Documentation ¶
Index ¶
- Constants
- Variables
- func DatadogService(service string) (datadogService, error)
- func DatadogSite(site string) (datadogSite, error)
- func FindIntegrationType(t string) (integrationType, bool)
- func QRadarComm(site string) (qradarComm, error)
- func VictorOpsService(service string) (datadogService, error)
- func VictorOpsSite(site string) (datadogSite, error)
- type AccountService
- type AgentToken
- type AgentTokenProps
- type AgentTokenRequest
- type AgentTokensResponse
- type AgentsService
- func (svc *AgentsService) CreateToken(name, desc string) (response AgentTokensResponse, err error)
- func (svc *AgentsService) GetToken(token string) (response AgentTokensResponse, err error)
- func (svc *AgentsService) ListTokens() (response AgentTokensResponse, err error)
- func (svc *AgentsService) UpdateToken(token string, data AgentTokenRequest) (response AgentTokensResponse, err error)
- func (svc *AgentsService) UpdateTokenStatus(token string, enable bool) (response AgentTokensResponse, err error)
- type AlertLevel
- type AwsCloudWatchAlertChannel
- type AwsCloudWatchData
- type AwsCloudWatchResponse
- type AwsCrossAccountCreds
- type AwsEcrAccessKeyCreds
- type AwsEcrCommonData
- type AwsEcrDataWithAccessKeyCreds
- type AwsEcrDataWithCrossAccountCreds
- type AwsEcrWithAccessKeyIntegration
- type AwsEcrWithAccessKeyIntegrationResponse
- type AwsEcrWithCrossAccountIntegration
- type AwsEcrWithCrossAccountIntegrationResponse
- type AwsIntegration
- type AwsIntegrationData
- type AwsIntegrationsResponse
- type AwsS3AlertChannel
- type AwsS3AlertChannelResponse
- type AwsS3ChannelData
- type AwsS3Creds
- type AzureIntegration
- type AzureIntegrationCreds
- type AzureIntegrationData
- type AzureIntegrationsResponse
- type CiscoWebexAlertChannel
- type CiscoWebexAlertChannelResponse
- type CiscoWebexChannelData
- type Client
- func (c *Client) ApiVersion() string
- func (c *Client) Do(req *http.Request) (*http.Response, error)
- func (c *Client) DoDecoder(req *http.Request, v interface{}) (*http.Response, error)
- func (c *Client) GenerateToken() (response TokenResponse, err error)
- func (c *Client) GenerateTokenWithKeys(keyID, secretKey string) (TokenResponse, error)
- func (c *Client) NewRequest(method string, apiURL string, body io.Reader) (*http.Request, error)
- func (c *Client) RequestDecoder(method, path string, body io.Reader, v interface{}) error
- func (c *Client) RequestEncoderDecoder(method, path string, data, v interface{}) error
- func (c *Client) TokenExpired() bool
- func (c *Client) URL() string
- func (c *Client) ValidAuth() bool
- type CompAzureSubscriptions
- type CompGcpProjects
- type ComplianceAwsReport
- type ComplianceAwsReportConfig
- type ComplianceAzureReport
- type ComplianceAzureReportConfig
- type ComplianceGcpReport
- type ComplianceGcpReportConfig
- type ComplianceRecommendation
- type ComplianceService
- func (svc *ComplianceService) DownloadAwsReportPDF(filepath string, config ComplianceAwsReportConfig) error
- func (svc *ComplianceService) DownloadAzureReportPDF(filepath string, config ComplianceAzureReportConfig) error
- func (svc *ComplianceService) DownloadGcpReportPDF(filepath string, config ComplianceGcpReportConfig) error
- func (svc *ComplianceService) GetAwsReport(config ComplianceAwsReportConfig) (response complianceAwsReportResponse, err error)
- func (svc *ComplianceService) GetAzureReport(config ComplianceAzureReportConfig) (response complianceAzureReportResponse, err error)
- func (svc *ComplianceService) GetGcpReport(config ComplianceGcpReportConfig) (response complianceGcpReportResponse, err error)
- func (svc *ComplianceService) ListAzureSubscriptions(tenantID string) (response compAzureSubsResponse, err error)
- func (svc *ComplianceService) ListGcpProjects(orgID string) (response compGcpProjectsResponse, err error)
- func (svc *ComplianceService) RunAwsReport(accountID string) (response map[string]interface{}, err error)
- func (svc *ComplianceService) RunAzureReport(tenantID string) (response complianceRunAzureReportResponse, err error)
- func (svc *ComplianceService) RunGcpReport(projectID string) (response complianceRunGcpReportResponse, err error)
- func (svc *ComplianceService) RunIntegrationReport(intgGuid string) (response map[string]interface{}, err error)
- type ComplianceSummary
- type ComplianceViolation
- type ContainerRegCreds
- type ContainerRegData
- type ContainerRegIntResponse
- type ContainerRegIntegration
- func NewContainerRegIntegration(name string, data ContainerRegData) ContainerRegIntegration
- func NewDockerHubRegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration
- func NewDockerV2RegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration
- func NewGcrRegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration
- type ContainerVulnerability
- type ContainerVulnerabilityService
- func (svc *ContainerVulnerabilityService) AssessmentFromImageDigest(imageDigest string) (response VulnContainerAssessmentResponse, err error)
- func (svc *ContainerVulnerabilityService) AssessmentFromImageID(imageID string) (response VulnContainerAssessmentResponse, err error)
- func (svc *ContainerVulnerabilityService) ListAssessments() (VulnContainerAssessmentsResponse, error)
- func (svc *ContainerVulnerabilityService) ListAssessmentsDateRange(start, end time.Time) (response VulnContainerAssessmentsResponse, err error)
- func (svc *ContainerVulnerabilityService) Scan(registry, repository, tagOrHash string) (response vulnContainerScanResponse, err error)
- func (svc *ContainerVulnerabilityService) ScanStatus(requestID string) (response vulnContainerScanStatusResponse, err error)
- type DatadogAlertChannel
- type DatadogAlertChannelResponse
- type DatadogChannelData
- type Event
- type EventAPIEntity
- type EventApplicationEntity
- type EventCTUserEntity
- type EventContainerEntity
- type EventCustomRuleEntity
- type EventDetails
- type EventDetailsResponse
- type EventDnsNameEntity
- type EventEntityMap
- type EventFileDataHashEntity
- type EventFileExePathEntity
- type EventIpAddressEntity
- type EventMachineEntity
- type EventNewViolationEntity
- type EventProcessEntity
- type EventRecIDEntity
- type EventRegionEntity
- type EventResourceEntity
- type EventSourceIpAddressEntity
- type EventUserEntity
- type EventViolationReasonEntity
- type EventsCount
- type EventsResponse
- type EventsService
- type GcpCredentials
- type GcpIntegration
- type GcpIntegrationData
- type GcpIntegrationsResponse
- type GcpPubSubAlertChannel
- type GcpPubSubAlertChannelResponse
- type GcpPubSubChannelData
- type HostScanPackageVulnDetails
- type HostScanPackageVulnFixInfo
- type HostVulnCVE
- type HostVulnCounts
- type HostVulnCveSummary
- type HostVulnDetail
- type HostVulnHostAssessment
- type HostVulnPackage
- type HostVulnScanPkgManifestResponse
- type HostVulnSeverityCounts
- type HostVulnSeverityCountsDetails
- type HostVulnerabilityService
- func (svc *HostVulnerabilityService) GetHostAssessment(id string) (response hostVulnHostResponse, err error)
- func (svc *HostVulnerabilityService) ListCves() (response hostVulnListCvesResponse, err error)
- func (svc *HostVulnerabilityService) ListHostsWithCVE(id string) (response hostVulnListHostsResponse, err error)
- func (svc *HostVulnerabilityService) Scan(manifest *PackageManifest) (response HostVulnScanPkgManifestResponse, err error)
- type IntegrationState
- type IntegrationsService
- func (svc *IntegrationsService) CreateAws(integration AwsIntegration) (response AwsIntegrationsResponse, err error)
- func (svc *IntegrationsService) CreateAwsCloudWatchAlertChannel(integration AwsCloudWatchAlertChannel) (response AwsCloudWatchResponse, err error)
- func (svc *IntegrationsService) CreateAwsEcrWithAccessKey(integration AwsEcrWithAccessKeyIntegration) (response AwsEcrWithAccessKeyIntegrationResponse, err error)
- func (svc *IntegrationsService) CreateAwsEcrWithCrossAccount(integration AwsEcrWithCrossAccountIntegration) (response AwsEcrWithCrossAccountIntegrationResponse, err error)
- func (svc *IntegrationsService) CreateAwsS3AlertChannel(integration AwsS3AlertChannel) (response AwsS3AlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateAzure(integration AzureIntegration) (response AzureIntegrationsResponse, err error)
- func (svc *IntegrationsService) CreateCiscoWebexAlertChannel(integration CiscoWebexAlertChannel) (response CiscoWebexAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateContainerRegistry(integration ContainerRegIntegration) (response ContainerRegIntResponse, err error)
- func (svc *IntegrationsService) CreateDatadogAlertChannel(integration DatadogAlertChannel) (response DatadogAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateGcp(data GcpIntegration) (response GcpIntegrationsResponse, err error)
- func (svc *IntegrationsService) CreateGcpPubSubAlertChannel(integration GcpPubSubAlertChannel) (response GcpPubSubAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateJiraAlertChannel(integration JiraAlertChannel) (response JiraAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateMicrosoftTeamsAlertChannel(integration MicrosoftTeamsAlertChannel) (response MicrosoftTeamsAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateNewRelicAlertChannel(integration NewRelicAlertChannel) (response NewRelicAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreatePagerDutyAlertChannel(integration PagerDutyAlertChannel) (response PagerDutyAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateQRadarAlertChannel(integration QRadarAlertChannel) (response QRadarAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateServiceNowAlertChannel(integration ServiceNowAlertChannel) (response ServiceNowAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateSlackAlertChannel(integration SlackAlertChannel) (response SlackAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateSplunkAlertChannel(integration SplunkAlertChannel) (response SplunkAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateVictorOpsAlertChannel(integration VictorOpsAlertChannel) (response VictorOpsAlertChannelResponse, err error)
- func (svc *IntegrationsService) CreateWebhookAlertChannel(integration WebhookAlertChannel) (response WebhookAlertChannelResponse, err error)
- func (svc *IntegrationsService) Delete(guid string) (response RawIntegrationsResponse, err error)
- func (svc *IntegrationsService) DeleteAws(guid string) (response AwsIntegrationsResponse, err error)
- func (svc *IntegrationsService) DeleteAzure(guid string) (response AzureIntegrationsResponse, err error)
- func (svc *IntegrationsService) DeleteGcp(guid string) (response GcpIntegrationsResponse, err error)
- func (svc *IntegrationsService) Get(guid string) (response RawIntegrationsResponse, err error)
- func (svc *IntegrationsService) GetAws(guid string) (response AwsIntegrationsResponse, err error)
- func (svc *IntegrationsService) GetAwsCloudWatchAlertChannel(guid string) (response AwsCloudWatchResponse, err error)
- func (svc *IntegrationsService) GetAwsEcrWithAccessKey(guid string) (response AwsEcrWithAccessKeyIntegrationResponse, err error)
- func (svc *IntegrationsService) GetAwsEcrWithCrossAccount(guid string) (response AwsEcrWithCrossAccountIntegrationResponse, err error)
- func (svc *IntegrationsService) GetAwsS3AlertChannel(guid string) (response AwsS3AlertChannelResponse, err error)
- func (svc *IntegrationsService) GetAzure(guid string) (response AzureIntegrationsResponse, err error)
- func (svc *IntegrationsService) GetCiscoWebexAlertChannel(guid string) (response CiscoWebexAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetContainerRegistry(guid string) (response ContainerRegIntResponse, err error)
- func (svc *IntegrationsService) GetDatadogAlertChannel(guid string) (response DatadogAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetGcp(guid string) (response GcpIntegrationsResponse, err error)
- func (svc *IntegrationsService) GetGcpPubSubAlertChannel(guid string) (response GcpPubSubAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetJiraAlertChannel(guid string) (response JiraAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetMicrosoftTeamsAlertChannel(guid string) (response MicrosoftTeamsAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetNewRelicAlertChannel(guid string) (response NewRelicAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetPagerDutyAlertChannel(guid string) (response PagerDutyAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetQRadarAlertChannel(guid string) (response QRadarAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetSchema(iType integrationType) (response map[string]interface{}, err error)
- func (svc *IntegrationsService) GetServiceNowAlertChannel(guid string) (response ServiceNowAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetSlackAlertChannel(guid string) (response SlackAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetSplunkAlertChannel(guid string) (response SplunkAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetVictorOpsAlertChannel(guid string) (response VictorOpsAlertChannelResponse, err error)
- func (svc *IntegrationsService) GetWebhookAlertChannel(guid string) (response WebhookAlertChannelResponse, err error)
- func (svc *IntegrationsService) List() (response RawIntegrationsResponse, err error)
- func (svc *IntegrationsService) ListAwsCfg() (response AwsIntegrationsResponse, err error)
- func (svc *IntegrationsService) ListAwsCloudTrail() (response AwsIntegrationsResponse, err error)
- func (svc *IntegrationsService) ListAwsCloudWatchAlertChannel() (response AwsCloudWatchResponse, err error)
- func (svc *IntegrationsService) ListAwsS3AlertChannel() (response AwsS3AlertChannelResponse, err error)
- func (svc *IntegrationsService) ListAzureActivityLog() (response AzureIntegrationsResponse, err error)
- func (svc *IntegrationsService) ListAzureCfg() (response AzureIntegrationsResponse, err error)
- func (svc *IntegrationsService) ListByType(iType integrationType) (response RawIntegrationsResponse, err error)
- func (svc *IntegrationsService) ListCiscoWebexAlertChannel() (response CiscoWebexAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListContainerRegistryIntegrations() (response ContainerRegIntResponse, err error)
- func (svc *IntegrationsService) ListDatadogAlertChannel() (response DatadogAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListGcpAuditLog() (response GcpIntegrationsResponse, err error)
- func (svc *IntegrationsService) ListGcpCfg() (response GcpIntegrationsResponse, err error)
- func (svc *IntegrationsService) ListGcpPubSubAlertChannel() (response GcpPubSubAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListJiraAlertChannel() (response JiraAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListMicrosoftTeamsAlertChannel() (response MicrosoftTeamsAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListNewRelicAlertChannel() (response NewRelicAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListPagerDutyAlertChannel() (response PagerDutyAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListQRadarAlertChannel() (response QRadarAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListServiceNowAlertChannel() (response ServiceNowAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListSlackAlertChannel() (response SlackAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListSplunkAlertChannel() (response SplunkAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListVictorOpsAlertChannel() (response VictorOpsAlertChannelResponse, err error)
