Documentation ¶
Overview ¶
Package share is a generated protocol buffer package.
It is generated from these files:
common.proto controller_service.proto enforcer_service.proto scan.proto scanner_service.proto
It has these top-level messages:
RPCVoid CLUSProfilingRequest CLUSBoolean CLUSMetry CLUSStats ScannerRegisterData ScannerDeregisterData CLUSFilePacket CLUSAdmissionRequest CLUSAdmissionResponse CLUSProcProfileReq CLUSProcProfileArray CLUSFileAccessRuleReq CLUSFileAccessRuleArray CLUSConnection CLUSConnectionArray CLUSReportResponse CLUSSyncRequest CLUSSyncReply CLUSControllerCounter CLUSGraphOps CLUSPolicyRuleCheck CLUSPolicyRuleMismatch CLUSPolicySyncStatus CLUSStoreWatcherInfo CLUSKickLoginSessionsRequest CLUSLoginTokenInfo CLUSKick CLUSFilter CLUSSession CLUSSessionArray CLUSSessionCounter CLUSDatapathCounter CLUSDerivedPolicyApp CLUSDerivedPolicyRule CLUSDerivedPolicyRuleArray CLUSDerivedPolicyRuleMap CLUSProbeSummary CLUSProbeProcess CLUSProbeProcessArray CLUSProbeContainer CLUSProbeContainerArray CLUSFileMonitorFile CLUSFileMonitorFileArray CLUSSnifferRequest CLUSSnifferResponse CLUSSnifferFilter CLUSSniffer CLUSSnifferArray CLUSSnifferDownload CLUSSnifferPcap CLUSContainerLogReq CLUSContainerLogRes CLUSProcess CLUSProcessArray CLUSDerivedDlpRule CLUSDerivedDlpRuleArray CLUSDerivedDlpRuleMap CLUSDerivedDlpRuleEntry CLUSDerivedDlpRuleEntryArray CLUSDerivedDlpRuleMac CLUSDerivedDlpRuleMacArray CLUSDerivedProcessRule CLUSDerivedProcessRuleArray CLUSDerivedFileRule CLUSDerivedFileRuleArray CLUSWorkloadInterceptPort CLUSWorkloadIntercept CLUSMeter CLUSMeterArray ScanVulnerability ScanLayerResult ScanModule ScanModuleVul ScanSecretLog ScanSecretResult ScanSetIdPermLog ScanResult ScanRunningRequest ScanData ScanAppPackage ScanAppRequest ScanAwsLambdaRequest ScanImageRequest
Index ¶
- Constants
- Variables
- func CLUSAdmissionCertKey(store, policyName string) string
- func CLUSAdmissionRuleKey(policyName, admType, ruleType string, id uint32) string
- func CLUSAdmissionRuleListKey(policyName, admType, ruleType string) string
- func CLUSAdmissionStateKey(store, policyName string) string
- func CLUSAdmissionStatsKey(policyName string) string
- func CLUSAgentEventLogKey(hostID string, devID string) string
- func CLUSAgentKey(hostID string, devID string) string
- func CLUSAuditLogKey(hostID string, devID string) string
- func CLUSBenchKey(hostID string) string
- func CLUSBenchReportKey(hostID string, bench BenchType) string
- func CLUSCloudCfgKey(cloudType, projectName string) string
- func CLUSCloudFuncKey(cloudType, project, region, funcName string) string
- func CLUSCloudKey(cloudType, projectName string) string
- func CLUSCloudKey2Type(key string) string
- func CLUSComplianceKey2Type(key string) string
- func CLUSComplianceProfileKey(name string) string
- func CLUSComplianceProfileKey2Name(key string) string
- func CLUSConfigKey2Config(key string) string
- func CLUSControllerEventLogKey(hostID string, devID string) string
- func CLUSControllerKey(hostID string, devID string) string
- func CLUSCrdKey(crdType, name string) string
- func CLUSCrdQueueKey(name string) string
- func CLUSCtrlDistLockKey(lock string) string
- func CLUSCtrlUsageReportKey(ts int64) string
- func CLUSCtrlUsageReportKey2TS(key string) int64
- func CLUSCustomCheckConfigKey(name string) string
- func CLUSCustomCheckNetworkKey(name string) string
- func CLUSDeviceKey2ID(key string) string
- func CLUSDlpGroupConfigKey(group string) string
- func CLUSDlpGroupKey2Name(key string) string
- func CLUSDlpRuleConfigKey(sensor string) string
- func CLUSDlpRuleKey(sensor string) string
- func CLUSDlpRuleKey2Name(key string) string
- func CLUSDlpWorkloadRulesKey(name string) string
- func CLUSDomainConfigKey(name string) string
- func CLUSDomainKey(name string) string
- func CLUSDomainKey2Name(key string) string
- func CLUSExpiredTokenKey(token string) string
- func CLUSFedJointClusterKey(id string) string
- func CLUSFedJointClusterStatusKey(id string) string
- func CLUSFedKey2CfgKey(key string) string
- func CLUSFedKey2ClusterIdKey(key string) string
- func CLUSFileAccessRuleKey(name string) string
- func CLUSFileAccessRuleNetworkKey(name string) string
- func CLUSFileMonitorKey(name string) string
- func CLUSFileMonitorKey2Group(key string) string
- func CLUSFileMonitorNetworkKey(name string) string
- func CLUSFqdnIpKey(hostID string, fqdname string) string
- func CLUSGroupKey(name string) string
- func CLUSGroupKey2GroupName(key string) string
- func CLUSGroupKey2Name(key string) string
- func CLUSGroupNetworkKey(name string) string
- func CLUSHostKey(hostID string, by string) string
- func CLUSHostKey2ID(key string) string
- func CLUSImportOpKey(name string) string
- func CLUSIncidentLogKey(hostID string, devID string) string
- func CLUSInternalIPNetsKey(name string) string
- func CLUSIsPolicyRuleKey(key string) bool
- func CLUSIsPolicyRuleListKey(key string) bool
- func CLUSIsPolicyZipRuleListKey(key string) bool
- func CLUSKey2Target(key string) string
- func CLUSKeyLastToken(key string) string
- func CLUSKeyLength(key string) int
- func CLUSKeyNthToken(key string, nth int) string
- func CLUSNetworkEPHostStore(hostID string) string
- func CLUSNetworkEPKey(hostID string, epID string) string
- func CLUSNetworkEPKey2ID(key string) string
- func CLUSNetworkKey2Subject(key string) string
- func CLUSNodeProfileGroupKey(nodeID, profile, group string) string
- func CLUSNodeProfileKey(nodeID, subkey string) string
- func CLUSNodeProfileStoreKey(nodeID string) string
- func CLUSNodeProfileSubkey(key string) string
- func CLUSObjectCertKey(cn string) string
- func CLUSObjectKey2Object(key string) string
- func CLUSPolicyIPRulesKey(name string) string
- func CLUSPolicyKey2AdmCfgPolicySubkey(key string, last bool) string
- func CLUSPolicyKey2AdmCfgSubkey(key string) string
- func CLUSPolicyKey2ResPolicySubkey(key string) (string, string)
- func CLUSPolicyRuleKey(name string, id uint32) string
- func CLUSPolicyRuleKey2AdmRuleType(key, cfgType string) (string, string)
- func CLUSPolicyRuleKey2ID(key string) uint32
- func CLUSPolicyRuleListKey(name string) string
- func CLUSPolicyZipRuleListKey(name string) string
- func CLUSProfileConfigKey(group string) string
- func CLUSProfileKey(group string) string
- func CLUSProfileKey2Name(key string) string
- func CLUSPwdProfileKey(name string) string
- func CLUSRecalPolicyIPRulesKey(name string) string
- func CLUSRegistryConfigKey(name string) string
- func CLUSRegistryImageDataKey(name, id string) string
- func CLUSRegistryImageDataStore(name string) string
- func CLUSRegistryImageStateKey(name, id string) string
- func CLUSRegistryImageStateStore(name string) string
- func CLUSRegistryStateKey(name string) string
- func CLUSResponseRuleKey(policyName string, id uint32) string
- func CLUSResponseRuleListKey(name string) string
- func CLUSScanDataHostKey(id string) string
- func CLUSScanDataPlatformKey(id string) string
- func CLUSScanDataWorkloadKey(id string) string
- func CLUSScanKey2Subject(key string) string
- func CLUSScanStateHostKey(id string) string
- func CLUSScanStateKey2ID(key string) string
- func CLUSScanStateKey2Type(key string) string
- func CLUSScanStatePlatformKey(id string) string
- func CLUSScanStateWorkloadKey(id string) string
- func CLUSScannerKey(id string) string
- func CLUSScannerKey2ID(key string) string
- func CLUSScannerStatsKey(id string) string
- func CLUSServerKey(name string) string
- func CLUSThreatLogKey(hostID string, devID string) string
- func CLUSUniconfAgentKey(target, id string) string
- func CLUSUniconfControllerKey(target, id string) string
- func CLUSUniconfKey2ID(key string) string
- func CLUSUniconfKey2Subject(key string) string
- func CLUSUniconfTargetStore(target string) string
- func CLUSUniconfWorkloadKey(target, id string) string
- func CLUSUserKey(username string) string
- func CLUSUserRoleKey(name string) string
- func CLUSVulnerabilityKey2Type(key string) string
- func CLUSVulnerabilityProfileKey(name string) string
- func CLUSVulnerabilityProfileKey2Name(key string) string
- func CLUSWafGroupConfigKey(group string) string
- func CLUSWafGroupKey2Name(key string) string
- func CLUSWafRuleConfigKey(sensor string) string
- func CLUSWafRuleKey(sensor string) string
- func CLUSWafRuleKey2Name(key string) string
- func CLUSWorkloadHostStore(hostID string) string
- func CLUSWorkloadKey(hostID string, wlID string) string
- func CLUSWorkloadKey2ID(key string) string
- func EqualMatch(match, value string) bool
- func IsGroupMember(group *CLUSGroup, workload *CLUSWorkload) bool
- func IsSvcIpGroupMember(usergroup *CLUSGroup, svcipgroup *CLUSGroup) bool
- func IsSvcIpGroupSelected(svcipgroup *CLUSGroup, selector []CLUSCriteriaEntry) bool
- func IsWorkloadSelected(workload *CLUSWorkload, selector []CLUSCriteriaEntry) bool
- func QuarantineReasonEvent(event string, id uint32) string
- func RegisterControllerAgentServiceServer(s *grpc.Server, srv ControllerAgentServiceServer)
- func RegisterControllerCapServiceServer(s *grpc.Server, srv ControllerCapServiceServer)
- func RegisterControllerCtrlServiceServer(s *grpc.Server, srv ControllerCtrlServiceServer)
- func RegisterControllerScanServiceServer(s *grpc.Server, srv ControllerScanServiceServer)
- func RegisterControllerUpgradeServiceServer(s *grpc.Server, srv ControllerUpgradeServiceServer)
- func RegisterEnforcerCapServiceServer(s *grpc.Server, srv EnforcerCapServiceServer)
- func RegisterEnforcerScanServiceServer(s *grpc.Server, srv EnforcerScanServiceServer)
