Documentation ¶
Index ¶
- Constants
- func ConnTrackOperationName(operation string) string
- func ConnTrackOutputRecordTypeName(operation string) string
- func DecoderName(decoder string) string
- func FilterOperationName(operation string) string
- func GetEnumName(enum interface{}, operation string) string
- func GetEnumReflectionTypeByFieldName(enumName string) reflect.Type
- func KafkaEncodeBalancerName(operation string) string
- func MetricEncodeFilterTypeName(t string) string
- func MetricEncodeOperationName(operation string) string
- func SASLTypeName(operation string) string
- func TransformFilterOperationName(operation string) string
- func TransformGenericOperationName(operation string) string
- func TransformNetworkOperationName(operation string) string
- type API
- type AggregateBy
- type AggregateDefinition
- type AggregateDefinitions
- type AggregateOperation
- type Aggregates
- type ClientTLS
- type ConnTrack
- type ConnTrackHash
- type ConnTrackOperationEnum
- type ConnTrackOutputRecordTypeEnum
- type ConnTrackSchedulingGroup
- type ConnTrackTCPFlags
- type Decoder
- type DecoderEnum
- type Duration
- type EncodeKafka
- type EncodeOtlpLogs
- type EncodeOtlpMetrics
- type EncodeOtlpTraces
- type EncodeS3
- type ExtractTimebased
- type FieldGroup
- type FilterOperationEnum
- type GenericTransform
- type GenericTransformRule
- type IngestCollector
- type IngestGRPCProto
- type IngestKafka
- type IngestStdin
- type IngestSynthetic
- type K8sInfraRule
- type K8sRule
- type KafkaEncodeBalancerEnum
- type KeyDefinition
- type MetricEncodeFilterTypeEnum
- type MetricEncodeOperationEnum
- type MetricsFilter
- type MetricsItem
- type MetricsItems
- type NetworkTransformDirectionInfo
- type NetworkTransformIPCategory
- type NetworkTransformRule
- type NetworkTransformRules
- type OtlpConnectionInfo
- type OutputField
- type PromConnectionInfo
- type PromEncode
- type PromTLSConf
- type SASLConfig
- type SASLTypeEnum
- type TimebasedFilterRule
- type TransformFilter
- type TransformFilterOperationEnum
- type TransformFilterRule
- type TransformGeneric
- type TransformGenericOperationEnum
- type TransformNetwork
- type TransformNetworkOperationEnum
- type WriteIpfix
- type WriteLoki
- type WriteStdout
Constants ¶
const ( FileType = "file" FileLoopType = "file_loop" FileChunksType = "file_chunks" SyntheticType = "synthetic" CollectorType = "collector" StdinType = "stdin" GRPCType = "grpc" FakeType = "fake" KafkaType = "kafka" S3Type = "s3" OtlpLogsType = "otlplogs" OtlpMetricsType = "otlpmetrics" OtlpTracesType = "otlptraces" StdoutType = "stdout" LokiType = "loki" IpfixType = "ipfix" AggregateType = "aggregates" TimebasedType = "timebased" PromType = "prom" GenericType = "generic" NetworkType = "network" FilterType = "filter" ConnTrackType = "conntrack" NoneType = "none" AddRegExIfRuleType = "add_regex_if" AddIfRuleType = "add_if" AddSubnetRuleType = "add_subnet" AddLocationRuleType = "add_location" AddServiceRuleType = "add_service" AddKubernetesRuleType = "add_kubernetes" AddKubernetesInfraRuleType = "add_kubernetes_infra" ReinterpretDirectionRuleType = "reinterpret_direction" PromFilterExact = "exact" PromFilterPresence = "presence" PromFilterAbsence = "absence" PromFilterRegex = "regex" TagYaml = "yaml" TagDoc = "doc" TagEnum = "enum" )
const ( HashIdFieldName = "_HashId" RecordTypeFieldName = "_RecordType" IsFirstFieldName = "_IsFirst" )
const ( OpAddSubnet = "add_subnet" OpAddLocation = "add_location" OpAddService = "add_service" OpAddKubernetes = "add_kubernetes" OpAddKubernetesInfra = "add_kubernetes_infra" OpReinterpretDirection = "reinterpret_direction" OpAddIPCategory = "add_ip_category" )
Variables ¶
This section is empty.