- func (svc *IntegrationsService) ListWebhookAlertChannel() (response WebhookAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateAws(data AwsIntegration) (response AwsIntegrationsResponse, err error)
- func (svc *IntegrationsService) UpdateAwsCloudWatchAlertChannel(data AwsCloudWatchAlertChannel) (response AwsCloudWatchResponse, err error)
- func (svc *IntegrationsService) UpdateAwsEcrWithAccessKey(integration AwsEcrWithAccessKeyIntegration) (response AwsEcrWithAccessKeyIntegrationResponse, err error)
- func (svc *IntegrationsService) UpdateAwsEcrWithCrossAccount(integration AwsEcrWithCrossAccountIntegration) (response AwsEcrWithCrossAccountIntegrationResponse, err error)
- func (svc *IntegrationsService) UpdateAwsS3AlertChannel(data AwsS3AlertChannel) (response AwsS3AlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateAzure(data AzureIntegration) (response AzureIntegrationsResponse, err error)
- func (svc *IntegrationsService) UpdateCiscoWebexAlertChannel(data CiscoWebexAlertChannel) (response CiscoWebexAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateContainerRegistry(integration ContainerRegIntegration) (response ContainerRegIntResponse, err error)
- func (svc *IntegrationsService) UpdateDatadogAlertChannel(data DatadogAlertChannel) (response DatadogAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateGcp(data GcpIntegration) (response GcpIntegrationsResponse, err error)
- func (svc *IntegrationsService) UpdateGcpPubSubAlertChannel(data GcpPubSubAlertChannel) (response GcpPubSubAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateJiraAlertChannel(data JiraAlertChannel) (response JiraAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateMicrosoftTeamsAlertChannel(data MicrosoftTeamsAlertChannel) (response MicrosoftTeamsAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateNewRelicAlertChannel(data NewRelicAlertChannel) (response NewRelicAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdatePagerDutyAlertChannel(data PagerDutyAlertChannel) (response PagerDutyAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateQRadarAlertChannel(data QRadarAlertChannel) (response QRadarAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateServiceNowAlertChannel(data ServiceNowAlertChannel) (response ServiceNowAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateSlackAlertChannel(data SlackAlertChannel) (response SlackAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateSplunkAlertChannel(data SplunkAlertChannel) (response SplunkAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateVictorOpsAlertChannel(data VictorOpsAlertChannel) (response VictorOpsAlertChannelResponse, err error)
- func (svc *IntegrationsService) UpdateWebhookAlertChannel(data WebhookAlertChannel) (response WebhookAlertChannelResponse, err error)
- type JiraAlertChannel
- type JiraAlertChannelData
- type JiraAlertChannelResponse
- type Json16DigitTime
- type LQLCompileResponse
- type LQLDataSourcesResponse
- type LQLDeleteMessage
- type LQLDeleteResponse
- type LQLDescribeData
- type LQLDescribeParameters
- type LQLDescribeResponse
- type LQLDescribeSchema
- type LQLQuery
- type LQLQueryResponse
- type LQLService
- func (svc *LQLService) CompileQuery(query string) (response LQLCompileResponse, err error)
- func (svc *LQLService) CreateQuery(query string) (response LQLQueryResponse, err error)
- func (svc *LQLService) DataSources() (response LQLDataSourcesResponse, err error)
- func (svc *LQLService) DeleteQuery(queryID string) (response LQLDeleteResponse, err error)
- func (svc *LQLService) Describe(dataSource string) (response LQLDescribeResponse, err error)
- func (svc *LQLService) GetQueries() (LQLQueryResponse, error)
- func (svc *LQLService) GetQueryByID(queryID string) (response LQLQueryResponse, err error)
- func (svc *LQLService) RunQuery(query, start, end string) (response map[string]interface{}, err error)
- func (svc *LQLService) UpdateQuery(query string) (response LQLUpdateResponse, err error)
- type LQLUpdateMessage
- type LQLUpdateResponse
- type MicrosoftTeamsAlertChannel
- type MicrosoftTeamsAlertChannelResponse
- type MicrosoftTeamsChannelData
- type NanoTime
- type NewRelicAlertChannel
- type NewRelicAlertChannelResponse
- type NewRelicChannelData
- type Option
- func WithApiKeys(id, secret string) Option
- func WithApiV2() Option
- func WithExpirationTime(t int) Option
- func WithHeader(header, value string) Option
- func WithLogFile(filename string) Option
- func WithLogLevel(level string) Option
- func WithLogLevelAndFile(level, filename string) Option
- func WithLogLevelAndWriter(level string, w io.Writer) Option
- func WithLogWriter(w io.Writer) Option
- func WithTimeout(timeout time.Duration) Option
- func WithToken(token string) Option
- func WithTokenFromKeys(id, secret string) Option
- func WithURL(baseURL string) Option
- type OsPkgInfo
- type PackageManifest
- type PagerDutyAlertChannel
- type PagerDutyAlertChannelResponse
- type PagerDutyData
- type QRadarAlertChannel
- type QRadarAlertChannelResponse
- type QRadarChannelData
- type RawIntegration
- type RawIntegrationsResponse
- type ServiceNowAlertChannel
- type ServiceNowAlertChannelResponse
- type ServiceNowChannelData
- type SlackAlertChannel
- type SlackAlertChannelResponse
- type SlackChannelData
- type SplunkAlertChannel
- type SplunkAlertChannelResponse
- type SplunkChannelData
- type SplunkEventData
- type TokenResponse
- type VictorOpsAlertChannel
- type VictorOpsAlertChannelResponse
- type VictorOpsChannelData
- type VulnContainerAssessment
- type VulnContainerAssessmentResponse
- type VulnContainerAssessmentSummary
- type VulnContainerAssessmentsResponse
- type VulnContainerImage
- type VulnContainerImageLayer
- type VulnContainerPackage
- type VulnerabilitiesService
- type VulnerabilityAssessment
- type WebhookAlertChannel
- type WebhookAlertChannelResponse
- type WebhookChannelData
Constants ¶
const ( // Alpha ApiLQL = "external/lql" ApiLQLCompile = "external/lql/compile" ApiLQLDataSources = "external/lql/dataSources" ApiLQLDescribe = "external/lql/describe" ApiLQLQuery = "external/lql/query" )
const ( // The list of valid inputs for DatadogSite field DatadogSiteEu datadogSite = "eu" DatadogSiteCom datadogSite = "com" // The list of valid inputs for DatadogService field DatadogServiceLogsDetails datadogService = "Logs Detail" DatadogServiceEventsSummary datadogService = "Events Summary" DatadogServiceLogsSummary datadogService = "Logs Summary" )
const ( JiraCloudAlertType = "JIRA_CLOUD" JiraServerAlertType = "JIRA_SERVER" )
const ( // The list of valid inputs for QRadar Communication Type field QRadarCommHttps qradarComm = "HTTPS" QRadarCommHttpsSelfSigned qradarComm = "HTTPS Self Signed Cert" )
const ( // type that defines a non-existing integration NoneIntegration integrationType = iota // AWS Config integration type AwsCfgIntegration // AWS CloudTrail integration type AwsCloudTrailIntegration // AWS S3 channel integration type AwsS3ChannelIntegration // Datadog channel integration type DatadogChannelIntegration // GCP Config integration type GcpCfgIntegration // GCP Audit Log integration type GcpAuditLogIntegration // GCP Pub Sub alert channel integration type GcpPubSubChannelIntegration // New Relic Insights alert channel integration type NewRelicChannelIntegration // Azure Config integration type AzureCfgIntegration // Azure Activity Log integration type AzureActivityLogIntegration // Cisco Webex integration type CiscoWebexChannelIntegration // Container registry integration type ContainerRegistryIntegration // Microsoft Teams channel integration type MicrosoftTeamsChannelIntegration // QRadar channel integration type QRadarChannelIntegration // Slack channel integration type SlackChannelIntegration // Sevice Now alert channel integration type ServiceNowChannelIntegration // Splunk channel integration type SplunkIntegration // AWS CloudWatch integration type AwsCloudWatchIntegration // Pager Duty integration type PagerDutyIntegration // Jira integration type JiraIntegration // VictorOps channel integration type VictorOpsChannelIntegration // Webhook channel integration type WebhookIntegration )
const ( // type that defines a non-existing registry NoneRegistry registryType = iota DockerHubRegistry DockerV2Registry EcrRegistry GcrRegistry )
const ( AwsEcrIAM ecrAuthType = iota AwsEcrAccessKey )
const ( // Project level integration with GCP GcpProjectIntegration gcpResourceLevel = iota // Organization level integration with GCP GcpOrganizationIntegration )
const DefaultTokenExpiryTime = 3600
const (
LQLQueryTranslateError string = "unable to translate query blob"
)
const Version = "0.7.0"
Version is the semver coming from the VERSION file
Variables ¶
var AlertLevels = map[AlertLevel]string{ CriticalAlertLevel: "Critical", HighAlertLevel: "High", MediumAlertLevel: "Medium", LowAlertLevel: "Low", AllAlertLevel: "All", }
AlertLevels is the list of available alert levels
var AwsEcrAuthTypes = map[ecrAuthType]string{ AwsEcrIAM: "AWS_IAM", AwsEcrAccessKey: "AWS_ACCESS_KEY", }
AwsEcrAuthTypes is the list of available ECR auth types
var IntegrationTypes = map[integrationType]string{ NoneIntegration: "NONE", AwsCfgIntegration: "AWS_CFG", AwsCloudTrailIntegration: "AWS_CT_SQS", AwsS3ChannelIntegration: "AWS_S3", CiscoWebexChannelIntegration: "CISCO_SPARK_WEBHOOK", DatadogChannelIntegration: "DATADOG", GcpCfgIntegration: "GCP_CFG", GcpAuditLogIntegration: "GCP_AT_SES", GcpPubSubChannelIntegration: "GCP_PUBSUB", NewRelicChannelIntegration: "NEW_RELIC_INSIGHTS", AzureCfgIntegration: "AZURE_CFG", AzureActivityLogIntegration: "AZURE_AL_SEQ", ContainerRegistryIntegration: "CONT_VULN_CFG", QRadarChannelIntegration: "IBM_QRADAR", MicrosoftTeamsChannelIntegration: "MICROSOFT_TEAMS", SlackChannelIntegration: "SLACK_CHANNEL", SplunkIntegration: "SPLUNK_HEC", ServiceNowChannelIntegration: "SERVICE_NOW_REST", AwsCloudWatchIntegration: "CLOUDWATCH_EB", PagerDutyIntegration: "PAGER_DUTY_API", JiraIntegration: "JIRA", VictorOpsChannelIntegration: "VICTOR_OPS", WebhookIntegration: "WEBHOOK", }
IntegrationTypes is the list of available integration types
var RegistryTypes = map[registryType]string{ NoneRegistry: "NONE", DockerHubRegistry: "DOCKERHUB", DockerV2Registry: "V2_REGISTRY", EcrRegistry: "AWS_ECR", GcrRegistry: "GCP_GCR", }
RegistryTypes is the list of available registry types
var ValidComplianceStatus = []string{"non-compliant", "requires-manual-assessment", "suppressed", "compliant", "could-not-assess"}
ValidComplianceStatus is a list of all valid compliance status
var ValidEventSeverities = []string{"critical", "high", "medium", "low", "info"}
ValidEventSeverities is a list of all valid event severities
var ValidVulnSeverities = []string{"critical", "high", "medium", "low", "info"}
ValidVulnSeverities is a list of all valid severities in a vulnerability report
Functions ¶
func DatadogService ¶ added in v0.2.18
DatadogService returns the datadogService type for the corresponding string input
func DatadogSite ¶ added in v0.2.18
DatadogSite returns the datadogSite type for the corresponding string input
func FindIntegrationType ¶
FindIntegrationType looks up inside the list of available integration types the matching type from the provided string, if none, returns NoneIntegration
func QRadarComm ¶ added in v0.2.20
QRadarComm returns the qradarComm type for the corresponding string input
func VictorOpsService ¶ added in v0.2.19
VictorOpsService returns the datadogService type for the corresponding string input
func VictorOpsSite ¶ added in v0.2.19
VictorOpsSite returns the datadogSite type for the corresponding string input
Types ¶
type AccountService ¶ added in v0.3.0
type AccountService struct {
// contains filtered or unexported fields
}
AccountService is a service that interacts with Account related endpoints from the Lacework Server
func (*AccountService) GetOrganizationInfo ¶ added in v0.3.0
func (svc *AccountService) GetOrganizationInfo() ( response accountOrganizationInfoResponse, err error, )
type AgentToken ¶ added in v0.2.10
type AgentToken struct { AccessToken string `json:"ACCESS_TOKEN"` Account string `json:"ACCOUNT"` LastUpdatedTime *Json16DigitTime `json:"LAST_UPDATED_TIME"` Props *AgentTokenProps `json:"PROPS,omitempty"` TokenAlias string `json:"TOKEN_ALIAS"` Enabled string `json:"TOKEN_ENABLED"` Version string `json:"VERSION"` }
func (AgentToken) EnabledInt ¶ added in v0.2.10
func (t AgentToken) EnabledInt() int
func (AgentToken) PrettyStatus ¶ added in v0.2.10
func (t AgentToken) PrettyStatus() string
@afiune this API returns a string as a boolean, so we have to do this mokeypatch
func (AgentToken) Status ¶ added in v0.2.10
func (t AgentToken) Status() bool
type AgentTokenProps ¶ added in v0.2.10
type AgentTokenProps struct { CreatedTime *Json16DigitTime `json:"CREATED_TIME,omitempty"` Description string `json:"DESCRIPTION,omitempty"` }
type AgentTokenRequest ¶ added in v0.2.10
type AgentTokenRequest struct { TokenAlias string `json:"TOKEN_ALIAS,omitempty"` Enabled int `json:"TOKEN_ENABLED"` Props *AgentTokenProps `json:"PROPS,omitempty"` }
type AgentTokensResponse ¶ added in v0.2.10
type AgentTokensResponse struct { Data []AgentToken `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type AgentsService ¶ added in v0.2.10
type AgentsService struct {
// contains filtered or unexported fields
}
AgentsService is a service that interacts with the Agent Access Tokens endpoints from the Lacework Server
func (*AgentsService) CreateToken ¶ added in v0.2.10
func (svc *AgentsService) CreateToken(name, desc string) (response AgentTokensResponse, err error)
CreateToken creates a new agent access token
func (*AgentsService) GetToken ¶ added in v0.2.10
func (svc *AgentsService) GetToken(token string) (response AgentTokensResponse, err error)
GetToken returns details about an agent access token
func (*AgentsService) ListTokens ¶ added in v0.2.10
func (svc *AgentsService) ListTokens() (response AgentTokensResponse, err error)
ListTokens returns a list of agent access tokens in a Lacework account
func (*AgentsService) UpdateToken ¶ added in v0.2.10
func (svc *AgentsService) UpdateToken(token string, data AgentTokenRequest) ( response AgentTokensResponse, err error, )
UpdateToken updates an agent access token with the provided request data
func (*AgentsService) UpdateTokenStatus ¶ added in v0.2.10
func (svc *AgentsService) UpdateTokenStatus(token string, enable bool) ( response AgentTokensResponse, err error, )
UpdateTokenStatus updates only the status of an agent access token (enable or disable)
type AlertLevel ¶ added in v0.1.22
type AlertLevel int
Enum for Alert Severity Levels
const ( CriticalAlertLevel AlertLevel = 1 // Critical only HighAlertLevel AlertLevel = 2 // High and above MediumAlertLevel AlertLevel = 3 // Medium and above LowAlertLevel AlertLevel = 4 // Low and above AllAlertLevel AlertLevel = 5 // Info and above (which is All of them) )
func (AlertLevel) Int ¶ added in v0.1.22
func (i AlertLevel) Int() int
Int returns the int representation of an alert level
func (AlertLevel) String ¶ added in v0.1.22
func (i AlertLevel) String() string
String returns the string representation of an alert level
func (AlertLevel) Valid ¶ added in v0.1.22
func (i AlertLevel) Valid() bool
Valid returns whether the AlertLevel is valid or not
type AwsCloudWatchAlertChannel ¶ added in v0.1.22
type AwsCloudWatchAlertChannel struct { Data AwsCloudWatchData `json:"DATA"` // contains filtered or unexported fields }
func NewAwsCloudWatchAlertChannel ¶ added in v0.1.22
func NewAwsCloudWatchAlertChannel(name string, data AwsCloudWatchData) AwsCloudWatchAlertChannel
NewAwsCloudWatchAlertChannel returns an instance of AwsCloudWatchAlertChannel with the provided name and data.
