gcplogs

package
v1.10.0-RC1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 9, 2020 License: AGPL-3.0 Imports: 7 Imported by: 0

Documentation

Overview

Package gcplogs has log parsers for Google Cloud Platform

Index

Constants

View Source
const (
	AuditLogActivityLogID = "cloudaudit.googleapis.com%2Factivity"
	AuditLogDataLogID     = "cloudaudit.googleapis.com%2Fdata_access"
	AuditLogSystemLogID   = "cloudaudit.googleapis.com%2Fsystem_event"
)
View Source
const (
	TypeAuditLog = "GCP.AuditLog"
)

Variables

This section is empty.

Functions

func NewAuditLogParser

func NewAuditLogParser() parsers.LogParser

Types

type AuditData

type AuditData struct {
	PermissionDelta PermissionDelta `json:"permissionDelta" validate:"required" description:" The permissionDelta when when creating or updating a Role."`
}

IAM Data audit log nolint:lll

type AuditLog

type AuditLog struct {
	PayloadType        *string             `json:"@type" validate:"required,eq=type.googleapis.com/google.cloud.audit.AuditLog" description:"The type of payload"`
	ServiceName        *string             `json:"serviceName,omitempty" description:"The name of the API service performing the operation"`
	MethodName         *string             `` /* 144-byte string literal not displayed */
	ResourceName       *string             `` /* 174-byte string literal not displayed */
	NumResponseItems   *numerics.Int64     `json:"numResponseItems,omitempty" description:"The number of items returned from a List or Query API method, if applicable."`
	Status             *Status             `json:"status,omitempty" description:" The status of the overall operation."`
	AuthenticationInfo *AuthenticationInfo `json:"authenticationInfo,omitempty" description:"Authentication information."`
	AuthorizationInfo  []AuthorizationInfo `` /* 241-byte string literal not displayed */
	RequestMetadata    *RequestMetadata    `json:"requestMetadata,omitempty" description:"Metadata about the request"`
	Request            jsoniter.RawMessage `` /* 320-byte string literal not displayed */
	Response           jsoniter.RawMessage `` /* 323-byte string literal not displayed */
	ServiceData        jsoniter.RawMessage `json:"serviceData,omitempty" description:"Other service-specific data about the request, response, and other activities."`
}

nolint:lll

type AuditLogParser

type AuditLogParser struct{}

func (*AuditLogParser) LogType

func (p *AuditLogParser) LogType() string

func (*AuditLogParser) New

func (p *AuditLogParser) New() parsers.LogParser

New creates a new log parser instance

func (*AuditLogParser) Parse

func (p *AuditLogParser) Parse(log string) ([]*parsers.PantherLog, error)

Parse implements parsers.LogParser interface

type AuthenticationInfo

type AuthenticationInfo struct {
	PrincipalEmail    *string `json:"principalEmail" validate:"required" description:"The email address of the authenticated user making the request."`
	AuthoritySelector *string `` /* 182-byte string literal not displayed */
}

nolint:lll

type AuthorizationInfo

type AuthorizationInfo struct {
	Resource   *string `json:"resource,omitempty"  description:"The resource being accessed, as a REST-style string."`
	Permission *string `json:"permission,omitempty"  description:"The required IAM permission"`
	Granted    *bool   `json:"granted,omitempty" description:" Whether or not authorization for resource and permission was granted."`
}

nolint:lll

type HTTPRequest

type HTTPRequest struct {
	RequestMethod  *string         `json:"requestMethod,omitempty" description:"The request HTTP method."`
	RequestURL     *string         `` /* 144-byte string literal not displayed */
	RequestSize    *numerics.Int64 `` /* 141-byte string literal not displayed */
	Status         *int16          `json:"status,omitempty" description:"The response HTTP status code"`
	ResponseSize   *numerics.Int64 `` /* 170-byte string literal not displayed */
	UserAgent      *string         `json:"userAgent,omitempty"  description:"The user agent sent by the client."`
	RemoteIP       *string         `json:"remoteIP,omitempty"  description:"The IP address (IPv4 or IPv6) of the client that issued the HTTP request."`
	ServerIP       *string         `json:"serverIP,omitempty"  description:"The IP address (IPv4 or IPv6) of the origin server that the request was sent to."`
	Referer        *string         `json:"referer,omitempty" description:"The referer URL of the request"`
	Latency        *string         `` /* 163-byte string literal not displayed */
	CacheLookup    *bool           `json:"cacheLookup,omitempty"  description:"Whether or not a cache lookup was attempted."`
	CacheHit       *bool           `json:"cacheHit,omitempty"  description:"Whether or not an entity was served from cache (with or without validation)."`
	CacheValidated *bool           `` /* 138-byte string literal not displayed */
	CacheFillBytes *numerics.Int64 `json:"cacheFillBytes,omitempty" description:"Whether or not an entity was served from cache (with or without validation)."`
	Protocol       *string         `json:"protocol,omitempty" description:"Protocol used for the request."`
}

