logs

package

v0.0.0-...-c3de88e Latest Latest Go to latest Published: Jun 4, 2024 License: GPL-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

This section is empty.

View Source

var LogFiles = []string{
	"/var/log/audit/audit.log",
	"/var/log/syslog",
}

LogFiles is the list of default path to query

func GetApparmorLogs(file io.Reader, profile string) []string

GetApparmorLogs return a list of cleaned apparmor logs from a file

func GetAuditLogs(path string) (io.Reader, error)

GetAuditLogs return a reader with the logs entries from Auditd

func GetJournalctlLogs(path string, useFile bool) (io.Reader, error)

GetJournalctlLogs return a reader with the logs entries from Systemd

func SelectLogFile(path string) string

SelectLogFile return the path of the available log file to parse (audit, syslog, .1, .2)

type AppArmorLog map[string]string

type AppArmorLogs []AppArmorLog

AppArmorLogs describes all apparmor log entries

func NewApparmorLogs(file io.Reader, profile string) AppArmorLogs

NewApparmorLogs return a new ApparmorLogs list of map from a log file

func (aaLogs AppArmorLogs) ParseToProfiles() map[string]*aa.Profile

ParseToProfiles convert the log data into a new AppArmorProfiles

func (aaLogs AppArmorLogs) String() string

String returns a formatted AppArmor logs string