Basic usage: Initialize a new AwsCloudWatchAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } awsCloudWatch := api.NewAwsCloudWatchAlertChannel("foo", api.AwsCloudWatchData{ EventBusArn: "arn:aws:events:us-west-2:1234567890:event-bus/default", }, ) client.Integrations.CreateAwsCloudWatchAlertChannel(awsCloudWatch)
func (AwsCloudWatchAlertChannel) StateString ¶ added in v0.1.22
func (c AwsCloudWatchAlertChannel) StateString() string
type AwsCloudWatchData ¶ added in v0.1.22
type AwsCloudWatchResponse ¶ added in v0.1.22
type AwsCloudWatchResponse struct { Data []AwsCloudWatchAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type AwsCrossAccountCreds ¶ added in v0.2.22
type AwsEcrAccessKeyCreds ¶ added in v0.2.22
type AwsEcrCommonData ¶ added in v0.2.22
type AwsEcrCommonData struct { AwsAuthType string `json:"AWS_AUTH_TYPE" mapstructure:"AWS_AUTH_TYPE"` RegistryType string `json:"REGISTRY_TYPE" mapstructure:"REGISTRY_TYPE"` RegistryDomain string `json:"REGISTRY_DOMAIN" mapstructure:"REGISTRY_DOMAIN"` LimitByTag string `json:"LIMIT_BY_TAG" mapstructure:"LIMIT_BY_TAG"` LimitByLabel string `json:"LIMIT_BY_LABEL" mapstructure:"LIMIT_BY_LABEL"` LimitByRep string `json:"LIMIT_BY_REP,omitempty" mapstructure:"LIMIT_BY_REP"` LimitNumImg int `json:"LIMIT_NUM_IMG,omitempty" mapstructure:"LIMIT_NUM_IMG"` }
type AwsEcrDataWithAccessKeyCreds ¶ added in v0.2.22
type AwsEcrDataWithAccessKeyCreds struct { Credentials AwsEcrAccessKeyCreds `json:"ACCESS_KEY_CREDENTIALS" mapstructure:"ACCESS_KEY_CREDENTIALS"` AwsEcrCommonData }
type AwsEcrDataWithCrossAccountCreds ¶ added in v0.2.22
type AwsEcrDataWithCrossAccountCreds struct { Credentials AwsCrossAccountCreds `json:"CROSS_ACCOUNT_CREDENTIALS" mapstructure:"CROSS_ACCOUNT_CREDENTIALS"` AwsEcrCommonData }
type AwsEcrWithAccessKeyIntegration ¶ added in v0.2.22
type AwsEcrWithAccessKeyIntegration struct { Data AwsEcrDataWithAccessKeyCreds `json:"DATA"` // contains filtered or unexported fields }
func NewAwsEcrWithAccessKeyIntegration ¶ added in v0.2.22
func NewAwsEcrWithAccessKeyIntegration(name string, data AwsEcrDataWithAccessKeyCreds) AwsEcrWithAccessKeyIntegration
func (AwsEcrWithAccessKeyIntegration) StateString ¶ added in v0.2.22
func (c AwsEcrWithAccessKeyIntegration) StateString() string
type AwsEcrWithAccessKeyIntegrationResponse ¶ added in v0.2.22
type AwsEcrWithAccessKeyIntegrationResponse struct { Data []AwsEcrWithAccessKeyIntegration `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type AwsEcrWithCrossAccountIntegration ¶ added in v0.2.22
type AwsEcrWithCrossAccountIntegration struct { Data AwsEcrDataWithCrossAccountCreds `json:"DATA"` // contains filtered or unexported fields }
func NewAwsEcrWithCrossAccountIntegration ¶ added in v0.2.22
func NewAwsEcrWithCrossAccountIntegration(name string, data AwsEcrDataWithCrossAccountCreds) AwsEcrWithCrossAccountIntegration
func (AwsEcrWithCrossAccountIntegration) StateString ¶ added in v0.2.22
func (c AwsEcrWithCrossAccountIntegration) StateString() string
type AwsEcrWithCrossAccountIntegrationResponse ¶ added in v0.2.22
type AwsEcrWithCrossAccountIntegrationResponse struct { Data []AwsEcrWithCrossAccountIntegration `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type AwsIntegration ¶
type AwsIntegration struct { Data AwsIntegrationData `json:"DATA"` // contains filtered or unexported fields }
func NewAwsCfgIntegration ¶
func NewAwsCfgIntegration(name string, data AwsIntegrationData) AwsIntegration
NewAwsCfgIntegration returns an instance of AwsIntegration of type AWS_CFG
func NewAwsCloudTrailIntegration ¶
func NewAwsCloudTrailIntegration(name string, data AwsIntegrationData) AwsIntegration
NewAwsCloudTrailIntegration returns an instance of AwsIntegration of type AWS_CT_SQS
func NewAwsIntegration ¶
func NewAwsIntegration(name string, iType integrationType, data AwsIntegrationData) AwsIntegration
NewAwsIntegration returns an instance of AwsIntegration with the provided integration type, name and data. The type can only be AwsCfgIntegration or AwsCloudTrailIntegration
Basic usage: Initialize a new AwsIntegration struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } aws := api.NewAwsIntegration("foo", api.AwsCfgIntegration, api.AwsIntegrationData{ Credentials: api.AwsCrossAccountCreds { RoleArn: "arn:aws:XYZ", ExternalID: "1", }, }, ) client.Integrations.CreateAws(aws)
func (AwsIntegration) StateString ¶ added in v0.1.7
func (c AwsIntegration) StateString() string
type AwsIntegrationData ¶
type AwsIntegrationData struct { Credentials AwsCrossAccountCreds `json:"CROSS_ACCOUNT_CREDENTIALS" mapstructure:"CROSS_ACCOUNT_CREDENTIALS"` // QueueUrl is a field that exists and is required for the AWS_CT_SQS integration, // though, it doesn't exist for AWS_CFG integrations, that's why we omit it if empty QueueUrl string `json:"QUEUE_URL,omitempty" mapstructure:"QUEUE_URL"` // This field must be a base64 encode with the following format: // // "data:application/json;name=i.json;base64,[ENCODING]" // // [ENCODING] is the the base64 encode, use EncodeAccountMappingFile() to encode a JSON mapping file AccountMappingFile string `json:"ACCOUNT_MAPPING_FILE,omitempty" mapstructure:"ACCOUNT_MAPPING_FILE"` // AwsAccountID is the AWS account that owns the IAM role credentials AwsAccountID string `json:"AWS_ACCOUNT_ID,omitempty" mapstructure:"AWS_ACCOUNT_ID"` }
func (*AwsIntegrationData) DecodeAccountMappingFile ¶ added in v0.2.9
func (aws *AwsIntegrationData) DecodeAccountMappingFile() ([]byte, error)
func (*AwsIntegrationData) EncodeAccountMappingFile ¶ added in v0.2.9
func (aws *AwsIntegrationData) EncodeAccountMappingFile(mapping []byte)
type AwsIntegrationsResponse ¶
type AwsIntegrationsResponse struct { Data []AwsIntegration `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type AwsS3AlertChannel ¶ added in v0.2.12
type AwsS3AlertChannel struct { Data AwsS3ChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewAwsS3AlertChannel ¶ added in v0.2.12
func NewAwsS3AlertChannel(name string, data AwsS3ChannelData) AwsS3AlertChannel
NewAwsS3AlertChannel returns an instance of AwsS3AlertChannel with the provided name and data.
Basic usage: Initialize a new AwsS3AlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } awsS3Channel := api.NewAwsS3AlertChannel("foo", api.AwsS3ChannelData{ Credentials: api.AwsS3Creds{ ExternalID: "1234", RoleArn: "arn:aws:iam::account-id:role/role-name-with-path", BucketArn: "arn:aws:s3:::bucket_name/key_name", }, }, ) client.Integrations.CreateAwsS3AlertChannel(awsS3Channel)
func (AwsS3AlertChannel) StateString ¶ added in v0.2.12
func (c AwsS3AlertChannel) StateString() string
type AwsS3AlertChannelResponse ¶ added in v0.2.12
type AwsS3AlertChannelResponse struct { Data []AwsS3AlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type AwsS3ChannelData ¶ added in v0.2.12
type AwsS3ChannelData struct {
Credentials AwsS3Creds `json:"S3_CROSS_ACCOUNT_CREDENTIALS" mapstructure:"S3_CROSS_ACCOUNT_CREDENTIALS"`
}
type AwsS3Creds ¶ added in v0.2.12
type AzureIntegration ¶
type AzureIntegration struct { Data AzureIntegrationData `json:"DATA"` // contains filtered or unexported fields }
func NewAzureActivityLogIntegration ¶
func NewAzureActivityLogIntegration(name string, data AzureIntegrationData) AzureIntegration
NewAzureActivityLogIntegration returns an instance of AzureIntegration of type AZURE_AL_SEQ
func NewAzureCfgIntegration ¶
func NewAzureCfgIntegration(name string, data AzureIntegrationData) AzureIntegration
NewAzureCfgIntegration returns an instance of AzureIntegration of type AZURE_CFG
func NewAzureIntegration ¶
func NewAzureIntegration(name string, iType integrationType, data AzureIntegrationData) AzureIntegration
NewAzureIntegration returns an instance of AzureIntegration with the provided integration type, name and data. The type can only be AzureCfgIntegration or AzureActivityLogIntegration
Basic usage: Initialize a new AzureIntegration struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } azure := api.NewAzureIntegration("bar", api.AzureActivityLogIntegration, api.AzureIntegrationData{ TenantID: "tenant_id", QueueUrl: "https://abc.queue.core.windows.net/123", Credentials: api.AzureIntegrationCreds{ ClientID: "client_id", ClientSecret: "secret", }, }, ) if err != nil { return err } client.Integrations.CreateAzure(azure)
func (AzureIntegration) StateString ¶ added in v0.1.7
func (c AzureIntegration) StateString() string
type AzureIntegrationCreds ¶
type AzureIntegrationData ¶
type AzureIntegrationData struct { Credentials AzureIntegrationCreds `json:"CREDENTIALS" mapstructure:"CREDENTIALS"` TenantID string `json:"TENANT_ID" mapstructure:"TENANT_ID"` // QueueUrl is a field that exists and is required for the AWS_CT_SQS integration, // though, it doesn't exist for AZURE_CFG integrations, that's why we omit it if empty QueueUrl string `json:"QUEUE_URL,omitempty" mapstructure:"QUEUE_URL"` }
type AzureIntegrationsResponse ¶
type AzureIntegrationsResponse struct { Data []AzureIntegration `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type CiscoWebexAlertChannel ¶ added in v0.2.19
type CiscoWebexAlertChannel struct { Data CiscoWebexChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewCiscoWebexAlertChannel ¶ added in v0.2.19
func NewCiscoWebexAlertChannel(name string, data CiscoWebexChannelData) CiscoWebexAlertChannel
NewCiscoWebexAlertChannel returns an instance of CiscoWebexAlertChannel with the provided name and data.
Basic usage: Initialize a new CiscoWebexAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } ciscoWebexChannel := api.NewCiscoWebexAlertChannel("foo", api.CiscoWebexChannelData{ WebhookURL: "https://webexapis.com/v1/webhooks/incoming/api-token", }, ) client.Integrations.CreateCiscoWebexAlertChannel(ciscoWebexChannel)
func (CiscoWebexAlertChannel) StateString ¶ added in v0.2.19
func (c CiscoWebexAlertChannel) StateString() string
type CiscoWebexAlertChannelResponse ¶ added in v0.2.19
type CiscoWebexAlertChannelResponse struct { Data []CiscoWebexAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type CiscoWebexChannelData ¶ added in v0.2.19
type CiscoWebexChannelData struct {
WebhookURL string `json:"WEBHOOK" mapstructure:"WEBHOOK"`
}
type Client ¶
type Client struct { LQL *LQLService Account *AccountService Agents *AgentsService Events *EventsService Compliance *ComplianceService Integrations *IntegrationsService Vulnerabilities *VulnerabilitiesService // contains filtered or unexported fields }
func NewClient ¶
New generates a new Lacework API client
Example of basic usage
lacework, err := api.NewClient("demo") if err == nil { lacework.Integrations.List() }
func (*Client) ApiVersion ¶
ApiVersion returns the API client version
func (*Client) DoDecoder ¶
DoDecoder is used to execute (aka Do) the http request and decode it into the provided interface, all at once
func (*Client) GenerateToken ¶
func (c *Client) GenerateToken() (response TokenResponse, err error)
GenerateToken generates a new access token
func (*Client) GenerateTokenWithKeys ¶
func (c *Client) GenerateTokenWithKeys(keyID, secretKey string) (TokenResponse, error)
GenerateTokenWithKeys generates a new access token with the provided keys
func (*Client) NewRequest ¶
NewRequest generates a new http request
func (*Client) RequestDecoder ¶
RequestDecoder performs an http request on an endpoint, and decodes the response into the provided interface, all at once
func (*Client) RequestEncoderDecoder ¶ added in v0.1.3
RequestEncoderDecoder leverages RequestDecoder and performs an http request that first encodes the provider 'data' as a JSON Reader and passes it as the body to the request
func (*Client) TokenExpired ¶ added in v0.2.21
type CompAzureSubscriptions ¶ added in v0.1.12
type CompGcpProjects ¶ added in v0.1.12
type ComplianceAwsReport ¶ added in v0.1.12
type ComplianceAwsReport struct { ReportTitle string `json:"reportTitle"` ReportType string `json:"reportType"` ReportTime time.Time `json:"reportTime"` AccountID string `json:"accountId"` AccountAlias string `json:"accountAlias"` Summary []ComplianceSummary `json:"summary"` Recommendations []ComplianceRecommendation `json:"recommendations"` }
type ComplianceAwsReportConfig ¶ added in v0.1.12
type ComplianceAzureReport ¶ added in v0.1.12
type ComplianceAzureReport struct { ReportTitle string `json:"reportTitle"` ReportType string `json:"reportType"` ReportTime time.Time `json:"reportTime"` TenantID string `json:"tenantId"` TenantName string `json:"tenantName"` SubscriptionID string `json:"subscriptionId"` SubscriptionName string `json:"subscriptionName"` Summary []ComplianceSummary `json:"summary"` Recommendations []ComplianceRecommendation `json:"recommendations"` }
type ComplianceAzureReportConfig ¶ added in v0.1.12
type ComplianceGcpReport ¶ added in v0.1.12
type ComplianceGcpReport struct { ReportTitle string `json:"reportTitle"` ReportType string `json:"reportType"` ReportTime time.Time `json:"reportTime"` OrganizationID string `json:"organizationId"` OrganizationName string `json:"organizationName"` ProjectID string `json:"projectId"` ProjectName string `json:"projectName"` Summary []ComplianceSummary `json:"summary"` Recommendations []ComplianceRecommendation `json:"recommendations"` }
type ComplianceGcpReportConfig ¶ added in v0.1.12
type ComplianceRecommendation ¶ added in v0.1.12
type ComplianceRecommendation struct { RecID string `json:"rec_id"` AssessedResourceCount int `json:"assessed_resource_count"` ResourceCount int `json:"resource_count"` Category string `json:"category"` InfoLink string `json:"info_link"` Service string `json:"service"` Severity int `json:"severity"` Status string `json:"status"` Suppressions []string `json:"suppressions"` Title string `json:"title"` Violations []ComplianceViolation `json:"violations"` }
func (*ComplianceRecommendation) SeverityString ¶ added in v0.1.12
func (r *ComplianceRecommendation) SeverityString() string
type ComplianceService ¶ added in v0.1.12
type ComplianceService struct {
// contains filtered or unexported fields
}
ComplianceService is a service that interacts with the compliance endpoints from the Lacework Server
func (*ComplianceService) DownloadAwsReportPDF ¶ added in v0.1.12
func (svc *ComplianceService) DownloadAwsReportPDF(filepath string, config ComplianceAwsReportConfig) error
func (*ComplianceService) DownloadAzureReportPDF ¶ added in v0.1.12
func (svc *ComplianceService) DownloadAzureReportPDF(filepath string, config ComplianceAzureReportConfig) error
func (*ComplianceService) DownloadGcpReportPDF ¶ added in v0.1.12
func (svc *ComplianceService) DownloadGcpReportPDF(filepath string, config ComplianceGcpReportConfig) error
func (*ComplianceService) GetAwsReport ¶ added in v0.1.12
func (svc *ComplianceService) GetAwsReport(config ComplianceAwsReportConfig) ( response complianceAwsReportResponse, err error, )
func (*ComplianceService) GetAzureReport ¶ added in v0.1.12
func (svc *ComplianceService) GetAzureReport(config ComplianceAzureReportConfig) ( response complianceAzureReportResponse, err error, )
func (*ComplianceService) GetGcpReport ¶ added in v0.1.12
func (svc *ComplianceService) GetGcpReport(config ComplianceGcpReportConfig) ( response complianceGcpReportResponse, err error, )
func (*ComplianceService) ListAzureSubscriptions ¶ added in v0.1.12
func (svc *ComplianceService) ListAzureSubscriptions(tenantID string) ( response compAzureSubsResponse, err error, )
func (*ComplianceService) ListGcpProjects ¶ added in v0.1.12
func (svc *ComplianceService) ListGcpProjects(orgID string) ( response compGcpProjectsResponse, err error, )
func (*ComplianceService) RunAwsReport ¶ added in v0.1.12
func (svc *ComplianceService) RunAwsReport(accountID string) ( response map[string]interface{}, err error, )
func (*ComplianceService) RunAzureReport ¶ added in v0.1.12
func (svc *ComplianceService) RunAzureReport(tenantID string) ( response complianceRunAzureReportResponse, err error, )
func (*ComplianceService) RunGcpReport ¶ added in v0.1.12
func (svc *ComplianceService) RunGcpReport(projectID string) ( response complianceRunGcpReportResponse, err error, )
func (*ComplianceService) RunIntegrationReport ¶ added in v0.2.6
func (svc *ComplianceService) RunIntegrationReport(intgGuid string) ( response map[string]interface{}, err error, )
type ComplianceSummary ¶ added in v0.1.12
type ComplianceSummary struct { AssessedResourceCount int `json:"assessed_resource_count"` NumCompliant int `json:"num_compliant"` NumNotCompliant int `json:"num_not_compliant"` NumRecommendations int `json:"num_recommendations"` NumSeverity1NonCompliance int `json:"num_severity_1_non_compliance"` NumSeverity2NonCompliance int `json:"num_severity_2_non_compliance"` NumSeverity3NonCompliance int `json:"num_severity_3_non_compliance"` NumSeverity4NonCompliance int `json:"num_severity_4_non_compliance"` NumSeverity5NonCompliance int `json:"num_severity_5_non_compliance"` NumSuppressed int `json:"num_suppressed"` SuppressedResourceCount int `json:"suppressed_resource_count"` ViolatedResourceCount int `json:"violated_resource_count"` }
type ComplianceViolation ¶ added in v0.1.12
type ContainerRegCreds ¶ added in v0.1.9
type ContainerRegCreds struct { // for docker hub registry (DOCKERHUB) Username string `json:"USERNAME,omitempty" mapstructure:"USERNAME"` Password string `json:"PASSWORD,omitempty" mapstructure:"PASSWORD"` // for docker V2 registry (V2_REGISTRY) SSL bool `json:"SSL,omitempty" mapstructure:"SSL"` // for GCR registry (GCP_GCR) ClientEmail string `json:"CLIENT_EMAIL,omitempty" mapstructure:"CLIENT_EMAIL"` ClientID string `json:"CLIENT_ID,omitempty" mapstructure:"CLIENT_ID"` PrivateKey string `json:"PRIVATE_KEY,omitempty" mapstructure:"PRIVATE_KEY"` PrivateKeyID string `json:"PRIVATE_KEY_ID,omitempty" mapstructure:"PRIVATE_KEY_ID"` }
type ContainerRegData ¶ added in v0.1.9
type ContainerRegData struct { // @afiune the container registry schema contains a few different DATA types, // and because of that we are adding ALL fields that we could possibly have // for ALL container registry types (look at the variable RegistryTypes) with // the exception of AWS_ECR, this integration has a different credentials field // and because of that we have to define it separately Credentials ContainerRegCreds `json:"CREDENTIALS" mapstructure:"CREDENTIALS"` RegistryType string `json:"REGISTRY_TYPE" mapstructure:"REGISTRY_TYPE"` // for GCP_GCR integrations, the registry domain has to be one of: // => [ "gcr.io", "us.gcr.io", "eu.gcr.io", "asia.gcr.io" ] RegistryDomain string `json:"REGISTRY_DOMAIN" mapstructure:"REGISTRY_DOMAIN"` LimitByTag string `json:"LIMIT_BY_TAG" mapstructure:"LIMIT_BY_TAG"` LimitByLabel string `json:"LIMIT_BY_LABEL" mapstructure:"LIMIT_BY_LABEL"` LimitByRep string `json:"LIMIT_BY_REP,omitempty" mapstructure:"LIMIT_BY_REP"` LimitNumImg int `json:"LIMIT_NUM_IMG,omitempty" mapstructure:"LIMIT_NUM_IMG"` }
type ContainerRegIntResponse ¶ added in v0.1.9
type ContainerRegIntResponse struct { Data []ContainerRegIntegration `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type ContainerRegIntegration ¶ added in v0.1.9
type ContainerRegIntegration struct { Data ContainerRegData `json:"DATA"` // contains filtered or unexported fields }
func NewContainerRegIntegration ¶ added in v0.1.9
func NewContainerRegIntegration(name string, data ContainerRegData) ContainerRegIntegration
NewContainerRegIntegration returns an instance of ContainerRegIntegration with the provided name and data.
