common

package
v5.5.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 18, 2017 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	EventMetadataKey = "_event_metadata"
	FieldsKey        = "fields"
	TagsKey          = "tags"
)

Event metadata constants. These keys are used within libbeat to identify metadata stored in an event.

View Source 
const (
	OK_STATUS           = "OK"
	ERROR_STATUS        = "Error"
	SERVER_ERROR_STATUS = "Server Error"
	CLIENT_ERROR_STATUS = "Client Error"
)

standardized status values

View Source 
const MaxIPPortTupleRawSize = 16 + 16 + 2 + 2
View Source 
const MaxTCPTupleRawSize = 16 + 16 + 2 + 2 + 4
View Source 
const TsLayout = "2006-01-02T15:04:05.000Z"

TsLayout is the layout to be used in the timestamp marshaling/unmarshaling everywhere. The timezone must always be UTC.

Variables

View Source 
var (
	// ErrKeyNotFound indicates that the specified key was not found.
	ErrKeyNotFound = errors.New("key not found")
)

Functions

func AddTags 

func AddTags(ms MapStr, tags []string) error

AddTags appends a tag to the tags field of ms. If the tags field does not exist then it will be created. If the tags field exists and is not a []string then an error will be returned. It does not deduplicate the list of tags.

func BytesHtohl 

func BytesHtohl(b []byte) uint32

func BytesNtohl 

func BytesNtohl(b []byte) uint32

func BytesNtohll 

func BytesNtohll(b []byte) uint64

func BytesNtohs 

func BytesNtohs(b []byte) uint16

func DumpInCSVFormat 

func DumpInCSVFormat(fields []string, rows [][]string) string

DumpInCSVFormat takes a set of fields and rows and returns a string representing the CSV representation for the fields and rows.

func IPv4Ntoa 

func IPv4Ntoa(ip uint32) string

Ipv4_Ntoa transforms an IP4 address in it's dotted notation

func IsLoopback 

func IsLoopback(ipStr string) (bool, error)

IsLoopback check if a particular IP notation corresponds to a loopback interface.

func IsStrictPerms 

func IsStrictPerms() bool

IsStrictPerms returns true if strict permission checking on config files is enabled.

func LoadGeoIPData 

func LoadGeoIPData(config Geoip) *libgeo.GeoIP

func LocalIPAddrs 

func LocalIPAddrs() ([]net.IP, error)

LocalIPAddrs finds the IP addresses of the hosts on which the shipper currently runs on.

func LocalIPAddrsAsStrings 

func LocalIPAddrsAsStrings(includeLoopbacks bool) ([]string, error)

LocalIPAddrsAsStrings finds the IP addresses of the hosts on which the shipper currently runs on and returns them as an array of strings.

func MergeFields 

func MergeFields(ms, fields MapStr, underRoot bool) error

MergeFields merges the top-level keys and values in each source map (it does not perform a deep merge). If the same key exists in both, the value in fields takes precedence. If underRoot is true then the contents of the fields MapStr is merged with the value of the 'fields' key in ms.

An error is returned if underRoot is true and the value of ms.fields is not a MapStr.

func NewFlagOverwrite 

func NewFlagOverwrite(
	set *flag.FlagSet,
	config *Config,
	name, path, def, usage string,
) *string

func ReadString 

func ReadString(s []byte) (string, error)

ReadString extracts the first null terminated string from a slice of bytes.

Types

type Backoff 

type Backoff struct {
	// contains filtered or unexported fields
}

A Backoff waits on errors with exponential backoff (limited by maximum backoff). Resetting Backoff will reset the next sleep timer to the initial backoff duration.

func NewBackoff 

func NewBackoff(done <-chan struct{}, init, max time.Duration) *Backoff

func (*Backoff) Reset 

func (b *Backoff) Reset()

func (*Backoff) TryWaitOnError 

func (b *Backoff) TryWaitOnError(failTS time.Time, err error) bool

func (*Backoff) Wait 

func (b *Backoff) Wait() bool

func (*Backoff) WaitOnError 

func (b *Backoff) WaitOnError(err error) bool

type Cache 

type Cache struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

Cache is a semi-persistent mapping of keys to values. Elements added to the cache are store until they are explicitly deleted or are expired due time- based eviction based on last access time.

Expired elements are not visible through classes methods, but they do remain stored in the cache until CleanUp() is invoked. Therefore CleanUp() must be invoked periodically to prevent the cache from becoming a memory leak. If you want to start a goroutine to perform periodic clean-up then see StartJanitor().

