Documentation
¶
Index ¶
- Constants
- func LoadS3(file string) (types.S3Configuration, error)
- type ElasticConfiguration
- type GraylogConfiguration
- type GraylogMessage
- type KinesisConfiguration
- type LoggerDB
- func (logDB *LoggerDB) CleanQueryLogs(entries int64) error
- func (logDB *LoggerDB) CleanResultLogs(environment string, seconds int64) error
- func (logDB *LoggerDB) CleanStatusLogs(environment string, seconds int64) error
- func (logDB *LoggerDB) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) Query(data []byte, environment, uuid, name string, status int, debug bool)
- func (logDB *LoggerDB) QueryLogs(name string) ([]OsqueryQueryData, error)
- func (logDB *LoggerDB) Result(data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) ResultLogs(uuid, environment string, seconds int64) ([]OsqueryResultData, error)
- func (logDB *LoggerDB) ResultLogsLimit(uuid, environment string, limit int) ([]OsqueryResultData, error)
- func (logDB *LoggerDB) Settings(mgr *settings.Settings)
- func (logDB *LoggerDB) Status(data []byte, environment, uuid string, debug bool)
- func (logDB *LoggerDB) StatusLogs(uuid, environment string, seconds int64) ([]OsqueryStatusData, error)
- func (logDB *LoggerDB) StatusLogsLimit(uuid, environment string, limit int) ([]OsqueryStatusData, error)
- type LoggerElastic
- type LoggerFile
- func (logFile *LoggerFile) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (logFile *LoggerFile) Query(data []byte, environment, uuid, name string, status int, debug bool)
- func (logFile *LoggerFile) Result(data []byte, environment, uuid string, debug bool)
- func (logFile *LoggerFile) Settings(mgr *settings.Settings)
- func (logFile *LoggerFile) Status(data []byte, environment, uuid string, debug bool)
- type LoggerGraylog
- type LoggerKafka
- type LoggerKinesis
- type LoggerLogstash
- func (logLS *LoggerLogstash) SendHTTP(logType string, data []byte, environment, uuid string, debug bool)
- func (logLS *LoggerLogstash) SendTCP(logType string, data []byte, environment, uuid string, debug bool)
- func (logLS *LoggerLogstash) SendUDP(logType string, data []byte, environment, uuid string, debug bool)
- func (logLS *LoggerLogstash) Settings(mgr *settings.Settings)
- type LoggerNone
- func (logNone *LoggerNone) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (logNone *LoggerNone) Query(data []byte, environment, uuid, name string, status int, debug bool)
- func (logNone *LoggerNone) Result(data []byte, environment, uuid string, debug bool)
- func (logNone *LoggerNone) Settings(mgr *settings.Settings)
- func (logNone *LoggerNone) Status(data []byte, environment, uuid string, debug bool)
- type LoggerS3
- type LoggerSplunk
- type LoggerStdout
- func (logStdout *LoggerStdout) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (logStdout *LoggerStdout) Query(data []byte, environment, uuid, name string, status int, debug bool)
- func (logStdout *LoggerStdout) Result(data []byte, environment, uuid string, debug bool)
- func (logStdout *LoggerStdout) Settings(mgr *settings.Settings)
- func (logStdout *LoggerStdout) Status(data []byte, environment, uuid string, debug bool)
- type LoggerTLS
- func (l *LoggerTLS) DispatchLogs(data []byte, uuid, logType, environment string, metadata nodes.NodeMetadata, ...)
- func (l *LoggerTLS) DispatchQueries(queryData types.QueryWriteData, node nodes.OsqueryNode, debug bool)
- func (logTLS *LoggerTLS) Log(logType string, data []byte, environment, uuid string, debug bool)
- func (l *LoggerTLS) ProcessLogQueryResult(queriesWrite types.QueryWriteRequest, envid uint, debug bool)
- func (l *LoggerTLS) ProcessLogs(data json.RawMessage, logType, environment, ipaddress string, dataLen int, ...)
- func (logTLS *LoggerTLS) QueryLog(logType string, data []byte, environment, uuid, name string, status int, ...)