- func RegisterEnforcerServiceServer(s *grpc.Server, srv EnforcerServiceServer)
- func RegisterScannerServiceServer(s *grpc.Server, srv ScannerServiceServer)
- type AccessObject
- type BenchStatus
- type BenchType
- type CLUSAWSAccountKey
- type CLUSActivePwdProfileConfig
- type CLUSAdmCtrlState
- type CLUSAdmRuleCriterion
- type CLUSAdmissionCert
- type CLUSAdmissionCertCloaked
- type CLUSAdmissionRequest
- func (*CLUSAdmissionRequest) Descriptor() ([]byte, []int)
- func (m *CLUSAdmissionRequest) GetHostCPUs() int64
- func (m *CLUSAdmissionRequest) GetHostID() string
- func (m *CLUSAdmissionRequest) GetHostMemory() int64
- func (m *CLUSAdmissionRequest) GetID() string
- func (*CLUSAdmissionRequest) ProtoMessage()
- func (m *CLUSAdmissionRequest) Reset()
- func (m *CLUSAdmissionRequest) String() string
- type CLUSAdmissionResponse
- type CLUSAdmissionRule
- type CLUSAdmissionRules
- type CLUSAdmissionState
- type CLUSAdmissionStats
- type CLUSAgent
- type CLUSAgentConfig
- type CLUSApp
- type CLUSApplicationListDummy
- type CLUSAuditBenchItem
- type CLUSAuditLog
- type CLUSAwsFuncPermission
- type CLUSAwsFuncScanInput
- type CLUSAwsFuncScanOutput
- type CLUSAwsFuncScanOutputList
- type CLUSAwsLambdaFunc
- type CLUSAwsLambdaRegionRes
- type CLUSAwsLambdaRes
- type CLUSAwsProjectCfg
- type CLUSAwsResource
- type CLUSAwsScanInput
- type CLUSBenchItem
- type CLUSBenchReport
- type CLUSBenchSecretReport
- type CLUSBoolean
- type CLUSCIScanDummy
- type CLUSComplianceProfile
- type CLUSComplianceProfileEntry
- type CLUSConnection
- func (*CLUSConnection) Descriptor() ([]byte, []int)
- func (m *CLUSConnection) GetAgentID() string
- func (m *CLUSConnection) GetApplication() uint32
- func (m *CLUSConnection) GetBytes() uint64
- func (m *CLUSConnection) GetClientIP() []byte
- func (m *CLUSConnection) GetClientPort() uint32
- func (m *CLUSConnection) GetClientWL() string
- func (m *CLUSConnection) GetExternalPeer() bool
- func (m *CLUSConnection) GetFirstSeenAt() uint32
- func (m *CLUSConnection) GetHostID() string
- func (m *CLUSConnection) GetIPProto() uint32
- func (m *CLUSConnection) GetIngress() bool
- func (m *CLUSConnection) GetLastSeenAt() uint32
- func (m *CLUSConnection) GetLocalPeer() bool
- func (m *CLUSConnection) GetLogUID() string
- func (m *CLUSConnection) GetNetwork() string
- func (m *CLUSConnection) GetPolicyAction() uint32
- func (m *CLUSConnection) GetPolicyId() uint32
- func (m *CLUSConnection) GetScope() string
- func (m *CLUSConnection) GetServerIP() []byte
- func (m *CLUSConnection) GetServerPort() uint32
- func (m *CLUSConnection) GetServerWL() string
- func (m *CLUSConnection) GetSessions() uint32
- func (m *CLUSConnection) GetSeverity() uint32
- func (m *CLUSConnection) GetSvcExtIP() bool
- func (m *CLUSConnection) GetThreatID() uint32
- func (m *CLUSConnection) GetToSidecar() bool
- func (m *CLUSConnection) GetViolates() uint32
- func (m *CLUSConnection) GetXff() bool
- func (*CLUSConnection) ProtoMessage()
- func (m *CLUSConnection) Reset()
- func (m *CLUSConnection) String() string
- type CLUSConnectionArray
- type CLUSContainerLogReq
- func (*CLUSContainerLogReq) Descriptor() ([]byte, []int)
- func (m *CLUSContainerLogReq) GetId() string
- func (m *CLUSContainerLogReq) GetLimit() uint32
- func (m *CLUSContainerLogReq) GetStart() int32
- func (*CLUSContainerLogReq) ProtoMessage()
- func (m *CLUSContainerLogReq) Reset()
- func (m *CLUSContainerLogReq) String() string
- type CLUSContainerLogRes
- type CLUSController
- type CLUSControllerConfig
- type CLUSControllerCounter
- func (*CLUSControllerCounter) Descriptor() ([]byte, []int)
- func (m *CLUSControllerCounter) GetGoRoutines() uint32
- func (m *CLUSControllerCounter) GetGraphNodes() uint32
- func (m *CLUSControllerCounter) GetLsof() []byte
- func (m *CLUSControllerCounter) GetPS() []byte
- func (m *CLUSControllerCounter) GetScanTasks() uint32
- func (*CLUSControllerCounter) ProtoMessage()
- func (m *CLUSControllerCounter) Reset()
- func (m *CLUSControllerCounter) String() string
- type CLUSCrdEventRecord
- type CLUSCrdFileRule
- type CLUSCrdProcessProfile
- type CLUSCrdProcessRule
- type CLUSCrdRecord
- type CLUSCrdSecurityRule
- type CLUSCriteriaEntry
- type CLUSCtrlVersion
- type CLUSCustomCheck
- type CLUSCustomCheckGroup
- type CLUSDatapathCounter
- func (*CLUSDatapathCounter) Descriptor() ([]byte, []int)
- func (m *CLUSDatapathCounter) GetAssemblys() uint64
- func (m *CLUSDatapathCounter) GetCurLogCaches() uint64
- func (m *CLUSDatapathCounter) GetCurMeters() uint64
- func (m *CLUSDatapathCounter) GetDropMeters() uint64
- func (m *CLUSDatapathCounter) GetErrorPackets() uint64
- func (m *CLUSDatapathCounter) GetFragments() uint64
- func (m *CLUSDatapathCounter) GetFreedAssemblys() uint64
- func (m *CLUSDatapathCounter) GetFreedFragments() uint64
- func (m *CLUSDatapathCounter) GetGoRoutines() uint32
- func (m *CLUSDatapathCounter) GetICMPPackets() uint64
- func (m *CLUSDatapathCounter) GetICMPSessions() uint64
- func (m *CLUSDatapathCounter) GetIPSessions() uint64
- func (m *CLUSDatapathCounter) GetIPv4Packets() uint64
- func (m *CLUSDatapathCounter) GetIPv6Packets() uint64
- func (m *CLUSDatapathCounter) GetLimitDropConns() uint64
- func (m *CLUSDatapathCounter) GetLimitPassConns() uint64
- func (m *CLUSDatapathCounter) GetLsof() []byte
- func (m *CLUSDatapathCounter) GetNoWorkloadPackets() uint64
- func (m *CLUSDatapathCounter) GetOtherPackets() uint64
- func (m *CLUSDatapathCounter) GetPS() []byte
- func (m *CLUSDatapathCounter) GetParserPackets() []uint64
- func (m *CLUSDatapathCounter) GetParserSessions() []uint64
- func (m *CLUSDatapathCounter) GetPolicyDomainIPs() uint32
- func (m *CLUSDatapathCounter) GetPolicyDomains() uint32
- func (m *CLUSDatapathCounter) GetPolicyType1Rules() uint32
- func (m *CLUSDatapathCounter) GetPolicyType2Rules() uint32
- func (m *CLUSDatapathCounter) GetProxyMeters() uint64
- func (m *CLUSDatapathCounter) GetRXDropPackets() uint64
- func (m *CLUSDatapathCounter) GetRXPackets() uint64
- func (m *CLUSDatapathCounter) GetTCPNoSessionPackets() uint64
- func (m *CLUSDatapathCounter) GetTCPPackets() uint64
- func (m *CLUSDatapathCounter) GetTCPSessions() uint64
- func (m *CLUSDatapathCounter) GetTXDropPackets() uint64
- func (m *CLUSDatapathCounter) GetTXPackets() uint64
- func (m *CLUSDatapathCounter) GetTimeoutFragments() uint64
- func (m *CLUSDatapathCounter) GetTotalSessions() uint64
- func (m *CLUSDatapathCounter) GetUDPPackets() uint64
- func (m *CLUSDatapathCounter) GetUDPSessions() uint64
- func (*CLUSDatapathCounter) ProtoMessage()
- func (m *CLUSDatapathCounter) Reset()
- func (m *CLUSDatapathCounter) String() string
- type CLUSDerivedDlpRule
- func (*CLUSDerivedDlpRule) Descriptor() ([]byte, []int)
- func (m *CLUSDerivedDlpRule) GetAction() uint32
- func (o *CLUSDerivedDlpRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
- func (m *CLUSDerivedDlpRule) GetName() string
- func (*CLUSDerivedDlpRule) ProtoMessage()
- func (m *CLUSDerivedDlpRule) Reset()
- func (m *CLUSDerivedDlpRule) String() string
- type CLUSDerivedDlpRuleArray
- func (*CLUSDerivedDlpRuleArray) Descriptor() ([]byte, []int)
- func (m *CLUSDerivedDlpRuleArray) GetApplyDir() int32
- func (m *CLUSDerivedDlpRuleArray) GetDefAct() uint32
- func (m *CLUSDerivedDlpRuleArray) GetDlpRules() []*CLUSDerivedDlpRule
- func (m *CLUSDerivedDlpRuleArray) GetMode() string
- func (m *CLUSDerivedDlpRuleArray) GetRids() []uint32
- func (m *CLUSDerivedDlpRuleArray) GetRuleType() string
- func (m *CLUSDerivedDlpRuleArray) GetWafRules() []*CLUSDerivedDlpRule
- func (m *CLUSDerivedDlpRuleArray) GetWafrids() []uint32
- func (m *CLUSDerivedDlpRuleArray) GetWlMacs() []string
- func (*CLUSDerivedDlpRuleArray) ProtoMessage()
- func (m *CLUSDerivedDlpRuleArray) Reset()
- func (m *CLUSDerivedDlpRuleArray) String() string
- type CLUSDerivedDlpRuleEntry
- func (*CLUSDerivedDlpRuleEntry) Descriptor() ([]byte, []int)
- func (o *CLUSDerivedDlpRuleEntry) GetDomain(f GetAccessObjectFunc) ([]string, []string)
- func (m *CLUSDerivedDlpRuleEntry) GetID() uint32
- func (m *CLUSDerivedDlpRuleEntry) GetName() string
- func (m *CLUSDerivedDlpRuleEntry) GetPatterns() []string
- func (*CLUSDerivedDlpRuleEntry) ProtoMessage()
- func (m *CLUSDerivedDlpRuleEntry) Reset()
- func (m *CLUSDerivedDlpRuleEntry) String() string
- type CLUSDerivedDlpRuleEntryArray
- func (*CLUSDerivedDlpRuleEntryArray) Descriptor() ([]byte, []int)
- func (m *CLUSDerivedDlpRuleEntryArray) GetDlpRuleEntries() []*CLUSDerivedDlpRuleEntry
- func (*CLUSDerivedDlpRuleEntryArray) ProtoMessage()
- func (m *CLUSDerivedDlpRuleEntryArray) Reset()
- func (m *CLUSDerivedDlpRuleEntryArray) String() string
- type CLUSDerivedDlpRuleMac
- func (*CLUSDerivedDlpRuleMac) Descriptor() ([]byte, []int)
- func (o *CLUSDerivedDlpRuleMac) GetDomain(f GetAccessObjectFunc) ([]string, []string)
- func (m *CLUSDerivedDlpRuleMac) GetMac() string
- func (*CLUSDerivedDlpRuleMac) ProtoMessage()
- func (m *CLUSDerivedDlpRuleMac) Reset()
- func (m *CLUSDerivedDlpRuleMac) String() string
- type CLUSDerivedDlpRuleMacArray
- type CLUSDerivedDlpRuleMap
- type CLUSDerivedFileRule
- func (*CLUSDerivedFileRule) Descriptor() ([]byte, []int)
- func (m *CLUSDerivedFileRule) GetApps() []string
- func (m *CLUSDerivedFileRule) GetBehavior() string
- func (m *CLUSDerivedFileRule) GetCfgType() string
- func (m *CLUSDerivedFileRule) GetFilter() string
- func (m *CLUSDerivedFileRule) GetGroupName() string
- func (m *CLUSDerivedFileRule) GetPath() string