Basic usage: Create a Docker Hub integration
client, err := api.NewClient("account") if err != nil { return err } docker := api.NewContainerRegIntegration("foo", api.ContainerRegData{ Credentials: api.ContainerRegCreds { Username: "techally", Password: "secret", }, RegistryType: api.DockerHubRegistry.String(), RegistryDomain: "index.docker.io", LimitByTag: "*", LimitByLabel: "*", LimitNumImg: "5", }, ) client.Integrations.CreateContainerRegistry(docker)
func NewDockerHubRegistryIntegration ¶ added in v0.2.1
func NewDockerHubRegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration
func NewDockerV2RegistryIntegration ¶ added in v0.2.1
func NewDockerV2RegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration
func NewGcrRegistryIntegration ¶ added in v0.2.1
func NewGcrRegistryIntegration(name string, data ContainerRegData) ContainerRegIntegration
func (ContainerRegIntegration) StateString ¶ added in v0.1.9
func (c ContainerRegIntegration) StateString() string
type ContainerVulnerability ¶ added in v0.7.0
type ContainerVulnerability struct { Name string `json:"name"` Description string `json:"description"` Severity string `json:"severity"` Link string `json:"link"` FixVersion string `json:"fix_version"` Metadata map[string]interface{} `json:"metadata"` }
func (*ContainerVulnerability) CVSSv2Score ¶ added in v0.7.0
func (v *ContainerVulnerability) CVSSv2Score() float64
func (*ContainerVulnerability) CVSSv3Score ¶ added in v0.7.0
func (v *ContainerVulnerability) CVSSv3Score() float64
type ContainerVulnerabilityService ¶ added in v0.2.0
type ContainerVulnerabilityService struct {
// contains filtered or unexported fields
}
ContainerVulnerabilityService is a service that interacts with the vulnerabilities endpoints for the container space from the Lacework Server
func (*ContainerVulnerabilityService) AssessmentFromImageDigest ¶ added in v0.2.0
func (svc *ContainerVulnerabilityService) AssessmentFromImageDigest(imageDigest string) ( response VulnContainerAssessmentResponse, err error, )
ListAssessments leverages ListAssessmentsDateRange and returns a list of assessments from the last 7 days
func (*ContainerVulnerabilityService) AssessmentFromImageID ¶ added in v0.2.0
func (svc *ContainerVulnerabilityService) AssessmentFromImageID(imageID string) ( response VulnContainerAssessmentResponse, err error, )
func (*ContainerVulnerabilityService) ListAssessments ¶ added in v0.2.0
func (svc *ContainerVulnerabilityService) ListAssessments() (VulnContainerAssessmentsResponse, error)
ListAssessments leverages ListAssessmentsDateRange and returns a list of assessments from the last 7 days
func (*ContainerVulnerabilityService) ListAssessmentsDateRange ¶ added in v0.2.0
func (svc *ContainerVulnerabilityService) ListAssessmentsDateRange(start, end time.Time) ( response VulnContainerAssessmentsResponse, err error, )
ListAssessmentsDateRange returns a list of container assessments during the specified date range
func (*ContainerVulnerabilityService) Scan ¶ added in v0.2.0
func (svc *ContainerVulnerabilityService) Scan(registry, repository, tagOrHash string) ( response vulnContainerScanResponse, err error, )
Scan triggers a container vulnerability scan to the provider registry, repository, and tag provided. This function calls the underlaying API endpoint that assumes that the container repository has been already integrated with the platform.
func (*ContainerVulnerabilityService) ScanStatus ¶ added in v0.2.0
func (svc *ContainerVulnerabilityService) ScanStatus(requestID string) ( response vulnContainerScanStatusResponse, err error, )
type DatadogAlertChannel ¶ added in v0.2.18
type DatadogAlertChannel struct { Data DatadogChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewDatadogAlertChannel ¶ added in v0.2.18
func NewDatadogAlertChannel(name string, data DatadogChannelData) DatadogAlertChannel
NewDatadogAlertChannel returns an instance of DatadogAlertChannel with the provided name and data.
Basic usage: Initialize a new DatadogAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } datadog := api.NewDatadogAlertChannel("foo", api.DatadogChannelData{ DatadogSite: api.DatadogSiteEu, DatadogService: api.DatadogServiceEventsSummary, ApiKey: "datadog-key", }, ) client.Integrations.CreateDatadogAlertChannel(datadogChannel)
func (DatadogAlertChannel) StateString ¶ added in v0.2.18
func (c DatadogAlertChannel) StateString() string
type DatadogAlertChannelResponse ¶ added in v0.2.18
type DatadogAlertChannelResponse struct { Data []DatadogAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type DatadogChannelData ¶ added in v0.2.18
type DatadogChannelData struct { DatadogSite datadogSite `json:"DATADOG_SITE,omitempty" mapstructure:"DATADOG_SITE"` DatadogService datadogService `json:"DATADOG_TYPE,omitempty" mapstructure:"DATADOG_TYPE"` ApiKey string `json:"API_KEY" mapstructure:"API_KEY"` }
type Event ¶ added in v0.1.6
type Event struct { EventID string `json:"event_id"` EventType string `json:"event_type"` Severity string `json:"severity"` StartTime time.Time `json:"start_time"` EndTime time.Time `json:"end_time"` }
func (*Event) SeverityString ¶ added in v0.1.6
type EventAPIEntity ¶ added in v0.1.11
type EventApplicationEntity ¶ added in v0.1.11
type EventCTUserEntity ¶ added in v0.1.11
type EventContainerEntity ¶ added in v0.1.11
type EventContainerEntity struct { ImageRepo string `json:"image_repo"` ImageTag string `json:"image_tag"` HasExternalConns int32 `json:"has_external_conns"` IsClient int32 `json:"is_client"` IsServer int32 `json:"is_server"` FirstSeenTime time.Time `json:"first_seen_time"` PodNamespace string `json:"pod_namespace"` PodIpAddr string `json:"pod_ip_addr"` }
type EventCustomRuleEntity ¶ added in v0.1.11
type EventDetails ¶ added in v0.1.6
type EventDetailsResponse ¶ added in v0.1.6
type EventDetailsResponse struct {
Events []EventDetails `json:"data"`
}
type EventDnsNameEntity ¶ added in v0.1.11
type EventEntityMap ¶ added in v0.1.6
type EventEntityMap struct { User []EventUserEntity `json:"user,omitempty"` Application []EventApplicationEntity `json:"application,omitempty"` Machine []EventMachineEntity `json:"machine,omitempty"` Container []EventContainerEntity `json:"container,omitempty"` DnsName []EventDnsNameEntity `json:"DnsName,omitempty"` // @afiune not in standard IpAddress []EventIpAddressEntity `json:"IpAddress,omitempty"` // @afiune not in standard Process []EventProcessEntity `json:"process,omitempty"` FileDataHash []EventFileDataHashEntity `json:"FileDataHash,omitempty"` // @afiune not in standard FileExePath []EventFileExePathEntity `json:"FileExePath,omitempty"` // @afiune not in standard SourceIpAddress []EventSourceIpAddressEntity `json:"SourceIpAddress,omitempty"` // @afiune not in standard API []EventAPIEntity `json:"api,omitempty"` Region []EventRegionEntity `json:"region,omitempty"` CTUser []EventCTUserEntity `json:"ct_user,omitempty"` Resource []EventResourceEntity `json:"resource,omitempty"` RecID []EventRecIDEntity `json:"RecId,omitempty"` // @afiune not in standard CustomRule []EventCustomRuleEntity `json:"CustomRule,omitempty"` // @afiune not in standard NewViolation []EventNewViolationEntity `json:"NewViolation,omitempty"` // @afiune not in standard ViolationReason []EventViolationReasonEntity `json:"ViolationReason,omitempty"` // @afiune not in standard }
type EventFileDataHashEntity ¶ added in v0.1.11
type EventFileExePathEntity ¶ added in v0.1.11
type EventFileExePathEntity struct { ExePath string `json:"exe_path"` FirstSeenTime time.Time `json:"first_seen_time"` LastFiledataHash string `json:"last_filedata_hash"` LastPackageName string `json:"last_package_name"` LastVersion string `json:"last_version"` LastFileOwner string `json:"last_file_owner"` }
type EventIpAddressEntity ¶ added in v0.1.11
type EventIpAddressEntity struct { IpAddress string `json:"ip_address"` TotalInBytes float32 `json:"total_in_bytes"` TotalOutBytes float32 `json:"total_out_bytes"` ThreatTags string `json:"threat_tags"` ThreatSource []interface{} `json:"threat_source"` // @afiune this field could be anything... Country string `json:"country"` Region string `json:"region"` PortList []int32 `json:"port_list"` FirstSeenTime time.Time `json:"first_seen_time"` }
type EventMachineEntity ¶ added in v0.1.11
type EventNewViolationEntity ¶ added in v0.1.11
type EventProcessEntity ¶ added in v0.1.11
type EventRecIDEntity ¶ added in v0.1.11
type EventRegionEntity ¶ added in v0.1.11
type EventResourceEntity ¶ added in v0.1.11
type EventResourceEntity struct { Name string `json:"name"` // @afiune the API documentation says this field is a string, but there are // many events that has this field as a number, boolean, etc. :sadpanda: Value interface{} `json:"value"` }
type EventSourceIpAddressEntity ¶ added in v0.1.11
type EventUserEntity ¶ added in v0.1.11
type EventViolationReasonEntity ¶ added in v0.1.11
type EventsCount ¶ added in v0.1.6
type EventsResponse ¶ added in v0.1.6
type EventsResponse struct {
Events []Event `json:"data"`
}
func (*EventsResponse) GetEventsCount ¶ added in v0.1.6
func (er *EventsResponse) GetEventsCount() EventsCount
type EventsService ¶ added in v0.1.6
type EventsService struct {
// contains filtered or unexported fields
}
EventsService is a service that interacts with the Events endpoints from the Lacework Server
func (*EventsService) Details ¶ added in v0.1.6
func (svc *EventsService) Details(eventID string) (response EventDetailsResponse, err error)
Details returns details about the specified event_id
func (*EventsService) List ¶ added in v0.1.6
func (svc *EventsService) List() (EventsResponse, error)
List leverages ListDateRange and returns a list of events from the last 7 days
func (*EventsService) ListDateRange ¶ added in v0.1.21
func (svc *EventsService) ListDateRange(start, end time.Time) ( response EventsResponse, err error, )
ListDateRange returns a list of Lacework events during the specified date range
Requirements and specifications: * The dates format should be: yyyy-MM-ddTHH:mm:ssZ (example 2019-07-11T21:11:00Z) * The START_TIME and END_TIME must be specified in UTC * The difference between the START_TIME and END_TIME must not be greater than 7 days * The START_TIME must be less than or equal to three months from current date * The number of records produced is limited to 5000
type GcpCredentials ¶
type GcpIntegration ¶
type GcpIntegration struct { Data GcpIntegrationData `json:"DATA"` // contains filtered or unexported fields }
func NewGcpAuditLogIntegration ¶
func NewGcpAuditLogIntegration(name string, data GcpIntegrationData) GcpIntegration
NewGcpAuditLogIntegration returns an instance of GcpIntegration of type GCP_AT_SES
func NewGcpCfgIntegration ¶
func NewGcpCfgIntegration(name string, data GcpIntegrationData) GcpIntegration
NewGcpCfgIntegration returns an instance of GcpIntegration of type GCP_CFG
func NewGcpIntegration ¶
func NewGcpIntegration(name string, iType integrationType, data GcpIntegrationData) GcpIntegration
NewGcpIntegration returns an instance of GcpIntegration with the provided integration type, name and data. The type can only be GcpCfgIntegration or GcpAuditLogIntegration
Basic usage: Initialize a new GcpIntegration struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } gcp := api.NewGcpIntegration("abc", api.GcpCfgIntegration, api.GcpIntegrationData{ ID: "1234", IDType: api.GcpProjectIntegration.String(), Credentials: api.GcpCredentials{ ClientID: "id", ClientEmail: "email", PrivateKeyID: "key_id", PrivateKey: "key", }, }, ) client.Integrations.CreateGcp(gcp)
func (GcpIntegration) StateString ¶ added in v0.1.7
func (c GcpIntegration) StateString() string
type GcpIntegrationData ¶
type GcpIntegrationData struct { ID string `json:"ID"` IDType string `json:"ID_TYPE" mapstructure:"ID_TYPE"` Credentials GcpCredentials `json:"CREDENTIALS" mapstructure:"CREDENTIALS"` // SubscriptionName is a field that exists and is required for the GCP_AT_SES // integration, though, it doesn't exist for GCP_CFG integrations, that's why // we omit it if empty SubscriptionName string `json:"SUBSCRIPTION_NAME,omitempty" mapstructure:"SUBSCRIPTION_NAME"` }
type GcpIntegrationsResponse ¶
type GcpIntegrationsResponse struct { Data []GcpIntegration `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type GcpPubSubAlertChannel ¶ added in v0.2.15
type GcpPubSubAlertChannel struct { Data GcpPubSubChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewGcpPubSubAlertChannel ¶ added in v0.2.15
func NewGcpPubSubAlertChannel(name string, data GcpPubSubChannelData) GcpPubSubAlertChannel
NewGcpPubSubAlertChannel returns an instance of GcpPubSubAlertChannel with the provided name and data.
Basic usage: Initialize a new GcpPubSubAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } gcpPubSubChannel := api.NewGcpPubSubAlertChannel("foo", api.GcpPubSubChannelData{ ProjectID: "my-sample-project-191923", TopicID: "mytopic", IssueGrouping: "Resources", Credentials: api.GcpCredentials{ ClientID: "client_id", ClientEmail: "foo@example.iam.gserviceaccount.com", PrivateKey: "priv_key", PrivateKeyID: "p_key_id", }, }, ) client.Integrations.CreateGcpPubSubAlertChannel(gcpPubSubChannel)
func (GcpPubSubAlertChannel) StateString ¶ added in v0.2.15
func (c GcpPubSubAlertChannel) StateString() string
type GcpPubSubAlertChannelResponse ¶ added in v0.2.15
type GcpPubSubAlertChannelResponse struct { Data []GcpPubSubAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type GcpPubSubChannelData ¶ added in v0.2.15
type GcpPubSubChannelData struct { ProjectID string `json:"PROJECT_ID" mapstructure:"PROJECT_ID"` TopicID string `json:"TOPIC_ID" mapstructure:"TOPIC_ID"` IssueGrouping string `json:"ISSUE_GROUPING,omitempty" mapstructure:"ISSUE_GROUPING"` Credentials GcpCredentials `json:"CREDENTIALS" mapstructure:"CREDENTIALS"` }
type HostScanPackageVulnDetails ¶ added in v0.2.2
type HostScanPackageVulnDetails struct { CVEProps struct { CveBatchID string `json:"cve_batch_id"` Description string `json:"description"` Link string `json:"link"` Metadata struct { NVD struct { CVSSv2 struct { PublishedDateTime string `json:"PublishedDateTime"` Score float64 `json:"Score"` Vectors string `json:"Vectors"` } `json:"CVSSv2"` CVSSv3 struct { ExploitabilityScore float64 `json:"ExploitabilityScore"` ImpactScore float64 `json:"ImpactScore"` Score float64 `json:"Score"` Vectors string `json:"Vectors"` } `json:"CVSSv3"` } `json:"NVD"` } `json:"metadata"` } `json:"CVE_PROPS"` FeatureKey struct { Name string `json:"name"` Namespace string `json:"namespace"` } `json:"FEATURE_KEY"` FixInfo HostScanPackageVulnFixInfo `json:"FIX_INFO"` OsPkgInfo struct { Namespace string `json:"namespace"` Os string `json:"os"` OsVer string `json:"os_ver"` Pkg string `json:"pkg"` PkgVer string `json:"pkg_ver"` VersionFormat string `json:"version_format"` } `json:"OS_PKG_INFO"` Props struct { EvalAlgo string `json:"eval_algo"` } `json:"PROPS"` Severity string `json:"SEVERITY"` Summary struct { EvalCreatedTime string `json:"eval_created_time"` EvalStatus string `json:"eval_status"` NumFixableVuln int `json:"num_fixable_vuln"` NumFixableVulnBySeverity struct { Num1 int `json:"1"` Num2 int `json:"2"` Num3 int `json:"3"` Num4 int `json:"4"` Num5 int `json:"5"` } `json:"num_fixable_vuln_by_severity"` NumTotal int `json:"num_total"` NumVuln int `json:"num_vuln"` NumVulnBySeverity struct { Num1 int `json:"1"` Num2 int `json:"2"` Num3 int `json:"3"` Num4 int `json:"4"` Num5 int `json:"5"` } `json:"num_vuln_by_severity"` } `json:"SUMMARY"` VulnID string `json:"VULN_ID"` }
func (*HostScanPackageVulnDetails) HasFix ¶ added in v0.2.10
func (v *HostScanPackageVulnDetails) HasFix() bool
func (*HostScanPackageVulnDetails) Match ¶ added in v0.2.10
func (v *HostScanPackageVulnDetails) Match() bool
func (*HostScanPackageVulnDetails) ScoreString ¶ added in v0.2.2
func (scanPkg *HostScanPackageVulnDetails) ScoreString() string
type HostScanPackageVulnFixInfo ¶ added in v0.4.0
type HostScanPackageVulnFixInfo struct { CompareResult int `json:"compare_result"` EvalStatus string `json:"eval_status"` FixAvailable int `json:"fix_available"` FixedVersion string `json:"fixed_version"` FixedVersionComparisonInfos []struct { CurrFixVer string `json:"curr_fix_ver"` IsCurrFixVerGreaterThanOtherFixVer string `json:"is_curr_fix_ver_greater_than_other_fix_ver"` OtherFixVer string `json:"other_fix_ver"` } `json:"fixed_version_comparison_infos"` FixedVersionComparisonScore int `json:"fixed_version_comparison_score"` MaxPrefixMatchingLenScore int `json:"max_prefix_matching_len_score"` VersionInstalled string `json:"version_installed"` }
type HostVulnCVE ¶ added in v0.2.0
type HostVulnCVE struct { ID string `json:"cve_id"` Packages []HostVulnPackage `json:"packages"` Summary HostVulnCveSummary `json:"summary"` }
type HostVulnCounts ¶ added in v0.2.0
type HostVulnCounts struct { Critical int32 CritFixable int32 High int32 HighFixable int32 Medium int32 MedFixable int32 Low int32 LowFixable int32 Info int32 InfoFixable int32 Total int32 TotalFixable int32 }
func (*HostVulnCounts) HighestFixableSeverity ¶ added in v0.4.0
func (h *HostVulnCounts) HighestFixableSeverity() string
HighestFixableSeverity returns the highest fixable severity level vulnerability
func (*HostVulnCounts) HighestSeverity ¶ added in v0.4.0
func (h *HostVulnCounts) HighestSeverity() string
HighestSeverity returns the highest severity level vulnerability
func (*HostVulnCounts) TotalFixableVulnerabilities ¶ added in v0.4.0
func (h *HostVulnCounts) TotalFixableVulnerabilities() int32
TotalFixableVulnerabilities returns the total number of vulnerabilities that have a fix available
type HostVulnCveSummary ¶ added in v0.2.0
type HostVulnCveSummary struct { Severity HostVulnSeverityCounts `json:"severity"` TotalVulnerabilities int `json:"total_vulnerabilities"` LastEvaluationTime Json16DigitTime `json:"last_evaluation_time"` }
type HostVulnDetail ¶ added in v0.2.0
type HostVulnDetail struct { Details hostVulnHostDetail `json:"host"` Packages []HostVulnPackage `json:"packages"` Summary HostVulnCveSummary `json:"summary"` }
type HostVulnHostAssessment ¶ added in v0.2.0
type HostVulnHostAssessment struct { Host hostVulnHostDetail `json:"host"` CVEs []HostVulnCVE `json:"vulnerabilities"` }
func (*HostVulnHostAssessment) VulnerabilityCounts ¶ added in v0.2.0
func (assessment *HostVulnHostAssessment) VulnerabilityCounts() HostVulnCounts
type HostVulnPackage ¶ added in v0.2.0
type HostVulnPackage struct { Name string `json:"name"` Namespace string `json:"namespace"` Severity string `json:"severity"` Status string `json:"status,omitempty"` VulnerabilityStatus string `json:"vulnerability_status,omitempty"` Version string `json:"version"` HostCount string `json:"host_count"` PackageStatus string `json:"package_status"` CveLink string `json:"cve_link"` CvssScore string `json:"cvss_score"` CvssV2Score string `json:"cvss_v_2_score"` CvssV3Score string `json:"cvss_v_3_score"` //FirstSeenTime time.Time `json:"first_seen_time"` FixAvailable string `json:"fix_available"` FixedVersion string `json:"fixed_version"` }
type HostVulnScanPkgManifestResponse ¶ added in v0.2.3
type HostVulnScanPkgManifestResponse struct { Vulns []HostScanPackageVulnDetails `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
func (*HostVulnScanPkgManifestResponse) CleanResponse ¶ added in v0.2.10
func (scanPkgManifest *HostVulnScanPkgManifestResponse) CleanResponse()
CleanResponse will go over all the vulnerabilities from a package-manifest scan and remove the non-matching ones, leaving only the vulnerabilities that matter
func (*HostVulnScanPkgManifestResponse) VulnerabilityCounts ¶ added in v0.2.3
func (scanPkgManifest *HostVulnScanPkgManifestResponse) VulnerabilityCounts() HostVulnCounts
type HostVulnSeverityCounts ¶ added in v0.2.0
type HostVulnSeverityCounts struct { Critical *HostVulnSeverityCountsDetails `json:"Critical"` High *HostVulnSeverityCountsDetails `json:"High"` Medium *HostVulnSeverityCountsDetails `json:"Medium"` Low *HostVulnSeverityCountsDetails `json:"Low"` Info *HostVulnSeverityCountsDetails `json:"Info"` }
func (*HostVulnSeverityCounts) VulnerabilityCounts ¶ added in v0.2.0
func (counts *HostVulnSeverityCounts) VulnerabilityCounts() HostVulnCounts
type HostVulnSeverityCountsDetails ¶ added in v0.4.0
type HostVulnerabilityService ¶ added in v0.2.0
type HostVulnerabilityService struct {
// contains filtered or unexported fields
}
HostVulnerabilityService is a service that interacts with the vulnerabilities endpoints for the host space from the Lacework Server
func (*HostVulnerabilityService) GetHostAssessment ¶ added in v0.2.0
func (svc *HostVulnerabilityService) GetHostAssessment(id string) ( response hostVulnHostResponse, err error, )
func (*HostVulnerabilityService) ListCves ¶ added in v0.2.0
func (svc *HostVulnerabilityService) ListCves() ( response hostVulnListCvesResponse, err error, )
func (*HostVulnerabilityService) ListHostsWithCVE ¶ added in v0.2.0
func (svc *HostVulnerabilityService) ListHostsWithCVE(id string) ( response hostVulnListHostsResponse, err error, )
func (*HostVulnerabilityService) Scan ¶ added in v0.2.0
func (svc *HostVulnerabilityService) Scan(manifest *PackageManifest) ( response HostVulnScanPkgManifestResponse, err error, )
Scan requests an on-demand vulnerability assessment of your software packages to determine if the packages contain any common vulnerabilities and exposures
NOTE: Only packages managed by a package manager for supported OS's are reported
type IntegrationState ¶ added in v0.1.6
type IntegrationsService ¶
type IntegrationsService struct {
// contains filtered or unexported fields
}
IntegrationsService is a service that interacts with the integrations endpoints from the Lacework Server
func (*IntegrationsService) CreateAws ¶
func (svc *IntegrationsService) CreateAws(integration AwsIntegration) ( response AwsIntegrationsResponse, err error, )
CreateAws creates a single AWS integration on the Lacework Server
func (*IntegrationsService) CreateAwsCloudWatchAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) CreateAwsCloudWatchAlertChannel(integration AwsCloudWatchAlertChannel) ( response AwsCloudWatchResponse, err error, )
CreateAwsCloudWatchAlertChannel creates a AWS CloudWatch alert channel on the Lacework Server
func (*IntegrationsService) CreateAwsEcrWithAccessKey ¶ added in v0.2.22
func (svc *IntegrationsService) CreateAwsEcrWithAccessKey(integration AwsEcrWithAccessKeyIntegration) ( response AwsEcrWithAccessKeyIntegrationResponse, err error, )
CreateAwsEcrWithAccessKey creates an AWS_ECR integration using an AWS Access Key as authenticatin method to access the registry
func (*IntegrationsService) CreateAwsEcrWithCrossAccount ¶ added in v0.2.22
func (svc *IntegrationsService) CreateAwsEcrWithCrossAccount(integration AwsEcrWithCrossAccountIntegration) ( response AwsEcrWithCrossAccountIntegrationResponse, err error, )
CreateAwsEcrWithCrossAccount creates an AWS_ECR integration using an IAM Role as authenticatin method to access the registry
func (*IntegrationsService) CreateAwsS3AlertChannel ¶ added in v0.2.12
func (svc *IntegrationsService) CreateAwsS3AlertChannel(integration AwsS3AlertChannel) ( response AwsS3AlertChannelResponse, err error, )
CreateAwsS3AlertChannel creates an AWS_S3 alert channel integration on the Lacework Server
func (*IntegrationsService) CreateAzure ¶
func (svc *IntegrationsService) CreateAzure(integration AzureIntegration) ( response AzureIntegrationsResponse, err error, )
CreateAzure creates a single Azure integration on the Lacework Server
func (*IntegrationsService) CreateCiscoWebexAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) CreateCiscoWebexAlertChannel(integration CiscoWebexAlertChannel) ( response CiscoWebexAlertChannelResponse, err error, )
CreateCiscoWebexAlertChannel creates a ciscoWebex alert channel integration on the Lacework Server
func (*IntegrationsService) CreateContainerRegistry ¶ added in v0.1.9
func (svc *IntegrationsService) CreateContainerRegistry(integration ContainerRegIntegration) ( response ContainerRegIntResponse, err error, )
CreateContainerRegistry creates a container registry integration on the Lacework Server
func (*IntegrationsService) CreateDatadogAlertChannel ¶ added in v0.2.18
func (svc *IntegrationsService) CreateDatadogAlertChannel(integration DatadogAlertChannel) ( response DatadogAlertChannelResponse, err error, )
CreateDatadogAlertChannel creates a datadog alert channel integration on the Lacework Server
func (*IntegrationsService) CreateGcp ¶
func (svc *IntegrationsService) CreateGcp(data GcpIntegration) ( response GcpIntegrationsResponse, err error, )
CreateGcp creates a single Gcp integration on the Lacework Server
func (*IntegrationsService) CreateGcpPubSubAlertChannel ¶ added in v0.2.15
func (svc *IntegrationsService) CreateGcpPubSubAlertChannel(integration GcpPubSubAlertChannel) ( response GcpPubSubAlertChannelResponse, err error, )
CreateGcpPubSubAlertChannel creates an GCP_PUBSUB alert channel integration on the Lacework Server
func (*IntegrationsService) CreateJiraAlertChannel ¶ added in v0.1.24
func (svc *IntegrationsService) CreateJiraAlertChannel(integration JiraAlertChannel) ( response JiraAlertChannelResponse, err error, )
CreateJiraAlertChannel creates a jira alert channel integration on the Lacework Server
func (*IntegrationsService) CreateMicrosoftTeamsAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) CreateMicrosoftTeamsAlertChannel(integration MicrosoftTeamsAlertChannel) ( response MicrosoftTeamsAlertChannelResponse, err error, )
CreateMicrosoftTeamsAlertChannel creates a msTeams alert channel integration on the Lacework Server
func (*IntegrationsService) CreateNewRelicAlertChannel ¶ added in v0.2.20
func (svc *IntegrationsService) CreateNewRelicAlertChannel(integration NewRelicAlertChannel) ( response NewRelicAlertChannelResponse, err error, )
CreateNewRelicAlertChannel creates an NEW_RELIC_INSIGHTS alert channel integration on the Lacework Server
func (*IntegrationsService) CreatePagerDutyAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) CreatePagerDutyAlertChannel(integration PagerDutyAlertChannel) ( response PagerDutyAlertChannelResponse, err error, )
CreatePagerDutyAlertChannel creates a pager duty alert channel integration on the Lacework Server
func (*IntegrationsService) CreateQRadarAlertChannel ¶ added in v0.2.20
func (svc *IntegrationsService) CreateQRadarAlertChannel(integration QRadarAlertChannel) ( response QRadarAlertChannelResponse, err error, )
CreateQRadarAlertChannel creates a qradar alert channel integration on the Lacework Server
func (*IntegrationsService) CreateServiceNowAlertChannel ¶ added in v0.2.16
func (svc *IntegrationsService) CreateServiceNowAlertChannel(integration ServiceNowAlertChannel) ( response ServiceNowAlertChannelResponse, err error, )
CreateServiceNowAlertChannel creates a serviceNow alert channel integration on the Lacework Server
func (*IntegrationsService) CreateSlackAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) CreateSlackAlertChannel(integration SlackAlertChannel) ( response SlackAlertChannelResponse, err error, )
CreateSlackAlertChannel creates a slack alert channel integration on the Lacework Server
func (*IntegrationsService) CreateSplunkAlertChannel ¶ added in v0.2.14
func (svc *IntegrationsService) CreateSplunkAlertChannel(integration SplunkAlertChannel) ( response SplunkAlertChannelResponse, err error, )
CreateSplunkAlertChannel creates a splunk alert channel integration on the Lacework Server
func (*IntegrationsService) CreateVictorOpsAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) CreateVictorOpsAlertChannel(integration VictorOpsAlertChannel) ( response VictorOpsAlertChannelResponse, err error, )
CreateVictorOpsAlertChannel creates a datadog alert channel integration on the Lacework Server
func (*IntegrationsService) CreateWebhookAlertChannel ¶ added in v0.2.11
func (svc *IntegrationsService) CreateWebhookAlertChannel(integration WebhookAlertChannel) ( response WebhookAlertChannelResponse, err error, )
CreateWebhookAlertChannel creates a webhook alert channel integration on the Lacework Server
func (*IntegrationsService) Delete ¶
func (svc *IntegrationsService) Delete(guid string) ( response RawIntegrationsResponse, err error, )
Delete deletes a single integration matching the integration guid on the Lacework Server the returned integration contains the 'Data' field raw (map of interfaces)
func (*IntegrationsService) DeleteAws ¶
func (svc *IntegrationsService) DeleteAws(guid string) ( response AwsIntegrationsResponse, err error, )
DeleteAws deletes a single AWS integration matching the integration guid on the Lacework Server
func (*IntegrationsService) DeleteAzure ¶
func (svc *IntegrationsService) DeleteAzure(guid string) ( response AzureIntegrationsResponse, err error, )
DeleteAzure deletes a single Azure integration matching the integration on the Lacework Server
func (*IntegrationsService) DeleteGcp ¶
func (svc *IntegrationsService) DeleteGcp(guid string) ( response GcpIntegrationsResponse, err error, )
DeleteGcp deletes a single Gcp integration matching the integration guid on the Lacework Server
func (*IntegrationsService) Get ¶
func (svc *IntegrationsService) Get(guid string) ( response RawIntegrationsResponse, err error, )
Get gets a single integration matching the integration guid on the Lacework Server, the returned integration contains the 'Data' field raw (map of interfaces)
func (*IntegrationsService) GetAws ¶
func (svc *IntegrationsService) GetAws(guid string) ( response AwsIntegrationsResponse, err error, )
GetAws gets a single AWS integration matching the integration guid on the Lacework Server
func (*IntegrationsService) GetAwsCloudWatchAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) GetAwsCloudWatchAlertChannel(guid string) ( response AwsCloudWatchResponse, err error, )
GetAwsCloudWatchAlertChannel gets a AWS CloudWatch alert channel that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetAwsEcrWithAccessKey ¶ added in v0.2.22
func (svc *IntegrationsService) GetAwsEcrWithAccessKey(guid string) ( response AwsEcrWithAccessKeyIntegrationResponse, err error, )
GetAwsEcrWithAccessKey gets an AWS_ECR integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetAwsEcrWithCrossAccount ¶ added in v0.2.22
func (svc *IntegrationsService) GetAwsEcrWithCrossAccount(guid string) ( response AwsEcrWithCrossAccountIntegrationResponse, err error, )
GetAwsEcrWithCrossAccount gets an AWS_ECR integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetAwsS3AlertChannel ¶ added in v0.2.12
func (svc *IntegrationsService) GetAwsS3AlertChannel(guid string) ( response AwsS3AlertChannelResponse, err error, )
GetAwsS3AlertChannel gets an AWS_S3 alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetAzure ¶
func (svc *IntegrationsService) GetAzure(guid string) ( response AzureIntegrationsResponse, err error, )
GetAzure gets a single Azure integration matching the integration guid on the Lacework Server
func (*IntegrationsService) GetCiscoWebexAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) GetCiscoWebexAlertChannel(guid string) (response CiscoWebexAlertChannelResponse, err error)
GetCiscoWebexAlertChannel gets a ciscoWebex alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetContainerRegistry ¶ added in v0.1.22
func (svc *IntegrationsService) GetContainerRegistry(guid string) ( response ContainerRegIntResponse, err error, )
GetContainerRegistry gets a container registry integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetDatadogAlertChannel ¶ added in v0.2.18
func (svc *IntegrationsService) GetDatadogAlertChannel(guid string) (response DatadogAlertChannelResponse, err error)
GetDatadogAlertChannel gets a datadog alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetGcp ¶
func (svc *IntegrationsService) GetGcp(guid string) ( response GcpIntegrationsResponse, err error, )
GetGcp gets a single Gcp integration matching the integration guid on the Lacework Server
func (*IntegrationsService) GetGcpPubSubAlertChannel ¶ added in v0.2.15
func (svc *IntegrationsService) GetGcpPubSubAlertChannel(guid string) ( response GcpPubSubAlertChannelResponse, err error, )
GetGcpPubSubAlertChannel gets an GCP_PUBSUB alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetJiraAlertChannel ¶ added in v0.1.24
func (svc *IntegrationsService) GetJiraAlertChannel(guid string) ( response JiraAlertChannelResponse, err error, )
GetJiraAlertChannel gets a jira alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetMicrosoftTeamsAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) GetMicrosoftTeamsAlertChannel(guid string) (response MicrosoftTeamsAlertChannelResponse, err error)
GetMicrosoftTeamsAlertChannel gets a msTeams alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetNewRelicAlertChannel ¶ added in v0.2.20
func (svc *IntegrationsService) GetNewRelicAlertChannel(guid string) ( response NewRelicAlertChannelResponse, err error, )
GetNewRelicAlertChannel gets an NEW_RELIC_INSIGHTS alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetPagerDutyAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) GetPagerDutyAlertChannel(guid string) ( response PagerDutyAlertChannelResponse, err error, )
GetPagerDutyAlertChannel gets a pager duty alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetQRadarAlertChannel ¶ added in v0.2.20
func (svc *IntegrationsService) GetQRadarAlertChannel(guid string) (response QRadarAlertChannelResponse, err error)
GetQRadarAlertChannel gets a qradar alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetSchema ¶
func (svc *IntegrationsService) GetSchema(iType integrationType) ( response map[string]interface{}, err error, )
GetSchema get the integration schema for the provided integration type
func (*IntegrationsService) GetServiceNowAlertChannel ¶ added in v0.2.16
func (svc *IntegrationsService) GetServiceNowAlertChannel(guid string) (response ServiceNowAlertChannelResponse, err error)
GetServiceNowAlertChannel gets a serviceNow alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetSlackAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) GetSlackAlertChannel(guid string) ( response SlackAlertChannelResponse, err error, )
GetSlackAlertChannel gets a slack alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetSplunkAlertChannel ¶ added in v0.2.14
func (svc *IntegrationsService) GetSplunkAlertChannel(guid string) (response SplunkAlertChannelResponse, err error)
GetSplunkAlertChannel gets a splunk alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetVictorOpsAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) GetVictorOpsAlertChannel(guid string) (response VictorOpsAlertChannelResponse, err error)
GetVictorOpsAlertChannel gets a datadog alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) GetWebhookAlertChannel ¶ added in v0.2.11
func (svc *IntegrationsService) GetWebhookAlertChannel(guid string) (response WebhookAlertChannelResponse, err error)
GetWebhookAlertChannel gets a webhook alert channel integration that matches with the provided integration guid on the Lacework Server
func (*IntegrationsService) List ¶
func (svc *IntegrationsService) List() (response RawIntegrationsResponse, err error)
List lists the external integrations available on the Lacework Server
func (*IntegrationsService) ListAwsCfg ¶
func (svc *IntegrationsService) ListAwsCfg() (response AwsIntegrationsResponse, err error)
ListAwsCfg lists the AWS_CFG external integrations available on the Lacework Server
func (*IntegrationsService) ListAwsCloudTrail ¶
func (svc *IntegrationsService) ListAwsCloudTrail() (response AwsIntegrationsResponse, err error)
ListAwsCloudTrail lists the AWS_CT_SQS external integrations available on the Lacework Server
func (*IntegrationsService) ListAwsCloudWatchAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) ListAwsCloudWatchAlertChannel() (response AwsCloudWatchResponse, err error)
ListAwsCloudWatchAlertChannel lists the CLOUDWATCH_EB external integrations available on the Lacework Server
func (*IntegrationsService) ListAwsS3AlertChannel ¶ added in v0.2.12
func (svc *IntegrationsService) ListAwsS3AlertChannel() (response AwsS3AlertChannelResponse, err error)
ListAwsS3AlertChannel lists the AWS_S3 external integrations available on the Lacework Server
func (*IntegrationsService) ListAzureActivityLog ¶
func (svc *IntegrationsService) ListAzureActivityLog() ( response AzureIntegrationsResponse, err error, )
ListAzureActivityLog lists the AZURE_AL_SEQ external integrations available on the Lacework Server
func (*IntegrationsService) ListAzureCfg ¶
func (svc *IntegrationsService) ListAzureCfg() ( response AzureIntegrationsResponse, err error, )
ListAzureCfg lists the AZURE_CFG external integrations available on the Lacework Server
func (*IntegrationsService) ListByType ¶
func (svc *IntegrationsService) ListByType(iType integrationType) (response RawIntegrationsResponse, err error)
ListByType lists the external integrations from the provided type that are available on the Lacework Server
func (*IntegrationsService) ListCiscoWebexAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) ListCiscoWebexAlertChannel() (response CiscoWebexAlertChannelResponse, err error)
ListCiscoWebexAlertChannel lists the WEBHOOK external integrationS available on the Lacework Server
func (*IntegrationsService) ListContainerRegistryIntegrations ¶ added in v0.3.0
func (svc *IntegrationsService) ListContainerRegistryIntegrations() (response ContainerRegIntResponse, err error)
ListContainerRegistryIntegrations lists the CONT_VULN_CFG external integrations available on the Lacework Server
func (*IntegrationsService) ListDatadogAlertChannel ¶ added in v0.2.18
func (svc *IntegrationsService) ListDatadogAlertChannel() (response DatadogAlertChannelResponse, err error)
ListDatadogAlertChannel lists the datadog alert channel integrations available on the Lacework Server
func (*IntegrationsService) ListGcpAuditLog ¶
func (svc *IntegrationsService) ListGcpAuditLog() (response GcpIntegrationsResponse, err error)
ListGcpAuditLog lists the GCP_AT_SES external integrations available on the Lacework Server
func (*IntegrationsService) ListGcpCfg ¶
func (svc *IntegrationsService) ListGcpCfg() (response GcpIntegrationsResponse, err error)
ListGcpCfg lists the GCP_CFG external integrations available on the Lacework Server
func (*IntegrationsService) ListGcpPubSubAlertChannel ¶ added in v0.2.15
func (svc *IntegrationsService) ListGcpPubSubAlertChannel() (response GcpPubSubAlertChannelResponse, err error)
ListGcpPubSubAlertChannel lists the GCP_PUBSUB external integrations available on the Lacework Server
func (*IntegrationsService) ListJiraAlertChannel ¶ added in v0.1.24
func (svc *IntegrationsService) ListJiraAlertChannel() (response JiraAlertChannelResponse, err error)
ListJiraAlertChannel lists the JIRA external integrations available on the Lacework Server
func (*IntegrationsService) ListMicrosoftTeamsAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) ListMicrosoftTeamsAlertChannel() (response MicrosoftTeamsAlertChannelResponse, err error)
ListMicrosoftTeamsAlertChannel lists the Microsoft Teams external integrations available on the Lacework Server
func (*IntegrationsService) ListNewRelicAlertChannel ¶ added in v0.2.20
func (svc *IntegrationsService) ListNewRelicAlertChannel() (response NewRelicAlertChannelResponse, err error)
ListNewRelicAlertChannel lists the NEW_RELIC_INSIGHTS external integrations available on the Lacework Server
func (*IntegrationsService) ListPagerDutyAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) ListPagerDutyAlertChannel() (response PagerDutyAlertChannelResponse, err error)
ListPagerDutyAlertChannel lists the PAGER_DUTY_API external integrations available on the Lacework Server
func (*IntegrationsService) ListQRadarAlertChannel ¶ added in v0.2.20
func (svc *IntegrationsService) ListQRadarAlertChannel() (response QRadarAlertChannelResponse, err error)
ListQRadarAlertChannel lists the qradar alert channel integrations available on the Lacework Server
func (*IntegrationsService) ListServiceNowAlertChannel ¶ added in v0.2.16
func (svc *IntegrationsService) ListServiceNowAlertChannel() (response ServiceNowAlertChannelResponse, err error)
ListServiceNowAlertChannel lists the serviceNow alert channel integrations available on the Lacework Server
func (*IntegrationsService) ListSlackAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) ListSlackAlertChannel() (response SlackAlertChannelResponse, err error)
ListSlackAlertChannel lists the SLACK_CHANNEL external integrations available on the Lacework Server
func (*IntegrationsService) ListSplunkAlertChannel ¶ added in v0.2.14
func (svc *IntegrationsService) ListSplunkAlertChannel() (response SplunkAlertChannelResponse, err error)
ListSplunkAlertChannel lists the splunk alert channel integrations available on the Lacework Server
func (*IntegrationsService) ListVictorOpsAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) ListVictorOpsAlertChannel() (response VictorOpsAlertChannelResponse, err error)
ListVictorOpsAlertChannel lists the datadog alert channel integrations available on the Lacework Server
func (*IntegrationsService) ListWebhookAlertChannel ¶ added in v0.2.11
func (svc *IntegrationsService) ListWebhookAlertChannel() (response WebhookAlertChannelResponse, err error)
ListWebhookAlertChannel lists the WEBHOOK external integrationS available on the Lacework Server
func (*IntegrationsService) UpdateAws ¶
func (svc *IntegrationsService) UpdateAws(data AwsIntegration) ( response AwsIntegrationsResponse, err error, )
UpdateAws updates a single AWS integration on the Lacework Server
func (*IntegrationsService) UpdateAwsCloudWatchAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) UpdateAwsCloudWatchAlertChannel(data AwsCloudWatchAlertChannel) ( response AwsCloudWatchResponse, err error, )
UpdateAwsCloudWatchAlertChannel updates a single AWS CloudWatch alert channel
func (*IntegrationsService) UpdateAwsEcrWithAccessKey ¶ added in v0.2.22
func (svc *IntegrationsService) UpdateAwsEcrWithAccessKey(integration AwsEcrWithAccessKeyIntegration) ( response AwsEcrWithAccessKeyIntegrationResponse, err error, )
UpdateAwsEcrWithAccessKey updates a single AWS_ECR integration
func (*IntegrationsService) UpdateAwsEcrWithCrossAccount ¶ added in v0.2.22
func (svc *IntegrationsService) UpdateAwsEcrWithCrossAccount(integration AwsEcrWithCrossAccountIntegration) ( response AwsEcrWithCrossAccountIntegrationResponse, err error, )
UpdateAwsEcrWithCrossAccount updates a single AWS_ECR integration
func (*IntegrationsService) UpdateAwsS3AlertChannel ¶ added in v0.2.12
func (svc *IntegrationsService) UpdateAwsS3AlertChannel(data AwsS3AlertChannel) ( response AwsS3AlertChannelResponse, err error, )
UpdateAwsS3AlertChannel updates a single AWS_S3 alert channel integration
func (*IntegrationsService) UpdateAzure ¶
func (svc *IntegrationsService) UpdateAzure(data AzureIntegration) ( response AzureIntegrationsResponse, err error, )
UpdateAzure updates a single Azure integration on the Lacework Server
func (*IntegrationsService) UpdateCiscoWebexAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) UpdateCiscoWebexAlertChannel(data CiscoWebexAlertChannel) ( response CiscoWebexAlertChannelResponse, err error, )
UpdateCiscoWebexAlertChannel updates a single ciscoWebex alert channel integration
func (*IntegrationsService) UpdateContainerRegistry ¶ added in v0.1.22
func (svc *IntegrationsService) UpdateContainerRegistry(integration ContainerRegIntegration) ( response ContainerRegIntResponse, err error, )
UpdateContainerRegistry updates a single container registry integration
func (*IntegrationsService) UpdateDatadogAlertChannel ¶ added in v0.2.18
func (svc *IntegrationsService) UpdateDatadogAlertChannel(data DatadogAlertChannel) ( response DatadogAlertChannelResponse, err error, )
UpdateDatadogAlertChannel updates a single datadog alert channel integration
func (*IntegrationsService) UpdateGcp ¶
func (svc *IntegrationsService) UpdateGcp(data GcpIntegration) ( response GcpIntegrationsResponse, err error, )
UpdateGcp updates a single Gcp integration on the Lacework Server
func (*IntegrationsService) UpdateGcpPubSubAlertChannel ¶ added in v0.2.15
func (svc *IntegrationsService) UpdateGcpPubSubAlertChannel(data GcpPubSubAlertChannel) ( response GcpPubSubAlertChannelResponse, err error, )
UpdateGcpPubSubAlertChannel updates a single GCP_PUBSUB alert channel integration
func (*IntegrationsService) UpdateJiraAlertChannel ¶ added in v0.1.24
func (svc *IntegrationsService) UpdateJiraAlertChannel(data JiraAlertChannel) ( response JiraAlertChannelResponse, err error, )
UpdateJiraAlertChannel updates a single jira alert channel integration
func (*IntegrationsService) UpdateMicrosoftTeamsAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) UpdateMicrosoftTeamsAlertChannel(data MicrosoftTeamsAlertChannel) ( response MicrosoftTeamsAlertChannelResponse, err error, )
UpdateMicrosoftTeamsAlertChannel updates a single msTeams alert channel integration
func (*IntegrationsService) UpdateNewRelicAlertChannel ¶ added in v0.2.20
func (svc *IntegrationsService) UpdateNewRelicAlertChannel(data NewRelicAlertChannel) ( response NewRelicAlertChannelResponse, err error, )
UpdateNewRelicAlertChannel updates a single NEW_RELIC_INSIGHTS alert channel integration
func (*IntegrationsService) UpdatePagerDutyAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) UpdatePagerDutyAlertChannel(data PagerDutyAlertChannel) ( response PagerDutyAlertChannelResponse, err error, )
UpdatePagerDutyAlertChannel updates a single pager duty alert channel integration
func (*IntegrationsService) UpdateQRadarAlertChannel ¶ added in v0.2.20
func (svc *IntegrationsService) UpdateQRadarAlertChannel(data QRadarAlertChannel) ( response QRadarAlertChannelResponse, err error, )
UpdateQRadarAlertChannel updates a single qradar alert channel integration
func (*IntegrationsService) UpdateServiceNowAlertChannel ¶ added in v0.2.16
func (svc *IntegrationsService) UpdateServiceNowAlertChannel(data ServiceNowAlertChannel) ( response ServiceNowAlertChannelResponse, err error, )
UpdateServiceNowAlertChannel updates a single serviceNow alert channel integration
func (*IntegrationsService) UpdateSlackAlertChannel ¶ added in v0.1.22
func (svc *IntegrationsService) UpdateSlackAlertChannel(data SlackAlertChannel) ( response SlackAlertChannelResponse, err error, )
UpdateSlackAlertChannel updates a single slack alert channel integration
func (*IntegrationsService) UpdateSplunkAlertChannel ¶ added in v0.2.14
func (svc *IntegrationsService) UpdateSplunkAlertChannel(data SplunkAlertChannel) ( response SplunkAlertChannelResponse, err error, )
UpdateSplunkAlertChannel updates a single splunk alert channel integration
func (*IntegrationsService) UpdateVictorOpsAlertChannel ¶ added in v0.2.19
func (svc *IntegrationsService) UpdateVictorOpsAlertChannel(data VictorOpsAlertChannel) ( response VictorOpsAlertChannelResponse, err error, )
UpdateVictorOpsAlertChannel updates a single datadog alert channel integration
func (*IntegrationsService) UpdateWebhookAlertChannel ¶ added in v0.2.11
func (svc *IntegrationsService) UpdateWebhookAlertChannel(data WebhookAlertChannel) ( response WebhookAlertChannelResponse, err error, )
UpdateWebhookAlertChannel updates a single webhook alert channel integration
type JiraAlertChannel ¶ added in v0.1.24
type JiraAlertChannel struct { Data JiraAlertChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewJiraAlertChannel ¶ added in v0.1.24
func NewJiraAlertChannel(name string, data JiraAlertChannelData) JiraAlertChannel
NewJiraAlertChannel returns an instance of JiraAlertChannel with the provided name and data.
