tablehelpers

package
v0.11.24 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 14, 2022 License: MIT Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Exec added in v0.11.20 

func Exec(ctx context.Context, logger log.Logger, timeoutSeconds int, possibleBins []string, args []string) ([]byte, error)

Exec is a wrapper over exec.CommandContext. It does a couple of additional things to help with table usage:

  1. It enforces a timeout.
  2. Second, it accepts an array of possible binaries locations, and if something is not found, it will go down the list.
  3. It moves the stderr into the return error, if needed.

This is not suitable for high performance work -- it allocates new buffers each time.

func ExecOsqueryLaunchctl added in v0.11.22 

func ExecOsqueryLaunchctl(ctx context.Context, logger log.Logger, timeoutSeconds int, username string, osqueryPath string, query string) ([]byte, error)

ExecOsqueryLaunchctl runs osquery under launchctl, in a user context.

func ExecOsqueryLaunchctlParsed added in v0.11.22 

func ExecOsqueryLaunchctlParsed(ctx context.Context, logger log.Logger, timeoutSeconds int, username string, osqueryPath string, query string) ([]map[string]string, error)

func GetConstraints added in v0.11.12 

func GetConstraints(queryContext table.QueryContext, columnName string, opts ...GetConstraintOpts) []string

GetConstraints returns a []string of the constraint expressions on a column. It's meant for the common, simple, usecase of iterating over them.

func MockQueryContext 

func MockQueryContext(constraints map[string][]string) table.QueryContext

func StanzaSplitter added in v0.11.18 

func StanzaSplitter(data []byte, atEOF bool) (int, []byte, error)

StanzaSplitter implements the bufio.SplitFunc type, when used as the Split function for a bufio.Scanner, it will return chunks of bytes separated by an empty newline, e.g. \n\n or \r\n\r\n.

Types

type GetConstraintOpts added in v0.11.12 

type GetConstraintOpts func(*constraintOptions)

func WithAllowedCharacters added in v0.11.12 

func WithAllowedCharacters(allowed string) GetConstraintOpts

func WithAllowedValues added in v0.11.18 

func WithAllowedValues(allowed []string) GetConstraintOpts

func WithDefaults added in v0.11.12 

func WithDefaults(defaults ...string) GetConstraintOpts

WithDefaults sets the defaults to use if no constraints were specified. Note that this does not apply if there were constraints, which were invalidated.

func WithLogger added in v0.11.12 

func WithLogger(logger log.Logger) GetConstraintOpts

WithLogger sets the logger to use

type Matcher added in v0.11.18 

type Matcher struct {
	Match   func(string) bool
	KeyFunc func(string) (string, error)
	ValFunc func(string) (string, error)
}

type OutputParser added in v0.11.18 

type OutputParser struct {
	// contains filtered or unexported fields
}

func NewParser added in v0.11.18 

func NewParser(logger log.Logger, matchers []Matcher) *OutputParser

func (*OutputParser) Parse added in v0.11.18 

func (p *OutputParser) Parse(input *bytes.Buffer) map[string]string

Parse looks at a chunk of input. It is assumed that the input contains information to fill in a single result. Do not provide input that contains data for multiple results.

func (*OutputParser) ParseMultiple added in v0.11.18 

func (p *OutputParser) ParseMultiple(input *bytes.Buffer) []map[string]string

Parse looks at command output, line by line. It uses the defined Matchers to set any appropriate values

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.