- func (m *CLUSDerivedFileRule) GetRecursive() bool
- func (m *CLUSDerivedFileRule) GetRegex() string
- func (*CLUSDerivedFileRule) ProtoMessage()
- func (m *CLUSDerivedFileRule) Reset()
- func (m *CLUSDerivedFileRule) String() string
- type CLUSDerivedFileRuleArray
- type CLUSDerivedPolicyApp
- func (*CLUSDerivedPolicyApp) Descriptor() ([]byte, []int)
- func (m *CLUSDerivedPolicyApp) GetAction() uint32
- func (m *CLUSDerivedPolicyApp) GetApp() uint32
- func (m *CLUSDerivedPolicyApp) GetRuleID() uint32
- func (*CLUSDerivedPolicyApp) ProtoMessage()
- func (m *CLUSDerivedPolicyApp) Reset()
- func (m *CLUSDerivedPolicyApp) String() string
- type CLUSDerivedPolicyRule
- func (*CLUSDerivedPolicyRule) Descriptor() ([]byte, []int)
- func (m *CLUSDerivedPolicyRule) GetAction() uint32
- func (m *CLUSDerivedPolicyRule) GetApps() []*CLUSDerivedPolicyApp
- func (o *CLUSDerivedPolicyRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
- func (m *CLUSDerivedPolicyRule) GetDstIP() []byte
- func (m *CLUSDerivedPolicyRule) GetDstIPR() []byte
- func (m *CLUSDerivedPolicyRule) GetFQDN() string
- func (m *CLUSDerivedPolicyRule) GetID() uint32
- func (m *CLUSDerivedPolicyRule) GetIPProto() uint32
- func (m *CLUSDerivedPolicyRule) GetIngress() bool
- func (m *CLUSDerivedPolicyRule) GetPort() uint32
- func (m *CLUSDerivedPolicyRule) GetPortR() uint32
- func (m *CLUSDerivedPolicyRule) GetSrcIP() []byte
- func (m *CLUSDerivedPolicyRule) GetSrcIPR() []byte
- func (*CLUSDerivedPolicyRule) ProtoMessage()
- func (m *CLUSDerivedPolicyRule) Reset()
- func (m *CLUSDerivedPolicyRule) String() string
- type CLUSDerivedPolicyRuleArray
- type CLUSDerivedPolicyRuleMap
- type CLUSDerivedProcessRule
- func (*CLUSDerivedProcessRule) Descriptor() ([]byte, []int)
- func (m *CLUSDerivedProcessRule) GetAction() string
- func (m *CLUSDerivedProcessRule) GetCfgType() string
- func (m *CLUSDerivedProcessRule) GetCreatedAt() uint64
- func (m *CLUSDerivedProcessRule) GetGroupName() string
- func (m *CLUSDerivedProcessRule) GetName() string
- func (m *CLUSDerivedProcessRule) GetPath() string
- func (m *CLUSDerivedProcessRule) GetUpdateAt() uint64
- func (*CLUSDerivedProcessRule) ProtoMessage()
- func (m *CLUSDerivedProcessRule) Reset()
- func (m *CLUSDerivedProcessRule) String() string
- type CLUSDerivedProcessRuleArray
- type CLUSDevice
- type CLUSDistLocker
- type CLUSDlpCriteriaEntry
- type CLUSDlpGroup
- type CLUSDlpRule
- type CLUSDlpSensor
- type CLUSDlpSetting
- type CLUSDlpWorkloadRule
- type CLUSDomain
- type CLUSEULA
- type CLUSEventCondition
- type CLUSEventLog
- type CLUSFedAdmCtrlRulesData
- type CLUSFedClusterStatus
- type CLUSFedDoPingPoll
- type CLUSFedFileMonitorData
- type CLUSFedGroupsData
- type CLUSFedJoinedClusterList
- type CLUSFedJointClusterInfo
- type CLUSFedMasterClusterInfo
- type CLUSFedMembership
- type CLUSFedNetworkRulesData
- type CLUSFedProcessProfileData
- type CLUSFedResponseRulesData
- type CLUSFedRulesRevision
- type CLUSFedSystemConfigData
- type CLUSFileAccessFilterRule
- type CLUSFileAccessRule
- type CLUSFileAccessRuleArray
- type CLUSFileAccessRuleReq
- func (*CLUSFileAccessRuleReq) Descriptor() ([]byte, []int)
- func (m *CLUSFileAccessRuleReq) GetFilter() string
- func (m *CLUSFileAccessRuleReq) GetGroupName() string
- func (m *CLUSFileAccessRuleReq) GetPath() string
- func (*CLUSFileAccessRuleReq) ProtoMessage()
- func (m *CLUSFileAccessRuleReq) Reset()
- func (m *CLUSFileAccessRuleReq) String() string
- type CLUSFileMonitorFile
- func (*CLUSFileMonitorFile) Descriptor() ([]byte, []int)
- func (m *CLUSFileMonitorFile) GetFiles() []string
- func (m *CLUSFileMonitorFile) GetIsDir() bool
- func (m *CLUSFileMonitorFile) GetMask() uint64
- func (m *CLUSFileMonitorFile) GetPath() string
- func (m *CLUSFileMonitorFile) GetProtect() bool
- func (*CLUSFileMonitorFile) ProtoMessage()
- func (m *CLUSFileMonitorFile) Reset()
- func (m *CLUSFileMonitorFile) String() string
- type CLUSFileMonitorFileArray
- type CLUSFileMonitorFilter
- type CLUSFileMonitorProfile
- type CLUSFilePacket
- type CLUSFilter
- func (*CLUSFilter) Descriptor() ([]byte, []int)
- func (m *CLUSFilter) GetID() uint32
- func (m *CLUSFilter) GetLimit() uint32
- func (m *CLUSFilter) GetStart() uint32
- func (m *CLUSFilter) GetWorkload() string
- func (*CLUSFilter) ProtoMessage()
- func (m *CLUSFilter) Reset()
- func (m *CLUSFilter) String() string
- type CLUSFqdnIp
- type CLUSGCRKey
- type CLUSGraphOps
- func (*CLUSGraphOps) Descriptor() ([]byte, []int)
- func (m *CLUSGraphOps) GetAlias() string
- func (m *CLUSGraphOps) GetEndpoint() string
- func (m *CLUSGraphOps) GetFrom() string
- func (m *CLUSGraphOps) GetTo() string
- func (*CLUSGraphOps) ProtoMessage()
- func (m *CLUSGraphOps) Reset()
- func (m *CLUSGraphOps) String() string
- type CLUSGroup
- type CLUSGroupIPPolicy
- type CLUSGroupIPPolicyVer
- type CLUSHost
- type CLUSIBMSAConfig
- type CLUSIBMSAConfigNV
- type CLUSIBMSAOnboardData
- type CLUSIPAddr
- type CLUSIPPort
- type CLUSImage
- type CLUSImportTask
- type CLUSIncidentLog
- type CLUSKick
- type CLUSKickLoginSessionsRequest
- func (*CLUSKickLoginSessionsRequest) Descriptor() ([]byte, []int)
- func (m *CLUSKickLoginSessionsRequest) GetCtrlerID() string
- func (m *CLUSKickLoginSessionsRequest) GetServer() string
- func (m *CLUSKickLoginSessionsRequest) GetType() KickLoginSessionsType
- func (m *CLUSKickLoginSessionsRequest) GetUserFullname() string
- func (m *CLUSKickLoginSessionsRequest) GetUserName() string
- func (m *CLUSKickLoginSessionsRequest) GetUserServer() string
- func (*CLUSKickLoginSessionsRequest) ProtoMessage()
- func (m *CLUSKickLoginSessionsRequest) Reset()
- func (m *CLUSKickLoginSessionsRequest) String() string
- type CLUSLogFilter
- type CLUSLoginTokenInfo
- func (*CLUSLoginTokenInfo) Descriptor() ([]byte, []int)
- func (m *CLUSLoginTokenInfo) GetCtrlerID() string
- func (m *CLUSLoginTokenInfo) GetLoginID() string
- func (m *CLUSLoginTokenInfo) GetLoginToken() string
- func (m *CLUSLoginTokenInfo) GetUserFullname() string
- func (*CLUSLoginTokenInfo) ProtoMessage()
- func (m *CLUSLoginTokenInfo) Reset()
- func (m *CLUSLoginTokenInfo) String() string
- type CLUSMappedPort
- type CLUSMeter
- func (*CLUSMeter) Descriptor() ([]byte, []int)
- func (m *CLUSMeter) GetCount() uint32
- func (m *CLUSMeter) GetIdle() uint32
- func (m *CLUSMeter) GetLastCount() uint32
- func (m *CLUSMeter) GetLowerLimit() uint32
- func (m *CLUSMeter) GetMeterID() uint32
- func (m *CLUSMeter) GetPeerIP() []byte
- func (m *CLUSMeter) GetSpan() uint32
- func (m *CLUSMeter) GetTap() bool
- func (m *CLUSMeter) GetUpperLimit() uint32
- func (m *CLUSMeter) GetWorkload() string
- func (*CLUSMeter) ProtoMessage()
- func (m *CLUSMeter) Reset()
- func (m *CLUSMeter) String() string
- type CLUSMeterArray
- type CLUSMetry
- func (*CLUSMetry) Descriptor() ([]byte, []int)
- func (m *CLUSMetry) GetByteIn() uint64
- func (m *CLUSMetry) GetByteOut() uint64
- func (m *CLUSMetry) GetCPU() float64
- func (m *CLUSMetry) GetMemory() uint64
- func (m *CLUSMetry) GetPacketIn() uint64
- func (m *CLUSMetry) GetPacketOut() uint64
- func (m *CLUSMetry) GetSessionCurIn() uint32
- func (m *CLUSMetry) GetSessionCurOut() uint32
- func (m *CLUSMetry) GetSessionIn() uint32
- func (m *CLUSMetry) GetSessionOut() uint32
- func (*CLUSMetry) ProtoMessage()
- func (m *CLUSMetry) Reset()
- func (m *CLUSMetry) String() string
- type CLUSNetworkEP
- type CLUSPolicyRule
- type CLUSPolicyRuleCheck
- func (*CLUSPolicyRuleCheck) Descriptor() ([]byte, []int)
- func (m *CLUSPolicyRuleCheck) GetApplications() []uint32
- func (m *CLUSPolicyRuleCheck) GetCreatedTS() int64
- func (m *CLUSPolicyRuleCheck) GetDisabled() bool
- func (m *CLUSPolicyRuleCheck) GetFrom() string
- func (m *CLUSPolicyRuleCheck) GetID() uint32
- func (m *CLUSPolicyRuleCheck) GetLastModTS() int64
- func (m *CLUSPolicyRuleCheck) GetLearned() bool
- func (m *CLUSPolicyRuleCheck) GetPorts() string
- func (m *CLUSPolicyRuleCheck) GetTo() string
- func (*CLUSPolicyRuleCheck) ProtoMessage()
- func (m *CLUSPolicyRuleCheck) Reset()
- func (m *CLUSPolicyRuleCheck) String() string
- type CLUSPolicyRuleMismatch
- func (*CLUSPolicyRuleMismatch) Descriptor() ([]byte, []int)
- func (m *CLUSPolicyRuleMismatch) GetClusterRule() *CLUSPolicyRuleCheck
- func (m *CLUSPolicyRuleMismatch) GetLearnedRule() *CLUSPolicyRuleCheck
- func (*CLUSPolicyRuleMismatch) ProtoMessage()
- func (m *CLUSPolicyRuleMismatch) Reset()
- func (m *CLUSPolicyRuleMismatch) String() string
- type CLUSPolicySyncStatus
- func (*CLUSPolicySyncStatus) Descriptor() ([]byte, []int)
- func (m *CLUSPolicySyncStatus) GetGraphNodeCount() uint32
- func (m *CLUSPolicySyncStatus) GetLeader() bool
- func (m *CLUSPolicySyncStatus) GetLearnedRuleMax() uint32
- func (m *CLUSPolicySyncStatus) GetMismatches() []*CLUSPolicyRuleMismatch
- func (*CLUSPolicySyncStatus) ProtoMessage()
- func (m *CLUSPolicySyncStatus) Reset()
- func (m *CLUSPolicySyncStatus) String() string
- type CLUSPortApp
- type CLUSProbeContainer
- func (*CLUSProbeContainer) Descriptor() ([]byte, []int)
- func (m *CLUSProbeContainer) GetChildren() []int32
- func (m *CLUSProbeContainer) GetId() string
- func (m *CLUSProbeContainer) GetPid() int32
- func (m *CLUSProbeContainer) GetPortsMap() string
- func (*CLUSProbeContainer) ProtoMessage()
- func (m *CLUSProbeContainer) Reset()
- func (m *CLUSProbeContainer) String() string
- type CLUSProbeContainerArray
- type CLUSProbeProcess
- func (*CLUSProbeProcess) Descriptor() ([]byte, []int)