Functions ¶
func ConnTrackOperationName ¶
func DecoderName ¶
func FilterOperationName ¶ added in v0.1.4
func GetEnumName ¶
GetEnumName gets the name of an enum value from the representing enum struct based on `TagYaml` tag.
func GetEnumReflectionTypeByFieldName ¶
GetEnumReflectionTypeByFieldName gets the enum struct `reflection Type` from the name of the struct (using fields from `enums{}` struct).
func KafkaEncodeBalancerName ¶
func MetricEncodeFilterTypeName ¶ added in v0.1.11
func MetricEncodeOperationName ¶ added in v0.1.11
func SASLTypeName ¶ added in v0.1.9
Types ¶
type API ¶
type API struct { PromEncode PromEncode `yaml:"prom" doc:"## Prometheus encode API\nFollowing is the supported API format for prometheus encode:\n"` KafkaEncode EncodeKafka `yaml:"kafka" doc:"## Kafka encode API\nFollowing is the supported API format for kafka encode:\n"` S3Encode EncodeS3 `yaml:"s3" doc:"## S3 encode API\nFollowing is the supported API format for S3 encode:\n"` IngestCollector IngestCollector `yaml:"collector" doc:"## Ingest collector API\nFollowing is the supported API format for the NetFlow / IPFIX collector:\n"` IngestKafka IngestKafka `yaml:"kafka" doc:"## Ingest Kafka API\nFollowing is the supported API format for the kafka ingest:\n"` IngestGRPCProto IngestGRPCProto `` /* 154-byte string literal not displayed */ IngestStdin IngestStdin `yaml:"stdin" doc:"## Ingest Standard Input\nFollowing is the supported API format for the standard input ingest:\n"` TransformGeneric TransformGeneric `yaml:"generic" doc:"## Transform Generic API\nFollowing is the supported API format for generic transformations:\n"` TransformFilter TransformFilter `yaml:"filter" doc:"## Transform Filter API\nFollowing is the supported API format for filter transformations:\n"` TransformNetwork TransformNetwork `yaml:"network" doc:"## Transform Network API\nFollowing is the supported API format for network transformations:\n"` WriteLoki WriteLoki `yaml:"loki" doc:"## Write Loki API\nFollowing is the supported API format for writing to loki:\n"` WriteStdout WriteStdout `yaml:"stdout" doc:"## Write Standard Output\nFollowing is the supported API format for writing to standard output:\n"` ExtractAggregate Aggregates `` /* 126-byte string literal not displayed */ ConnectionTracking ConnTrack `` /* 126-byte string literal not displayed */ ExtractTimebased ExtractTimebased `` /* 132-byte string literal not displayed */ EncodeOtlpLogs EncodeOtlpLogs `` /* 136-byte string literal not displayed */ EncodeOtlpMetrics EncodeOtlpMetrics `` /* 145-byte string literal not displayed */ EncodeOtlpTraces EncodeOtlpTraces `` /* 142-byte string literal not displayed */ }
type AggregateBy ¶
type AggregateBy []string
type AggregateDefinition ¶
type AggregateDefinition struct { Name string `yaml:"name,omitempty" json:"name,omitempty" doc:"description of aggregation result"` GroupByKeys AggregateBy `yaml:"groupByKeys,omitempty" json:"groupByKeys,omitempty" doc:"list of fields on which to aggregate"` OperationType AggregateOperation `yaml:"operationType,omitempty" json:"operationType,omitempty" doc:"sum, min, max, count, avg or raw_values"` OperationKey string `yaml:"operationKey,omitempty" json:"operationKey,omitempty" doc:"internal field on which to perform the operation"` ExpiryTime Duration `yaml:"expiryTime,omitempty" json:"expiryTime,omitempty" doc:"time interval over which to perform the operation"` }
type AggregateDefinitions ¶ added in v0.1.9
type AggregateDefinitions []AggregateDefinition
type AggregateOperation ¶
type AggregateOperation string
type Aggregates ¶ added in v0.1.9
type Aggregates struct { DefaultExpiryTime Duration `` /* 155-byte string literal not displayed */ Rules AggregateDefinitions `yaml:"rules,omitempty" json:"rules,omitempty" doc:"list of aggregation rules, each includes:"` }
type ClientTLS ¶ added in v0.1.3
type ClientTLS struct { InsecureSkipVerify bool `` /* 144-byte string literal not displayed */ CACertPath string `yaml:"caCertPath,omitempty" json:"caCertPath,omitempty" doc:"path to the CA certificate"` UserCertPath string `yaml:"userCertPath,omitempty" json:"userCertPath,omitempty" doc:"path to the user certificate"` UserKeyPath string `yaml:"userKeyPath,omitempty" json:"userKeyPath,omitempty" doc:"path to the user private key"` }
type ConnTrack ¶
type ConnTrack struct { KeyDefinition KeyDefinition `yaml:"keyDefinition,omitempty" json:"keyDefinition,omitempty" doc:"fields that are used to identify the connection"` OutputRecordTypes []string `` /* 140-byte string literal not displayed */ OutputFields []OutputField `yaml:"outputFields,omitempty" json:"outputFields,omitempty" doc:"list of output fields"` Scheduling []ConnTrackSchedulingGroup `yaml:"scheduling,omitempty" json:"scheduling,omitempty" doc:"list of timeouts and intervals to apply per selector"` MaxConnectionsTracked int `` /* 153-byte string literal not displayed */ TCPFlags ConnTrackTCPFlags `yaml:"tcpFlags,omitempty" json:"tcpFlags,omitempty" doc:"settings for handling TCP flags"` }
func (*ConnTrack) GetABFields ¶ added in v0.1.9
type ConnTrackHash ¶
type ConnTrackHash struct { FieldGroupRefs []string `yaml:"fieldGroupRefs,omitempty" json:"fieldGroupRefs,omitempty" doc:"list of field group names to build the hash"` FieldGroupARef string `yaml:"fieldGroupARef,omitempty" json:"fieldGroupARef,omitempty" doc:"field group name of endpoint A"` FieldGroupBRef string `yaml:"fieldGroupBRef,omitempty" json:"fieldGroupBRef,omitempty" doc:"field group name of endpoint B"` }
ConnTrackHash determines how to compute the connection hash. A and B are treated as the endpoints of the connection. When FieldGroupARef and FieldGroupBRef are set, the hash is computed in a way that flow logs from A to B will have the same hash as flow logs from B to A. When they are not set, a different hash will be computed for A->B and B->A, and they are tracked as different connections.
