datastore

package
v1.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 16, 2022 License: Apache-2.0 Imports: 30 Imported by: 0

Documentation

Overview

Package datastore : データ保存

Package datastore : データ保存

Package datastore : データ保存

Index

Constants

View Source 
const (
	// MaxDispLog : ログの検索結果の最大値
	MaxDispLog = 20000
	// MaxDelLog : ログ削除処理の最大削除数
	MaxDelLog = 10000
)
View Source 
const (
	LogModeNone = iota
	LogModeAlways
	LogModeOnChange
	LogModeAI
)

Variables

View Source 
var (

	// Conf Data on Memory
	MapConf      MapConfEnt
	NotifyConf   NotifyConfEnt
	InfluxdbConf InfluxdbConfEnt
	DiscoverConf DiscoverConfEnt
	Backup       DBBackupEnt
	DBStats      DBStatsEnt
	DBStatsLog   []DBStatsLogEnt
	Yasumi       string
	// Restrt snmptrapd
	RestartSnmpTrapd bool

	//
	MIBDB *gomibdb.MIBDB
)
View Source 
var (
	ErrNoPayload     = fmt.Errorf("no payload")
	ErrInvalidNode   = fmt.Errorf("invalid node")
	ErrInvalidParams = fmt.Errorf("invald params")
	ErrDBNotOpen     = fmt.Errorf("db not open")
	ErrInvalidID     = fmt.Errorf("invalid id")
)

Define errors

View Source 
var MIBTree = []*MIBTreeEnt{}

Functions

func AddBlueDevice added in v1.4.0 

func AddBlueDevice(e *BlueDeviceEnt)

func AddCert added in v1.3.0 

func AddCert(c *CertEnt)

func AddDNSQ added in v1.3.0 

func AddDNSQ(s *DNSQEnt)

func AddDevice 

func AddDevice(d *DeviceEnt)

func AddEnvMonitor added in v1.4.0 

func AddEnvMonitor(e *EnvMonitorEnt)

func AddEtherType added in v1.3.0 

func AddEtherType(s *EtherTypeEnt)

func AddEventLog 

func AddEventLog(e *EventLogEnt)

func AddFlow 

func AddFlow(f *FlowEnt)

func AddIPReport added in v1.1.0 

func AddIPReport(ip *IPReportEnt)

func AddLine 

func AddLine(l *LineEnt) error

func AddNode 

func AddNode(n *NodeEnt) error

func AddOrUpdateIcon added in v1.8.0 

func AddOrUpdateIcon(i *IconEnt) error

func AddPolling 

func AddPolling(p *PollingEnt) error

AddPolling : ポーリングを追加する

func AddPollingLog 

func AddPollingLog(p *PollingEnt) error

func AddRADIUSFlow added in v1.3.0 

func AddRADIUSFlow(f *RADIUSFlowEnt)

func AddSensor added in v1.3.0 

func AddSensor(s *SensorEnt)

func AddServer 

func AddServer(s *ServerEnt)

func AddTLSFlow added in v1.3.0 

func AddTLSFlow(f *TLSFlowEnt)

func AddUser 

func AddUser(u *UserEnt)

func AddWifiAP added in v1.4.0 

func AddWifiAP(e *WifiAPEnt)

func AddWinAccount added in v1.3.0 

func AddWinAccount(e *WinAccountEnt)

func AddWinEventID added in v1.3.0 

func AddWinEventID(e *WinEventIDEnt)

func AddWinKerberos added in v1.3.0 

func AddWinKerberos(e *WinKerberosEnt)

func AddWinLogon added in v1.3.0 

func AddWinLogon(e *WinLogonEnt)

func AddWinPrivilege added in v1.3.0 

func AddWinPrivilege(e *WinPrivilegeEnt)

func AddWinProcess added in v1.3.0 

func AddWinProcess(e *WinProcessEnt)

func AddWinTask added in v1.3.0 

func AddWinTask(e *WinTaskEnt)

func CheckDBBackup 

func CheckDBBackup()

func CheckNodeAddress added in v1.3.0 

func CheckNodeAddress(ip, mac, oldmac string)

func ClearDeletedPollingLogs added in v1.6.0 

func ClearDeletedPollingLogs(ids []string) error

ClearDeletedPollingLogs : ポーリングログの削除をまとめて行う

func ClearPollingLog 

func ClearPollingLog(pollingID string) error

ClearPollingLog : ポーリングログを削除する

func ClearReport added in v1.1.0 

func ClearReport(r string) error

func CloseDataStore 

func CloseDataStore()