- func (m *CLUSProbeProcess) GetContainer() string
- func (m *CLUSProbeProcess) GetEuid() uint32
- func (m *CLUSProbeProcess) GetName() string
- func (m *CLUSProbeProcess) GetPid() int32
- func (m *CLUSProbeProcess) GetPpid() int32
- func (m *CLUSProbeProcess) GetReported() uint32
- func (m *CLUSProbeProcess) GetRuid() uint32
- func (m *CLUSProbeProcess) GetScanTimes() uint32
- func (m *CLUSProbeProcess) GetStartTime() uint64
- func (*CLUSProbeProcess) ProtoMessage()
- func (m *CLUSProbeProcess) Reset()
- func (m *CLUSProbeProcess) String() string
- type CLUSProbeProcessArray
- type CLUSProbeSummary
- func (*CLUSProbeSummary) Descriptor() ([]byte, []int)
- func (m *CLUSProbeSummary) GetContainerMap() uint32
- func (m *CLUSProbeSummary) GetContainerStops() uint32
- func (m *CLUSProbeSummary) GetFileMonEvents() uint32
- func (m *CLUSProbeSummary) GetFileMonFaDirMarks() uint32
- func (m *CLUSProbeSummary) GetFileMonFaDirs() uint32
- func (m *CLUSProbeSummary) GetFileMonFaMntRoots() uint32
- func (m *CLUSProbeSummary) GetFileMonFaPaths() uint32
- func (m *CLUSProbeSummary) GetFileMonFaRoots() uint32
- func (m *CLUSProbeSummary) GetFileMonFaRules() uint32
- func (m *CLUSProbeSummary) GetFileMonGroups() uint32
- func (m *CLUSProbeSummary) GetFileMonInDirs() uint32
- func (m *CLUSProbeSummary) GetFileMonInPaths() uint32
- func (m *CLUSProbeSummary) GetFileMonInWds() uint32
- func (m *CLUSProbeSummary) GetInotifyWatches() uint32
- func (m *CLUSProbeSummary) GetMaxEvalChanQueued() uint32
- func (m *CLUSProbeSummary) GetMaxGoroutines() uint32
- func (m *CLUSProbeSummary) GetNewProcesses() uint32
- func (m *CLUSProbeSummary) GetNewSuspicProc() uint32
- func (m *CLUSProbeSummary) GetPidContainerMap() uint32
- func (m *CLUSProbeSummary) GetPidProcMap() uint32
- func (m *CLUSProbeSummary) GetPidSet() uint32
- func (m *CLUSProbeSummary) GetProcBlockDirMonCnt() uint32
- func (m *CLUSProbeSummary) GetProcBlockEntryCnt() uint32
- func (m *CLUSProbeSummary) GetProcBlockMarks() uint32
- func (m *CLUSProbeSummary) GetProcBlockRoots() uint32
- func (m *CLUSProbeSummary) GetSessionTable() uint32
- func (m *CLUSProbeSummary) GetWLStorageWatch() uint32
- func (*CLUSProbeSummary) ProtoMessage()
- func (m *CLUSProbeSummary) Reset()
- func (m *CLUSProbeSummary) String() string
- type CLUSProcProfileArray
- type CLUSProcProfileReq
- func (*CLUSProcProfileReq) Descriptor() ([]byte, []int)
- func (m *CLUSProcProfileReq) GetAction() string
- func (m *CLUSProcProfileReq) GetGroupName() string
- func (m *CLUSProcProfileReq) GetHash() []byte
- func (m *CLUSProcProfileReq) GetName() string
- func (m *CLUSProcProfileReq) GetPath() string
- func (m *CLUSProcProfileReq) GetUid() int32
- func (m *CLUSProcProfileReq) GetUser() string
- func (*CLUSProcProfileReq) ProtoMessage()
- func (m *CLUSProcProfileReq) Reset()
- func (m *CLUSProcProfileReq) String() string
- type CLUSProcess
- func (*CLUSProcess) Descriptor() ([]byte, []int)
- func (m *CLUSProcess) GetAction() string
- func (m *CLUSProcess) GetCmds() []string
- func (m *CLUSProcess) GetEUid() uint32
- func (m *CLUSProcess) GetName() string
- func (m *CLUSProcess) GetPGid() uint32
- func (m *CLUSProcess) GetPPid() uint32
- func (m *CLUSProcess) GetPSid() uint32
- func (m *CLUSProcess) GetPid() uint32
- func (m *CLUSProcess) GetRUid() uint32
- func (m *CLUSProcess) GetRoot() bool
- func (m *CLUSProcess) GetStartAt() int64
- func (m *CLUSProcess) GetStatus() string
- func (m *CLUSProcess) GetUser() string
- func (*CLUSProcess) ProtoMessage()
- func (m *CLUSProcess) Reset()
- func (m *CLUSProcess) String() string
- type CLUSProcessArray
- type CLUSProcessProfile
- type CLUSProcessProfileEntry
- type CLUSProfilingRequest
- func (*CLUSProfilingRequest) Descriptor() ([]byte, []int)
- func (m *CLUSProfilingRequest) GetCmd() ProfilingCmd
- func (m *CLUSProfilingRequest) GetDuration() uint32
- func (m *CLUSProfilingRequest) GetMethods() []ProfilingMethod
- func (*CLUSProfilingRequest) ProtoMessage()
- func (m *CLUSProfilingRequest) Reset()
- func (m *CLUSProfilingRequest) String() string
- type CLUSProtoPort
- type CLUSProxy
- type CLUSPwdProfile
- type CLUSRegistryConfig
- type CLUSRegistryFilter
- type CLUSRegistryImageSummary
- type CLUSRegistryState
- type CLUSRegistryTypeDummy
- type CLUSReportResponse
- type CLUSResponseRule
- type CLUSResponseRuleOptionsDummy
- type CLUSRestServerInfo
- type CLUSRolePermission
- type CLUSRuleHead
- type CLUSScanConfig
- type CLUSScanReport
- type CLUSScanState
- type CLUSScannedVulInfo
- type CLUSScannedVulInfoSimple
- type CLUSScanner
- type CLUSScannerDB
- type CLUSScannerStats
- type CLUSSecretLog
- type CLUSServer
- type CLUSServerAuth
- type CLUSServerLDAP
- type CLUSServerOIDC
- type CLUSServerSAML
- type CLUSSession
- func (*CLUSSession) Descriptor() ([]byte, []int)
- func (m *CLUSSession) GetAge() uint32
- func (m *CLUSSession) GetApplication() uint32
- func (m *CLUSSession) GetClientAsmBytes() uint64
- func (m *CLUSSession) GetClientAsmPkts() uint32
- func (m *CLUSSession) GetClientBytes() uint64
- func (m *CLUSSession) GetClientIP() []byte
- func (m *CLUSSession) GetClientMAC() []byte
- func (m *CLUSSession) GetClientPkts() uint32
- func (m *CLUSSession) GetClientPort() uint32
- func (m *CLUSSession) GetClientState() uint32
- func (o *CLUSSession) GetDomain(f GetAccessObjectFunc) ([]string, []string)
- func (m *CLUSSession) GetEtherType() uint32
- func (m *CLUSSession) GetHostMode() bool
- func (m *CLUSSession) GetICMPCode() uint32
- func (m *CLUSSession) GetICMPType() uint32
- func (m *CLUSSession) GetID() uint32
- func (m *CLUSSession) GetIPProto() uint32
- func (m *CLUSSession) GetIdle() uint32
- func (m *CLUSSession) GetIngress() bool
- func (m *CLUSSession) GetLife() uint32
- func (m *CLUSSession) GetMid() bool
- func (m *CLUSSession) GetPolicyAction() uint32
- func (m *CLUSSession) GetPolicyId() uint32
- func (m *CLUSSession) GetServerAsmBytes() uint64
- func (m *CLUSSession) GetServerAsmPkts() uint32
- func (m *CLUSSession) GetServerBytes() uint64
- func (m *CLUSSession) GetServerIP() []byte
- func (m *CLUSSession) GetServerMAC() []byte
- func (m *CLUSSession) GetServerPkts() uint32
- func (m *CLUSSession) GetServerPort() uint32
- func (m *CLUSSession) GetServerState() uint32
- func (m *CLUSSession) GetTap() bool
- func (m *CLUSSession) GetWorkload() string
- func (m *CLUSSession) GetXffApp() uint32
- func (m *CLUSSession) GetXffIP() []byte
- func (m *CLUSSession) GetXffPort() uint32
- func (*CLUSSession) ProtoMessage()
- func (m *CLUSSession) Reset()
- func (m *CLUSSession) String() string
- type CLUSSessionArray
- type CLUSSessionCounter
- func (*CLUSSessionCounter) Descriptor() ([]byte, []int)
- func (m *CLUSSessionCounter) GetCurICMPSessions() uint32
- func (m *CLUSSessionCounter) GetCurIPSessions() uint32
- func (m *CLUSSessionCounter) GetCurSessions() uint32
- func (m *CLUSSessionCounter) GetCurTCPSessions() uint32
- func (m *CLUSSessionCounter) GetCurUDPSessions() uint32
- func (*CLUSSessionCounter) ProtoMessage()
- func (m *CLUSSessionCounter) Reset()
- func (m *CLUSSessionCounter) String() string
- type CLUSSetIdPermLog
- type CLUSSniffer
- func (*CLUSSniffer) Descriptor() ([]byte, []int)
- func (m *CLUSSniffer) GetAgentID() string
- func (m *CLUSSniffer) GetArgs() string
- func (m *CLUSSniffer) GetFileNumber() uint32
- func (m *CLUSSniffer) GetID() string
- func (m *CLUSSniffer) GetSize() int64
- func (m *CLUSSniffer) GetStartTime() int64
- func (m *CLUSSniffer) GetStatus() SnifferStatus
- func (m *CLUSSniffer) GetStopTime() int64
- func (m *CLUSSniffer) GetWorkloadID() string
- func (*CLUSSniffer) ProtoMessage()
- func (m *CLUSSniffer) Reset()
- func (m *CLUSSniffer) String() string
- type CLUSSnifferArray
- type CLUSSnifferDownload
- type CLUSSnifferDummy
- type CLUSSnifferFilter
- type CLUSSnifferPcap
- type CLUSSnifferRequest
- func (*CLUSSnifferRequest) Descriptor() ([]byte, []int)
- func (m *CLUSSnifferRequest) GetCmd() SnifferCmd
- func (m *CLUSSnifferRequest) GetDurationInSecond() uint32
- func (m *CLUSSnifferRequest) GetFileNumber() uint32
- func (m *CLUSSnifferRequest) GetFileSizeInMB() uint32
- func (m *CLUSSnifferRequest) GetFilter() string
- func (m *CLUSSnifferRequest) GetID() string
- func (m *CLUSSnifferRequest) GetWorkloadID() string
- func (*CLUSSnifferRequest) ProtoMessage()
- func (m *CLUSSnifferRequest) Reset()
- func (m *CLUSSnifferRequest) String() string
- type CLUSSnifferResponse
- type CLUSSpecSubnet
- type CLUSStats
- func (*CLUSStats) Descriptor() ([]byte, []int)
- func (m *CLUSStats) GetInterval() uint32
- func (m *CLUSStats) GetReadAt() int64
- func (m *CLUSStats) GetSpan1() *CLUSMetry
- func (m *CLUSStats) GetSpan12() *CLUSMetry
- func (m *CLUSStats) GetSpan60() *CLUSMetry
- func (m *CLUSStats) GetTotal() *CLUSMetry
- func (*CLUSStats) ProtoMessage()
- func (m *CLUSStats) Reset()
- func (m *CLUSStats) String() string
- type CLUSStoreWatcherInfo
- func (*CLUSStoreWatcherInfo) Descriptor() ([]byte, []int)
- func (m *CLUSStoreWatcherInfo) GetAction() StoreWatcherAction
- func (m *CLUSStoreWatcherInfo) GetCtrlerID() string
- func (m *CLUSStoreWatcherInfo) GetKey() string
- func (*CLUSStoreWatcherInfo) ProtoMessage()
- func (m *CLUSStoreWatcherInfo) Reset()
- func (m *CLUSStoreWatcherInfo) String() string
- type CLUSSubnet
- type CLUSSyncReply
- type CLUSSyncRequest
- type CLUSSyslogConfig
- type CLUSSystemConfig
- type CLUSSystemUsageReport
- type CLUSThreatLog
- type CLUSUser
- type CLUSUserRole
- type CLUSUserRoleInternal
- type CLUSVolume