- type LogstashConfiguration
- type LogstashMessage
- type LumberjackConfig
- type OsqueryQueryData
- type OsqueryResultData
- type OsqueryStatusData
- type SlunkConfiguration
- type SplunkMessage
Constants ¶
const ( // GraylogVersion - GELF spec version GraylogVersion = "1.1" // GraylogLevel - Log Level (informational) GraylogLevel = 6 // GraylogMethod - Method to send GraylogMethod = "POST" )
const ( // LogstashTCP for TCP inputs LogstashTCP = "tcp" // LogstashUDP for UDP inputs LogstashUDP = "udp" // LogstashHTTP for HTTP inputs LogstashHTTP = "http" )
const ( // LogstashMethod Method to send requests LogstashMethod = "POST" // LogstashContentType Content Type for requests LogstashContentType = "application/json" // LogstashConnStr Connection string for Logstash LogstashConnStr = "%s:%s" )
const ( // SplunkMethod Method to send requests SplunkMethod = "POST" // SplunkContentType Content Type for requests SplunkContentType = "application/json" )
const ( // NotReturned - Value not returned from agent NotReturned = "not returned" // Mismatched - Value mismatched in log entries Mismatched = "mismatched" )
const (
// DefaultFileLog file to store logs
DefaultFileLog = "osctrl.log"
)
Variables ¶
This section is empty.
Functions ¶
Types ¶
type ElasticConfiguration ¶
type ElasticConfiguration struct { Host string `json:"host"` Port string `json:"port"` IndexPrefix string `json:"indexPrefix"` DateSeparator string `json:"dateSeparator"` // Expected is . for YYYY.MM.DD IndexSeparator string `json:"indexSeparator"` // Expected is - for prefix-YYYY.MM.DD }
ElasticConfiguration to hold all elastic configuration values
func LoadElastic ¶
func LoadElastic(file string) (ElasticConfiguration, error)
LoadElastic - Function to load the Elastic configuration from JSON file
type GraylogConfiguration ¶
type GraylogConfiguration struct { URL string `json:"url"` Host string `json:"host"` Queries string `json:"queries"` Status string `json:"status"` Results string `json:"results"` }
GraylogConfiguration to hold all graylog configuration values
func LoadGraylog ¶
func LoadGraylog(file string) (GraylogConfiguration, error)
LoadGraylog - Function to load the Graylog configuration from JSON file
type GraylogMessage ¶
type GraylogMessage struct { Version string `json:"version"` Host string `json:"host"` ShortMessage string `json:"short_message"` Timestamp int64 `json:"timestamp"` Level uint `json:"level"` Environment string `json:"_environment"` Type string `json:"_type"` UUID string `json:"_uuid"` }
GraylogMessage to handle log format to be sent to Graylog
type KinesisConfiguration ¶
type KinesisConfiguration struct { Stream string `json:"stream"` Region string `json:"region"` Endpoint string `json:"endpoint"` AccessKeyID string `json:"access_key"` SecretAccessKey string `json:"secret_key"` SessionToken string `json:"session_token"` }
KinesisConfiguration to hold all Kinesis configuration values
func LoadKinesis ¶
func LoadKinesis(file string) (KinesisConfiguration, error)
LoadKinesis - Function to load the Kinesis configuration from JSON file
type LoggerDB ¶
LoggerDB will be used to log data using a database
func CreateLoggerDB ¶
CreateLoggerDB to initialize the logger without reading a config file
func CreateLoggerDBConfig ¶
func CreateLoggerDBConfig(dbConfig backend.JSONConfigurationDB) (*LoggerDB, error)
CreateLoggerDB to initialize the logger without reading a config file
func CreateLoggerDBFile ¶
CreateLoggerDB to initialize the logger
func (*LoggerDB) CleanQueryLogs ¶
CleanQueryLogs will delete old query logs
func (*LoggerDB) CleanResultLogs ¶
CleanResultLogs will delete old status logs
func (*LoggerDB) CleanStatusLogs ¶
CleanStatusLogs will delete old status logs
func (*LoggerDB) QueryLogs ¶
func (logDB *LoggerDB) QueryLogs(name string) ([]OsqueryQueryData, error)