type ConnTrackOperationEnum ¶
type ConnTrackOperationEnum struct { Sum string `yaml:"sum" json:"sum" doc:"sum"` Count string `yaml:"count" json:"count" doc:"count"` Min string `yaml:"min" json:"min" doc:"min"` Max string `yaml:"max" json:"max" doc:"max"` First string `yaml:"first" json:"first" doc:"first"` Last string `yaml:"last" json:"last" doc:"last"` }
type ConnTrackOutputRecordTypeEnum ¶
type ConnTrackOutputRecordTypeEnum struct { NewConnection string `yaml:"newConnection" json:"newConnection" doc:"New connection"` EndConnection string `yaml:"endConnection" json:"endConnection" doc:"End connection"` Heartbeat string `yaml:"heartbeat" json:"heartbeat" doc:"Heartbeat"` FlowLog string `yaml:"flowLog" json:"flowLog" doc:"Flow log"` }
type ConnTrackSchedulingGroup ¶ added in v0.1.8
type ConnTrackSchedulingGroup struct { Selector map[string]interface{} `` /* 131-byte string literal not displayed */ EndConnectionTimeout Duration `` /* 149-byte string literal not displayed */ TerminatingTimeout Duration `` /* 145-byte string literal not displayed */ HeartbeatInterval Duration `` /* 142-byte string literal not displayed */ }
type ConnTrackTCPFlags ¶ added in v0.1.9
type ConnTrackTCPFlags struct { FieldName string `yaml:"fieldName,omitempty" json:"fieldName,omitempty" doc:"name of the field containing TCP flags"` DetectEndConnection bool `yaml:"detectEndConnection,omitempty" json:"detectEndConnection,omitempty" doc:"detect end connections by FIN flag"` SwapAB bool `` /* 130-byte string literal not displayed */ }
type Decoder ¶
type Decoder struct {
Type string `yaml:"type" json:"type" enum:"DecoderEnum" doc:"one of the following:"`
}
type DecoderEnum ¶
type Duration ¶ added in v0.1.3
Duration is a wrapper of time.Duration that allows json marshaling. https://stackoverflow.com/a/48051946/2749989
func (Duration) MarshalJSON ¶ added in v0.1.3
func (Duration) MarshalYAML ¶ added in v0.1.3
func (*Duration) UnmarshalJSON ¶ added in v0.1.3
func (*Duration) UnmarshalYAML ¶ added in v0.1.3
type EncodeKafka ¶
type EncodeKafka struct { Address string `yaml:"address" json:"address" doc:"address of kafka server"` Topic string `yaml:"topic" json:"topic" doc:"kafka topic to write to"` Balancer string `yaml:"balancer,omitempty" json:"balancer,omitempty" enum:"KafkaEncodeBalancerEnum" doc:"one of the following:"` WriteTimeout int64 `` /* 130-byte string literal not displayed */ ReadTimeout int64 `` /* 127-byte string literal not displayed */ BatchBytes int64 `` /* 139-byte string literal not displayed */ BatchSize int `` /* 136-byte string literal not displayed */ TLS *ClientTLS `yaml:"tls" json:"tls" doc:"TLS client configuration (optional)"` SASL *SASLConfig `yaml:"sasl" json:"sasl" doc:"SASL configuration (optional)"` }
type EncodeOtlpLogs ¶ added in v0.1.11
type EncodeOtlpLogs struct {
*OtlpConnectionInfo `json:",inline" doc:"OpenTelemetry connection info; includes:"`
}
type EncodeOtlpMetrics ¶ added in v0.1.11
type EncodeOtlpMetrics struct { *OtlpConnectionInfo `json:",inline" doc:"OpenTelemetry connection info; includes:"` Prefix string `yaml:"prefix,omitempty" json:"prefix,omitempty" doc:"prefix added to each metric name"` Metrics MetricsItems `yaml:"metrics,omitempty" json:"metrics,omitempty" doc:"list of metric definitions, each includes:"` PushTimeInterval Duration `yaml:"pushTimeInterval,omitempty" json:"pushTimeInterval,omitempty" doc:"how often should metrics be sent to collector:"` ExpiryTime Duration `yaml:"expiryTime,omitempty" json:"expiryTime,omitempty" doc:"time duration of no-flow to wait before deleting data item"` }
type EncodeOtlpTraces ¶ added in v0.1.11
type EncodeOtlpTraces struct { *OtlpConnectionInfo `json:",inline" doc:"OpenTelemetry connection info; includes:"` SpanSplitter []string `yaml:"spanSplitter,omitempty" json:"spanSplitter,omitempty" doc:"separate span for each prefix listed"` }
type EncodeS3 ¶ added in v0.1.5