nolint:lll

type Labels

type Labels map[string]string

type LogEntry

type LogEntry struct {
	LogName          *string                 `json:"logName" validate:"required" description:"The resource name of the log to which this log entry belongs."`
	Severity         *string                 `json:"severity,omitempty" description:"The severity of the log entry. The default value is LogSeverity.DEFAULT."`
	InsertID         *string                 `json:"insertId,omitempty" description:"A unique identifier for the log entry."`
	Resource         MonitoredResource       `json:"resource,omitempty" description:"The monitored resource that produced this log entry."`
	Timestamp        *timestamp.RFC3339      `json:"timestamp,omitempty" description:"The time the event described by the log entry occurred."`
	ReceiveTimestamp *timestamp.RFC3339      `json:"receiveTimestamp" validate:"required" description:"The time the log entry was received by Logging."`
	Labels           Labels                  `` /* 135-byte string literal not displayed */
	Operation        *LogEntryOperation      `json:"operation,omitempty" description:"Information about an operation associated with the log entry, if applicable."`
	Trace            *string                 `json:"trace,omitempty" description:"Resource name of the trace associated with the log entry, if any."`
	HTTPRequest      *HTTPRequest            `json:"httpRequest,omitempty" description:"Information about the HTTP request associated with this log entry, if applicable."`
	SpanID           *string                 `json:"spanId,omitempty" description:"The span ID within the trace associated with the log entry."`
	TraceSampled     *bool                   `json:"traceSampled,omitempty" description:"The sampling decision of the trace associated with the log entry."`
	SourceLocation   *LogEntrySourceLocation `json:"sourceLocation,omitempty" description:"Source code location information associated with the log entry, if any."`
}

nolint:lll

func (*LogEntry) LogID

func (entry *LogEntry) LogID() string

LogID extracts the log ID from a `LogName` field. GCP logs are aggregated and use log id to differentiate different log types. A log ID is URL encoded is always the trailing path segment of a LogName.

type LogEntryAuditLog

type LogEntryAuditLog struct {
	LogEntry
	Payload AuditLog `json:"protoPayload" validate:"required" description:"The AuditLog payload"`

	parsers.PantherLog
}

type LogEntryOperation

type LogEntryOperation struct {
	ID       *string `json:"id,omitempty" description:"Whether or not an entity was served from cache (with or without validation)."`
	Producer *string `` /* 133-byte string literal not displayed */
	First    *bool   `json:"first,omitempty" description:"This is the first entry in an operation"`
	Last     *bool   `json:"last,omitempty" description:"This is the last entry in an operation"`
}

nolint:lll

type LogEntrySourceLocation

type LogEntrySourceLocation struct {
	File     *string         `` /* 146-byte string literal not displayed */
	Line     *numerics.Int64 `json:"line" description:"Line within the source file. 1-based; 0 indicates no line number available."`
	Function *string         `` /* 157-byte string literal not displayed */
}

nolint:lll

type MonitoredResource

type MonitoredResource struct {
	Type   *string `json:"type" validate:"required" description:"Type of resource that produced this log entry"`
	Labels Labels  `json:"labels" validate:"required" description:"Labels describing the resource"`
}

nolint:lll

type PermissionDelta

type PermissionDelta struct {
	AddedPermissions   []string `json:"addedPermissions,omitempty" description:"Added permissions"`
	RemovedPermissions []string `json:"removedPermissions,omitempty" description:"Removed permissions"`
}

nolint:lll

type RequestMetadata

type RequestMetadata struct {
	CallerIP                *string             `json:"callerIP,omitempty"  description:"The IP address of the caller."`
	CallerSuppliedUserAgent *string             `` /* 158-byte string literal not displayed */
	CallerNetwork           *string             `` /* 184-byte string literal not displayed */
	RequestAttributes       jsoniter.RawMessage `` /* 205-byte string literal not displayed */
	DestinationAttributes   jsoniter.RawMessage `` /* 127-byte string literal not displayed */
}

nolint:lll Reference https://cloud.google.com/service-infrastructure/docs/service-control/reference/rest/v1/AuditLog#RequestMetadata

type Status

type Status struct {
	// https://cloud.google.com/vision/docs/reference/rpc/google.rpc#google.rpc.Code
	Code    *int32              `json:"code,omitempty" description:"The status code, which should be an enum value of google.rpc.Code."`
	Message *string             `json:"message,omitempty" description:"A developer-facing error message, which should be in English."`
	Details jsoniter.RawMessage `` /* 143-byte string literal not displayed */
}

nolint:lll

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL