Documentation
¶
Overview ¶
Package events contains structured events emitted by various parts of teleport, they are collected by auth server for audit purposes
Package events implements stored event log used for audit and other purposes
Index ¶
- Constants
- Variables
- func FilterToURL(f Filter) (url.Values, error)
- type AuthAttempt
- type Exec
- type Filter
- type Log
- type Message
- type NOPEventLogger
- func (*NOPEventLogger) GetEvents(filter Filter) ([]lunk.Entry, error)
- func (*NOPEventLogger) GetSessionEvents(filter Filter) ([]session.Session, error)
- func (*NOPEventLogger) Log(lunk.EventID, lunk.Event)
- func (*NOPEventLogger) LogEntry(lunk.Entry) error
- func (*NOPEventLogger) LogSession(sess session.Session) error
- type SCP
- type ShellSession
Constants ¶
View Source
const ( // SessionEvent indicates that session has been initiated // or updated by a joining party on the server SessionEvent = "teleport.session" // ExecEvent is an exec command executed by script or user on // the server side ExecEvent = "teleport.exec" // AuthAttemptEvent is authentication attempt that either // succeeded or failed based on event status AuthAttemptEvent = "teleport.auth.attempt" // SCPEvent means data transfer that occured on the server SCPEvent = "teleport.scp" // ResizeEvent means that some user resized PTY on the client ResizeEvent = "teleport.resize.pty" )
View Source
const ( // DefaultLimit is a default limit set for event queries DefaultLimit = 20 // MaxLimit is a maximum limit set for event queries MaxLimit = 100 // Asc is ascending sort order Asc = 1 // Desc is descending sort order Desc = -1 )
Variables ¶
View Source
var NullEventLogger = &NOPEventLogger{}
Functions ¶
Types ¶
type AuthAttempt ¶
type AuthAttempt struct {
// Session is SSH session ID
SessionID string `json:"sid"`
// User is SSH user
User string `json:"user"`
// Success - true if auth was successfull, false otherwise
Success bool `json:"success"`
// Error contains rejection reason if present
Error string `json:"error"`
// LocalAddr local connecting address
LocalAddr string `json:"laddr"`
// RemoteAddr remote connecting address
RemoteAddr string `json:"raddr"`
// Key is a public key used for auth
Key string `json:"key"`
}
AuthAttempt indicates authentication attempt that can be either successfull or failed
func NewAuthAttempt ¶
func NewAuthAttempt(conn ssh.ConnMetadata, key ssh.PublicKey, success bool, err error) *AuthAttempt
NewAuthAttempt returns new authentication attempt evetn
type Exec ¶
type Exec struct {
// User is SSH user
User string `json:"user"`
// SessionID is teleport specific session id
SessionID string `json:"sid"`
// Command is a command name with arguments
Command string `json:"command"`
// Code is a return code
Code int `json:"code"`
// Error is a error if command failed to execute
Error string `json:"error"`
// Log is a captured command output
Log string `json:"out"`
}
Exec is a result of execution of a remote command on the target server
type Filter ¶
type Filter struct {
Start time.Time `json:"start"`
End time.Time `json:"end"`
Limit int `json:"limit"`
Order int `json:"order"`
SessionID string `json:"session_id"`
}
Filter is event search filter
type Log ¶
type Log interface {
Log(id lunk.EventID, e lunk.Event)
LogEntry(lunk.Entry) error
LogSession(session.Session) error
GetEvents(filter Filter) ([]lunk.Entry, error)
GetSessionEvents(filter Filter) ([]session.Session, error)
}
Log is an event logger interface
type Message ¶
type Message struct {
// User is SSH user
User string `json:"user"`
// SessionID is teleport session id
SessionID string `json:"sid"`
// Message
Message string `json:"message"`
}
Message is a user message sent in a session
type NOPEventLogger ¶
type NOPEventLogger struct {
}
func (*NOPEventLogger) GetEvents ¶
func (*NOPEventLogger) GetEvents(filter Filter) ([]lunk.Entry, error)
func (*NOPEventLogger) GetSessionEvents ¶
func (*NOPEventLogger) GetSessionEvents(filter Filter) ([]session.Session, error)
func (*NOPEventLogger) LogSession ¶
func (*NOPEventLogger) LogSession(sess session.Session) error
type SCP ¶
type SCP struct {
// User is SSH user
User string `json:"user"`
// SessionID is a session id
SessionID string `json:"sid"`
}
SCP is a file copy event that took place on one of the servers
type ShellSession ¶
type ShellSession struct {
// SessionID is teleport session id
SessionID string `json:"sid"`
// Shell is a shell name
Shell string `json:"command"`
// RecordID holds the id with the session recording
RecordID string `json:"rid"`
// User is SSH user
User string `json:"user"`
// LocalAddr local connecting address
LocalAddr string `json:"laddr"`
// RemoteAddr remote connecting address
RemoteAddr string `json:"raddr"`
}
ShellSession is a result of execution of an interactive shell
func NewShellSession ¶
func NewShellSession(sid string, conn ssh.ConnMetadata, shell string, recordID string) *ShellSession
NewShellSession returns a new shell session event
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package test contains a log backend acceptance test suite that is implementation independant each backend will use the suite to test itself
|
Package test contains a log backend acceptance test suite that is implementation independant each backend will use the suite to test itself |
Click to show internal directories.
Click to hide internal directories.