Cache does not support storing nil values. Any attempt to put nil into the cache will cause a panic.

func NewCache 

func NewCache(d time.Duration, initialSize int) *Cache

NewCache creates and returns a new Cache. d is the length of time after last access that cache elements expire. initialSize is the initial allocation size used for the Cache's underlying map.

func NewCacheWithRemovalListener 

func NewCacheWithRemovalListener(d time.Duration, initialSize int, l RemovalListener) *Cache

NewCacheWithRemovalListener creates and returns a new Cache and register a RemovalListener callback function. d is the length of time after last access that cache elements expire. initialSize is the initial allocation size used for the Cache's underlying map. l is the callback function that will be invoked when cache elements are removed from the map on CleanUp.

func (*Cache) CleanUp 

func (c *Cache) CleanUp() int

CleanUp performs maintenance on the cache by removing expired elements from the cache. If a RemoveListener is registered it will be invoked for each element that is removed during this clean up operation. The RemovalListener is invoked on the caller's goroutine.

func (*Cache) Delete 

func (c *Cache) Delete(k Key) Value

Delete a key from the map and return the value or nil if the key does not exist. The RemovalListener is not notified for explicit deletions.

func (*Cache) Entries 

func (c *Cache) Entries() map[Key]Value

Entries returns a shallow copy of the non-expired elements in the cache.

func (*Cache) Get 

func (c *Cache) Get(k Key) Value

Get the current value associated with a key or nil if the key is not present. The last access time of the element is updated.

func (*Cache) Put 

func (c *Cache) Put(k Key, v Value) Value

Put writes the given key and value to the map replacing any existing value if it exists. The previous value associated with the key returned or nil if the key was not present.

func (*Cache) PutIfAbsent 

func (c *Cache) PutIfAbsent(k Key, v Value) Value

PutIfAbsent writes the given key and value to the cache only if the key is absent from the cache. Nil is returned if the key-value pair were written, otherwise the old value is returned.

func (*Cache) PutIfAbsentWithTimeout 

func (c *Cache) PutIfAbsentWithTimeout(k Key, v Value, timeout time.Duration) Value

PutIfAbsentWithTimeout writes the given key and value to the cache only if the key is absent from the cache. Nil is returned if the key-value pair were written, otherwise the old value is returned. The cache expiration time will be overwritten by timeout of the key being inserted.

func (*Cache) PutWithTimeout 

func (c *Cache) PutWithTimeout(k Key, v Value, timeout time.Duration) Value

PutWithTimeout writes the given key and value to the map replacing any existing value if it exists. The previous value associated with the key returned or nil if the key was not present. The cache expiration time will be overwritten by timeout of the key being inserted.

func (*Cache) Replace 

func (c *Cache) Replace(k Key, v Value) Value

Replace overwrites the value for a key only if the key exists. The old value is returned if the value is updated, otherwise nil is returned.

func (*Cache) ReplaceWithTimeout 

func (c *Cache) ReplaceWithTimeout(k Key, v Value, timeout time.Duration) Value

ReplaceWithTimeout overwrites the value for a key only if the key exists. The old value is returned if the value is updated, otherwise nil is returned. The cache expiration time will be overwritten by timeout of the key being inserted.

func (*Cache) Size 

func (c *Cache) Size() int

Size returns the number of elements in the cache. The number includes both active elements and expired elements that have not been cleaned up.

func (*Cache) StartJanitor 

func (c *Cache) StartJanitor(interval time.Duration)

StartJanitor starts a goroutine that will periodically invoke the cache's CleanUp() method.

func (*Cache) StopJanitor 

func (c *Cache) StopJanitor()

StopJanitor stops the goroutine created by StartJanitor.

type CmdlineTuple 

type CmdlineTuple struct {
	Src, Dst []byte
}

Source and destination process names, as found by the proc module.

type Config 

type Config ucfg.Config

Config object to store hierarchical configurations into. See https://godoc.org/github.com/elastic/go-ucfg#Config

func LoadFile 

func LoadFile(path string) (*Config, error)

func LoadFiles 

func LoadFiles(paths ...string) (*Config, error)

func MergeConfigs 

func MergeConfigs(cfgs ...*Config) (*Config, error)

func NewConfig 

func NewConfig() *Config

func NewConfigFrom 

func NewConfigFrom(from interface{}) (*Config, error)

func NewConfigWithYAML 

func NewConfigWithYAML(in []byte, source string) (*Config, error)

func NewFlagConfig 

func NewFlagConfig(
	set *flag.FlagSet,
	def *Config,
	name string,
	usage string,
) *Config

func (*Config) Bool 

func (c *Config) Bool(name string, idx int) (bool, error)

func (*Config) Child 

func (c *Config) Child(name string, idx int) (*Config, error)

func (*Config) CountField 

func (c *Config) CountField(name string) (int, error)

func (*Config) Enabled 

func (c *Config) Enabled() bool

func (*Config) Float 

func (c *Config) Float(name string, idx int) (float64, error)

