Documentation
¶
Index ¶
- Constants
- func LogTypes() logtypes.Group
- func NewSystemLogParser() parsers.LogParser
- type Actor
- type AuthenticationContext
- type Client
- type DebugContext
- type GeoLocation
- type GeographicalContext
- type IPAddress
- type Issuer
- type LogEvent
- type Outcome
- type Request
- type SecurityContext
- type SystemLogParser
- type Target
- type Transaction
- type UserAgent
Constants ¶
View Source
const TypeSystemLog = "Okta.SystemLog"
Variables ¶
This section is empty.
Functions ¶
func NewSystemLogParser ¶
Types ¶
type Actor ¶
type Actor struct {
ID *string `json:"id" validate:"required" description:"ID of actor"`
Type *string `json:"type" validate:"required" description:"Type of actor"`
AlternateID *string `json:"alternateId,omitempty" description:"Alternative id of the actor"`
DisplayName *string `json:"displayName,omitempty" description:"Display name of the actor"`
Details jsoniter.RawMessage `json:"details,omitempty" description:"Details about the actor"`
}
type AuthenticationContext ¶
type AuthenticationContext struct {
// Possible values OKTA_AUTHENTICATION_PROVIDER, ACTIVE_DIRECTORY, LDAP, FEDERATION, SOCIAL, FACTOR_PROVIDER
AuthenticationProvider *string `` /* 137-byte string literal not displayed */
AuthenticationStep *int32 `` /* 146-byte string literal not displayed */
// Possible values OKTA_CREDENTIAL_PROVIDER, RSA, SYMANTEC, GOOGLE, DUO, YUBIKEY
CredentialProvider *string `` /* 277-byte string literal not displayed */
// Possible values OTP, SMS, PASSWORD, ASSERTION, IWA, EMAIL, OAUTH2, JWT, CERTIFICATE, PRE_SHARED_SYMMETRIC_KEY, OKTA_CLIENT_SESSION, DEVICE_UDID
CredentialType *string `json:"credentialType,omitempty" description:"The underlying technology/scheme used in the credential"`
Issuer *Issuer `json:"issuer,omitempty" description:"The specific software entity that created and issued the credential."`
ExternalSessionID *string `json:"externalSessionId,omitempty" description:"A proxy for the actor's session ID"`
Interface *string `json:"interface,omitempty" description:"The third party user interface that the actor authenticates through, if any."`
}
nolint:lll
type Client ¶
type Client struct {
ID *string `` /* 180-byte string literal not displayed */
UserAgent *UserAgent `json:"userAgent,omitempty" description:"The user agent used by an actor to perform an action"`
GeographicalContext *GeographicalContext `json:"geographicalContext,omitempty" description:"The physical location where the client made its request from"`
Zone *string `json:"zone,omitempty" description:"The name of the Zone that the client's location is mapped to"`
IPAddress *string `json:"ipAddress,omitempty" description:"Ip address that the client made its request from"`
Device *string `json:"device,omitempty" description:"Type of device that the client operated from (e.g. Computer)"`
}
nolint:lll
type DebugContext ¶
type DebugContext struct {
DebugData jsoniter.RawMessage `json:"debugData,omitempty" description:"Dynamic field containing miscellaneous information dependent on the event type."`
}
nolint:lll
type GeoLocation ¶
type GeographicalContext ¶
type GeographicalContext struct {
GeoLocation *GeoLocation `json:"geolocation,omitempty" description:"Contains the geolocation coordinates (latitude, longitude)"`
City *string `` /* 149-byte string literal not displayed */
State *string `` /* 153-byte string literal not displayed */
Country *string `` /* 146-byte string literal not displayed */
PostalCode *string `` /* 149-byte string literal not displayed */
}
nolint:lll
type IPAddress ¶
type IPAddress struct {
IP *string `json:"ip,omitempty" description:"IP address"`
GeographicalContext *GeographicalContext `json:"geographicalContext,omitempty" description:"Geographical context of the IP address"`
Version *string `json:"version,omitempty" description:"IP version"`
Source *string `json:"source,omitempty" description:"Details regarding the source"`