Basic usage: Initialize a new JiraAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } jiraAlert := api.NewJiraAlertChannel("foo", api.JiraAlertChannelData{ JiraType: api.JiraCloudAlertType, JiraUrl: "mycompany.atlassian.net", IssueType: "Bug", ProjectID: "EXAMPLE", Username: "me", ApiToken: "my-api-token", IssueGrouping: "Resources", }, ) client.Integrations.CreateJiraAlertChannel(jiraAlert)
func NewJiraCloudAlertChannel ¶ added in v0.1.24
func NewJiraCloudAlertChannel(name string, data JiraAlertChannelData) JiraAlertChannel
NewJiraCloudAlertChannel returns a JiraAlertChannel instance preconfigured as a JIRA_CLOUD type
func NewJiraServerAlertChannel ¶ added in v0.1.24
func NewJiraServerAlertChannel(name string, data JiraAlertChannelData) JiraAlertChannel
NewJiraServerAlertChannel returns a JiraAlertChannel instance preconfigured as a JIRA_SERVER type
func (JiraAlertChannel) StateString ¶ added in v0.1.24
func (c JiraAlertChannel) StateString() string
type JiraAlertChannelData ¶ added in v0.1.24
type JiraAlertChannelData struct { JiraType string `json:"JIRA_TYPE" mapstructure:"JIRA_TYPE"` JiraUrl string `json:"JIRA_URL" mapstructure:"JIRA_URL"` IssueType string `json:"ISSUE_TYPE" mapstructure:"ISSUE_TYPE"` ProjectID string `json:"PROJECT_ID" mapstructure:"PROJECT_ID"` Username string `json:"USERNAME" mapstructure:"USERNAME"` ApiToken string `json:"API_TOKEN,omitempty" mapstructure:"API_TOKEN"` // Jira Cloud Password string `json:"PASSWORD,omitempty" mapstructure:"PASSWORD"` // Jira Server IssueGrouping string `json:"ISSUE_GROUPING,omitempty" mapstructure:"ISSUE_GROUPING"` // This field must be a base64 encode with the following format: // // "data:application/json;name=i.json;base64,[ENCODING]" // // [ENCODING] is the the base64 encode, use EncodeCustomTemplateFile() to encode a JSON template CustomTemplateFile string `json:"CUSTOM_TEMPLATE_FILE,omitempty" mapstructure:"CUSTOM_TEMPLATE_FILE"` }
func (*JiraAlertChannelData) DecodeCustomTemplateFile ¶ added in v0.2.1
func (jira *JiraAlertChannelData) DecodeCustomTemplateFile() (string, error)
func (*JiraAlertChannelData) EncodeCustomTemplateFile ¶ added in v0.2.1
func (jira *JiraAlertChannelData) EncodeCustomTemplateFile(template string)
type JiraAlertChannelResponse ¶ added in v0.1.24
type JiraAlertChannelResponse struct { Data []JiraAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type Json16DigitTime ¶ added in v0.1.21
time type to parse the returned 16 digit time in milliseconds
func (Json16DigitTime) Format ¶ added in v0.1.21
func (self Json16DigitTime) Format(s string) string
func (Json16DigitTime) MarshalJSON ¶ added in v0.1.21
func (self Json16DigitTime) MarshalJSON() ([]byte, error)
func (Json16DigitTime) ToTime ¶ added in v0.1.21
func (self Json16DigitTime) ToTime() time.Time
A few format functions for printing and manipulating the custom date
func (Json16DigitTime) UTC ¶ added in v0.1.21
func (self Json16DigitTime) UTC() time.Time
func (*Json16DigitTime) UnmarshalJSON ¶ added in v0.1.21
func (self *Json16DigitTime) UnmarshalJSON(b []byte) error
imeplement Marshal and Unmarshal interfaces
type LQLCompileResponse ¶ added in v0.6.0
type LQLDataSourcesResponse ¶ added in v0.6.0
type LQLDeleteMessage ¶ added in v0.6.0
type LQLDeleteMessage struct {
ID string `json:"lqlDeleted"`
}
type LQLDeleteResponse ¶ added in v0.6.0
type LQLDeleteResponse struct { Ok bool `json:"ok"` Message LQLDeleteMessage `json:"message"` }
type LQLDescribeData ¶ added in v0.6.0
type LQLDescribeData struct { Complexity int `json:"complexity"` MaxDuration int `json:"maxDuration"` Parameters []LQLDescribeParameters `json:"parameters"` PrimaryKey []interface{} `json:"primaryKey"` Props map[string]interface{} `json:"props"` Schema []LQLDescribeSchema `json:"schema"` Type string `json:"type"` }
type LQLDescribeParameters ¶ added in v0.6.0
type LQLDescribeResponse ¶ added in v0.6.0
type LQLDescribeResponse struct { Data []LQLDescribeData `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type LQLDescribeSchema ¶ added in v0.6.0
type LQLQuery ¶ added in v0.6.0
type LQLQuery struct { ID string `json:"LQL_ID,omitempty"` StartTimeRange string `json:"START_TIME_RANGE,omitempty"` EndTimeRange string `json:"END_TIME_RANGE,omitempty"` QueryText string `json:"QUERY_TEXT"` // QueryBlob is a special string that supports type conversion // back and forth from LQL to JSON QueryBlob string `json:"-"` }
func (*LQLQuery) TranslateQuery ¶ added in v0.6.0
func (LQLQuery) TranslateTime ¶ added in v0.6.0
func (LQLQuery) ValidateRange ¶ added in v0.6.0
type LQLQueryResponse ¶ added in v0.6.0
type LQLService ¶ added in v0.1.24
type LQLService struct {
// contains filtered or unexported fields
}
LQLService is a service that interacts with the LQL endpoints from the Lacework Server
func (*LQLService) CompileQuery ¶ added in v0.6.0
func (svc *LQLService) CompileQuery(query string) ( response LQLCompileResponse, err error, )
func (*LQLService) CreateQuery ¶ added in v0.6.0
func (svc *LQLService) CreateQuery(query string) ( response LQLQueryResponse, err error, )
func (*LQLService) DataSources ¶ added in v0.6.0
func (svc *LQLService) DataSources() ( response LQLDataSourcesResponse, err error, )
func (*LQLService) DeleteQuery ¶ added in v0.6.0
func (svc *LQLService) DeleteQuery(queryID string) ( response LQLDeleteResponse, err error, )
func (*LQLService) Describe ¶ added in v0.6.0
func (svc *LQLService) Describe(dataSource string) ( response LQLDescribeResponse, err error, )
func (*LQLService) GetQueries ¶ added in v0.6.0
func (svc *LQLService) GetQueries() (LQLQueryResponse, error)
func (*LQLService) GetQueryByID ¶ added in v0.6.0
func (svc *LQLService) GetQueryByID(queryID string) ( response LQLQueryResponse, err error, )
func (*LQLService) RunQuery ¶ added in v0.6.0
func (svc *LQLService) RunQuery(query, start, end string) ( response map[string]interface{}, err error, )
func (*LQLService) UpdateQuery ¶ added in v0.6.0
func (svc *LQLService) UpdateQuery(query string) ( response LQLUpdateResponse, err error, )
type LQLUpdateMessage ¶ added in v0.6.0
type LQLUpdateMessage struct {
ID string `json:"lqlUpdated"`
}
type LQLUpdateResponse ¶ added in v0.6.0
type LQLUpdateResponse struct { Ok bool `json:"ok"` Message LQLUpdateMessage `json:"message"` }
type MicrosoftTeamsAlertChannel ¶ added in v0.2.19
type MicrosoftTeamsAlertChannel struct { Data MicrosoftTeamsChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewMicrosoftTeamsAlertChannel ¶ added in v0.2.19
func NewMicrosoftTeamsAlertChannel(name string, data MicrosoftTeamsChannelData) MicrosoftTeamsAlertChannel
NewMicrosoftTeamsAlertChannel returns an instance of MicrosoftTeamsAlertChannel with the provided name and data.
Basic usage: Initialize a new MicrosoftTeamsAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } microsoftTeamsChannel := api.NewMicrosoftTeamsAlertChannel("foo", api.MicrosoftTeamsChannelData{ WebhookURL: "https://outlook.office.com/webhook/api-token", }, ) client.Integrations.CreateMicrosoftTeamsAlertChannel(microsoftTeamsChannel)
func (MicrosoftTeamsAlertChannel) StateString ¶ added in v0.2.19
func (c MicrosoftTeamsAlertChannel) StateString() string
type MicrosoftTeamsAlertChannelResponse ¶ added in v0.2.19
type MicrosoftTeamsAlertChannelResponse struct { Data []MicrosoftTeamsAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type MicrosoftTeamsChannelData ¶ added in v0.2.19
type MicrosoftTeamsChannelData struct {
WebhookURL string `json:"TEAMS_URL" mapstructure:"TEAMS_URL"`
}
type NanoTime ¶ added in v0.2.0
time type to parse the returned time with nano format
Example:
"START_TIME":"2020-08-20T01:00:00+0000"
func (NanoTime) MarshalJSON ¶ added in v0.2.0
func (NanoTime) ToTime ¶ added in v0.2.0
A few format functions for printing and manipulating the custom date
func (*NanoTime) UnmarshalJSON ¶ added in v0.2.0
type NewRelicAlertChannel ¶ added in v0.2.20
type NewRelicAlertChannel struct { Data NewRelicChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewNewRelicAlertChannel ¶ added in v0.2.20
func NewNewRelicAlertChannel(name string, data NewRelicChannelData) NewRelicAlertChannel
NewNewRelicAlertChannel returns an instance of NewRelicAlertChannel with the provided name and data.
Basic usage: Initialize a new NewRelicAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } newRelicChannel := api.NewNewRelicAlertChannel("foo", api.NewRelicChannelData{ AccountID: 2338053, InsertKey: "x-xx-xxxxxxxxxxxxxxxxxx", }, ) client.Integrations.CreateNewRelicAlertChannel(newRelicChannel)
func (NewRelicAlertChannel) StateString ¶ added in v0.2.20
func (c NewRelicAlertChannel) StateString() string
type NewRelicAlertChannelResponse ¶ added in v0.2.20
type NewRelicAlertChannelResponse struct { Data []NewRelicAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type NewRelicChannelData ¶ added in v0.2.20
type Option ¶
type Option interface {
// contains filtered or unexported methods
}
func WithApiKeys ¶
WithApiKeys sets the key_id and secret used to generate API access tokens
func WithApiV2 ¶
func WithApiV2() Option
WithApiV2 configures the client to use the API version 2 (/api/v2)
func WithExpirationTime ¶
WithExpirationTime configures the token expiration time
func WithHeader ¶ added in v0.1.19
WithHeader configures a HTTP Header to pass to every request
func WithLogFile ¶ added in v0.1.2
WithLogFile configures the client to write messages to the provided file
func WithLogLevel ¶ added in v0.1.1
WithLogLevel sets the log level of the client, available: info or debug
func WithLogLevelAndFile ¶ added in v0.1.2
WithLogLevelAndFile sets the log level of the client and writes the log messages to the provided file
func WithLogLevelAndWriter ¶ added in v0.1.2
WithLogLevelAndWriter sets the log level of the client and writes the log messages to the provided io.Writer
func WithLogWriter ¶ added in v0.1.2
WithLogWriter configures the client to log messages to the provided io.Writer
func WithTimeout ¶ added in v0.2.19
WithTimeout changes the default client timeout
func WithTokenFromKeys ¶
WithTokenFromKeys sets the API access keys and triggers a new token generation NOTE: Order matters when using this option, use it at the end of a NewClient() func
type PackageManifest ¶ added in v0.2.10
type PackageManifest struct {
OsPkgInfoList []OsPkgInfo `json:"os_pkg_info_list"`
}
PackageManifest is the representation of a package manifest that the Lacework API server expects when executing a scan
{ "os_pkg_info_list": [ { "os":"Ubuntu", "os_ver":"18.04", "pkg": "openssl", "pkg_ver": "1.1.1-1ubuntu2.1~18.04.6" } ] }
type PagerDutyAlertChannel ¶ added in v0.1.22
type PagerDutyAlertChannel struct { Data PagerDutyData `json:"DATA"` // contains filtered or unexported fields }
func NewPagerDutyAlertChannel ¶ added in v0.1.22
func NewPagerDutyAlertChannel(name string, data PagerDutyData) PagerDutyAlertChannel
NewPagerDutyAlertChannel returns an instance of PagerDutyAlertChannel with the provided name and data.