func (*Config) GetFields 

func (c *Config) GetFields() []string

func (*Config) HasField 

func (c *Config) HasField(name string) bool

func (*Config) Int 

func (c *Config) Int(name string, idx int) (int64, error)

func (*Config) IsArray 

func (c *Config) IsArray() bool

func (*Config) IsDict 

func (c *Config) IsDict() bool

func (*Config) Merge 

func (c *Config) Merge(from interface{}) error

func (*Config) Path 

func (c *Config) Path() string

func (*Config) PathOf 

func (c *Config) PathOf(field string) string

func (*Config) PrintDebugf 

func (c *Config) PrintDebugf(msg string, params ...interface{})

func (*Config) SetBool 

func (c *Config) SetBool(name string, idx int, value bool) error

func (*Config) SetChild 

func (c *Config) SetChild(name string, idx int, value *Config) error

func (*Config) SetFloat 

func (c *Config) SetFloat(name string, idx int, value float64) error

func (*Config) SetInt 

func (c *Config) SetInt(name string, idx int, value int64) error

func (*Config) SetString 

func (c *Config) SetString(name string, idx int, value string) error

func (*Config) String 

func (c *Config) String(name string, idx int) (string, error)

func (*Config) Unpack 

func (c *Config) Unpack(to interface{}) error

type ConfigNamespace 

type ConfigNamespace struct {
	C map[string]*Config `config:",inline"`
}

ConfigNamespace storing at most one configuration section by name and sub-section.

func (*ConfigNamespace) Config 

func (ns *ConfigNamespace) Config() *Config

Config return the sub-configuration section if a section has been set.

func (*ConfigNamespace) IsSet 

func (ns *ConfigNamespace) IsSet() bool

IsSet returns true if a sub-configuration section has been set.

func (*ConfigNamespace) Name 

func (ns *ConfigNamespace) Name() string

Name returns the configuration sections it's name if a section has been set.

func (*ConfigNamespace) Validate 

func (ns *ConfigNamespace) Validate() error

Validate checks at most one sub-namespace being set.

type Endpoint 

type Endpoint struct {
	IP      string
	Port    uint16
	Name    string
	Cmdline string
	Proc    string
}

Endpoint represents an endpoint in the communication.

type EventMetadata 

type EventMetadata struct {
	Fields          MapStr
	FieldsUnderRoot bool `config:"fields_under_root"`
	Tags            []string
}

EventMetadata contains fields and tags that can be added to an event via configuration.

type Float 

type Float float64

func (Float) MarshalJSON 

func (f Float) MarshalJSON() ([]byte, error)

Defines the marshal of the Float type

type Geoip 

type Geoip struct {
	Paths *[]string
}

Geoip represents a string slice of GeoIP paths

type HashableIPPortTuple 

type HashableIPPortTuple [MaxIPPortTupleRawSize]byte

type HashableTCPTuple 

type HashableTCPTuple [MaxTCPTupleRawSize]byte

type IPPortTuple 

type IPPortTuple struct {
	IPLength         int
	SrcIP, DstIP     net.IP
	SrcPort, DstPort uint16
	// contains filtered or unexported fields
}

func NewIPPortTuple 

func NewIPPortTuple(ipLength int, srcIP net.IP, srcPort uint16,
	dstIP net.IP, dstPort uint16) IPPortTuple

func (*IPPortTuple) ComputeHashebles 

func (t *IPPortTuple) ComputeHashebles()

func (*IPPortTuple) Hashable 

func (t *IPPortTuple) Hashable() HashableIPPortTuple

Hashable returns a hashable value that uniquely identifies the IP-port tuple.

func (*IPPortTuple) RevHashable 

func (t *IPPortTuple) RevHashable() HashableIPPortTuple

Hashable returns a hashable value that uniquely identifies the IP-port tuple after swapping the source and destination.

func (*IPPortTuple) String 

func (t *IPPortTuple) String() string

type Key 

type Key interface{}

Key type used in the cache.

type MapStr 

type MapStr map[string]interface{}

MapStr is a map[string]interface{} wrapper with utility methods for common map operations like converting to JSON.

func ConvertToGenericEvent 

func ConvertToGenericEvent(m MapStr) MapStr

ConvertToGenericEvent normalizes the types contained in the given MapStr.

