Documentation ¶
Index ¶
- Variables
- type Request
- func (request *Request) Compile(options *protocols.ExecutorOptions) error
- func (request *Request) ExecuteWithResults(input *contextargs.Context, dynamicValues, previous output.InternalEvent, ...) error
- func (request *Request) Extract(data map[string]interface{}, matcher *extractors.Extractor) map[string]struct{}
- func (request *Request) GetCompiledOperators() []*operators.Operators
- func (request *Request) GetID() string
- func (request *Request) IsClusterable() bool
- func (request *Request) MakeResultEvent(wrapped *output.InternalWrappedEvent) []*output.ResultEvent
- func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent
- func (request *Request) Match(data map[string]interface{}, matcher *matchers.Matcher) (bool, []string)
- func (r *Request) Options() *protocols.ExecutorOptions
- func (request *Request) Requests() int
- func (request *Request) TmplClusterKey() uint64
- func (request *Request) Type() templateTypes.ProtocolType
Constants ¶
This section is empty.
Variables ¶
var RequestPartDefinitions = map[string]string{
"template-id": "ID of the template executed",
"template-info": "Info Block of the template executed",
"template-path": "Path of the template executed",
"host": "Host is the input to the template",
"port": "Port is the port of the host",
"matched": "Matched is the input which was matched upon",
"type": "Type is the type of request made",
"timestamp": "Timestamp is the time when the request was made",
"response": "JSON SSL protocol handshake details",
"cipher": "Cipher is the encryption algorithm used",
"domains": "Domains are the list of domain names in the certificate",
"fingerprint_hash": "Fingerprint hash is the unique identifier of the certificate",
"ip": "IP is the IP address of the server",
"issuer_cn": "Issuer CN is the common name of the certificate issuer",
"issuer_dn": "Issuer DN is the distinguished name of the certificate issuer",
"issuer_org": "Issuer organization is the organization of the certificate issuer",
"not_after": "Timestamp after which the remote cert expires",
"not_before": "Timestamp before which the certificate is not valid",
"probe_status": "Probe status indicates if the probe was successful",
"serial": "Serial is the serial number of the certificate",
"sni": "SNI is the server name indication used in the handshake",
"subject_an": "Subject AN is the list of subject alternative names",
"subject_cn": "Subject CN is the common name of the certificate subject",
"subject_dn": "Subject DN is the distinguished name of the certificate subject",
"subject_org": "Subject organization is the organization of the certificate subject",
"tls_connection": "TLS connection is the type of TLS connection used",
"tls_version": "TLS version is the version of the TLS protocol used",
}
RequestPartDefinitions contains a mapping of request part definitions and their description. Multiple definitions are separated by commas. Definitions not having a name (generated on runtime) are prefixed & suffixed by <>.
Functions ¶
This section is empty.
Types ¶
type Request ¶
type Request struct { // Operators for the current request go here. operators.Operators `yaml:",inline,omitempty" json:",inline,omitempty"` CompiledOperators *operators.Operators `yaml:"-" json:"-"` // ID is the optional id of the request ID string `yaml:"id,omitempty" json:"id,omitempty" jsonschema:"title=id of the request,description=ID of the request"` // description: | // Address contains address for the request Address string `` /* 149-byte string literal not displayed */ // description: | // Minimum tls version - auto if not specified. // values: // - "sslv3" // - "tls10" // - "tls11" // - "tls12" // - "tls13" MinVersion string `` /* 210-byte string literal not displayed */ // description: | // Max tls version - auto if not specified. // values: // - "sslv3" // - "tls10" // - "tls11" // - "tls12" // - "tls13" MaxVersion string `` /* 206-byte string literal not displayed */ // description: | // Client Cipher Suites - auto if not specified. CipherSuites []string `yaml:"cipher_suites,omitempty" json:"cipher_suites,omitempty"` // description: | // Tls Scan Mode - auto if not specified // values: // - "ctls" // - "ztls" // - "auto" // - "openssl" # reverts to "auto" is openssl is not installed ScanMode string `` /* 159-byte string literal not displayed */ // description: | // TLS Versions Enum - false if not specified // Enumerates supported TLS versions TLSVersionsEnum bool `` /* 160-byte string literal not displayed */ // description: | // TLS Ciphers Enum - false if not specified // Enumerates supported TLS ciphers TLSCiphersEnum bool `` /* 157-byte string literal not displayed */ // description: | // TLS Cipher types to enumerate // values: // - "insecure" (default) // - "weak" // - "secure" // - "all" TLSCipherTypes []string `` /* 190-byte string literal not displayed */ // contains filtered or unexported fields }
Request is a request for the SSL protocol
func (*Request) Compile ¶
func (request *Request) Compile(options *protocols.ExecutorOptions) error
Compile compiles the request generators preparing any requests possible.
func (*Request) ExecuteWithResults ¶
func (request *Request) ExecuteWithResults(input *contextargs.Context, dynamicValues, previous output.InternalEvent, callback protocols.OutputEventCallback) error
ExecuteWithResults executes the protocol requests and returns results instead of writing them.
func (*Request) Extract ¶
func (request *Request) Extract(data map[string]interface{}, matcher *extractors.Extractor) map[string]struct{}
Extract performs extracting operation for an extractor on model and returns true or false.
func (*Request) GetCompiledOperators ¶
GetCompiledOperators returns a list of the compiled operators
func (*Request) IsClusterable ¶ added in v3.3.0
func (*Request) MakeResultEvent ¶
func (request *Request) MakeResultEvent(wrapped *output.InternalWrappedEvent) []*output.ResultEvent
MakeResultEvent creates a result event from internal wrapped event
func (*Request) MakeResultEventItem ¶
func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent
func (*Request) Match ¶
func (request *Request) Match(data map[string]interface{}, matcher *matchers.Matcher) (bool, []string)
Match performs matching operation for a matcher on model and returns: true and a list of matched snippets if the matcher type is supports it otherwise false and an empty string slice
func (*Request) Options ¶
func (r *Request) Options() *protocols.ExecutorOptions
Options returns executer options for http request
func (*Request) TmplClusterKey ¶ added in v3.3.0
TmplClusterKey generates a unique key for the request to be used in the clustering process.
func (*Request) Type ¶
func (request *Request) Type() templateTypes.ProtocolType
Type returns the type of the protocol request