}
type Issuer ¶
type Issuer struct {
ID *string `` /* 201-byte string literal not displayed */
Type *string `json:"type,omitempty" description:"Information regarding issuer and source of the SAML assertion or token."`
}
nolint:lll
type LogEvent ¶
type LogEvent struct {
UUID *string `json:"uuid" validate:"required" description:"Unique identifier for an individual event"`
Published *timestamp.RFC3339 `json:"published" validate:"required" description:"Timestamp when event was published"`
EventType *string `json:"eventType" validate:"required" description:"Type of event that was published"`
Version *string `json:"version" validate:"required" description:"Versioning indicator"`
Severity *string `json:"severity" validate:"required" description:"Indicates how severe the event is: DEBUG, INFO, WARN, ERROR"`
LegacyEventType *string `json:"legacyEventType,omitempty" description:"Associated Events API Action objectType attribute value"`
DisplayMessage *string `json:"displayMessage,omitempty" description:"The display message for an event"`
Actor *Actor `json:"actor,omitempty" description:"Describes the entity that performed an action"`
Client *Client `json:"client,omitempty" description:"The client that requested an action"`
Request *Request `json:"request,omitempty" description:"The request that initiated an action"`
Outcome *Outcome `json:"outcome,omitempty" description:"The outcome of an action"`
Target []Target `json:"target,omitempty" description:"Zero or more targets of an action"`
Transaction *Transaction `json:"transaction,omitempty" description:"The transaction details of an action"`
DebugContext *DebugContext `json:"debugContext,omitempty" description:"The debug request data of an action"`
AuthenticationContext *AuthenticationContext `json:"authenticationContext,omitempty" description:"The authentication data of an action"`
SecurityContext *SecurityContext `json:"securityContext,omitempty" description:"The security data of an action"`
parsers.PantherLog
}
nolint:lll
type Request ¶
type Request struct {
IPChain []IPAddress `` /* 191-byte string literal not displayed */
}
nolint:lll
type SecurityContext ¶
type SecurityContext struct {
AutonomousSystemNumber *int64 `` /* 140-byte string literal not displayed */
AutonomousSystemOrganization *string `json:"asOrg,omitempty" description:"Organization associated with the autonomous system that the event request was sourced to"`
ISP *string `json:"isp,omitempty" description:"Internet service provider used to sent the event's request"`
Domain *string `json:"domain,omitempty" description:"The domain name associated with the IP address of the inbound event request"`
IsProxy *bool `json:"isProxy,omitempty" description:"Specifies whether an event's request is from a known proxy"`
}
nolint:lll
type SystemLogParser ¶
type SystemLogParser struct{}
func (*SystemLogParser) LogType ¶
func (*SystemLogParser) LogType() string
func (*SystemLogParser) New ¶
func (*SystemLogParser) New() parsers.LogParser
func (*SystemLogParser) Parse ¶
func (*SystemLogParser) Parse(log string) ([]*parsers.PantherLog, error)
type Target ¶
type Target struct {
ID *string `json:"id" validate:"required" description:"ID of target"`
Type *string `json:"type" validate:"required" description:"Type of target"`
AlternateID *string `json:"alternateId,omitempty" description:"Alternative id of the target"`
DisplayName *string `json:"displayName,omitempty" description:"Display name of the target"`
Details jsoniter.RawMessage `json:"details,omitempty" description:"Details about the target"`
}
type Transaction ¶
type Transaction struct {
ID *string `json:"id,omitempty" description:"Unique identifier for this transaction."`
Type *string `` /* 135-byte string literal not displayed */
Detail jsoniter.RawMessage `json:"detail,omitempty" description:"Details for this transaction."`
}
nolint:lll
Source Files
Click to show internal directories.
Click to hide internal directories.