type EncodeS3 struct { Account string `yaml:"account" json:"account" doc:"tenant id for this flow collector"` Endpoint string `yaml:"endpoint" json:"endpoint" doc:"address of s3 server"` AccessKeyId string `yaml:"accessKeyId" json:"accessKeyId" doc:"username to connect to server"` SecretAccessKey string `yaml:"secretAccessKey" json:"secretAccessKey" doc:"password to connect to server"` Bucket string `yaml:"bucket" json:"bucket" doc:"bucket into which to store objects"` WriteTimeout Duration `yaml:"writeTimeout,omitempty" json:"writeTimeout,omitempty" doc:"timeout (in seconds) for write operation"` BatchSize int `` /* 131-byte string literal not displayed */ Secure bool `yaml:"secure,omitempty" json:"secure,omitempty" doc:"true for https, false for http (default: false)"` ObjectHeaderParameters map[string]interface{} `` /* 142-byte string literal not displayed */ }
type ExtractTimebased ¶ added in v0.1.4
type ExtractTimebased struct {
Rules []TimebasedFilterRule `yaml:"rules,omitempty" json:"rules,omitempty" doc:"list of filter rules, each includes:"`
}
type FieldGroup ¶
type FilterOperationEnum ¶ added in v0.1.4
type FilterOperationEnum struct { FilterOperationSum string `yaml:"sum" json:"sum" doc:"set output field to sum of parameters fields in the time window"` FilterOperationAvg string `yaml:"avg" json:"avg" doc:"set output field to average of parameters fields in the time window"` FilterOperationMin string `yaml:"min" json:"min" doc:"set output field to minimum of parameters fields in the time window"` FilterOperationMax string `yaml:"max" json:"max" doc:"set output field to maximum of parameters fields in the time window"` FilterOperationCnt string `yaml:"count" json:"count" doc:"set output field to number of flows registered in the time window"` FilterOperationLast string `yaml:"last" json:"last" doc:"set output field to last of parameters fields in the time window"` FilterOperationDiff string `yaml:"diff" json:"diff" doc:"set output field to the difference of the first and last parameters fields in the time window"` }
type GenericTransform ¶
type GenericTransform []GenericTransformRule
type GenericTransformRule ¶
type GenericTransformRule struct { Input string `yaml:"input,omitempty" json:"input,omitempty" doc:"entry input field"` Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` Multiplier int `yaml:"multiplier,omitempty" json:"multiplier,omitempty" doc:"scaling factor to compenstate for sampling"` }
type IngestCollector ¶
type IngestCollector struct { HostName string `yaml:"hostName,omitempty" json:"hostName,omitempty" doc:"the hostname to listen on"` Port int `` /* 156-byte string literal not displayed */ PortLegacy int `` /* 163-byte string literal not displayed */ BatchMaxLen int `` /* 133-byte string literal not displayed */ }
type IngestGRPCProto ¶
type IngestKafka ¶
type IngestKafka struct { Brokers []string `yaml:"brokers,omitempty" json:"brokers,omitempty" doc:"list of kafka broker addresses"` Topic string `yaml:"topic,omitempty" json:"topic,omitempty" doc:"kafka topic to listen on"` GroupId string `yaml:"groupid,omitempty" json:"groupid,omitempty" doc:"separate groupid for each consumer on specified topic"` GroupBalancers []string `` /* 132-byte string literal not displayed */ StartOffset string `` /* 161-byte string literal not displayed */ BatchReadTimeout int64 `yaml:"batchReadTimeout,omitempty" json:"batchReadTimeout,omitempty" doc:"how often (in milliseconds) to process input"` Decoder Decoder `yaml:"decoder,omitempty" json:"decoder" doc:"decoder to use (E.g. json or protobuf)"` BatchMaxLen int `` /* 133-byte string literal not displayed */ PullQueueCapacity int `` /* 127-byte string literal not displayed */ PullMaxBytes int `yaml:"pullMaxBytes,omitempty" json:"pullMaxBytes,omitempty" doc:"the maximum number of bytes being pulled from kafka"` CommitInterval int64 `` /* 192-byte string literal not displayed */ TLS *ClientTLS `yaml:"tls" json:"tls" doc:"TLS client configuration (optional)"` SASL *SASLConfig `yaml:"sasl" json:"sasl" doc:"SASL configuration (optional)"` }
type IngestStdin ¶ added in v0.1.11
type IngestStdin struct { }
type IngestSynthetic ¶ added in v0.1.9
