socket

package
v5.5.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 18, 2017 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package socket captures active sockets and the processes that own them.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New 

func New(base mb.BaseMetricSet) (mb.MetricSet, error)

Types

type Config 

type Config struct {
	ReverseLookup *ReverseLookupConfig `config:"socket.reverse_lookup"`
}

Config is the configuration specific to the socket MetricSet.

type Direction 

type Direction uint8

Direction indicates how a socket was initiated. 

const (

	// Incoming indicates a connection was established from the outside to
	// listening socket on this host.
	Incoming Direction
	// Outgoing indicates a connection was established from this socket to an
	// external listening socket.
	Outgoing
	// Listening indicates a socket that is listening.
	Listening
)

func (Direction) String 

func (d Direction) String() string

type ListenerTable 

type ListenerTable struct {
	// contains filtered or unexported fields
}

ListenerTable tracks sockets that are listening. It can then be used to identify if a socket is listening, incoming, or outgoing.

func NewListenerTable 

func NewListenerTable() *ListenerTable

NewListenerTable returns a new ListenerTable.

func (*ListenerTable) Direction 

func (t *ListenerTable) Direction(
	proto uint8,
	localIP net.IP, localPort int,
	remoteIP net.IP, remotePort int,
) Direction

Direction returns whether the connection was incoming or outgoing based on the protocol and local address. It compares the given local address to the listeners in the table for the protocol and returns Incoming if there is a match. If remotePort is 0 then Listening is returned.

func (*ListenerTable) Put 

func (t *ListenerTable) Put(proto uint8, ip net.IP, port int)

Put puts a new listening address into the table.

func (*ListenerTable) Reset 

func (t *ListenerTable) Reset()

Reset resets all data in the table.

type MetricSet 

type MetricSet struct {
	mb.BaseMetricSet
	// contains filtered or unexported fields
}

func (*MetricSet) Fetch 

func (m *MetricSet) Fetch() ([]common.MapStr, error)

type Proc 

type Proc struct {
	PID        int
	Command    string
	Executable string
	CmdLine    string
}

Proc contains static process information.

type ProcTable 

type ProcTable struct {
	// contains filtered or unexported fields
}

ProcTable contains all of the active processes (if the current user is root).

func NewProcTable 

func NewProcTable(mountpoint string) (*ProcTable, error)

NewProcTable returns a new ProcTable that reads data from the /proc directory by default. An alternative proc filesystem mountpoint can be specified through the mountpoint parameter.

func (*ProcTable) ProcessBySocketInode 

func (t *ProcTable) ProcessBySocketInode(inode uint32) *Proc

ProcessBySocketInode returns the Proc associated with the given socket inode.

func (*ProcTable) Refresh 

func (t *ProcTable) Refresh() error

Refresh updates the process table with new processes and removes processes that have exited. It collects the PID, command, and socket inode information. If running as non-root, only information from the current process will be collected.

type ReverseLookupCache 

type ReverseLookupCache struct {
	// contains filtered or unexported fields
}

ReverseLookupCache is a cache for storing and retrieving the results of reverse DNS queries. It caches the results of queries regardless of their outcome (success or failure). The result is cached for the amount of time specified by parameters and not based on the TTL from the PTR record.

func NewReverseLookupCache 

func NewReverseLookupCache(successTTL, failureTTL time.Duration) *ReverseLookupCache

NewReverseLookupCache returns a new cache.

func (*ReverseLookupCache) Cleanup 

func (c *ReverseLookupCache) Cleanup()

Cleanup removes expired entries from the cache.

func (ReverseLookupCache) Lookup 

func (c ReverseLookupCache) Lookup(ip net.IP) (string, error)

Lookup performs a reverse lookup on the given IP address. A cached result will be returned if it is contained in the cache, otherwise a lookup is performed.

type ReverseLookupConfig 

type ReverseLookupConfig struct {
	Enabled    *bool         `config:"enabled"`
	SuccessTTL time.Duration `config:"success_ttl"`
	FailureTTL time.Duration `config:"failure_ttl"`
}

ReverseLookupConfig contains the configuration that controls the reverse DNS lookup behavior.

func (*ReverseLookupConfig) IsEnabled 

func (c *ReverseLookupConfig) IsEnabled() bool

IsEnabled returns true if reverse_lookup is defined and 'enabled' is either not set or set to true.

type UserCache 

type UserCache map[int]string

UserCache is a cache of UID to username.

func NewUserCache 

func NewUserCache() UserCache

NewUserCache returns a new UserCache.

func (UserCache) LookupUID 

func (c UserCache) LookupUID(uid int) string

LookupUID looks up a UID and returns the username associated with it. If no username could be found an empty string is returned. The value will be cached forever.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.