QueryLogs will retrieve all query logs
func (*LoggerDB) ResultLogs ¶
func (logDB *LoggerDB) ResultLogs(uuid, environment string, seconds int64) ([]OsqueryResultData, error)
ResultLogs will retrieve all result logs
func (*LoggerDB) ResultLogsLimit ¶
func (logDB *LoggerDB) ResultLogsLimit(uuid, environment string, limit int) ([]OsqueryResultData, error)
ResultLogsLimit will retrieve a limited number of result logs
func (*LoggerDB) StatusLogs ¶
func (logDB *LoggerDB) StatusLogs(uuid, environment string, seconds int64) ([]OsqueryStatusData, error)
StatusLogs will retrieve all status logs
func (*LoggerDB) StatusLogsLimit ¶
func (logDB *LoggerDB) StatusLogsLimit(uuid, environment string, limit int) ([]OsqueryStatusData, error)
StatusLogsLimit will retrieve a limited number of status logs
type LoggerElastic ¶
type LoggerElastic struct { Configuration ElasticConfiguration Enabled bool Client *elasticsearch.Client }
LoggerElastic will be used to log data using Elastic
func CreateLoggerElastic ¶
func CreateLoggerElastic(elasticFile string) (*LoggerElastic, error)
CreateLoggerElastic to initialize the logger
func (*LoggerElastic) IndexName ¶
func (logE *LoggerElastic) IndexName() string
IndexName - Function to return the index name
func (*LoggerElastic) Send ¶
func (logE *LoggerElastic) Send(logType string, data []byte, environment, uuid string, debug bool)
Send - Function that sends JSON logs to Elastic
func (*LoggerElastic) Settings ¶
func (logE *LoggerElastic) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerFile ¶
LoggerFile will be used to log data using external file
func CreateLoggerFile ¶
func CreateLoggerFile(filename string, cfg LumberjackConfig) (*LoggerFile, error)
CreateLoggerFile to initialize the logger
func (*LoggerFile) Log ¶
func (logFile *LoggerFile) Log(logType string, data []byte, environment, uuid string, debug bool)
Log - Function that sends JSON result/status/query logs to stdout
func (*LoggerFile) Query ¶
func (logFile *LoggerFile) Query(data []byte, environment, uuid, name string, status int, debug bool)
Query - Function that sends JSON query logs to stdout
func (*LoggerFile) Result ¶
func (logFile *LoggerFile) Result(data []byte, environment, uuid string, debug bool)
Result - Function that sends JSON result logs to stdout
func (*LoggerFile) Settings ¶
func (logFile *LoggerFile) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerGraylog ¶
type LoggerGraylog struct { Configuration GraylogConfiguration Headers map[string]string Enabled bool }
LoggerGraylog will be used to log data using Graylog
func CreateLoggerGraylog ¶
func CreateLoggerGraylog(graylogFile string) (*LoggerGraylog, error)
CreateLoggerGraylog to initialize the logger
func (*LoggerGraylog) Send ¶
func (logGL *LoggerGraylog) Send(logType string, data []byte, environment, uuid string, debug bool)
Send - Function that sends JSON logs to Graylog
func (*LoggerGraylog) Settings ¶
func (logGL *LoggerGraylog) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerKafka ¶
type LoggerKafka struct { Enabled bool // contains filtered or unexported fields }
func CreateLoggerKafka ¶
func CreateLoggerKafka(config types.KafkaConfiguration) (*LoggerKafka, error)
func (*LoggerKafka) Send ¶
func (l *LoggerKafka) Send(logType string, data []byte, environment, uuid string, debug bool)
func (*LoggerKafka) Settings ¶
func (l *LoggerKafka) Settings(mgr *settings.Settings)
type LoggerKinesis ¶
type LoggerKinesis struct { Configuration KinesisConfiguration KinesisClient *kinesis.Kinesis Enabled bool }
LoggerKinesis will be used to log data using Kinesis
func CreateLoggerKinesis ¶
func CreateLoggerKinesis(kinesisFile string) (*LoggerKinesis, error)
CreateLoggerKinesis to initialize the logger
func (*LoggerKinesis) Send ¶