type IngestSynthetic struct { Connections int `yaml:"connections,omitempty" json:"connections,omitempty" doc:"number of connections to maintain"` BatchMaxLen int `` /* 133-byte string literal not displayed */ FlowLogsPerMin int `yaml:"flowLogsPerMin,omitempty" json:"flowLogsPerMin,omitempty" doc:"the number of flow logs to send per minute"` }
type K8sInfraRule ¶ added in v0.1.11
type K8sInfraRule struct { Inputs []string `yaml:"inputs,omitempty" json:"inputs,omitempty" doc:"entry inputs fields"` Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` InfraPrefix string `yaml:"infra_prefixes,omitempty" json:"infra_prefixes,omitempty" doc:"Namespace prefixes that will be tagged as infra"` }
type K8sRule ¶ added in v0.1.11
type K8sRule struct {
AddZone bool `yaml:"add_zone,omitempty" json:"add_zone,omitempty" doc:"If true the rule will add the zone"`
}
type KafkaEncodeBalancerEnum ¶
type KafkaEncodeBalancerEnum struct { RoundRobin string `yaml:"roundRobin" json:"roundRobin" doc:"RoundRobin balancer"` LeastBytes string `yaml:"leastBytes" json:"leastBytes" doc:"LeastBytes balancer"` Hash string `yaml:"hash" json:"hash" doc:"Hash balancer"` Crc32 string `yaml:"crc32" json:"crc32" doc:"Crc32 balancer"` Murmur2 string `yaml:"murmur2" json:"murmur2" doc:"Murmur2 balancer"` }
type KeyDefinition ¶
type KeyDefinition struct { FieldGroups []FieldGroup `yaml:"fieldGroups,omitempty" json:"fieldGroups,omitempty" doc:"list of field group definitions"` Hash ConnTrackHash `yaml:"hash,omitempty" json:"hash,omitempty" doc:"how to build the connection hash"` }
type MetricEncodeFilterTypeEnum ¶ added in v0.1.11
type MetricEncodeFilterTypeEnum struct { Exact string `yaml:"exact" json:"exact" doc:"match exactly the provided fitler value"` Presence string `yaml:"presence" json:"presence" doc:"filter key must be present (filter value is ignored)"` Absence string `yaml:"absence" json:"absence" doc:"filter key must be absent (filter value is ignored)"` Regex string `yaml:"regex" json:"regex" doc:"match filter value as a regular expression"` }
type MetricEncodeOperationEnum ¶ added in v0.1.11
type MetricEncodeOperationEnum struct { Gauge string `yaml:"gauge" json:"gauge" doc:"single numerical value that can arbitrarily go up and down"` Counter string `yaml:"counter" json:"counter" doc:"monotonically increasing counter whose value can only increase"` Histogram string `yaml:"histogram" json:"histogram" doc:"counts samples in configurable buckets"` AggHistogram string `yaml:"agg_histogram" json:"agg_histogram" doc:"counts samples in configurable buckets, pre-aggregated via an Aggregate stage"` }
type MetricsFilter ¶ added in v0.1.11
type MetricsItem ¶ added in v0.1.11
type MetricsItem struct { Name string `yaml:"name" json:"name" doc:"the metric name"` Type string `yaml:"type" json:"type" enum:"MetricEncodeOperationEnum" doc:"one of the following:"` Filter MetricsFilter `` /* 130-byte string literal not displayed */ Filters []MetricsFilter `yaml:"filters" json:"filters" doc:"a list of criteria to filter entries by"` ValueKey string `yaml:"valueKey" json:"valueKey" doc:"entry key from which to resolve metric value"` Labels []string `yaml:"labels" json:"labels" doc:"labels to be associated with the metric"` Buckets []float64 `yaml:"buckets" json:"buckets" doc:"histogram buckets"` ValueScale float64 `yaml:"valueScale" json:"valueScale" doc:"scale factor of the value (MetricVal := FlowVal / Scale)"` }
func (*MetricsItem) GetFilters ¶ added in v0.1.11
func (i *MetricsItem) GetFilters() []MetricsFilter
type MetricsItems ¶ added in v0.1.11
type MetricsItems []MetricsItem
type NetworkTransformDirectionInfo ¶ added in v0.1.7
type NetworkTransformDirectionInfo struct { ReporterIPField string `yaml:"reporterIPField,omitempty" json:"reporterIPField,omitempty" doc:"field providing the reporter (agent) host IP"` SrcHostField string `yaml:"srcHostField,omitempty" json:"srcHostField,omitempty" doc:"source host field"` DstHostField string `yaml:"dstHostField,omitempty" json:"dstHostField,omitempty" doc:"destination host field"` FlowDirectionField string `` /* 155-byte string literal not displayed */ IfDirectionField string `` /* 135-byte string literal not displayed */ }