- type CLUSVulnerabilityProfile
- type CLUSVulnerabilityProfileEntry
- type CLUSWafCriteriaEntry
- type CLUSWafGroup
- type CLUSWafRule
- type CLUSWafSensor
- type CLUSWafSetting
- type CLUSWafWorkloadRule
- type CLUSWebhook
- type CLUSWorkload
- type CLUSWorkloadAddr
- type CLUSWorkloadConfig
- type CLUSWorkloadDlpRules
- type CLUSWorkloadIntercept
- func (*CLUSWorkloadIntercept) Descriptor() ([]byte, []int)
- func (m *CLUSWorkloadIntercept) GetID() string
- func (m *CLUSWorkloadIntercept) GetInline() bool
- func (m *CLUSWorkloadIntercept) GetPorts() []*CLUSWorkloadInterceptPort
- func (m *CLUSWorkloadIntercept) GetQuarantine() bool
- func (*CLUSWorkloadIntercept) ProtoMessage()
- func (m *CLUSWorkloadIntercept) Reset()
- func (m *CLUSWorkloadIntercept) String() string
- type CLUSWorkloadInterceptPort
- func (*CLUSWorkloadInterceptPort) Descriptor() ([]byte, []int)
- func (m *CLUSWorkloadInterceptPort) GetBCMAC() []byte
- func (m *CLUSWorkloadInterceptPort) GetEnforcerRules() string
- func (m *CLUSWorkloadInterceptPort) GetExPort() string
- func (m *CLUSWorkloadInterceptPort) GetExPortRules() string
- func (m *CLUSWorkloadInterceptPort) GetInPort() string
- func (m *CLUSWorkloadInterceptPort) GetInPortRules() string
- func (m *CLUSWorkloadInterceptPort) GetMAC() []byte
- func (m *CLUSWorkloadInterceptPort) GetPeer() string
- func (m *CLUSWorkloadInterceptPort) GetPort() string
- func (m *CLUSWorkloadInterceptPort) GetUCMAC() []byte
- func (*CLUSWorkloadInterceptPort) ProtoMessage()
- func (m *CLUSWorkloadInterceptPort) Reset()
- func (m *CLUSWorkloadInterceptPort) String() string
- type CLUSWorkloadScanDummy
- type CLUSWorkloadWafRules
- type CLUSX509Cert
- type ContainerStats
- type ControllerAgentServiceClient
- type ControllerAgentServiceServer
- type ControllerCapServiceClient
- type ControllerCapServiceServer
- type ControllerCtrlServiceClient
- type ControllerCtrlServiceServer
- type ControllerCtrlService_ReqSyncStreamClient
- type ControllerCtrlService_ReqSyncStreamServer
- type ControllerScanServiceClient
- type ControllerScanServiceServer
- type ControllerScanService_ScannerRegisterStreamClient
- type ControllerScanService_ScannerRegisterStreamServer
- type ControllerUpgradeServiceClient
- type ControllerUpgradeServiceServer
- type ControllerUpgradeService_UpgradeScannerDBClient
- type ControllerUpgradeService_UpgradeScannerDBServer
- type EnforcerCapServiceClient
- type EnforcerCapServiceServer
- type EnforcerScanServiceClient
- type EnforcerScanServiceServer
- type EnforcerServiceClient
- type EnforcerServiceServer
- type EnforcerService_GetContainerLogsClient
- type EnforcerService_GetContainerLogsServer
- type EnforcerService_GetMeterListClient
- type EnforcerService_GetMeterListServer
- type EnforcerService_GetSessionListClient
- type EnforcerService_GetSessionListServer
- type EnforcerService_GetSnifferPcapClient
- type EnforcerService_GetSnifferPcapServer
- type GetAccessObjectFunc
- type GroupRoleMapping
- type KickLoginSessionsType
- type ProbeContainerStart
- type ProcRule
- type ProcRuleMap
- type ProfilingCmd
- type ProfilingMethod
- type RPCVoid
- type ReportRespAction
- type ScanAppPackage
- func (*ScanAppPackage) Descriptor() ([]byte, []int)
- func (m *ScanAppPackage) GetAppName() string
- func (m *ScanAppPackage) GetFileName() string
- func (m *ScanAppPackage) GetModuleName() string
- func (m *ScanAppPackage) GetVersion() string
- func (*ScanAppPackage) ProtoMessage()
- func (m *ScanAppPackage) Reset()
- func (m *ScanAppPackage) String() string
- type ScanAppRequest
- type ScanAwsLambdaRequest
- func (*ScanAwsLambdaRequest) Descriptor() ([]byte, []int)
- func (m *ScanAwsLambdaRequest) GetFuncLink() string
- func (m *ScanAwsLambdaRequest) GetFuncName() string
- func (m *ScanAwsLambdaRequest) GetRegion() string
- func (m *ScanAwsLambdaRequest) GetResType() string
- func (m *ScanAwsLambdaRequest) GetScanSecrets() bool
- func (*ScanAwsLambdaRequest) ProtoMessage()
- func (m *ScanAwsLambdaRequest) Reset()
- func (m *ScanAwsLambdaRequest) String() string
- type ScanData
- type ScanErrorCode
- type ScanImageRequest
- func (*ScanImageRequest) Descriptor() ([]byte, []int)
- func (m *ScanImageRequest) GetBaseImage() string
- func (m *ScanImageRequest) GetPassword() string
- func (m *ScanImageRequest) GetProxy() string
- func (m *ScanImageRequest) GetRegistry() string
- func (m *ScanImageRequest) GetRepository() string
- func (m *ScanImageRequest) GetScanLayers() bool
- func (m *ScanImageRequest) GetScanSecrets() bool
- func (m *ScanImageRequest) GetTag() string
- func (m *ScanImageRequest) GetUsername() string
- func (*ScanImageRequest) ProtoMessage()
- func (m *ScanImageRequest) Reset()
- func (m *ScanImageRequest) String() string
- type ScanLayerResult
- func (*ScanLayerResult) Descriptor() ([]byte, []int)
- func (m *ScanLayerResult) GetCmds() string
- func (m *ScanLayerResult) GetDigest() string
- func (m *ScanLayerResult) GetSecrets() *ScanSecretResult
- func (m *ScanLayerResult) GetSize() int64
- func (m *ScanLayerResult) GetVuls() []*ScanVulnerability
- func (*ScanLayerResult) ProtoMessage()
- func (m *ScanLayerResult) Reset()
- func (m *ScanLayerResult) String() string
- type ScanModule
- func (*ScanModule) Descriptor() ([]byte, []int)
- func (m *ScanModule) GetCPEs() []string
- func (m *ScanModule) GetName() string
- func (m *ScanModule) GetSource() string
- func (m *ScanModule) GetVersion() string
- func (m *ScanModule) GetVuls() []*ScanModuleVul
- func (*ScanModule) ProtoMessage()
- func (m *ScanModule) Reset()
- func (m *ScanModule) String() string
- type ScanModuleVul
- type ScanObjectType
- type ScanProvider
- type ScanResult
- func (*ScanResult) Descriptor() ([]byte, []int)
- func (m *ScanResult) GetAuthor() string
- func (m *ScanResult) GetCVEDBCreateTime() string
- func (m *ScanResult) GetCmds() []string
- func (m *ScanResult) GetContainerID() string
- func (m *ScanResult) GetDigest() string
- func (m *ScanResult) GetEnvs() []string
- func (m *ScanResult) GetError() ScanErrorCode
- func (m *ScanResult) GetHostID() string
- func (m *ScanResult) GetImageID() string
- func (m *ScanResult) GetLabels() map[string]string
- func (m *ScanResult) GetLayers() []*ScanLayerResult
- func (m *ScanResult) GetModules() []*ScanModule
- func (m *ScanResult) GetNamespace() string
- func (m *ScanResult) GetPlatform() string
- func (m *ScanResult) GetPlatformVersion() string
- func (m *ScanResult) GetProvider() ScanProvider
- func (m *ScanResult) GetRegistry() string
- func (m *ScanResult) GetRepository() string
- func (m *ScanResult) GetSecrets() *ScanSecretResult
- func (m *ScanResult) GetSetIdPerms() []*ScanSetIdPermLog
- func (m *ScanResult) GetSize() int64
- func (m *ScanResult) GetTag() string
- func (m *ScanResult) GetVersion() string
- func (m *ScanResult) GetVuls() []*ScanVulnerability
- func (*ScanResult) ProtoMessage()
- func (m *ScanResult) Reset()
- func (m *ScanResult) String() string
- type ScanRunningRequest
- func (*ScanRunningRequest) Descriptor() ([]byte, []int)
- func (m *ScanRunningRequest) GetAgentID() string
- func (m *ScanRunningRequest) GetAgentRPCEndPoint() string
- func (m *ScanRunningRequest) GetID() string
- func (m *ScanRunningRequest) GetType() ScanObjectType
- func (*ScanRunningRequest) ProtoMessage()
- func (m *ScanRunningRequest) Reset()
- func (m *ScanRunningRequest) String() string
- type ScanSecretLog
- func (*ScanSecretLog) Descriptor() ([]byte, []int)
- func (m *ScanSecretLog) GetFile() string
- func (m *ScanSecretLog) GetRuleDesc() string
- func (m *ScanSecretLog) GetSuggestion() string
- func (m *ScanSecretLog) GetText() string
- func (m *ScanSecretLog) GetType() string
- func (*ScanSecretLog) ProtoMessage()
- func (m *ScanSecretLog) Reset()
- func (m *ScanSecretLog) String() string
- type ScanSecretResult
- type ScanSetIdPermLog
- func (*ScanSetIdPermLog) Descriptor() ([]byte, []int)
- func (m *ScanSetIdPermLog) GetEvidence() string
- func (m *ScanSetIdPermLog) GetFile() string
- func (m *ScanSetIdPermLog) GetType() string
- func (*ScanSetIdPermLog) ProtoMessage()
- func (m *ScanSetIdPermLog) Reset()
- func (m *ScanSetIdPermLog) String() string
- type ScanVulStatus
- type ScanVulnerability
- func (*ScanVulnerability) Descriptor() ([]byte, []int)
- func (m *ScanVulnerability) GetCPEs() []string
- func (m *ScanVulnerability) GetCVEs() []string
- func (m *ScanVulnerability) GetDescription() string
- func (m *ScanVulnerability) GetFeedRating() string
- func (m *ScanVulnerability) GetFixedVersion() string
- func (m *ScanVulnerability) GetInBase() bool
- func (m *ScanVulnerability) GetLastModifiedDate() string
- func (m *ScanVulnerability) GetLink() string
- func (m *ScanVulnerability) GetName() string
- func (m *ScanVulnerability) GetPackageName() string
- func (m *ScanVulnerability) GetPackageVersion() string
- func (m *ScanVulnerability) GetPublishedDate() string
- func (m *ScanVulnerability) GetScore() float32
- func (m *ScanVulnerability) GetScoreV3() float32
- func (m *ScanVulnerability) GetSeverity() string
- func (m *ScanVulnerability) GetVectors() string
- func (m *ScanVulnerability) GetVectorsV3() string
- func (*ScanVulnerability) ProtoMessage()
- func (m *ScanVulnerability) Reset()
- func (m *ScanVulnerability) String() string
- type ScannerDeregisterData
- type ScannerRegisterData
- func (*ScannerRegisterData) Descriptor() ([]byte, []int)
- func (m *ScannerRegisterData) GetCVEDB() map[string]*ScanVulnerability
- func (m *ScannerRegisterData) GetCVEDBCreateTime() string
