Documentation ¶
Index ¶
Constants ¶
View Source
const TypeOneLogin = "OneLogin.Events"
Variables ¶
This section is empty.
Functions ¶
Types ¶
type OneLogin ¶
type OneLogin struct { UUID *string `json:"uuid" validate:"required,uuid" description:"The Universal Unique Identifier for this message generated by OneLogin."` AccountID *int `json:"account_id" validate:"required" description:"Account that triggered the event."` EventTimestamp *timestamp.OneLoginTimestamp `` /* 143-byte string literal not displayed */ ErrorDescription *string `json:"error_description,omitempty" description:"Provisioning error details, if applicable."` LoginName *string `json:"login_name,omitempty" description:"The name of the login user"` AppName *string `json:"app_name,omitempty" description:"Name of the app involved in the event, if applicable."` AuthenticationFactorDescription *string `json:"authentication_factor_description,omitempty" description:"More details about the authentication factor used."` CertificateName *string `json:"certificate_name,omitempty" description:"The name of the certificate that was included in the request."` CertificateID *string `json:"certificate_id,omitempty" description:"The ID of the certificate that was included in the request."` AssumedBySuperadminOrReseller *bool `` /* 134-byte string literal not displayed */ DirectoryName *string `json:"directory_name,omitempty" description:"The directory name."` ActorUserID *int `json:"actor_user_id,omitempty" description:"ID of the user whose action triggered the event."` UserName *string `json:"user_name,omitempty" description:"Name of the user that was acted upon to trigger the event."` MappingID *int `json:"mapping_id,omitempty" description:"The ID of the mapping included in the operation."` RadiusConfigID *int `json:"radius_config_id,omitempty" description:"The ID of the Radius configuration included in the operation."` RiskScore *int `json:"risk_score,omitempty" description:"The higher thiss number, the higher the risk."` OtpDeviceID *int `json:"otp_device_id,omitempty" description:"ID of a device involved in the event."` ImportedUserID *int `json:"imported_user_id,omitempty" description:"The ID of the imported user."` Resolution *int `json:"resolution,omitempty" description:"The resolution."` DirectoryID *int `json:"directory_id,omitempty" description:"The directory ID."` AuthenticationFactorID *int `json:"authentication_factor_id,omitempty" description:"The ID of the authentication factor used."` RiskCookieID *string `json:"risk_cookie_id,omitempty" description:"The ID of the risk cookie."` AppID *int `json:"app_id,omitempty" description:"ID of the app involved in the event, if applicable."` CustomMessage *string `json:"custom_message,omitempty" description:"More details about the event."` BrowserFingerprint *string `json:"browser_fingerprint,omitempty" description:"The fingerprint of the browser."` OtpDeviceName *string `json:"otp_device_name,omitempty" description:"Name of a device involved in the event."` ActorUserName *string `json:"actor_user_name,omitempty" description:"First and last name of the user whose action triggered the event."` ActorSystem *string `json:"actor_system,omitempty" description:"Acting system that triggered the event when the actor is not a user."` UserFieldName *string `json:"user_field_name,omitempty" description:"The name of the custom user field."` UserFieldID *string `json:"user_field_id,omitempty" description:"The ID of the custom user field."` AssumingActingUserID *int `` /* 146-byte string literal not displayed */ APICredentialName *string `json:"api_credential_name,omitempty" description:"The name of the API credential used."` ImportedUserName *string `json:"imported_user_name,omitempty" description:"The name of the imported user."` NoteTitle *string `json:"note_title,omitempty" description:"The title of the note."` TrustedIdpName *string `json:"trusted_idp_name,omitempty" description:"The name of the trusted IDP."` PolicyID *int `json:"policy_id,omitempty" description:"ID of the policy involved in the event."` RoleName *string `json:"role_name,omitempty" description:"Name of a role involved in the event."` ResolvedByUserID *int `json:"resolved_by_user_id,omitempty" description:"The ID of the user that resolved the issue."` GroupID *int `json:"group_id,omitempty" description:"ID of a group involved in the event."` ClientID *string `` /* 133-byte string literal not displayed */ IPAddr *string `json:"ipaddr,omitempty" description:"IP address of the machine used to trigger the event."` Notes *string `json:"notes,omitempty" description:"More details about the event."` EventTypeID *int `json:"event_type_id" validate:"required" description:"Type of event triggered."` UserID *int `json:"user_id,omitempty" description:"ID of the user that was acted upon to trigger the event."` RiskReasons *string `` /* 143-byte string literal not displayed */ ProxyAgentName *string `json:"proxy_agent_name,omitempty" description:"The name of the proxy agent."` PolicyType *string `json:"policy_type,omitempty" description:"The type of the policy."` RoleID *int `json:"role_id,omitempty" description:"ID of a role involved in the event."` UserAgent *string `json:"user_agent,omitempty" description:"The user agent from which the request was invoke"` PrivilegeName *string `json:"privilege_name,omitempty" description:"The name of the privilege."` GroupName *string `json:"group_name,omitempty" description:"Name of a group involved in the event."` Entity *string `json:"entity,omitempty" description:"The entity involved in this request."` ResourceTypeID *int `` /* 127-byte string literal not displayed */ MappingName *string `json:"mapping_name,omitempty" description:"The name of the mapping."` TaskName *string `json:"task_name,omitempty" description:"The name of the task."` AuthenticationFactorType *int `json:"authentication_factor_type,omitempty" description:"The type of the authentication type."` RadiusConfigName *string `json:"radius_config_name,omitempty" description:"The name of the Radius configuration used."` PolicyName *string `json:"policy_name,omitempty" description:"Name of the policy involved in the event."` PrivilegeID *int `json:"privilege_id,omitempty" description:"The id of the privilege."` DirectorySyncRunID *int `json:"directory_sync_run_id,omitempty" description:"Directory sync run ID."` OperationName *string `json:"operation_name,omitempty" description:"The name of the operation"` // NOTE: added to end of struct to allow expansion later parsers.PantherLog }
nolint:lll
type OneLoginParser ¶
type OneLoginParser struct{}
OneLogin parser parses OneLogin logs
func (*OneLoginParser) LogType ¶
func (p *OneLoginParser) LogType() string
LogType returns the log type supported by this parser
func (*OneLoginParser) New ¶
func (p *OneLoginParser) New() parsers.LogParser
func (*OneLoginParser) Parse ¶
func (p *OneLoginParser) Parse(log string) ([]*parsers.PantherLog, error)
Parse returns the parsed events or nil if parsing failed
Click to show internal directories.
Click to hide internal directories.