CloseDataStore : DBをクローズする

func DeleteAIResult 

func DeleteAIResult(id string) error

func DeleteAllLogs 

func DeleteAllLogs()

func DeleteArp 

func DeleteArp()

func DeleteGeoIP 

func DeleteGeoIP()

DeleteGeoIP : GeoIP DBを削除する

func DeleteGrokEnt 

func DeleteGrokEnt(id string) error

func DeleteIcon added in v1.8.0 

func DeleteIcon(icon string) error

func DeleteLine 

func DeleteLine(lineID string) error

func DeleteNode 

func DeleteNode(nodeID string) error

func DeleteNodeStateChanged 

func DeleteNodeStateChanged(id string)

func DeletePolling 

func DeletePolling(pollingID string) error

func DeleteReport 

func DeleteReport(report string, ids []string) error

func DeleteUser 

func DeleteUser(id string)

func FindVendor 

func FindVendor(mac string) string

FindVendor : Find Vendor Name from MAC Address

func ForEachArp 

func ForEachArp(f func(*ArpEnt) bool) error

func ForEachBludeDevice added in v1.4.0 

func ForEachBludeDevice(f func(*BlueDeviceEnt) bool)

func ForEachCerts added in v1.3.0 

func ForEachCerts(f func(*CertEnt) bool)

func ForEachDNSQ added in v1.3.0 

func ForEachDNSQ(f func(*DNSQEnt) bool)

func ForEachDevices 

func ForEachDevices(f func(*DeviceEnt) bool)

func ForEachEnvMonitor added in v1.4.0 

func ForEachEnvMonitor(f func(*EnvMonitorEnt) bool)

func ForEachEtherType added in v1.3.0 

func ForEachEtherType(f func(*EtherTypeEnt) bool)

func ForEachEventLog 

func ForEachEventLog(st, et int64, f func(*EventLogEnt) bool) error

func ForEachFlows 

func ForEachFlows(f func(*FlowEnt) bool)

func ForEachGrokEnt 

func ForEachGrokEnt(f func(*GrokEnt) bool)

func ForEachIPReport added in v1.1.0 

func ForEachIPReport(f func(*IPReportEnt) bool)

func ForEachLastEventLog 

func ForEachLastEventLog(skey string, f func(*EventLogEnt) bool) error

func ForEachLines 

func ForEachLines(f func(*LineEnt) bool)

ForEachLines : Line毎の処理

func ForEachLog 

func ForEachLog(st, et int64, t string, f func(*LogEnt) bool) error

func ForEachNodes 

func ForEachNodes(f func(*NodeEnt) bool)

func ForEachPollingLog 

func ForEachPollingLog(st, et int64, pollingID string, f func(*PollingLogEnt) bool) error

func ForEachPollingTemplate 

func ForEachPollingTemplate(f func(*PollingTemplateEnt) bool)

func ForEachPollings 

func ForEachPollings(f func(*PollingEnt) bool)

ForEachPollings : ポーリング毎の処理

func ForEachRADIUSFlows added in v1.3.0 

func ForEachRADIUSFlows(f func(*RADIUSFlowEnt) bool)

func ForEachSensors added in v1.3.0 

func ForEachSensors(f func(*SensorEnt) bool)

func ForEachServers 

func ForEachServers(f func(*ServerEnt) bool)

func ForEachStateChangedNodes 

func ForEachStateChangedNodes(f func(string) bool)

func ForEachTLSFlows added in v1.3.0 

func ForEachTLSFlows(f func(*TLSFlowEnt) bool)

func ForEachUsers 

func ForEachUsers(f func(*UserEnt) bool)

func ForEachWifiAP added in v1.4.0 

func ForEachWifiAP(f func(*WifiAPEnt) bool)

func ForEachWinAccount added in v1.3.0 

func ForEachWinAccount(f func(*WinAccountEnt) bool)

func ForEachWinEventID added in v1.3.0 

func ForEachWinEventID(f func(*WinEventIDEnt) bool)

func ForEachWinKerberos added in v1.3.0 

func ForEachWinKerberos(f func(*WinKerberosEnt) bool)