type NetworkTransformIPCategory ¶ added in v0.1.7
type NetworkTransformRule ¶
type NetworkTransformRule struct { Input string `yaml:"input,omitempty" json:"input,omitempty" doc:"entry input field"` Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` Type string `yaml:"type,omitempty" json:"type,omitempty" enum:"TransformNetworkOperationEnum" doc:"one of the following:"` Parameters string `yaml:"parameters,omitempty" json:"parameters,omitempty" doc:"parameters specific to type"` Assignee string `yaml:"assignee,omitempty" json:"assignee,omitempty" doc:"value needs to assign to output field"` KubernetesInfra *K8sInfraRule `yaml:"kubernetes_infra,omitempty" json:"kubernetes_infra,omitempty" doc:"Kubernetes infra rule specific configuration"` Kubernetes *K8sRule `yaml:"kubernetes,omitempty" json:"kubernetes,omitempty" doc:"Kubernetes rule specific configuration"` }
type NetworkTransformRules ¶
type NetworkTransformRules []NetworkTransformRule
type OtlpConnectionInfo ¶ added in v0.1.11
type OtlpConnectionInfo struct { Address string `yaml:"address" json:"address" doc:"endpoint address to expose"` Port int `yaml:"port" json:"port" doc:"endpoint port number to expose"` ConnectionType string `yaml:"connectionType" json:"connectionType" doc:"interface mechanism: either http or grpc"` TLS *ClientTLS `yaml:"tls,omitempty" json:"tls,omitempty" doc:"TLS configuration for the endpoint"` Headers map[string]string `yaml:"headers,omitempty" json:"headers,omitempty" doc:"headers to add to messages (optional)"` }
type OutputField ¶
type OutputField struct { Name string `yaml:"name,omitempty" json:"name,omitempty" doc:"output field name"` Operation string `` /* 128-byte string literal not displayed */ SplitAB bool `` /* 136-byte string literal not displayed */ Input string `yaml:"input,omitempty" json:"input,omitempty" doc:"The input field to base the operation on. When omitted, 'name' is used"` ReportMissing bool `` /* 145-byte string literal not displayed */ }
type PromConnectionInfo ¶ added in v0.1.11
type PromConnectionInfo struct { Address string `yaml:"address,omitempty" json:"address,omitempty" doc:"endpoint address to expose"` Port int `yaml:"port,omitempty" json:"port,omitempty" doc:"endpoint port number to expose"` TLS *PromTLSConf `yaml:"tls,omitempty" json:"tls,omitempty" doc:"TLS configuration for the endpoint"` }
type PromEncode ¶
type PromEncode struct { *PromConnectionInfo `json:",inline,omitempty" doc:"Prometheus connection info (optional); includes:"` Metrics MetricsItems `yaml:"metrics,omitempty" json:"metrics,omitempty" doc:"list of prometheus metric definitions, each includes:"` Prefix string `yaml:"prefix,omitempty" json:"prefix,omitempty" doc:"prefix added to each metric name"` ExpiryTime Duration `` /* 131-byte string literal not displayed */ MaxMetrics int `yaml:"maxMetrics,omitempty" json:"maxMetrics,omitempty" doc:"maximum number of metrics to report (default: unlimited)"` }
type PromTLSConf ¶ added in v0.1.4
type SASLConfig ¶ added in v0.1.9
type SASLConfig struct { Type string ClientIDPath string `yaml:"clientIDPath,omitempty" json:"clientIDPath,omitempty" doc:"path to the client ID / SASL username"` ClientSecretPath string `yaml:"clientSecretPath,omitempty" json:"clientSecretPath,omitempty" doc:"path to the client secret / SASL password"` }
type SASLTypeEnum ¶ added in v0.1.9
type TimebasedFilterRule ¶ added in v0.1.4
type TimebasedFilterRule struct { Name string `yaml:"name,omitempty" json:"name,omitempty" doc:"description of filter result"` IndexKey string `yaml:"indexKey,omitempty" json:"indexKey,omitempty" doc:"internal field to index TopK. Deprecated, use indexKeys instead"` IndexKeys []string `yaml:"indexKeys,omitempty" json:"indexKeys,omitempty" doc:"internal fields to index TopK"` OperationType string `` /* 134-byte string literal not displayed */ OperationKey string `yaml:"operationKey,omitempty" json:"operationKey,omitempty" doc:"internal field on which to perform the operation"` TopK int `yaml:"topK,omitempty" json:"topK,omitempty" doc:"number of highest incidence to report (default - report all)"` Reversed bool `yaml:"reversed,omitempty" json:"reversed,omitempty" doc:"report lowest incidence instead of highest (default - false)"` TimeInterval Duration `yaml:"timeInterval,omitempty" json:"timeInterval,omitempty" doc:"time duration of data to use to compute the metric"` }