Basic usage: Initialize a new PagerDutyAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } pagerduty := api.NewPagerDutyAlertChannel("foo", api.PagerDutyData{ IntegrationKey: "1234abc8901abc567abc123abc78e012", }, ) client.Integrations.CreatePagerDutyAlertChannel(pagerduty)
func (PagerDutyAlertChannel) StateString ¶ added in v0.1.22
func (c PagerDutyAlertChannel) StateString() string
type PagerDutyAlertChannelResponse ¶ added in v0.1.22
type PagerDutyAlertChannelResponse struct { Data []PagerDutyAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type PagerDutyData ¶ added in v0.1.22
type QRadarAlertChannel ¶ added in v0.2.20
type QRadarAlertChannel struct { Data QRadarChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewQRadarAlertChannel ¶ added in v0.2.20
func NewQRadarAlertChannel(name string, data QRadarChannelData) QRadarAlertChannel
NewQRadarAlertChannel returns an instance of QRadarAlertChannel with the provided name and data.
Basic usage: Initialize a new QRadarAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } qradarChannel := api.NewQRadarAlertChannel("foo", api.QRadarChannelData{ CommunicationType: "HTTPS", HostURL: "https://qradar-lacework.com", HostPort: 8080, }, ) client.Integrations.CreateQRadarAlertChannel(qradarChannel)
func (QRadarAlertChannel) StateString ¶ added in v0.2.20
func (c QRadarAlertChannel) StateString() string
type QRadarAlertChannelResponse ¶ added in v0.2.20
type QRadarAlertChannelResponse struct { Data []QRadarAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type QRadarChannelData ¶ added in v0.2.20
type RawIntegration ¶
type RawIntegration struct { Data map[string]interface{} `json:"DATA"` // contains filtered or unexported fields }
func (RawIntegration) StateString ¶ added in v0.1.7
func (c RawIntegration) StateString() string
type RawIntegrationsResponse ¶
type RawIntegrationsResponse struct { Data []RawIntegration `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type ServiceNowAlertChannel ¶ added in v0.2.16
type ServiceNowAlertChannel struct { Data ServiceNowChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewServiceNowAlertChannel ¶ added in v0.2.16
func NewServiceNowAlertChannel(name string, data ServiceNowChannelData) ServiceNowAlertChannel
NewServiceNowAlertChannel returns an instance of ServiceNowAlertChannel with the provided name and data.
Basic usage: Initialize a new ServiceNowAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } serviceNowChannel := api.NewServiceNowAlertChannel("foo", api.ServiceNowChannelData{ InstanceURL: "snow-lacework.com", Username: "snow-user", Password: "snow-password", IssueGrouping: "Events", }, ) client.Integrations.CreateServiceNowAlertChannel(serviceNowChannel)
func (ServiceNowAlertChannel) StateString ¶ added in v0.2.16
func (c ServiceNowAlertChannel) StateString() string
type ServiceNowAlertChannelResponse ¶ added in v0.2.16
type ServiceNowAlertChannelResponse struct { Data []ServiceNowAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type ServiceNowChannelData ¶ added in v0.2.16
type ServiceNowChannelData struct { InstanceURL string `json:"INSTANCE_URL" mapstructure:"INSTANCE_URL"` Username string `json:"USER_NAME" mapstructure:"USER_NAME"` Password string `json:"PASSWORD" mapstructure:"PASSWORD"` CustomTemplateFile string `json:"CUSTOM_TEMPLATE_FILE,omitempty" mapstructure:"CUSTOM_TEMPLATE_FILE"` IssueGrouping string `json:"ISSUE_GROUPING,omitempty" mapstructure:"ISSUE_GROUPING"` }
func (*ServiceNowChannelData) DecodeCustomTemplateFile ¶ added in v0.2.21
func (snow *ServiceNowChannelData) DecodeCustomTemplateFile() (string, error)
func (*ServiceNowChannelData) EncodeCustomTemplateFile ¶ added in v0.2.21
func (snow *ServiceNowChannelData) EncodeCustomTemplateFile(template string)
type SlackAlertChannel ¶ added in v0.1.22
type SlackAlertChannel struct { Data SlackChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewSlackAlertChannel ¶ added in v0.1.22
func NewSlackAlertChannel(name string, data SlackChannelData) SlackAlertChannel
NewSlackAlertChannel returns an instance of SlackAlertChannel with the provided name and data.
Basic usage: Initialize a new SlackAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } slackChannel := api.NewSlackAlertChannel("foo", api.SlackChannelData{ SlackUrl: "https://hooks.slack.com/services/ABCD/12345/abcd1234", }, ) client.Integrations.CreateSlackAlertChannel(slackChannel)
func (SlackAlertChannel) StateString ¶ added in v0.1.22
func (c SlackAlertChannel) StateString() string
type SlackAlertChannelResponse ¶ added in v0.1.22
type SlackAlertChannelResponse struct { Data []SlackAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type SlackChannelData ¶ added in v0.1.21
type SlackChannelData struct {
SlackUrl string `json:"SLACK_URL" mapstructure:"SLACK_URL"`
}
type SplunkAlertChannel ¶ added in v0.2.14
type SplunkAlertChannel struct { Data SplunkChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewSplunkAlertChannel ¶ added in v0.2.14
func NewSplunkAlertChannel(name string, data SplunkChannelData) SplunkAlertChannel
NewSplunkAlertChannel returns an instance of SplunkAlertChannel with the provided name and data.
Basic usage: Initialize a new SplunkAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } splunkChannel := api.NewSplunkAlertChannel("foo", api.SplunkChannelData{ Channel: "channel-name", HecToken: "AA111111-11AA-1AA1-11AA-11111AA1111A", Host: "localhost", Port: 80, Ssl: false, EventData: api.SplunkEventData{ Index: "index", Source: "source", }, }, ) client.Integrations.CreateSplunkAlertChannel(splunkChannel)
func (SplunkAlertChannel) StateString ¶ added in v0.2.14
func (c SplunkAlertChannel) StateString() string
type SplunkAlertChannelResponse ¶ added in v0.2.14
type SplunkAlertChannelResponse struct { Data []SplunkAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type SplunkChannelData ¶ added in v0.2.14
type SplunkChannelData struct { Channel string `json:"CHANNEL,omitempty" mapstructure:"CHANNEL"` HecToken string `json:"HEC_TOKEN" mapstructure:"HEC_TOKEN"` Host string `json:"HOST" mapstructure:"HOST"` Port int `json:"PORT" mapstructure:"PORT"` Ssl bool `json:"SSL" mapstructure:"SSL"` EventData SplunkEventData `json:"EVENT_DATA" mapstructure:"EVENT_DATA"` }
type SplunkEventData ¶ added in v0.2.14
type TokenResponse ¶ added in v0.1.24
type TokenResponse struct { Data []tokenData `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
func (TokenResponse) Token ¶ added in v0.1.24
func (tr TokenResponse) Token() string
type VictorOpsAlertChannel ¶ added in v0.2.19
type VictorOpsAlertChannel struct { Data VictorOpsChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewVictorOpsAlertChannel ¶ added in v0.2.19
func NewVictorOpsAlertChannel(name string, data VictorOpsChannelData) VictorOpsAlertChannel
NewVictorOpsAlertChannel returns an instance of VictorOpsAlertChannel with the provided name and data.
Basic usage: Initialize a new VictorOpsAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } datadog := api.NewVictorOpsAlertChannel("foo", api.VictorOpsChannelData{ WebhookURL: "https://alert.victorops.com/integrations/generic/20131114/alert/31e945ee-5cad-44e7-afb0-97c20ea80dd8/database, }, ) client.Integrations.CreateVictorOpsAlertChannel(datadogChannel)
func (VictorOpsAlertChannel) StateString ¶ added in v0.2.19
func (c VictorOpsAlertChannel) StateString() string
type VictorOpsAlertChannelResponse ¶ added in v0.2.19
type VictorOpsAlertChannelResponse struct { Data []VictorOpsAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type VictorOpsChannelData ¶ added in v0.2.19
type VictorOpsChannelData struct {
WebhookURL string `json:"INTG_URL" mapstructure:"INTG_URL"`
}
type VulnContainerAssessment ¶ added in v0.2.0
type VulnContainerAssessment struct { TotalVulnerabilities int32 `json:"total_vulnerabilities"` CriticalVulnerabilities int32 `json:"critical_vulnerabilities"` HighVulnerabilities int32 `json:"high_vulnerabilities"` MediumVulnerabilities int32 `json:"medium_vulnerabilities"` LowVulnerabilities int32 `json:"low_vulnerabilities"` InfoVulnerabilities int32 `json:"info_vulnerabilities"` FixableVulnerabilities int32 `json:"fixable_vulnerabilities"` LastEvaluationTime string `json:"last_evaluation_time,omitempty"` Image *VulnContainerImage `json:"image,omitempty"` // @afiune these two parameters, Status and Message will appear when // the vulnerability scan is still running. ugh. why? Status string `json:"status,omitempty"` Message string `json:"message,omitempty"` // ScanStatus is a property that will appear when the vulnerability scan finished // running, this status indicates whether the scan finished successfully or not ScanStatus string `json:"scan_status,omitempty"` }
func (*VulnContainerAssessment) HighestFixableSeverity ¶ added in v0.4.0
func (report *VulnContainerAssessment) HighestFixableSeverity() string
HighestFixableSeverity returns the highest fixable severity level vulnerability in a VulnContainerAssessment
func (*VulnContainerAssessment) HighestSeverity ¶ added in v0.4.0
func (report *VulnContainerAssessment) HighestSeverity() string
HighestSeverity returns the highest severity level vulnerability in a VulnContainerAssessment
func (*VulnContainerAssessment) TotalFixableVulnerabilities ¶ added in v0.4.0
func (report *VulnContainerAssessment) TotalFixableVulnerabilities() int32
TotalFixableVulnerabilities returns the total number of vulnerabilities that have a fix available
func (*VulnContainerAssessment) VulnFixableCount ¶ added in v0.2.0
func (report *VulnContainerAssessment) VulnFixableCount(severity string) int32
type VulnContainerAssessmentResponse ¶ added in v0.2.0
type VulnContainerAssessmentResponse struct { Data VulnContainerAssessment `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
func (*VulnContainerAssessmentResponse) CheckStatus ¶ added in v0.2.0
func (res *VulnContainerAssessmentResponse) CheckStatus() string
type VulnContainerAssessmentSummary ¶ added in v0.2.0
type VulnContainerAssessmentSummary struct { EvalGuid string `json:"eval_guid"` EvalStatus string `json:"eval_status"` EvalType string `json:"eval_type"` ImageCreatedTime NanoTime `json:"image_created_time"` ImageDigest string `json:"image_digest"` ImageID string `json:"image_id"` ImageNamespace string `json:"image_namespace"` ImageRegistry string `json:"image_registry"` ImageRepo string `json:"image_repo"` ImageScanErrorMsg string `json:"image_scan_error_msg"` ImageScanStatus string `json:"image_scan_status"` ImageScanTime NanoTime `json:"image_scan_time"` ImageSize string `json:"image_size"` ImageTags []string `json:"image_tags"` NdvContainers string `json:"ndv_containers"` NumFixes string `json:"num_fixes"` NumVulnerabilitiesSeverity1 string `json:"num_vulnerabilities_severity_1"` NumVulnerabilitiesSeverity2 string `json:"num_vulnerabilities_severity_2"` NumVulnerabilitiesSeverity3 string `json:"num_vulnerabilities_severity_3"` NumVulnerabilitiesSeverity4 string `json:"num_vulnerabilities_severity_4"` NumVulnerabilitiesSeverity5 string `json:"num_vulnerabilities_severity_5"` StartTime NanoTime `json:"start_time"` }
type VulnContainerAssessmentsResponse ¶ added in v0.2.0
type VulnContainerAssessmentsResponse struct { Assessments []VulnContainerAssessmentSummary `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type VulnContainerImage ¶ added in v0.2.0
type VulnContainerImage struct { ImageInfo *vulnContainerImageInfo `json:"image_info,omitempty"` ImageLayers []VulnContainerImageLayer `json:"image_layers,omitempty"` }
type VulnContainerImageLayer ¶ added in v0.7.0
type VulnContainerImageLayer struct { Hash string `json:"hash"` CreatedBy string `json:"created_by"` Packages []VulnContainerPackage `json:"packages"` }
type VulnContainerPackage ¶ added in v0.7.0
type VulnContainerPackage struct { Name string `json:"name"` Namespace string `json:"namescape"` Version string `json:"version"` Vulnerabilities []ContainerVulnerability `json:"vulnerabilities"` // @afiune maybe these fields are host related information and not container FixAvailable string `json:"fix_available,omitempty"` FixedVersion string `json:"fixed_version,omitempty"` HostCount string `json:"host_count,omitempty"` Severity string `json:"severity,omitempty"` Status string `json:"status,omitempty"` CveLink string `json:"cve_link,omitempty"` CveScore string `json:"cve_score,omitempty"` CvssV3Score string `json:"cvss_v3_score,omitempty"` CvssV2Score string `json:"cvss_v2_score,omitempty"` FirstSeenTime string `json:"first_seen_time,omitempty"` }
type VulnerabilitiesService ¶ added in v0.1.3
type VulnerabilitiesService struct { Host *HostVulnerabilityService Container *ContainerVulnerabilityService // contains filtered or unexported fields }
VulnerabilitiesService is a service that interacts with the vulnerabilities endpoints from the Lacework Server
func NewVulnerabilityService ¶ added in v0.2.0
func NewVulnerabilityService(c *Client) *VulnerabilitiesService
type VulnerabilityAssessment ¶ added in v0.4.0
type VulnerabilityAssessment interface { HighestSeverity() string HighestFixableSeverity() string TotalFixableVulnerabilities() int32 }
VulnerabilityAssessment is used to provide common functions that are required by host or container vulnerability assessments, this is used to treat them both as equal
type WebhookAlertChannel ¶ added in v0.2.11
type WebhookAlertChannel struct { Data WebhookChannelData `json:"DATA"` // contains filtered or unexported fields }
func NewWebhookAlertChannel ¶ added in v0.2.11
func NewWebhookAlertChannel(name string, data WebhookChannelData) WebhookAlertChannel
NewWebhookAlertChannel returns an instance of WebhookAlertChannel with the provided name and data.
Basic usage: Initialize a new WebhookAlertChannel struct, then
use the new instance to do CRUD operations client, err := api.NewClient("account") if err != nil { return err } webhookChannel := api.NewWebhookAlertChannel("foo", api.WebhookChannelData{ WebhookUrl: "https://mywebhook.com/?api-token=123", }, ) client.Integrations.CreateWebhookAlertChannel(webhookChannel)
func (WebhookAlertChannel) StateString ¶ added in v0.2.11
func (c WebhookAlertChannel) StateString() string
type WebhookAlertChannelResponse ¶ added in v0.2.11
type WebhookAlertChannelResponse struct { Data []WebhookAlertChannel `json:"data"` Ok bool `json:"ok"` Message string `json:"message"` }
type WebhookChannelData ¶ added in v0.2.11
type WebhookChannelData struct {
WebhookUrl string `json:"WEBHOOK_URL" mapstructure:"WEBHOOK_URL"`
}
Source Files ¶
- account.go
- agent.go
- api.go
- auth.go
- client.go
- compliance.go
- compliance_aws.go
- compliance_azure.go
- compliance_gcp.go
- errors.go
- events.go
- http.go
- integration_alert_channels.go
- integration_alert_channels_aws_cloudwatch.go
- integration_alert_channels_aws_s3.go
- integration_alert_channels_cisco_webex.go
- integration_alert_channels_datadog.go
- integration_alert_channels_gcp_pub_sub.go
- integration_alert_channels_jira.go
- integration_alert_channels_microsoft_teams.go
- integration_alert_channels_new_relic.go
- integration_alert_channels_pagerduty.go
- integration_alert_channels_qradar.go
- integration_alert_channels_service_now.go
- integration_alert_channels_slack.go
- integration_alert_channels_splunk.go
- integration_alert_channels_victorops.go
- integration_alert_channels_webhook.go
- integrations.go
- integrations_aws.go
- integrations_azure.go
- integrations_ctr_reg.go
- integrations_ctr_reg_ecr_access_key.go
- integrations_ctr_reg_ecr_cross_account.go
- integrations_gcp.go
- logging.go
- lql.go
- lql_compile.go
- lql_data_sources.go
- lql_delete.go
- lql_describe.go
- lql_update.go
- reader.go
- version.go
- vulnerabilities.go
- vulnerabilities_container.go
- vulnerabilities_host.go