Documentation
¶
Index ¶
Constants ¶
View Source
const TypeAuditLogs = "Slack.AuditLogs"
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Actor ¶
type Actor struct {
Type string `json:"type" validate:"required,eq=user" description:"The type of actor (always user)"`
User User `json:"user" description:"Information about the user"`
}
nolint:lll
type App ¶
type App struct {
ID string `json:"id" validate:"required" description:"The id of the app"`
Name string `json:"name,omitempty" description:"The name of the app"`
Distributed bool `json:"is_distributed,omitempty" description:"Whether the app is distributed"`
DirectoryApproved bool `json:"is_directory_approved,omitempty" description:"Whether the app is in the approved apps directory"`
Scopes []string `json:"scopes,omitempty" description:"The OAuth2 scopes the app requires"`
}
nolint:lll
type AuditLog ¶
type AuditLog struct {
ID string `json:"id" validate:"required" description:"The event id"`
DateCreate timestamp.UnixFloat `json:"date_create" validate:"required" description:"Creation timestamp for the event"`
Action string `` /* 136-byte string literal not displayed */
Actor Actor `` /* 152-byte string literal not displayed */
Entity Entity `` /* 153-byte string literal not displayed */
Context Context `` /* 198-byte string literal not displayed */
Details *jsoniter.RawMessage `json:"details" description:"Additional details about the audit log event"`
parsers.PantherLog
}
nolint:lll
type AuditParser ¶
type AuditParser struct{}
func (AuditParser) LogType ¶
func (AuditParser) LogType() string
func (AuditParser) New ¶
func (AuditParser) New() parsers.LogParser
func (AuditParser) Parse ¶
func (AuditParser) Parse(log string) ([]*parsers.PantherLog, error)
type Channel ¶
type Channel struct {
ID string `json:"id" validate:"required" description:"The id of the channel"`
Name string `json:"name,omitempty" description:"The name of the channel"`
Privacy string `json:"privacy,omitempty" description:"The privacy mode of the channel"`
}
nolint:lll
type Context ¶
type Context struct {
UserAgent string `json:"ua,omitempty" description:"The user agent used for the action"`
IPAddress string `json:"ip_address,omitempty" description:"The ip address the action was performed from"`
Location Location `json:"location" description:"The location that the actor took the action on the entity."`
}
nolint:lll
type Enterprise ¶
type Enterprise struct {
ID string `json:"id" validate:"required" description:"The id of the enterprise"`
Name string `json:"name,omitempty" description:"The name of the enterprise"`
Domain string `json:"domain,omitempty" description:"The enterprise domain"`
}
nolint:lll
type Entity ¶
type Entity struct {
Type string `` /* 156-byte string literal not displayed */
User *User `json:"user,omitempty" description:"Information about the affected user"`
Channel *Channel `json:"channel,omitempty" description:"Information about the affected channel"`
File *File `json:"file,omitempty" description:"Information about the affected file"`
App *App `json:"app,omitempty" description:"Information about the affected app"`
Workspace *Workspace `json:"workspace,omitempty" description:"Information about the affected workspace"`
Enterprise *Enterprise `json:"enterprise,omitempty" description:"Information about the affected enterprise"`
Workflow *Workflow `json:"workflow,omitempty" description:"Information about the affected workflow"`
Message *Message `json:"message,omitempty" description:"Information about the affected message"`
}
nolint:lll
type File ¶
type File struct {
ID string `json:"id" validate:"required" description:"The id of the file"`
Name string `json:"name,omitempty" description:"The filename"`
Title string `json:"title,omitempty" description:"The file title"`
Filetype string `json:"filetype,omitempty" description:"The filetype"`
}
nolint:lll
type Location ¶
type Location struct {
Type string `json:"type" validate:"required" description:"The location type. It will always be either a Workspace or an Enterprise"`
ID string `json:"id" validate:"required" description:"The location id"`
Domain string `json:"domain,omitempty" description:"The location domain"`
Name string `json:"name,omitempty" description:"The location name"`
}
nolint:lll
type Message ¶
type Message struct {
Team string `json:"team,omitempty" description:"The team the message was posted in"`
Channel string `json:"channel,omitempty" description:"The channel the message was posted on"`
// TODO: Get samples to find the format
Timestamp string `json:"timestamp,omitempty" description:"The timestamp of the message"`
}
nolint:lll
type User ¶
type User struct {
ID string `json:"id" validate:"required" description:"The id of the user ('USLACKUSER' if no user performed the action)"`
Name string `json:"name,omitempty" description:"The user's display name"`
Email string `json:"email,omitempty" description:"The user's email"`
Team string `json:"team,omitempty" description:"The user's team"`
}
nolint:lll
Source Files
Click to show internal directories.
Click to hide internal directories.