func (logSK *LoggerKinesis) Send(logType string, data []byte, environment, uuid string, debug bool)
Send - Function that sends JSON logs to Splunk HTTP Event Collector
func (*LoggerKinesis) Settings ¶
func (logSK *LoggerKinesis) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerLogstash ¶
type LoggerLogstash struct { Configuration LogstashConfiguration Headers map[string]string Enabled bool }
LoggerLogstash will be used to log data using Logstash
func CreateLoggerLogstash ¶
func CreateLoggerLogstash(logstashFile string) (*LoggerLogstash, error)
CreateLoggerLogstash to initialize the logger
func (*LoggerLogstash) SendHTTP ¶
func (logLS *LoggerLogstash) SendHTTP(logType string, data []byte, environment, uuid string, debug bool)
SendHTTP - Function that sends JSON logs to Logstash via HTTP
func (*LoggerLogstash) SendTCP ¶
func (logLS *LoggerLogstash) SendTCP(logType string, data []byte, environment, uuid string, debug bool)
SendTCP - Function that sends data to Logstash via TCP
func (*LoggerLogstash) SendUDP ¶
func (logLS *LoggerLogstash) SendUDP(logType string, data []byte, environment, uuid string, debug bool)
SendUDP - Function that sends data to Logstash via UDP
func (*LoggerLogstash) Settings ¶
func (logLS *LoggerLogstash) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerNone ¶
type LoggerNone struct {
Enabled bool
}
LoggerNone will be used to not log any data
func CreateLoggerNone ¶
func CreateLoggerNone() (*LoggerNone, error)
CreateLoggerNone to initialize the logger
func (*LoggerNone) Log ¶
func (logNone *LoggerNone) Log(logType string, data []byte, environment, uuid string, debug bool)
Log - Function that sends JSON result/status/query logs to stdout
func (*LoggerNone) Query ¶
func (logNone *LoggerNone) Query(data []byte, environment, uuid, name string, status int, debug bool)
Query - Function that sends JSON query logs to stdout
func (*LoggerNone) Result ¶
func (logNone *LoggerNone) Result(data []byte, environment, uuid string, debug bool)
Result - Function that sends JSON result logs to stdout
func (*LoggerNone) Settings ¶
func (logNone *LoggerNone) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerS3 ¶
type LoggerS3 struct { S3Config types.S3Configuration AWSConfig aws.Config Client *s3.Client Uploader *manager.Uploader Enabled bool Debug bool }
LoggerS3 will be used to log data using S3
func CreateLoggerS3 ¶
func CreateLoggerS3(s3Config types.S3Configuration) (*LoggerS3, error)
CreateLoggerS3 to initialize the logger
func CreateLoggerS3File ¶
CreateLoggerS3File to initialize the logger with a filename
type LoggerSplunk ¶
type LoggerSplunk struct { Configuration SlunkConfiguration Headers map[string]string Enabled bool }
LoggerSplunk will be used to log data using Splunk
func CreateLoggerSplunk ¶
func CreateLoggerSplunk(splunkFile string) (*LoggerSplunk, error)
CreateLoggerSplunk to initialize the logger
func (*LoggerSplunk) Send ¶
func (logSP *LoggerSplunk) Send(logType string, data []byte, environment, uuid string, debug bool)
Send - Function that sends JSON logs to Splunk HTTP Event Collector
func (*LoggerSplunk) Settings ¶
func (logSP *LoggerSplunk) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerStdout ¶
type LoggerStdout struct {
Enabled bool
}
LoggerStdout will be used to log data using stdout
func CreateLoggerStdout ¶
func CreateLoggerStdout() (*LoggerStdout, error)
CreateLoggerStdout to initialize the logger
func (*LoggerStdout) Log ¶
func (logStdout *LoggerStdout) Log(logType string, data []byte, environment, uuid string, debug bool)
Log - Function that sends JSON result/status/query logs to stdout
func (*LoggerStdout) Query ¶
func (logStdout *LoggerStdout) Query(data []byte, environment, uuid, name string, status int, debug bool)
Query - Function that sends JSON query logs to stdout
func (*LoggerStdout) Result ¶
