorId() string
func (*TelemetryEvent) GetSensorMonotimeNanos ¶
func (m *TelemetryEvent) GetSensorMonotimeNanos() int64
func (*TelemetryEvent) GetSensorSequenceNumber ¶
func (m *TelemetryEvent) GetSensorSequenceNumber() uint64
func (*TelemetryEvent) GetSyscall ¶
func (m *TelemetryEvent) GetSyscall() *SyscallEvent
func (*TelemetryEvent) GetTicker ¶
func (m *TelemetryEvent) GetTicker() *TickerEvent
func (*TelemetryEvent) ProtoMessage ¶
func (*TelemetryEvent) ProtoMessage()
func (*TelemetryEvent) Reset ¶
func (m *TelemetryEvent) Reset()
func (*TelemetryEvent) String ¶
func (m *TelemetryEvent) String() string
func (*TelemetryEvent) XXX_OneofFuncs ¶
func (*TelemetryEvent) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})
XXX_OneofFuncs is for the internal use of the proto package.
type TelemetryEvent_Chargen ¶
type TelemetryEvent_Chargen struct {
Chargen *ChargenEvent `protobuf:"bytes,100,opt,name=chargen,oneof"`
}
type TelemetryEvent_Container ¶
type TelemetryEvent_Container struct {
Container *ContainerEvent `protobuf:"bytes,20,opt,name=container,oneof"`
}
type TelemetryEvent_File ¶
type TelemetryEvent_File struct {
File *FileEvent `protobuf:"bytes,12,opt,name=file,oneof"`
}
type TelemetryEvent_KernelCall ¶
type TelemetryEvent_KernelCall struct {
KernelCall *KernelFunctionCallEvent `protobuf:"bytes,13,opt,name=kernel_call,json=kernelCall,oneof"`
}
type TelemetryEvent_Network ¶
type TelemetryEvent_Network struct {
Network *NetworkEvent `protobuf:"bytes,14,opt,name=network,oneof"`
}
type TelemetryEvent_Process ¶
type TelemetryEvent_Process struct {
Process *ProcessEvent `protobuf:"bytes,11,opt,name=process,oneof"`
}
type TelemetryEvent_Syscall ¶
type TelemetryEvent_Syscall struct {
Syscall *SyscallEvent `protobuf:"bytes,10,opt,name=syscall,oneof"`
}
type TelemetryEvent_Ticker ¶
type TelemetryEvent_Ticker struct {
Ticker *TickerEvent `protobuf:"bytes,101,opt,name=ticker,oneof"`
}
type TelemetryServiceClient ¶
type TelemetryServiceClient interface { // Opens a new stream of telemetry events GetEvents(ctx context.Context, in *GetEventsRequest, opts ...grpc.CallOption) (TelemetryService_GetEventsClient, error) }
func NewTelemetryServiceClient ¶
func NewTelemetryServiceClient(cc *grpc.ClientConn) TelemetryServiceClient
type TelemetryServiceServer ¶
type TelemetryServiceServer interface { // Opens a new stream of telemetry events GetEvents(*GetEventsRequest, TelemetryService_GetEventsServer) error }
type TelemetryService_GetEventsClient ¶
type TelemetryService_GetEventsClient interface { Recv() (*GetEventsResponse, error) grpc.ClientStream }
type TelemetryService_GetEventsServer ¶
type TelemetryService_GetEventsServer interface { Send(*GetEventsResponse) error grpc.ServerStream }
type ThrottleModifier ¶
type ThrottleModifier struct { // Required; the interval to use Interval int64 `protobuf:"varint,1,opt,name=interval" json:"interval,omitempty"` // Required; the intreval type (milliseconds, seconds, etc.) IntervalType ThrottleModifier_IntervalType `` /* 142-byte string literal not displayed */ }
The ThrottleModifier modulates events sent by the Sensor to one per time interval specified.