func ForEachWinLogon added in v1.3.0 

func ForEachWinLogon(f func(*WinLogonEnt) bool)

func ForEachWinPrivilege added in v1.3.0 

func ForEachWinPrivilege(f func(*WinPrivilegeEnt) bool)

func ForEachWinProcess added in v1.3.0 

func ForEachWinProcess(f func(*WinProcessEnt) bool)

func ForEachWinTask added in v1.3.0 

func ForEachWinTask(f func(*WinTaskEnt) bool)

func GetBackImage 

func GetBackImage() ([]byte, error)

func GetCipherSuiteName 

func GetCipherSuiteName(id string) (string, bool)

func GetDataStorePath added in v1.2.0 

func GetDataStorePath() string

Data Storeのパスを返す、何かと必要なので

func GetLoc 

func GetLoc(sip string) string

func GetPrivateKey 

func GetPrivateKey() string

func GetServiceName 

func GetServiceName(prot, port int) (string, bool)

func Init 

func Init(ctx context.Context, path string, fs http.FileSystem, wg *sync.WaitGroup) error

func InitInfluxdb 

func InitInfluxdb() error

func IsGlobalUnicast 

func IsGlobalUnicast(ips string) bool

func IsPrivateIP 

func IsPrivateIP(ip net.IP) bool

func LaodReportConf 

func LaodReportConf() error

LaodReportConf : レポート設定を読み込む

func LoadDefGrokEnt added in v1.3.0 

func LoadDefGrokEnt()

func LoadMailTemplate added in v1.7.0 

func LoadMailTemplate(t string) string

func LoadReport 

func LoadReport() error

func ResetArpTable 

func ResetArpTable() error

func RestoreDB added in v1.2.0 

func RestoreDB(ds, backup string) error

func SaveAIResult 

func SaveAIResult(res *AIResult) error

func SaveBackImage 

func SaveBackImage(img []byte) error

func SaveBackup 

func SaveBackup() error

func SaveDiscoverConf 

func SaveDiscoverConf() error

func SaveInfluxdbConf 

func SaveInfluxdbConf() error

func SaveLogBuffer 

func SaveLogBuffer(logBuffer []*LogEnt)

func SaveMapConf 

func SaveMapConf() error

func SaveNotifyConf 

func SaveNotifyConf() error

func SaveReport 

func SaveReport(last int64) error

func SaveReportConf 

func SaveReportConf() error

SaveReportConf : レポート設定を保存する

func SendAIScoreToInfluxdb 

func SendAIScoreToInfluxdb(pe *PollingEnt, res *AIResult) error

func SendPollingLogToInfluxdb 

func SendPollingLogToInfluxdb(pe *PollingEnt) error

func SetNodeStateChanged 

func SetNodeStateChanged(id string)

SetNodeStateChanged :

func StopBackup added in v1.2.0 

func StopBackup()

func UpdateArpEnt 

func UpdateArpEnt(ip, mac string) error

func UpdateDBStats 

func UpdateDBStats()

func UpdateGeoIP 

func UpdateGeoIP(path string) error

UpdateGeoIP : GeoIP DBを更新する

func UpdateGrokEnt 

func UpdateGrokEnt(g *GrokEnt) error

UpdateGrokEnt : Add or Replace GrokEnt

func UpdateLine 

func UpdateLine(l *LineEnt) error

func UpdateNode 

func UpdateNode(n *NodeEnt) error

func UpdatePolling 

func UpdatePolling(p *PollingEnt) error

Types

type AIResult 

type AIResult struct {
	PollingID string
	LastTime  int64
	ScoreData [][]float64
}

func GetAIReesult 

func GetAIReesult(id string) (*AIResult, error)

type ArpEnt 

type ArpEnt struct {
	IP  string
	MAC string
}

type BlueDeviceEnt added in v1.4.0 

type BlueDeviceEnt struct {
	ID          string // Host + Address
	Host        string
	Address     string
	Name        string
	AddressType string
	RSSI        []RSSIEnt
	Info        string
	Vendor      string
	Count       int64
	FirstTime   int64
	LastTime    int64
}