func (logStdout *LoggerStdout) Result(data []byte, environment, uuid string, debug bool)
Result - Function that sends JSON result logs to stdout
func (*LoggerStdout) Settings ¶
func (logStdout *LoggerStdout) Settings(mgr *settings.Settings)
Settings - Function to prepare settings for the logger
type LoggerTLS ¶
type LoggerTLS struct { Logging string Logger interface{} AlwaysLogger *LoggerDB Nodes *nodes.NodeManager Queries *queries.Queries }
LoggerTLS will be used to handle logging for the TLS endpoint
func CreateLoggerTLS ¶
func CreateLoggerTLS(logging, loggingFile string, s3Conf types.S3Configuration, kafkaConf types.KafkaConfiguration, loggerSame, alwaysLog bool, dbConf backend.JSONConfigurationDB, mgr *settings.Settings, nodes *nodes.NodeManager, queries *queries.Queries) (*LoggerTLS, error)
CreateLoggerTLS to instantiate a new logger for the TLS endpoint
func (*LoggerTLS) DispatchLogs ¶
func (l *LoggerTLS) DispatchLogs(data []byte, uuid, logType, environment string, metadata nodes.NodeMetadata, debug bool)
DispatchLogs - Helper to dispatch logs
func (*LoggerTLS) DispatchQueries ¶
func (l *LoggerTLS) DispatchQueries(queryData types.QueryWriteData, node nodes.OsqueryNode, debug bool)
DispatchQueries - Helper to dispatch queries
func (*LoggerTLS) ProcessLogQueryResult ¶
func (l *LoggerTLS) ProcessLogQueryResult(queriesWrite types.QueryWriteRequest, envid uint, debug bool)
ProcessLogQueryResult - Helper to process on-demand query result logs
func (*LoggerTLS) ProcessLogs ¶
func (l *LoggerTLS) ProcessLogs(data json.RawMessage, logType, environment, ipaddress string, dataLen int, debug bool)
ProcessLogs - Helper to process logs
type LogstashConfiguration ¶
type LogstashConfiguration struct { Host string `json:"host"` Port string `json:"port"` Protocol string `json:"protocol"` Path string `json:"path"` }
LogstashConfiguration to hold all logstash configuration values
func LoadLogstash ¶
func LoadLogstash(file string) (LogstashConfiguration, error)
LoadLogstash - Function to load the Logstash configuration from JSON file
type LogstashMessage ¶
type LogstashMessage struct { Time int64 `json:"time"` LogType string `json:"log_type"` UUID string `json:"uuid"` Environment string `json:"environment"` Data interface{} `json:"data"` }
LogstashMessage to handle log format to be sent to Logstash
type LumberjackConfig ¶
type LumberjackConfig struct { // Maximum size in megabytes of the log file before it gets rotated MaxSize int // Maximum number of old log files to retain MaxBackups int // Maximum number of days to retain old log files based on the timestamp encoded in their filename MaxAge int // If the rotated log files should be compressed using gzip Compress bool }
LumberjackConfig to keep configuration for rotating logs
type OsqueryQueryData ¶
type OsqueryQueryData struct { gorm.Model UUID string `gorm:"index"` Environment string Name string Data string Status int }
OsqueryQueryData to log query data to database
type OsqueryResultData ¶
type OsqueryResultData struct { gorm.Model UUID string `gorm:"index"` Environment string Name string Action string Epoch int64 Columns string Counter int }
OsqueryResultData to log result data to database
type OsqueryStatusData ¶
type OsqueryStatusData struct { gorm.Model UUID string `gorm:"index"` Environment string Line string Message string Version string Filename string Severity string }
OsqueryStatusData to log status data to database
type SlunkConfiguration ¶
type SlunkConfiguration struct { URL string `json:"url"` Token string `json:"token"` Host string `json:"host"` Index string `json:"index"` }
SlunkConfiguration to hold all splunk configuration values
func LoadSplunk ¶
func LoadSplunk(file string) (SlunkConfiguration, error)
LoadSplunk - Function to load the Splunk configuration from JSON file