func (*ThrottleModifier) Descriptor ¶
func (*ThrottleModifier) Descriptor() ([]byte, []int)
func (*ThrottleModifier) GetInterval ¶
func (m *ThrottleModifier) GetInterval() int64
func (*ThrottleModifier) GetIntervalType ¶
func (m *ThrottleModifier) GetIntervalType() ThrottleModifier_IntervalType
func (*ThrottleModifier) ProtoMessage ¶
func (*ThrottleModifier) ProtoMessage()
func (*ThrottleModifier) Reset ¶
func (m *ThrottleModifier) Reset()
func (*ThrottleModifier) String ¶
func (m *ThrottleModifier) String() string
type ThrottleModifier_IntervalType ¶
type ThrottleModifier_IntervalType int32
Possible interval types
const ( // milliseconds ThrottleModifier_MILLISECOND ThrottleModifier_IntervalType = 0 // seconds ThrottleModifier_SECOND ThrottleModifier_IntervalType = 1 // minutes ThrottleModifier_MINUTE ThrottleModifier_IntervalType = 2 // hours ThrottleModifier_HOUR ThrottleModifier_IntervalType = 3 )
func (ThrottleModifier_IntervalType) EnumDescriptor ¶
func (ThrottleModifier_IntervalType) EnumDescriptor() ([]byte, []int)
func (ThrottleModifier_IntervalType) String ¶
func (x ThrottleModifier_IntervalType) String() string
type TickerEvent ¶
type TickerEvent struct { // The number of seconds elapsed since January 1, 1970 UTC. // // https://golang.org/pkg/time/#Time.Unix Seconds int64 `protobuf:"varint,1,opt,name=seconds" json:"seconds,omitempty"` // The number of nanoseconds elapsed since January 1, 1970 UTC // // https://golang.org/pkg/time/#Time.UnixNano Nanoseconds int64 `protobuf:"varint,2,opt,name=nanoseconds" json:"nanoseconds,omitempty"` }
func (*TickerEvent) Descriptor ¶
func (*TickerEvent) Descriptor() ([]byte, []int)
func (*TickerEvent) GetNanoseconds ¶
func (m *TickerEvent) GetNanoseconds() int64
func (*TickerEvent) GetSeconds ¶
func (m *TickerEvent) GetSeconds() int64
func (*TickerEvent) ProtoMessage ¶
func (*TickerEvent) ProtoMessage()
func (*TickerEvent) Reset ¶
func (m *TickerEvent) Reset()
func (*TickerEvent) String ¶
func (m *TickerEvent) String() string
type TickerEventFilter ¶
type TickerEventFilter struct { // Required; the interval at which ticker events are generated Interval int64 `protobuf:"varint,1,opt,name=interval" json:"interval,omitempty"` }
The TickerEventFilter configures a ticker stream generator and includes events from it in the Subscription.
func (*TickerEventFilter) Descriptor ¶
func (*TickerEventFilter) Descriptor() ([]byte, []int)
func (*TickerEventFilter) GetInterval ¶
func (m *TickerEventFilter) GetInterval() int64
func (*TickerEventFilter) ProtoMessage ¶
func (*TickerEventFilter) ProtoMessage()
func (*TickerEventFilter) Reset ¶
func (m *TickerEventFilter) Reset()
func (*TickerEventFilter) String ¶
func (m *TickerEventFilter) String() string
type Value ¶
type Value struct { Type ValueType `protobuf:"varint,1,opt,name=type,enum=capsule8.api.v0.ValueType" json:"type,omitempty"` // Types that are valid to be assigned to Value: // *Value_SignedValue // *Value_UnsignedValue // *Value_StringValue // *Value_BoolValue // *Value_DoubleValue // *Value_TimestampValue Value isValue_Value `protobuf_oneof:"value"` }
func (*Value) Descriptor ¶
func (*Value) GetBoolValue ¶
func (*Value) GetDoubleValue ¶
func (*Value) GetSignedValue ¶
func (*Value) GetStringValue ¶
func (*Value) GetTimestampValue ¶
func (m *Value) GetTimestampValue() *google_protobuf.Timestamp
func (*Value) GetUnsignedValue ¶
func (*Value) ProtoMessage ¶
func (*Value) ProtoMessage()
type ValueType ¶
type ValueType int32
const ( ValueType_VALUETYPE_UNSPECIFIED ValueType = 0 ValueType_STRING ValueType = 1 ValueType_SINT8 ValueType = 2 ValueType_SINT16 ValueType = 3 ValueType_SINT32 ValueType = 4 ValueType_SINT64 ValueType = 5 ValueType_UINT8 ValueType = 6 ValueType_UINT16 ValueType = 7 ValueType_UINT32 ValueType = 8 ValueType_UINT64 ValueType = 9 ValueType_BOOL ValueType = 10 ValueType_DOUBLE ValueType = 11 ValueType_TIMESTAMP ValueType = 12 )
func (ValueType) EnumDescriptor ¶
type Value_BoolValue ¶
type Value_BoolValue struct {
BoolValue bool `protobuf:"varint,13,opt,name=bool_value,json=boolValue,oneof"`
}
type Value_DoubleValue ¶
type Value_DoubleValue struct {
DoubleValue float64 `protobuf:"fixed64,14,opt,name=double_value,json=doubleValue,oneof"`
}
type Value_SignedValue ¶
type Value_SignedValue struct {
SignedValue int64 `protobuf:"zigzag64,10,opt,name=signed_value,json=signedValue,oneof"`
}
type Value_StringValue ¶
type Value_StringValue struct {
StringValue string `protobuf:"bytes,12,opt,name=string_value,json=stringValue,oneof"`
}
type Value_TimestampValue ¶
type Value_TimestampValue struct {
TimestampValue *google_protobuf.Timestamp `protobuf:"bytes,15,opt,name=timestamp_value,json=timestampValue,oneof"`
}
type Value_UnsignedValue ¶
type Value_UnsignedValue struct {
UnsignedValue uint64 `protobuf:"varint,11,opt,name=unsigned_value,json=unsignedValue,oneof"`
}