func GetBlueDevice added in v1.4.0 

func GetBlueDevice(id string) *BlueDeviceEnt

type CertEnt added in v1.3.0 

type CertEnt struct {
	ID           string // Target:PORT
	Target       string
	Port         uint16
	Service      string
	Subject      string
	Issuer       string
	SerialNumber string
	Verify       bool
	NotAfter     int64
	NotBefore    int64
	Error        string
	Score        float64
	Penalty      int64
	FirstTime    int64
	LastTime     int64
	UpdateTime   int64
}

func GetCert added in v1.3.0 

func GetCert(id string) *CertEnt

type DBBackupEnt 

type DBBackupEnt struct {
	Mode       string
	ConfigOnly bool
	Generation int
}

type DBStatsEnt 

type DBStatsEnt struct {
	Time        int64
	Duration    float64
	Size        int64
	TotalWrite  int64
	Write       int64
	PeakWrite   int64
	Speed       float64
	AvgSpeed    float64
	PeakSpeed   float64
	BackupTime  int64
	BackupStart int64
}

type DBStatsLogEnt 

type DBStatsLogEnt struct {
	Time  int64
	Size  int64
	Speed float64
}

type DNSQEnt added in v1.3.0 

type DNSQEnt struct {
	ID         string // ID Hash(Host:Server:Type:Name)
	Host       string
	Server     string
	Type       string
	Name       string
	Count      int64
	Change     int64
	LastClient string
	LastMAC    string
	FirstTime  int64
	LastTime   int64
	UpdateTime int64
}

func GetDNSQ added in v1.3.0 

func GetDNSQ(id string) *DNSQEnt

type DeviceEnt 

type DeviceEnt struct {
	ID         string // MAC Addr
	Name       string
	IP         string
	NodeID     string
	Vendor     string
	Score      float64
	ValidScore bool
	Penalty    int64
	FirstTime  int64
	LastTime   int64
	UpdateTime int64
}

func GetDevice 

func GetDevice(id string) *DeviceEnt

type DiscoverConfEnt 

type DiscoverConfEnt struct {
	Active          bool
	StartIP         string `validate:"required,ipv4"`
	EndIP           string `validate:"required,ipv4"`
	AutoAddPollings []string
	Timeout         int `validate:"required,gte=1,lte=10"`
	Retry           int `validate:"required,gte=0,lte=5"`
	X               int
	Y               int
}

type EnvDataEnt added in v1.4.0 

type EnvDataEnt struct {
	Time               int64
	RSSI               int
	Temp               float64
	Humidity           float64
	Illuminance        float64
	BarometricPressure float64
	Sound              float64
	ETVOC              float64
	ECo2               float64
	Battery            int
}

type=OMRONEnv,address=%s,name=%s,rssi=%d,seq=%d,temp=%.02f,hum=%.02f,lx=%d,press=%.02f,sound=%.02f,eTVOC=%d,eCO2=%d

type EnvMonitorEnt added in v1.4.0 

type EnvMonitorEnt struct {
	ID        string // Host + Address
	Host      string
	Name      string
	Address   string
	EnvData   []EnvDataEnt
	Count     int64
	FirstTime int64
	LastTime  int64
}

func GetEnvMonitor added in v1.4.0 

func GetEnvMonitor(id string) *EnvMonitorEnt

type EtherTypeEnt added in v1.3.0 

type EtherTypeEnt struct {
	ID        string // ID Host:EtherType
	Host      string
	Type      string
	Name      string
	Count     int64
	FirstTime int64
	LastTime  int64
}

func GetEtherType added in v1.3.0 

func GetEtherType(id string) *EtherTypeEnt

type EventLogEnt 

type EventLogEnt struct {
	Time     int64 // UnixNano()
	Type     string
	Level    string
	NodeName string
	NodeID   string
	Event    string
}

type FlowEnt 

type FlowEnt struct {
	ID           string // ID Client:Server
	Client       string
	Server       string
	Services     map[string]int64
	Count        int64
	Bytes        int64
	ClientName   string
	ClientNodeID string
	ClientLoc    string
	ServerName   string
	ServerNodeID string
	ServerLoc    string
	Score        float64
	ValidScore   bool
	Penalty      int64
	FirstTime    int64
	LastTime     int64
	UpdateTime   int64
}

func GetFlow 

func GetFlow(id string) *FlowEnt

type GrokEnt 

type GrokEnt struct {
	ID    string
	Name  string
	Descr string
	Pat   string
	Ok    string
}