type TransformFilter ¶
type TransformFilter struct {
Rules []TransformFilterRule `yaml:"rules,omitempty" json:"rules,omitempty" doc:"list of filter rules, each includes:"`
}
type TransformFilterOperationEnum ¶
type TransformFilterOperationEnum struct { RemoveField string `yaml:"remove_field" json:"remove_field" doc:"removes the field from the entry"` RemoveEntryIfExists string `yaml:"remove_entry_if_exists" json:"remove_entry_if_exists" doc:"removes the entry if the field exists"` RemoveEntryIfDoesntExist string `yaml:"remove_entry_if_doesnt_exist" json:"remove_entry_if_doesnt_exist" doc:"removes the entry if the field does not exist"` RemoveEntryIfEqual string `yaml:"remove_entry_if_equal" json:"remove_entry_if_equal" doc:"removes the entry if the field value equals specified value"` RemoveEntryIfNotEqual string `` /* 139-byte string literal not displayed */ AddField string `` /* 133-byte string literal not displayed */ AddFieldIfDoesntExist string `yaml:"add_field_if_doesnt_exist" json:"add_field_if_doesnt_exist" doc:"adds a field to the entry if the field does not exist"` AddFieldIf string `` /* 134-byte string literal not displayed */ AddRegExIf string `yaml:"add_regex_if" json:"add_regex_if" doc:"add output field if input field satisfies regex pattern from parameters field"` AddLabel string `` /* 134-byte string literal not displayed */ AddLabelIf string `` /* 173-byte string literal not displayed */ }
type TransformFilterRule ¶
type TransformFilterRule struct { Input string `yaml:"input,omitempty" json:"input,omitempty" doc:"entry input field"` Output string `yaml:"output,omitempty" json:"output,omitempty" doc:"entry output field"` Type string `yaml:"type,omitempty" json:"type,omitempty" enum:"TransformFilterOperationEnum" doc:"one of the following:"` Value interface{} `yaml:"value,omitempty" json:"value,omitempty" doc:"specified value of input field:"` Parameters string `yaml:"parameters,omitempty" json:"parameters,omitempty" doc:"parameters specific to type"` Assignee string `yaml:"assignee,omitempty" json:"assignee,omitempty" doc:"value needs to assign to output field"` }
type TransformGeneric ¶
type TransformGeneric struct { Policy string `` /* 143-byte string literal not displayed */ Rules []GenericTransformRule `yaml:"rules,omitempty" json:"rules,omitempty" doc:"list of transform rules, each includes:"` }
type TransformGenericOperationEnum ¶
type TransformGenericOperationEnum struct { PreserveOriginalKeys string `yaml:"preserve_original_keys" json:"preserve_original_keys" doc:"adds new keys in addition to existing keys (default)"` ReplaceKeys string `yaml:"replace_keys" json:"replace_keys" doc:"removes all old keys and uses only the new keys"` }
type TransformNetwork ¶
type TransformNetwork struct { Rules NetworkTransformRules `yaml:"rules" json:"rules" doc:"list of transform rules, each includes:"` KubeConfigPath string `yaml:"kubeConfigPath,omitempty" json:"kubeConfigPath,omitempty" doc:"path to kubeconfig file (optional)"` ServicesFile string `yaml:"servicesFile,omitempty" json:"servicesFile,omitempty" doc:"path to services file (optional, default: /etc/services)"` ProtocolsFile string `` /* 126-byte string literal not displayed */ IPCategories []NetworkTransformIPCategory `yaml:"ipCategories,omitempty" json:"ipCategories,omitempty" doc:"configure IP categories"` DirectionInfo NetworkTransformDirectionInfo `` /* 160-byte string literal not displayed */ }
func (*TransformNetwork) GetServiceFiles ¶ added in v0.1.4
func (tn *TransformNetwork) GetServiceFiles() (string, string)
type TransformNetworkOperationEnum ¶
