Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var LogFiles = []string{
"/var/log/audit/audit.log",
"/var/log/syslog",
}
LogFiles is the list of default path to query
Functions ¶
func GetApparmorLogs ¶
GetApparmorLogs return a list of cleaned apparmor logs from a file
func GetAuditLogs ¶
GetAuditLogs return a reader with the logs entries from Auditd
func GetJournalctlLogs ¶
GetJournalctlLogs return a reader with the logs entries from Systemd
func SelectLogFile ¶
SelectLogFile return the path of the available log file to parse (audit, syslog, .1, .2)
Types ¶
type AppArmorLog ¶
type AppArmorLogs ¶
type AppArmorLogs []AppArmorLog
AppArmorLogs describes all apparmor log entries
func NewApparmorLogs ¶
func NewApparmorLogs(file io.Reader, profile string) AppArmorLogs
NewApparmorLogs return a new ApparmorLogs list of map from a log file
func (AppArmorLogs) ParseToProfiles ¶
func (aaLogs AppArmorLogs) ParseToProfiles() map[string]*aa.Profile
ParseToProfiles convert the log data into a new AppArmorProfiles
func (AppArmorLogs) String ¶
func (aaLogs AppArmorLogs) String() string
String returns a formatted AppArmor logs string
Click to show internal directories.
Click to hide internal directories.