func GetGrokEnt 

func GetGrokEnt(id string) *GrokEnt

type IPReportEnt added in v1.1.0 

type IPReportEnt struct {
	IP         string
	MAC        string
	Name       string
	NodeID     string
	Loc        string
	Vendor     string
	Count      int64
	Change     int64
	Score      float64
	ValidScore bool
	Penalty    int64
	FirstTime  int64
	LastTime   int64
	UpdateTime int64
}

func GetIPReport added in v1.1.0 

func GetIPReport(id string) *IPReportEnt

type IconEnt added in v1.8.0 

type IconEnt struct {
	Text string
	Icon string
	Code int64
}

func GetIcons added in v1.8.0 

func GetIcons() []*IconEnt

type InfluxdbConfEnt 

type InfluxdbConfEnt struct {
	URL        string
	User       string
	Password   string
	DB         string
	Duration   string
	PollingLog string
	AIScore    string
}

type LineEnt 

type LineEnt struct {
	ID         string
	NodeID1    string
	PollingID1 string
	State1     string
	NodeID2    string
	PollingID2 string
	State2     string
	PollingID  string
	Width      int
	State      string
	Info       string
	Port       string
}

func GetLine 

func GetLine(lineID string) *LineEnt

type LogEnt 

type LogEnt struct {
	Time int64 // UnixNano()
	Type string
	Log  string
}

type LogFilterEnt 

type LogFilterEnt struct {
	StartTime string
	EndTime   string
	Filter    string
	LogType   string
}

type MIBTreeEnt 

type MIBTreeEnt struct {
	OID      string        `json:"oid"`
	Name     string        `json:"name"`
	Children []*MIBTreeEnt `json:"children"`
}

type MapConfEnt 

type MapConfEnt struct {
	MapName      string
	BackImage    backImage
	UserID       string
	Password     string
	PollInt      int
	Timeout      int
	Retry        int
	LogDays      int
	LogDispSize  int
	LogTimeout   int
	SnmpMode     string
	Community    string
	SnmpUser     string
	SnmpPassword string
	PublicKey    string
	PrivateKey   string
	//	TLSCert        string
	EnableSyslogd   bool
	EnableTrapd     bool
	EnableNetflowd  bool
	EnableArpWatch  bool
	EnableMobileAPI bool
	AILevel         string
	AIThreshold     int
	AIMode          string
	GeoIPInfo       string
}

MapConfEnt : マップ設定

type NodeEnt 

type NodeEnt struct {
	ID        string
	Name      string
	Descr     string
	Icon      string
	State     string
	X         int
	Y         int
	IP        string
	IPv6      string
	MAC       string
	SnmpMode  string
	Community string
	User      string
	Password  string
	PublicKey string
	URL       string
	Type      string
	AddrMode  string
}

func FindNodeFromIP 

func FindNodeFromIP(ip string) *NodeEnt

func FindNodeFromMAC 

func FindNodeFromMAC(mac string) *NodeEnt

func GetNode 

func GetNode(nodeID string) *NodeEnt

type NotifyConfEnt 

type NotifyConfEnt struct {
	MailServer         string
	User               string
	Password           string
	InsecureSkipVerify bool
	MailTo             string
	MailFrom           string
	Subject            string
	Interval           int
	Level              string
	Report             bool
	CheckUpdate        bool
	NotifyRepair       bool
	NotifyLowScore     bool
	NotifyNewInfo      bool
	URL                string
	HTMLMail           bool
	ChatType           string
	ChatWebhookURL     string
}

type PollingEnt 

type PollingEnt struct {
	ID        string
	Name      string
	NodeID    string
	Type      string
	Mode      string
	Params    string
	Filter    string
	Extractor string
	Script    string
	Level     string
	PollInt   int
	Timeout   int
	Retry     int
	LogMode   int
	NextTime  int64
	LastTime  int64
	Result    map[string]interface{}
	State     string
}

func GetPolling 

func GetPolling(id string) *PollingEnt

GetPolling : ポーリングを取得する

type PollingLogEnt 

type PollingLogEnt struct {
	Time      int64 // UnixNano()
	PollingID string
	State     string
	Result    map[string]interface{}
}

func GetAllPollingLog 

func GetAllPollingLog(pollingID string) []PollingLogEnt

GetAllPollingLog :全てのポーリングログを取得する

type PollingTemplateEnt 

type PollingTemplateEnt struct {
	ID        string
	Name      string
	Level     string
	Type      string
	Mode      string
	Params    string
	Filter    string
	Extractor string
	Script    string
	Descr     string
	AutoMode  string
}