Nil values in maps are dropped during the conversion. Any unsupported types that are found in the MapStr are dropped and warnings are logged.

func MapStrUnion 

func MapStrUnion(dict1 MapStr, dict2 MapStr) MapStr

MapStrUnion creates a new MapStr containing the union of the key-value pairs of the two maps. If the same key is present in both, the key-value pairs from dict2 overwrite the ones from dict1.

func (MapStr) Clone 

func (m MapStr) Clone() MapStr

Clone returns a copy of the MapStr. It recursively makes copies of inner maps.

func (MapStr) CopyFieldsTo 

func (m MapStr) CopyFieldsTo(to MapStr, key string) error

CopyFieldsTo copies the field specified by key to the given map. It will overwrite the key if it exists. An error is returned if the key does not exist in the source map.

func (MapStr) Delete 

func (m MapStr) Delete(key string) error

Delete deletes the given key from the map.

func (MapStr) GetValue 

func (m MapStr) GetValue(key string) (interface{}, error)

GetValue gets a value from the map. If the key does not exist then an error is returned.

func (MapStr) HasKey 

func (m MapStr) HasKey(key string) (bool, error)

HasKey returns true if the key exist. If an error occurs then false is returned with a non-nil error.

func (MapStr) Put 

func (m MapStr) Put(key string, value interface{}) (interface{}, error)

Put associates the specified value with the specified key. If the map previously contained a mapping for the key, the old value is replaced and returned. The key can be expressed in dot-notation (e.g. x.y) to put a value into a nested map.

If you need insert keys containing dots then you must use bracket notation to insert values (e.g. m[key] = value).

func (MapStr) String 

func (m MapStr) String() string

String returns the MapStr as JSON.

func (MapStr) StringToPrint 

func (m MapStr) StringToPrint() string

StringToPrint returns the MapStr as pretty JSON.

func (MapStr) Update 

func (m MapStr) Update(d MapStr)

Update copies all the key-value pairs from d to this map. If the key already exists then it is overwritten. This method does not merge nested maps.

type NetString 

type NetString []byte

NetString store the byte length of the data that follows, making it easier to unambiguously pass text and byte data between programs that could be sensitive to values that could be interpreted as delimiters or terminators (such as a null character).

func (NetString) MarshalText 

func (n NetString) MarshalText() ([]byte, error)

MarshalText exists to implement encoding.TextMarshaller interface to treat []byte as raw string by other encoders/serializers (e.g. JSON)

type RemovalListener 

type RemovalListener func(k Key, v Value)

RemovalListener is the callback function type that can be registered with the cache to receive notification of the removal of expired elements.

type StringSet 

type StringSet map[string]struct{}

func MakeStringSet 

func MakeStringSet(strings ...string) StringSet

func (StringSet) Add 

func (set StringSet) Add(s string)

func (StringSet) Count 

func (set StringSet) Count() int

func (StringSet) Del 

func (set StringSet) Del(s string)

func (StringSet) Has 

func (set StringSet) Has(s string) (exists bool)

type TCPTuple 

type TCPTuple struct {
	IPLength         int
	SrcIP, DstIP     net.IP
	SrcPort, DstPort uint16
	StreamID         uint32
	// contains filtered or unexported fields
}

func TCPTupleFromIPPort 

func TCPTupleFromIPPort(t *IPPortTuple, streamID uint32) TCPTuple

func (*TCPTuple) ComputeHashebles 

func (t *TCPTuple) ComputeHashebles()

func (*TCPTuple) Hashable 

func (t *TCPTuple) Hashable() HashableTCPTuple

Hashable() returns a hashable value that uniquely identifies the TCP tuple.

func (TCPTuple) IPPort 

func (t TCPTuple) IPPort() *IPPortTuple

Returns a pointer to the equivalent IpPortTuple.

func (TCPTuple) String 

func (t TCPTuple) String() string

type Time 

type Time time.Time

Time is an abstraction for the time.Time type

func MustParseTime 

func MustParseTime(timespec string) Time

MustParseTime is a convenience equivalent of the ParseTime function that panics in case of errors.

func ParseTime 

func ParseTime(timespec string) (Time, error)

ParseTime parses a time in the TsLayout format.

func (Time) Hash32 

func (t Time) Hash32(h hash.Hash32) error

func (Time) MarshalJSON 

func (t Time) MarshalJSON() ([]byte, error)

MarshalJSON implements json.Marshaler interface. The time is a quoted string in the JsTsLayout format.

func (Time) String 

func (t Time) String() string

func (*Time) UnmarshalJSON 

func (t *Time) UnmarshalJSON(data []byte) (err error)

UnmarshalJSON implements js.Unmarshaler interface. The time is expected to be a quoted string in TsLayout format.

type Value 

type Value interface{}

Value type held in the cache. Cannot be nil.

Source Files

View all Source files

Directories

Path Synopsis
Package dtfmt provides time formatter support with pattern syntax mostly similar to joda DateTimeFormat.
 Package dtfmt provides time formatter support with pattern syntax mostly similar to joda DateTimeFormat.
Package streambuf provides helpers for buffering multiple packet payloads and some general parsing functions.
 Package streambuf provides helpers for buffering multiple packet payloads and some general parsing functions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.