Documentation
¶
Index ¶
Constants ¶
View Source
const TypeOneLogin = "OneLogin.Events"
Variables ¶
This section is empty.
Functions ¶
Types ¶
type OneLogin ¶
type OneLogin struct {
UUID *string `json:"uuid" validate:"required,uuid" description:"The Universal Unique Identifier for this message generated by OneLogin."`
AccountID *int `json:"account_id" validate:"required" description:"Account that triggered the event."`
EventTimestamp *timestamp.OneLoginTimestamp `` /* 143-byte string literal not displayed */
ErrorDescription *string `json:"error_description,omitempty" description:"Provisioning error details, if applicable."`
LoginName *string `json:"login_name,omitempty" description:"The name of the login user"`
AppName *string `json:"app_name,omitempty" description:"Name of the app involved in the event, if applicable."`
AuthenticationFactorDescription *string `json:"authentication_factor_description,omitempty" description:"More details about the authentication factor used."`
CertificateName *string `json:"certificate_name,omitempty" description:"The name of the certificate that was included in the request."`
CertificateID *string `json:"certificate_id,omitempty" description:"The ID of the certificate that was included in the request."`
AssumedBySuperadminOrReseller *bool `` /* 134-byte string literal not displayed */
DirectoryName *string `json:"directory_name,omitempty" description:"The directory name."`
ActorUserID *int `json:"actor_user_id,omitempty" description:"ID of the user whose action triggered the event."`
UserName *string `json:"user_name,omitempty" description:"Name of the user that was acted upon to trigger the event."`
MappingID *int `json:"mapping_id,omitempty" description:"The ID of the mapping included in the operation."`
RadiusConfigID *int `json:"radius_config_id,omitempty" description:"The ID of the Radius configuration included in the operation."`
RiskScore *int `json:"risk_score,omitempty" description:"The higher thiss number, the higher the risk."`
OtpDeviceID *int `json:"otp_device_id,omitempty" description:"ID of a device involved in the event."`
ImportedUserID *int `json:"imported_user_id,omitempty" description:"The ID of the imported user."`
Resolution *int `json:"resolution,omitempty" description:"The resolution."`
DirectoryID *int `json:"directory_id,omitempty" description:"The directory ID."`
AuthenticationFactorID *int `json:"authentication_factor_id,omitempty" description:"The ID of the authentication factor used."`
RiskCookieID *string `json:"risk_cookie_id,omitempty" description:"The ID of the risk cookie."`
AppID *int `json:"app_id,omitempty" description:"ID of the app involved in the event, if applicable."`
CustomMessage *string `json:"custom_message,omitempty" description:"More details about the event."`
BrowserFingerprint *string `json:"browser_fingerprint,omitempty" description:"The fingerprint of the browser."`
OtpDeviceName *string `json:"otp_device_name,omitempty" description:"Name of a device involved in the event."`
ActorUserName *string `json:"actor_user_name,omitempty" description:"First and last name of the user whose action triggered the event."`
ActorSystem *string `json:"actor_system,omitempty" description:"Acting system that triggered the event when the actor is not a user."`
UserFieldName *string `json:"user_field_name,omitempty" description:"The name of the custom user field."`
UserFieldID *string `json:"user_field_id,omitempty" description:"The ID of the custom user field."`
AssumingActingUserID *int `` /* 146-byte string literal not displayed */
APICredentialName *string `json:"api_credential_name,omitempty" description:"The name of the API credential used."`
ImportedUserName *string `json:"imported_user_name,omitempty" description:"The name of the imported user."`
NoteTitle *string `json:"note_title,omitempty" description:"The title of the note."`
TrustedIdpName *string `json:"trusted_idp_name,omitempty" description:"The name of the trusted IDP."`
PolicyID *int `json:"policy_id,omitempty" description:"ID of the policy involved in the event."`
RoleName *string `json:"role_name,omitempty" description:"Name of a role involved in the event."`
ResolvedByUserID *int `json:"resolved_by_user_id,omitempty" description:"The ID of the user that resolved the issue."`
GroupID *int `json:"group_id,omitempty" description:"ID of a group involved in the event."`
ClientID *string `` /* 133-byte string literal not displayed */
IPAddr *string `json:"ipaddr,omitempty" description:"IP address of the machine used to trigger the event."`
Notes *string `json:"notes,omitempty" description:"More details about the event."`
EventTypeID *int `json:"event_type_id" validate:"required" description:"Type of event triggered."`
UserID *int `json:"user_id,omitempty" description:"ID of the user that was acted upon to trigger the event."`
RiskReasons *string `` /* 143-byte string literal not displayed */
ProxyAgentName *string `json:"proxy_agent_name,omitempty" description:"The name of the proxy agent."`
PolicyType *string `json:"policy_type,omitempty" description:"The type of the policy."`
RoleID *int `json:"role_id,omitempty" description:"ID of a role involved in the event."`
UserAgent *string `json:"user_agent,omitempty" description:"The user agent from which the request was invoke"`
PrivilegeName *string `json:"privilege_name,omitempty" description:"The name of the privilege."`
GroupName *string `json:"group_name,omitempty" description:"Name of a group involved in the event."`
Entity *string `json:"entity,omitempty" description:"The entity involved in this request."`
ResourceTypeID *int `` /* 127-byte string literal not displayed */
MappingName *string `json:"mapping_name,omitempty" description:"The name of the mapping."`
TaskName *string `json:"task_name,omitempty" description:"The name of the task."`
AuthenticationFactorType *int `json:"authentication_factor_type,omitempty" description:"The type of the authentication type."`
RadiusConfigName *string `json:"radius_config_name,omitempty" description:"The name of the Radius configuration used."`
PolicyName *string `json:"policy_name,omitempty" description:"Name of the policy involved in the event."`
PrivilegeID *int `json:"privilege_id,omitempty" description:"The id of the privilege."`
DirectorySyncRunID *int `json:"directory_sync_run_id,omitempty" description:"Directory sync run ID."`
OperationName *string `json:"operation_name,omitempty" description:"The name of the operation"`
// NOTE: added to end of struct to allow expansion later
parsers.PantherLog
}
nolint:lll
type OneLoginParser ¶
type OneLoginParser struct{}
OneLogin parser parses OneLogin logs
func (*OneLoginParser) LogType ¶
func (p *OneLoginParser) LogType() string
LogType returns the log type supported by this parser
func (*OneLoginParser) New ¶
func (p *OneLoginParser) New() parsers.LogParser
func (*OneLoginParser) Parse ¶
func (p *OneLoginParser) Parse(log string) ([]*parsers.PantherLog, error)
Parse returns the parsed events or nil if parsing failed
Source Files
Click to show internal directories.
Click to hide internal directories.