func GetPollingTemplate 

func GetPollingTemplate(id string) *PollingTemplateEnt

type RADIUSFlowEnt added in v1.3.0 

type RADIUSFlowEnt struct {
	ID           string // ID Client:Server
	Client       string
	Server       string
	Count        int64
	Request      int64
	Challenge    int64
	Accept       int64
	Reject       int64
	ClientName   string
	ClientNodeID string
	ServerName   string
	ServerNodeID string
	Score        float64
	ValidScore   bool
	Penalty      int64
	FirstTime    int64
	LastTime     int64
	UpdateTime   int64
}

func GetRADIUSFlow added in v1.3.0 

func GetRADIUSFlow(id string) *RADIUSFlowEnt

type RSSIEnt added in v1.4.0 

type RSSIEnt struct {
	Time  int64
	Value int
}

type=Device,address=%s,name=%s,rssi=%d,addrType=%s,vendor=%s,md=%s

type ReportConfEnt 

type ReportConfEnt struct {
	DenyCountries        []string
	DenyServices         []string
	AllowDNS             string
	AllowDHCP            string
	AllowMail            string
	AllowLDAP            string
	AllowLocalIP         string
	JapanOnly            bool
	DropFlowThTCPPacket  int
	RetentionTimeForSafe int
	SensorTimeout        int
	IncludeNoMACIP       bool
}
var ReportConf ReportConfEnt

type SensorEnt added in v1.3.0 

type SensorEnt struct {
	ID        string // Host + Type + Param
	Host      string
	Type      string // twpcap,twwinlog....
	Param     string
	Total     int64
	Send      int64
	State     string
	Ignore    bool
	Stats     []SensorStatsEnt
	Monitors  []SensorMonitorEnt
	FirstTime int64
	LastTime  int64
}

func GetSensor added in v1.3.0 

func GetSensor(id string) *SensorEnt

type SensorMonitorEnt added in v1.3.0 

type SensorMonitorEnt struct {
	Time    int64
	CPU     float64
	Mem     float64
	Load    float64
	Process int64
	Recv    int64
	Sent    int64
	TxSpeed float64
	RxSpeed float64
}

type SensorStatsEnt added in v1.3.0 

type SensorStatsEnt struct {
	Time     int64
	Total    int64
	Count    int64
	PS       float64
	Send     int64
	LastSend int64
}

type ServerEnt 

type ServerEnt struct {
	ID           string //  ID Server
	Server       string
	Services     map[string]int64
	Count        int64
	Bytes        int64
	ServerName   string
	ServerNodeID string
	Loc          string
	Score        float64
	ValidScore   bool
	Penalty      int64
	TLSInfo      string
	NTPInfo      string
	DHCPInfo     string
	FirstTime    int64
	LastTime     int64
	UpdateTime   int64
}

func GetServer 

func GetServer(id string) *ServerEnt

type TLSFlowEnt added in v1.3.0 

type TLSFlowEnt struct {
	ID           string // ID Client:Server:Service
	Client       string
	Server       string
	Service      string
	Count        int64
	Version      string
	Cipher       string
	ClientName   string
	ClientNodeID string
	ClientLoc    string
	ServerName   string
	ServerNodeID string
	ServerLoc    string
	Score        float64
	ValidScore   bool
	Penalty      int64
	FirstTime    int64
	LastTime     int64
	UpdateTime   int64
}

func GetTLSFlow added in v1.3.0 

func GetTLSFlow(id string) *TLSFlowEnt

type UserClientEnt added in v1.1.0 

type UserClientEnt struct {
	Total int32
	Ok    int32
}

type UserEnt 

type UserEnt struct {
	ID           string // User ID + Server
	UserID       string
	Server       string
	ServerName   string
	ServerNodeID string
	ClientMap    map[string]UserClientEnt
	Total        int
	Ok           int
	Score        float64
	ValidScore   bool
	Penalty      int64
	FirstTime    int64
	LastTime     int64
	UpdateTime   int64
}

func GetUser 

func GetUser(id string) *UserEnt

type WifiAPEnt added in v1.4.0 

type WifiAPEnt struct {
	ID        string // HOST + BSSID
	Host      string
	BSSID     string
	SSID      string
	RSSI      []RSSIEnt
	Channel   string
	Vendor    string
	Info      string
	Count     int
	Change    int
	FirstTime int64
	LastTime  int64
}

