Documentation
¶
Index ¶
- Variables
- func ToPathName(in string) string
- func ToProtocolKeyword(in any) string
- func ToTcpFlagNames(in string) []string
- func ToTime(in string) string
- type FlowLogFields
- type Query
- func (q Query) Accept() Query
- func (q Query) Address(addr string) Query
- func (q Query) DestinationAddress(addr string) Query
- func (q Query) DestinationPort(port int) Query
- func (q Query) Egress() Query
- func (q Query) GetLimit() int
- func (q Query) GetQuery() string
- func (q Query) GetSinceMinutes() int
- func (q Query) Ingress() Query
- func (q Query) InterfaceId(id string) Query
- func (q Query) NoNoData() Query
- func (q Query) NoSkipData() Query
- func (q Query) PktDestinationAddress(addr string) Query
- func (q Query) PktSourceAddress(addr string) Query
- func (q Query) Port(port int) Query
- func (q Query) Protocol(proto string) Query
- func (q Query) Reject() Query
- func (q Query) Sort() Query
- func (q Query) SourceAddress(addr string) Query
- func (q Query) SourcePort(port int) Query
Constants ¶
This section is empty.
Variables ¶
View Source
var Fields = []string{
"@timestamp", "interfaceId", "srcAddr", "dstAddr", "srcPort", "dstPort", "protocol", "packets", "bytes",
"action",
"tcpFlags", "pktSrcAddr", "pktDstAddr",
"flowDirection", "trafficPath",
"ecsServiceName",
}
Fields used when querying flow logs (unsurprisingly naming convention is different from the above fields)
View Source
var FlowLogFieldsV2V5 = FlowLogFields{
"interface-id", "srcaddr", "dstaddr", "srcport", "dstport", "protocol", "packets", "bytes", "start", "end",
"action", "log-status",
"vpc-id", "subnet-id", "instance-id", "tcp-flags", "type", "pkt-srcaddr", "pkt-dstaddr",
"pkt-src-aws-service", "pkt-dst-aws-service", "flow-direction", "traffic-path",
}
FlowLogFieldsV2V5 used when creating flow logs - https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html
View Source
var FlowLogFieldsV7 = FlowLogFields{
"ecs-cluster-arn", "ecs-cluster-name", "ecs-container-instance-arn", "ecs-container-instance-id", "ecs-container-id",
"ecs-second-container-id", "ecs-service-name", "ecs-task-definition-arn", "ecs-task-arn", "ecs-task-id",
}
FlowLogFieldsV7 V7 fields can only be created if there is at least one ECS cluster in VPC this is another crazy half-baked product by AWS, what if we want to create ECS cluster after?
Functions ¶
func ToPathName ¶
ToPathName takes traffic-path flow log field and return name representation. This applies only to egress traffic
func ToProtocolKeyword ¶
func ToTcpFlagNames ¶
Types ¶
type FlowLogFields ¶
type FlowLogFields []string
func (FlowLogFields) Format ¶ added in v0.0.3
func (f FlowLogFields) Format() string
type Query ¶
type Query struct {
// contains filtered or unexported fields
}
Query is request to query cloud watch flow logs
func (Query) DestinationAddress ¶
func (Query) DestinationPort ¶
func (Query) GetSinceMinutes ¶
func (Query) InterfaceId ¶
func (Query) NoSkipData ¶
func (Query) PktDestinationAddress ¶
func (Query) PktSourceAddress ¶
func (Query) SourceAddress ¶
func (Query) SourcePort ¶
Source Files
Click to show internal directories.
Click to hide internal directories.