type TransformNetworkOperationEnum struct { AddSubnet string `yaml:"add_subnet" json:"add_subnet" doc:"add output subnet field from input field and prefix length from parameters field"` AddLocation string `yaml:"add_location" json:"add_location" doc:"add output location fields from input"` AddService string `yaml:"add_service" json:"add_service" doc:"add output network service field from input port and parameters protocol field"` AddKubernetes string `yaml:"add_kubernetes" json:"add_kubernetes" doc:"add output kubernetes fields from input"` AddKubernetesInfra string `yaml:"add_kubernetes_infra" json:"add_kubernetes_infra" doc:"add output kubernetes isInfra field from input"` ReinterpretDirection string `` /* 170-byte string literal not displayed */ AddIPCategory string `yaml:"add_ip_category" json:"add_ip_category" doc:"categorize IPs based on known subnets configuration"` }
type WriteIpfix ¶ added in v0.1.8
type WriteIpfix struct { TargetHost string `yaml:"targetHost,omitempty" json:"targetHost,omitempty" doc:"IPFIX Collector host target IP"` TargetPort int `yaml:"targetPort,omitempty" json:"targetPort,omitempty" doc:"IPFIX Collector host target port"` Transport string `yaml:"transport,omitempty" json:"transport,omitempty" doc:"Transport protocol (tcp/udp) to be used for the IPFIX connection"` EnterpriseID int `yaml:"enterpriseId,omitempty" json:"EnterpriseId,omitempty" doc:"Enterprise ID for exporting transformations"` }
func (*WriteIpfix) SetDefaults ¶ added in v0.1.8
func (w *WriteIpfix) SetDefaults()
func (*WriteIpfix) Validate ¶ added in v0.1.8
func (w *WriteIpfix) Validate() error
type WriteLoki ¶
type WriteLoki struct { URL string `yaml:"url,omitempty" json:"url,omitempty" doc:"the address of an existing Loki service to push the flows to"` TenantID string `yaml:"tenantID,omitempty" json:"tenantID,omitempty" doc:"identifies the tenant for the request"` BatchWait string `yaml:"batchWait,omitempty" json:"batchWait,omitempty" doc:"maximum amount of time to wait before sending a batch"` BatchSize int `` /* 126-byte string literal not displayed */ Timeout string `yaml:"timeout,omitempty" json:"timeout,omitempty" doc:"maximum time to wait for a server to respond to a request"` MinBackoff string `yaml:"minBackoff,omitempty" json:"minBackoff,omitempty" doc:"initial backoff time for client connection between retries"` MaxBackoff string `yaml:"maxBackoff,omitempty" json:"maxBackoff,omitempty" doc:"maximum backoff time for client connection between retries"` MaxRetries int `yaml:"maxRetries,omitempty" json:"maxRetries,omitempty" doc:"maximum number of retries for client connections"` Labels []string `yaml:"labels,omitempty" json:"labels,omitempty" doc:"map of record fields to be used as labels"` StaticLabels model.LabelSet `yaml:"staticLabels,omitempty" json:"staticLabels,omitempty" doc:"map of common labels to set on each flow"` IgnoreList []string `yaml:"ignoreList,omitempty" json:"ignoreList,omitempty" doc:"map of record fields to be removed from the record"` ClientConfig *promConfig.HTTPClientConfig `yaml:"clientConfig,omitempty" json:"clientConfig,omitempty" doc:"clientConfig"` TimestampLabel model.LabelName `yaml:"timestampLabel,omitempty" json:"timestampLabel,omitempty" doc:"label to use for time indexing"` // TimestampScale provides the scale in time of the units from the timestamp // E.g. UNIX timescale is '1s' (one second) while other clock sources might have // scales of '1ms' (one millisecond) or just '1' (one nanosecond) // Default value is '1s' TimestampScale string `yaml:"timestampScale,omitempty" json:"timestampScale,omitempty" doc:"timestamp units scale (e.g. for UNIX = 1s)"` }
func (*WriteLoki) SetDefaults ¶ added in v0.1.3
func (w *WriteLoki) SetDefaults()
type WriteStdout ¶
type WriteStdout struct {
Format string `` /* 198-byte string literal not displayed */
}
Source Files ¶
- api.go
- conntrack.go
- decoder.go
- encode_kafka.go
- encode_otlp.go
- encode_prom.go
- encode_s3.go
- enum.go
- extract_aggregate.go
- extract_timebased.go
- ingest_collector.go
- ingest_grpc.go
- ingest_kafka.go
- ingest_stdin.go
- ingest_synthetic.go
- sasl.go
- tls.go
- transform_filter.go
- transform_generic.go
- transform_network.go
- utils.go
- write_ipfix.go
- write_loki.go
- write_stdout.go