type=APInfo,ssid=%s,bssid=%s,rssi=%s,Channel=%s,info=%s,count=%d,change=%d,ft=%s,lt=%s

func GetWifiAP added in v1.4.0 

func GetWifiAP(id string) *WifiAPEnt

type WinAccountEnt added in v1.3.0 

type WinAccountEnt struct {
	ID        string // subject + target + computer
	Subject   string
	Target    string
	Computer  string
	Count     int64
	Edit      int64
	Password  int64
	Other     int64
	FirstTime int64
	LastTime  int64
}

type=Account,subject=%s,target=%s,computer=%s,count=%d,edit=%d,password=%d,other=%d,ft=%s,lt=%s",

func GetWinAccount added in v1.3.0 

func GetWinAccount(id string) *WinAccountEnt

type WinEventIDEnt added in v1.3.0 

type WinEventIDEnt struct {
	ID        string // Computer + Provider + EventID
	Level     string
	Computer  string
	Provider  string
	Channel   string
	EventID   int
	Count     int64
	FirstTime int64
	LastTime  int64
}

type=EventID,computer=%s,channel=%s,provider=%s,eventID=%d,total=%d,count=%d,ft=%s,lt=%s

func GetWinEventID added in v1.3.0 

func GetWinEventID(id string) *WinEventIDEnt

type WinKerberosEnt added in v1.3.0 

type WinKerberosEnt struct {
	ID         string // target + computer + ip  + service + ticketType
	Target     string
	Computer   string
	IP         string
	Service    string
	TicketType string
	Count      int64
	Failed     int64
	LastCert   string
	LastStatus string
	Score      float64
	ValidScore bool
	Penalty    int64
	FirstTime  int64
	LastTime   int64
}

type=Kerberos,target=%s,computer=%s,ip=%s,service=%s,ticketType=%s,count=%d,failed=%d,status=%s,cert=%s,ft=%s,lt=%s type=KerberosFailed,target=%s,computer=%s,ip=%s,service=%s,ticketType=%s,status=%s,time=%s

func GetWinKerberos added in v1.3.0 

func GetWinKerberos(id string) *WinKerberosEnt

type WinLogonEnt added in v1.3.0 

type WinLogonEnt struct {
	ID         string // target + computer + IP
	Target     string
	Computer   string
	IP         string
	Count      int64
	Logon      int64
	Logoff     int64
	Failed     int64
	LogonType  map[string]int
	FailedCode map[string]int
	Score      float64
	ValidScore bool
	Penalty    int64
	FirstTime  int64
	LastTime   int64
}

func GetWinLogon added in v1.3.0 

func GetWinLogon(id string) *WinLogonEnt

type WinPrivilegeEnt added in v1.3.0 

type WinPrivilegeEnt struct {
	ID        string //  subject + computer
	Subject   string
	Computer  string
	Count     int64
	FirstTime int64
	LastTime  int64
}

type=Privilege,subject=%s,computer=%s,count=%d,ft=%s,lt=%s

func GetWinPrivilege added in v1.3.0 

func GetWinPrivilege(id string) *WinPrivilegeEnt

type WinProcessEnt added in v1.3.0 

type WinProcessEnt struct {
	ID          string // Computer + Process
	Computer    string
	Process     string
	Count       int64
	Start       int64
	Exit        int64
	LastParent  string
	LastSubject string
	LastStatus  string
	FirstTime   int64
	LastTime    int64
}

type=Process,computer=%s,process=%s,count=%d,start=%d,exit=%d,subject=%s,status=%s,parent=%s,ft=%s,lt=%s",

func GetWinProcess added in v1.3.0 

func GetWinProcess(id string) *WinProcessEnt

type WinTaskEnt added in v1.3.0 

type WinTaskEnt struct {
	ID        string // Computer + TaskName + Subject
	TaskName  string
	Computer  string
	Subject   string
	Count     int64
	FirstTime int64
	LastTime  int64
}

type=Task,subject=%s,taskname=%s,computer=%s,count=%d,ft=%s,lt=%s",

func GetWinTask added in v1.3.0 

func GetWinTask(id string) *WinTaskEnt

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.