- func (m *ScannerRegisterData) GetCVEDBVersion() string
- func (m *ScannerRegisterData) GetID() string
- func (m *ScannerRegisterData) GetRPCServer() string
- func (m *ScannerRegisterData) GetRPCServerPort() uint32
- func (*ScannerRegisterData) ProtoMessage()
- func (m *ScannerRegisterData) Reset()
- func (m *ScannerRegisterData) String() string
- type ScannerServiceClient
- type ScannerServiceServer
- type SecretLog
- type SnifferCmd
- type SnifferStatus
- type StoreWatcherAction
- type TCfgType
- type TLogAudit
- type TLogEvent
- type TLogIncident
- type TReviewType
Constants ¶
const ( // All PERM_xyz_BASIC permissions can be enabled/disabled indirectly by enabling/disabling some composite permission(s) PERM_IBMSA = 0x00000001 // hidden(non-configurable by user), only for IBM SA to set up with NV PERM_FED = 0x00000002 // hidden(non-configurable by user), only for fedAdmin role PERM_NV_RESOURCE = 0x00000004 // hidden(non-configurable by user), for accessing controller/enforcer/scanner. No custom role can have this permission. PERM_RUNTIME_SCAN_BASIC = 0x00000008 // platform/host/container scan. namespaced PERM_REG_SCAN = 0x00000010 // namespaced PERM_CICD_SCAN = 0x00000020 // (modify only) for scanning serverless & container image PERM_INFRA_BASIC = 0x00000040 // for accessing host/platform/domain. PERM_NETWORK_POLICY_BASIC = 0x00000080 // network policy. namespaced PERM_SYSTEM_POLICY_BASIC = 0x00000100 // file/process profiles, response rules, dlp. namespaced PERM_GROUP_BASIC = 0x00000200 // group. namespaced PERM_ADM_CONTROL = 0x00000400 PERM_COMPLIANCE_BASIC = 0x00000800 // namespaced PERM_AUDIT_EVENTS = 0x00001000 // (view only) namespaced PERM_SECURITY_EVENTS_BASIC = 0x00002000 // (view only) namespaced PERM_EVENTS = 0x00004000 // (view only) namespaced PERM_AUTHENTICATION = 0x00008000 // for ldap/SAML/OpenID configuration PERM_AUTHORIZATION = 0x00010000 // for users/roles configuration. namespaced(None user who is admin of domain A can create/config/delete another None user who has role in dmain A). namespaced PERM_SYSTEM_CONFIG = 0x00020000 // include license PERM_CLOUD = 0x00040000 // for cloud services like aws lambda PERM_WORKLOAD_BASIC = 0x00080000 // workload(pod). namespaced PERM_VULNERABILITY = 0x00100000 // for vulnerability profile // composite permissions (~= permanent boost) PERMS_RUNTIME_SCAN = PERM_RUNTIME_SCAN_BASIC | PERM_WORKLOAD_BASIC | PERM_INFRA_BASIC PERMS_RUNTIME_POLICIES = PERM_GROUP_BASIC | PERM_NETWORK_POLICY_BASIC | PERM_SYSTEM_POLICY_BASIC | PERM_WORKLOAD_BASIC PERMS_COMPLIANCE = PERM_COMPLIANCE_BASIC | PERM_WORKLOAD_BASIC | PERM_INFRA_BASIC PERMS_SECURITY_EVENTS = PERM_SECURITY_EVENTS_BASIC | PERM_WORKLOAD_BASIC PERMS_PWD_PROFILE = PERM_AUTHORIZATION | PERM_SYSTEM_CONFIG // Effective permissions for domain admin/reader roles. Even for the reserved admin/reader roles assigned to domain, they cannot access controller/enforcer objects(PERM_NV_RESOURCE) PERMS_DOMAIN_READ = PERM_RUNTIME_SCAN_BASIC | PERM_REG_SCAN | PERM_NETWORK_POLICY_BASIC | PERM_SYSTEM_POLICY_BASIC | PERM_GROUP_BASIC | PERM_WORKLOAD_BASIC | PERM_COMPLIANCE_BASIC | PERM_AUTHORIZATION | PERM_SYSTEM_CONFIG | PERM_AUDIT_EVENTS | PERM_SECURITY_EVENTS_BASIC | PERM_EVENTS // all read permissions a domain admin could have eventually PERMS_DOMAIN_WRITE = PERM_RUNTIME_SCAN_BASIC | PERM_REG_SCAN | PERM_NETWORK_POLICY_BASIC | PERM_SYSTEM_POLICY_BASIC | PERM_GROUP_BASIC | PERM_WORKLOAD_BASIC | PERM_COMPLIANCE_BASIC | PERM_AUTHORIZATION // all write permissions a domain admin could have eventually PERMS_DOMAIN = PERMS_DOMAIN_READ | PERMS_DOMAIN_WRITE // sum of all permissions that are supporedt in domain // customer-configurable permissions: (PERM_NV_RESOURCE is non-customer-configurable permission) PERMS_GLOBAL_CONFIGURABLE_READ = PERM_ADM_CONTROL | PERM_AUTHENTICATION | PERM_CLOUD | PERM_INFRA_BASIC | PERM_VULNERABILITY | PERMS_DOMAIN_READ // sum of all configurable(non-hidden) read permissions PERMS_GLOBAL_CONFIGURABLE_WRITE = PERM_ADM_CONTROL | PERM_AUTHENTICATION | PERM_CLOUD | PERM_INFRA_BASIC | PERM_VULNERABILITY | PERMS_DOMAIN_WRITE | PERM_SYSTEM_CONFIG | PERM_CICD_SCAN // sum of all configurable(non-hidden) write permissions // Effective permissions for reserved fedAdmin/fedReader/admin/reader roles on global domain, only they have PERM_NV_RESOURCE permission PERMS_CLUSTER_READ = PERM_NV_RESOURCE | PERMS_GLOBAL_CONFIGURABLE_READ PERMS_CLUSTER_WRITE = PERM_NV_RESOURCE | PERMS_GLOBAL_CONFIGURABLE_WRITE PERMS_CLUSTER = PERMS_CLUSTER_READ | PERMS_CLUSTER_WRITE // sum of all permissions that are supported in cluster PERMS_FED_READ = PERM_FED | PERMS_CLUSTER_READ PERMS_FED_WRITE = PERM_FED | PERMS_CLUSTER_WRITE PERMS_FED = PERMS_FED_READ | PERMS_FED_WRITE // sum of all permissions that are supported in fed )
const ( PERM_IBMSA_ID = "ibmsa" // hidden to user in 4.0 PERM_FED_ID = "fed" // hidden to user when it's not master cluster PERM_NV_RESOURCE_ID = "nv_resource" // hidden to user in 4.0 PERM_REG_SCAN_ID = "reg_scan" PERM_CICD_SCAN_ID = "ci_scan" PERM_ADM_CONTROL_ID = "admctrl" PERM_AUDIT_EVENTS_ID = "audit_events" PERM_EVENTS_ID = "events" PERM_AUTHENTICATION_ID = "authentication" PERM_AUTHORIZATION_ID = "authorization" PERM_SYSTEM_CONFIG_ID = "config" PERM_CLOUD_ID = "cloud" PERM_INFRA_BASIC_ID = "infra_basic" PERM_RUNTIME_SCAN_BASIC_ID = "rt_scan_basic" PERM_NETWORK_POLICY_BASIC_ID = "nw_policy_basic" PERM_SYSTEM_POLICY_BASIC_ID = "sys_policy_basic" PERM_GROUP_BASIC_ID = "group_basic" PERM_COMPLIANCE_BASIC_ID = "compliance_basic" PERM_SECURITY_EVENTS_BASIC_ID = "security_events_basic" PERM_WORKLOAD_BASIC_ID = "workload_basic" PERM_VULNERABILITY_ID = "vulnerability" // complex permissions, can be seen by customers PERMS_RUNTIME_SCAN_ID = "rt_scan" // == PERM_RUNTIME_SCAN_BASIC | PERM_WORKLOAD_BASIC | PERM_INFRA_BASIC PERMS_RUNTIME_POLICIES_ID = "rt_policy" // == PERM_GROUP_BASIC + PERM_NETWORK_POLICY_BASIC | PERM_SYSTEM_POLICY_BASIC | PERM_WORKLOAD_BASIC PERMS_COMPLIANCE_ID = "compliance" // == PERM_COMPLIANCE_BASIC | PERM_WORKLOAD_BASIC | PERM_INFRA_BASIC PERMS_SECURITY_EVENTS_ID = "security_events" // == PERM_SECURITY_EVENTS_BASIC | PERM_WORKLOAD_BASIC )
const ( CFGEndpointSystem = "system" CFGEndpointEULA = "eula" CFGEndpointScan = "scan" CFGEndpointUser = "user" CFGEndpointServer = "server" CFGEndpointGroup = "group" CFGEndpointPolicy = "policy" CFGEndpointLicense = "license" CFGEndpointResponseRule = "response_rule" CFGEndpointProcessProfile = "process_profile" CFGEndpointRegistry = "registry" CFGEndpointDomain = "domain" CFGEndpointFileMonitor = "file_monitor" CFGEndpointFileAccessRule = "file_rule" CFGEndpointAdmissionControl = "admission_control" CFGEndpointCrd = "crd" CFGEndpointFederation = "federation" CFGEndpointDlpRule = "dlp_rule" CFGEndpointDlpGroup = "dlp_group" CFGEndpointWafRule = "waf_rule" CFGEndpointWafGroup = "waf_group" CFGEndpointScript = "script" CFGEndpointCloud = "cloud" CFGEndpointCompliance = "compliance" CFGEndpointVulnerability = "vulnerability" CFGEndpointUserRole = "user_role" CFGEndpointPwdProfile = "pwd_profile" )
const ( GroupKindContainer string = "container" GroupKindAddress string = "address" GroupKindIPService string = "ip_service" GroupKindExternal string = "external" GroupKindNode string = "node" )
const ( CLUSResCfgRule = "rule" CLUSResCfgRuleList = "rules" )
const ( // host: address is meaningful only on local host. Native container IP has this scope. CLUSIPAddrScopeLocalhost = "host" // global: address is global CLUSIPAddrScopeGlobal = "global" // nat: address for NAT access. Typically, this the address of the host. CLUSIPAddrScopeNAT = "nat" )
const ( Learned = iota + 1 UserCreated GroundCfg FederalCfg SystemDefined )
const ( WireInline string = "inline" WireDefault string = "default" )
const ( SpecInternalTunnelIP = "tunnelip" SpecInternalSvcIP = "svcip" SpecInternalHostIP = "hostip" SpecInternalDevIP = "devip" SpecInternalUwlIP = "uwlip" SpecInternalExtIP = "extip" )
Special internal subnet IP
const ( BenchLevelPass = "PASS" BenchLevelInfo = "INFO" BenchLevelWarn = "WARN" BenchLevelHigh = "HIGH" BenchLevelNote = "NOTE" BenchLevelError = "ERROR" BenchProfileL1 = "Level 1" BenchProfileL2 = "Level 2" )
const ( ScanFlagCVE = 0x01 ScanFlagLayers = 0x02 ScanFlagFiles = 0x04 )
This flag can be used to force rescan with the new controller
const ( AdmCtrlModeMonitor = "monitor" AdmCtrlModeProtect = "protect" AdmClientModeSvc = "service" AdmClientModeUrl = "url" AdmCtrlActionAllow = PolicyActionAllow AdmCtrlActionDeny = PolicyActionDeny )
Admission control
const ( CLUSAdmissionCfgCert = "cert" CLUSAdmissionCfgState = "state" CLUSAdmissionCfgRule = "rule" CLUSAdmissionCfgRuleList = "rules" CLUSAdmissionStatistics = "statistics" )
const ( FedAdmCtrlExceptRulesType = "fed_admctrl_exception" FedAdmCtrlDenyRulesType = "fed_admctrl_deny" FedNetworkRulesType = "fed_netwwork_rule" FedResponseRulesType = "fed_response_rule" FedGroupType = "fed_group" FedFileMonitorProfilesType = "fed_file_profile" FedProcessProfilesType = "fed_process_profile" FedSystemConfigType = "fed_system_config" )
Multi-Clusters (Federation)
const ( CriticalAdmCtrlExceptRulesType = "critical_allow" CrdAdmCtrlExceptRulesType = "crd_allow" CrdAdmCtrlDenyRulesType = "crd_deny" )
const ( DefaultComplianceProfileName = "default" DefaultVulnerabilityProfileName = "default" DefaultPolicyName = "default" // mapping of ScopeLocal FedPolicyName = "fed" // mapping of ScopeFed )
const ( ScopeLocal = "local" ScopeFed = "fed" ScopeAll = "" ScopeError = "error" )
const ( StartPingFedJoints = iota + 1 StopPingFedJoints StartPollFedMaster StopPollFedMaster InstantPollFedMaster InstantPingFedJoints JointLoadOwnKeys MasterLoadJointKeys PurgeJointKeys MasterUnloadJointKeys StartPostToIBMSA StopPostToIBMSA PostToIBMSA RestartWebhookServer )
const ( CLUSFedMembershipSubKey = "membership" CLUSFedClustersListSubKey = "clusters_list" CLUSFedClustersStatusSubKey = "clusters_status" CLUSFedClustersSubKey = "clusters" CLUSFedRulesRevisionSubKey = "rules_revision" CLUSFedToPingPollSubKey = "ping_poll" )
const ( CLUSFedMembershipKey = CLUSConfigFederationStore + CLUSFedMembershipSubKey // stores CLUSFedMembership CLUSFedClustersListKey = CLUSConfigFederationStore + CLUSFedClustersListSubKey // stores CLUSFedJoinedClusterList CLUSFedClustersStatusKey = CLUSConfigFederationStore + CLUSFedClustersStatusSubKey // each subkey stores CLUSFedClusterStatus CLUSFedClustersKey = CLUSConfigFederationStore + CLUSFedClustersSubKey // each subkey stores CLUSFedJointClusterInfo CLUSFedRulesRevisionKey = CLUSConfigFederationStore + CLUSFedRulesRevisionSubKey // stores CLUSFedRulesRevision CLUSFedToPingPollKey = CLUSConfigFederationStore + CLUSFedToPingPollSubKey // stores CLUSFedDoPingPoll CLUSFedSystemKey = CLUSConfigFederationStore + CFGEndpointSystem // stores CLUSFedSystemConfig )
const ( DlpPatternContextURI string = "url" DlpPatternContextHEAD string = "header" DlpPatternContextBODY string = "body" DlpPatternContextPACKET string = "packet" DlpPatternContextDefault string = "body" )
const ( CLUSDlpDefaultSensor = "sensor.dlpdfltnv" CLUSDlpSsnSensor = "sensor.ssn" CLUSDlpCcSensor = "sensor.creditcard" CLUSWafDefaultSensor = "sensor.wafdfltnv" )
const ( DlpRuleNameCreditCard string = "rule.creditcard" DlpRuleNameCcAxp string = "rule.americanexpress" DlpRuleNameCcDiscover string = "rule.discover" DlpRuleNameCcMaster string = "rule.master" DlpRuleNameCcVisa string = "rule.visa" DlpRuleNameCcDinerV1 string = "rule.diner1" DlpRuleNameCcDinerV2 string = "rule.diner2" DlpRuleNameCcJcb string = "rule.jcb" DlpRuleNameSsn string = "rule.ssn" )
const ( DlpWlRuleIn = "inside" DlpWlRuleOut = "outside" WafWlRuleIn = "wafinside" WafWlRuleOut = "wafoutside" )
const ( SecretPrivateKey string = "privatekey" // Private Key SecretX509 string = "x.509" // X.509 certificates (ignored) SecretProgram string = "program" // in specific program files SecretRegular string = "regular" // in other regular files )
///// Secret Types
const ( IMPORT_PREPARE = "preparing" IMPORT_RUNNING = "importing" IMPORT_DONE = "done" IMPORT_NO_RESPONSE = "no_response" )
Import task
const ( PREFIX_IMPORT_CONFIG = "import_" PREFIX_IMPORT_GROUP_POLICY = "group_import_" PREFIX_IMPORT_ADMCTRL = "admctrl_import_" PREFIX_IMPORT_WAF = "waf_import_" )
const ( IMPORT_TYPE_CONFIG = "" IMPORT_TYPE_GROUP_POLICY = "group" IMPORT_TYPE_ADMCTRL = "admctrl" IMPORT_TYPE_WAF = "waf" )
const ( ReviewTypeCRD = iota + 1 ReviewTypeImportGroup // interactive import ReviewTypeImportAdmCtrl // interactive import ReviewTypeImportWAF // interactive import )
const ( ReviewTypeDisplayCRD = "CRD" ReviewTypeDisplayGroup = "Group Policy" // interactive import ReviewTypeDisplayAdmission = "Admission Control Configurations" // interactive import ReviewTypeDisplayWAF = "WAF Configurations" // interactive import )
const ( CriteriaKeyImage string = "image" CriteriaKeyHost string = "node" CriteriaKeyWorkload string = "container" CriteriaKeyService string = "service" CriteriaKeyAddress string = "address" CriteriaKeyLabel string = "label" CriteriaKeyDomain string = "domain" CriteriaKeyNamespace string = "namespace" // CriteriaKeyApp string = "application" // CriteriaKeyWorkloadID string = "container_id" // CriteriaKeyGroup string = "nv.group" // CriteriaKeyCIDR string = "cidr" CriteriaKeyUser string = "user" CriteriaKeyK8sGroups string = "userGroups" CriteriaKeyImageRegistry string = "imageRegistry" CriteriaKeyLabels string = "labels" CriteriaKeyMountVolumes string = "mountVolumes" CriteriaKeyEnvVars string = "envVars" CriteriaKeyBaseImage string = "baseImage" CriteriaKeyCVENames string = "cveNames" CriteriaKeyCVEHighCount string = "cveHighCount" CriteriaKeyCVEMediumCount string = "cveMediumCount" CriteriaKeyCVEHighWithFixCount string = "cveHighWithFixCount" CriteriaKeyCVEScore string = "cveScore" CriteriaKeyCVEScoreCount string = "cveScoreCount" CriteriaKeyImageScanned string = "imageScanned" CriteriaKeyImageSigned string = "imageSigned" CriteriaKeyRunAsRoot string = "runAsRoot" CriteriaKeyRunAsPrivileged string = "runAsPrivileged" CriteriaKeyImageCompliance string = "imageCompliance" // secrets, setIdPerm from scanning image results CriteriaKeyEnvVarSecrets string = "envVarSecrets" // secrets from yaml resources CriteriaKeyImageNoOS string = "imageNoOS" CriteriaKeyAllowPrivEscalation string = "allowPrivEscalation" CriteriaKeyPspCompliance string = "pspCompliance" // psp compliance violation CriteriaKeyRequestLimit string = "resourceLimit" )
const ( SubCriteriaPublishDays string = "publishDays" SubCriteriaCount string = "count" SubCriteriaCpuRequest string = "cpuRequest" SubCriteriaCpuLimit string = "cpuLimit" SubCriteriaMemoryRequest string = "memoryRequest" SubCriteriaMemoryLimit string = "memoryLimit" )
const ( CriteriaOpEqual string = "=" CriteriaOpNotEqual string = "!=" CriteriaOpContains string = "contains" CriteriaOpPrefix string = "prefix" CriteriaOpRegex string = "regex" CriteriaOpNotRegex string = "!regex" CriteriaOpBiggerEqualThan string = ">=" CriteriaOpBiggerThan string = ">" CriteriaOpLessEqualThan string = "<=" CriteriaOpContainsAll string = "containsAll" CriteriaOpContainsAny string = "containsAny" CriteriaOpNotContainsAny string = "notContainsAny" CriteriaOpContainsOtherThan string = "containsOtherThan" )
const ( CriteriaValueTrue string = "true" CriteriaValueFalse string = "false" )
const ( NeuVectorLabelImage string = "neuvector.image" NeuVectorLabelRole string = "neuvector.role" NeuVectorRoleController string = "controller" NeuVectorRoleEnforcer string = "enforcer" NeuVectorRoleManager string = "manager" )
const ( PolicyModeLearn string = "Discover" PolicyModeEvaluate string = "Monitor" PolicyModeEnforce string = "Protect" )
const ( ProfileBasic string = "Default" ProfileShield string = "Shield" ProfileCrdBasic string = "default" ProfileCrdShield string = "shield" )
const ( PolicyActionOpen string = "open" // Policy is not enforced PolicyActionLearn string = "learn" PolicyActionAllow string = "allow" PolicyActionDeny string = "deny" PolicyActionViolate string = "violate" PolicyActionCheckApp string = "check_app" )
const ( VulnSeverityCritical string = "Critical" VulnSeverityHigh string = "High" VulnSeverityMedium string = "Medium" VulnSeverityLow string = "Low" )
const ( DlpRuleActionAllow string = "allow" DlpRuleActionDrop string = "deny" DlpRuleStatusEnable string = "enable" DlpRuleStatusDisable string = "disable" DlpRuleSeverityInfo string = "info" DlpRuleSeverityLow string = "low" DlpRuleSeverityMed string = "medium" DlpRuleSeverityHigh string = "high" DlpRuleSeverityCrit string = "critical" )
const ( PlatformDocker = "Docker" PlatformAmazonECS = "Amazon-ECS" PlatformKubernetes = "Kubernetes" PlatformRancher = "Rancher" PlatformAliyun = "Aliyun" FlavorSwarm = "Swarm" FlavorUCP = "UCP" FlavorOpenShift = "OpenShift" FlavorRancher = "Rancher" FlavorIKE = "IKE" FlavorGKE = "GKE" NetworkFlannel = "Flannel" NetworkCalico = "Calico" NetworkDefault = "Default" NetworkProxyMesh = "ProxyMeshLo" )
const ( ENV_PLATFORM_INFO = "NV_PLATFORM_INFO" ENV_SYSTEM_GROUPS = "NV_SYSTEM_GROUPS" ENV_DISABLE_PCAP = "DISABLE_PACKET_CAPTURE" )
const ( ENV_PLT_PLATFORM = "platform" ENV_PLT_INTF_PREFIX = "if-" ENV_PLT_INTF_HOST = "host" ENV_PLT_INTF_GLOBAL = "global" )
const ( RegistryTypeAWSECR = "Amazon ECR Registry" RegistryTypeAzureACR = "Azure Container Registry" RegistryTypeDocker = "Docker Registry" RegistryTypeGCR = "Google Container Registry" RegistryTypeJFrog = "JFrog Artifactory" RegistryTypeOpenShift = "OpenShift Registry" RegistryTypeRedhat_Deprecate = "Red Hat/OpenShift Registry" RegistryTypeRedhat = "Red Hat Public Registry" RegistryTypeSonatypeNexus = "Sonatype Nexus" RegistryTypeGitlab = "Gitlab" RegistryTypeIBMCloud = "IBM Cloud Container Registry" )
const ( JFrogModeRepositoryPath = "Repository Path" JFrogModeSubdomain = "Subdomain" JFrogModePort = "Port" )
const ( EventRuntime string = "security-event" // EventThreat + EventIncident + EventViolation + EventDlp +EventWaf EventEvent string = "event" EventActivity string = "activity" EventCVEReport string = "cve-report" EventThreat string = "threat" EventIncident string = "incident" EventViolation string = "violation" EventBenchmark_UNUSED string = "benchmark" EventCompliance string = "compliance" EventAdmCtrl string = "admission-control" EventDlp string = "dlp" EventServerless string = "serverless" EventWaf string = "waf" )
Response rule
const ( RuleAttribGroup string = "group" RuleAttribCriteria string = "criteria" RuleAttribAction string = "action" RuleAttribLogLevel string = "log-level" )
const ( EventCondTypeName string = "name" EventCondTypeCVEName string = "cve-name" EventCondTypeCVEHigh string = "cve-high" EventCondTypeCVEMedium string = "cve-medium" EventCondTypeLevel string = "level" EventCondTypeProc string = "process" EventCondTypeBenchNumber string = "number" )
const ( EventActionQuarantine string = "quarantine" EventActionSuppressLog string = "suppress-log" EventActionWebhook string = "webhook" )
const ( FileAccessBehaviorBlock = "block_access" FileAccessBehaviorMonitor = "monitor_change" )
const ( // show only CloudResDataLost = "data_lost" // transient state CloudResScheduled = "scheduled" CloudResScanning = "scanning" CloudResSuspending = "suspending" // final state CloudResSuspend = "suspend" CloudResReady = "ready" CloudResError = "error" )
const ( CloudAws = "aws_cloud" CloudAzure = "azure_cloud" )
const ( AwsLambdaFunc = "aws_lambda_func" AwsLambdaLayer = "aws_lambda_layer" AwsLambdaApp = "aws_lambda_app" AwsLambdaRt = "aws_lambda_runtime" )
const (
AccessAllAsReader = "*" // Namespace user can read, global user follow roles
)
const AwsNvSecKey string = "nvsecKey"
const CLUSAgentStore string = CLUSObjectStore + "agent/"
const CLUSAuditLogStore string = CLUSObjectStore + "auditlog/"
const CLUSBenchStore string = "bench/"
const CLUSCertStore string = CLUSObjectStore + "cert/"
const CLUSCloudStore string = CLUSObjectStore + "cloud/"
const CLUSConfigAdmissionControlStore string = CLUSConfigStore + CFGEndpointAdmissionControl + "/"
const CLUSConfigCloudStore string = CLUSConfigStore + CFGEndpointCloud + "/"
const CLUSConfigComplianceProfileStore string = CLUSConfigComplianceStore + "profile/"
const CLUSConfigComplianceStore string = CLUSConfigStore + CFGEndpointCompliance + "/"
const CLUSConfigCrdStore string = CLUSConfigStore + CFGEndpointCrd + "/"
const CLUSConfigDlpGroupStore string = CLUSConfigStore + CFGEndpointDlpGroup + "/"
const CLUSConfigDlpRuleStore string = CLUSConfigStore + CFGEndpointDlpRule + "/"
const CLUSConfigDomainStore string = CLUSConfigStore + CFGEndpointDomain + "/"
const CLUSConfigEULAKey string = CLUSConfigStore + CFGEndpointEULA
const CLUSConfigFedAdmCtrlKey string = CLUSConfigAdmissionControlStore + "fed/"
const CLUSConfigFedResponseRuleKey string = CLUSConfigResponseRuleStore + "fed/"
multi-clusters
const CLUSConfigFederationStore string = CLUSConfigStore + CFGEndpointFederation + "/"
const CLUSConfigFileAccessRuleStore string = CLUSConfigStore + CFGEndpointFileAccessRule + "/"
const CLUSConfigFileMonitorStore string = CLUSConfigStore + CFGEndpointFileMonitor + "/"
const CLUSConfigGroupStore string = CLUSConfigStore + CFGEndpointGroup + "/"
const CLUSConfigLicenseKey string = CLUSConfigStore + CFGEndpointLicense
const CLUSConfigPolicyStore string = CLUSConfigStore + CFGEndpointPolicy + "/"
const CLUSConfigProcessProfileStore string = CLUSConfigStore + CFGEndpointProcessProfile + "/"
const CLUSConfigPwdProfileStore string = CLUSConfigStore + CFGEndpointPwdProfile + "/"
const CLUSConfigRegistryStore string = CLUSConfigStore + CFGEndpointRegistry + "/"
const CLUSConfigResponseRuleStore string = CLUSConfigStore + CFGEndpointResponseRule + "/"
const CLUSConfigScanKey string = CLUSConfigStore + CFGEndpointScan
const CLUSConfigScriptStore string = CLUSConfigStore + CFGEndpointScript + "/"
const CLUSConfigServerStore string = CLUSConfigStore + CFGEndpointServer + "/"
const CLUSConfigStore string = CLUSObjectStore + "config/"
const CLUSConfigSystemKey string = CLUSConfigStore + CFGEndpointSystem
const CLUSConfigUserRoleStore string = CLUSConfigStore + CFGEndpointUserRole + "/"
const CLUSConfigUserStore string = CLUSConfigStore + CFGEndpointUser + "/"
const CLUSConfigVulnerabilityProfileStore string = CLUSConfigVulnerabilityStore + "profile/"
const CLUSConfigVulnerabilityStore string = CLUSConfigStore + CFGEndpointVulnerability + "/"
const CLUSConfigWafGroupStore string = CLUSConfigStore + CFGEndpointWafGroup + "/"
const CLUSConfigWafRuleStore string = CLUSConfigStore + CFGEndpointWafRule + "/"
const CLUSControllerStore string = CLUSObjectStore + "controller/"
const CLUSCrdProcStore string = "crdcontent/"
const CLUSCtrlConfigLoadedKey string = CLUSStateStore + "ctrl_cfg_load"
const CLUSCtrlDistLockStore string = CLUSStateStore + "dist_lock/"
const CLUSCtrlEnabledValue string = "ok"
state
const CLUSCtrlInstallationKey string = CLUSStateStore + "installation"
cluster key represent one installation, which will remain unchanged when controllers come and go, and rolling upgrade. It is not part of system configuration.
const CLUSCtrlNodeAdmissionKey string = CLUSStateStore + "ctrl_ready" // node admission
const CLUSCtrlUsageReportStore string = CLUSStateStore + "usage_report/"
const CLUSCtrlVerKey string = CLUSStateStore + "ctrl_ver"
const CLUSDefPwdProfileName = "default"
for password profile
const CLUSEventLogStore string = CLUSObjectStore + "eventlog/"
const CLUSExpiredTokenStore string = CLUSStateStore + "expired_token/"
const CLUSFqdnIpStore string = CLUSFqdnStore + "ip/" //not to be watched by consul
fqdn
const CLUSFqdnStore string = "fqdn/" //not to be watched by consul
const CLUSHostStore string = CLUSObjectStore + "host/"
object
const CLUSImportStatusSubKey = "status"
const CLUSImportStore string = CLUSStateStore + "import/"
const CLUSIncidentLogStore string = CLUSObjectStore + "incidentlog/"
const CLUSLicenseStore string = CLUSObjectStore + "license/"
const CLUSLockAdmCtrlKey string = CLUSLockStore + "adm_ctrl"
const CLUSLockCloudKey string = CLUSLockStore + "cloud"
const CLUSLockConfigKey string = CLUSLockStore + "all"
lock
const CLUSLockCrdQueueKey string = CLUSLockStore + "crd_queue"
const CLUSLockFedKey string = CLUSLockStore + "federation"
const CLUSLockPolicyKey string = CLUSLockStore + "policy"
const CLUSLockScannerKey string = CLUSLockStore + "scanner"
const CLUSLockServerKey string = CLUSLockStore + "server"
const CLUSLockStore string = "lock/"
const CLUSLockUpgradeKey string = CLUSLockStore + "upgrade"
const CLUSLockUserKey string = CLUSLockStore + "user"
const CLUSNetworkEPStore string = CLUSObjectStore + "networkep/"
const CLUSNetworkStore string = "network/"
const CLUSNodeCommonProfileStore string = CLUSNodeCommonStoreKey + CLUSWorkloadProfileStore
const CLUSNodeCommonStoreKey string = CLUSNodeStore + ProfileCommonGroup + "/"
const CLUSNodeStore string = "node/"
const CLUSObjectStore string = "object/"
const CLUSRecalPolicyStore string = CLUSRecalculateStore + "policy/" //not to be watched by consul
recalculate
const CLUSRecalculateStore string = "recalculate/" //not to be watched by consul
const CLUSReservedUuidAnchorMode string = "00000000-0000-0000-0000-000000000005" // rejected by anchor mode
const CLUSReservedUuidDockerCp string = "00000000-0000-0000-0000-000000000004" // docker cp
const CLUSReservedUuidNotAlllowed string = "00000000-0000-0000-0000-000000000000" // processes beyond white list
////
const CLUSReservedUuidPrefix string = "00000000-0000-0000-0000-0000000000" // reserved the last 2 digits
//// Process UUID Rules
Reserved(256 entries): 00000000-0000-0000-0000-0000000000XX Default rules: 00000000-0000-0000-0000-00000000000X Linux-specific: 00000000-0000-0000-0000-00000000001X ans 2X Windows-specific: 00000000-0000-0000-0000-00000000003X ans 4X
const CLUSReservedUuidRiskyApp string = "00000000-0000-0000-0000-000000000001" // riskApp
const CLUSReservedUuidRootEscalation string = "00000000-0000-0000-0000-000000000003" // root privilege escallation
const CLUSReservedUuidShieldAllowed string = "00000000-0000-0000-0000-000000000006" // allowed as a family process
const CLUSReservedUuidTunnelProc string = "00000000-0000-0000-0000-000000000002" // tunnel
const (
CLUSRootCAKey = "rootCA"
)
const CLUSScanDataStore string = CLUSScanStore + "data/"
const CLUSScanStateStore string = CLUSScanStore + "state/"
scan
const CLUSScanStore string = "scan/"
const CLUSScannerDBStore string = CLUSScanStore + "database/"
const CLUSScannerDBVersionID string = "NeuVectorCVEDBVersion" // used for indicate db version changed
const CLUSScannerStatsStore string = CLUSScanStore + "scanner_stats/"
const CLUSScannerStore string = CLUSScanStore + "scanner/"
const CLUSStateStore string = "state/"
const CLUSSysPwdProfileName = "nvsyspwdprofile" // reserved just for referencing active password profile
const CLUSThreatLogStore string = CLUSObjectStore + "threatlog/"
const CLUSUniconfStore string = CLUSObjectStore + "uniconf/" // Target both controller and specific enforcer
const CLUSWorkloadProfileStore string = "profiles/"
const CLUSWorkloadStore string = CLUSObjectStore + "workload/"
const CVEDatabaseFolder = "/etc/neuvector/db/"
const CompactCVEDBName = "cvedb.compact"
const ContainerRuntimeDocker string = "docker"
const ContainerStatsSlots uint = 60 // 5s * 60 = 3m
Stats
const CriteriaValueAny string = "any"
const CustomScriptFailedPrefix string = "Failed to run the custom check"
const DefaultCVEDBName = "cvedb"
const DefaultGroupRuleID uint32 = 0
const DefaultOpenShiftRegistryURL = "docker-registry.default.svc"
Registry
const (
DlpRuleKeyPattern string = "pattern"
)
dlp rule
const DlpRuleName string = "dlprule"
const DlpRuleStore string = CLUSNetworkStore + DlpRuleName + "/"
const DlpRulesDefaultName string = "DlpWorkloadRules"
const DomainDelimiter string = "."
const GroupNVProtect string = "NV.Protect"
const HiddenFedDomain string = "$*&().^$"
const IMPORT_QUERY_INTERVAL = 30
const InternalIPNetDefaultName string = "InternalIPNet"
const MaxLambdaHistory = 3
const (
NEPTypeLB = "netlb"
)
const NV_VBR_PORT_MTU int = 2048 //2k
const NV_VBR_PORT_MTU_JUMBO int = 9216 //9k
const NetworkSystemKey string = CLUSNetworkStore + CFGEndpointSystem
const PolicyFedRuleIDBase = 100000
const PolicyFedRuleIDMax = 110000 // exclusive
const PolicyGroundRuleIDBase = 110000
const PolicyGroundRuleIDMax = 120000
const PolicyIPRulesDefaultName string = "GroupIPRules"
network
const PolicyIPRulesVersionID string = "NeuVectorPolicyVersion" // used for indicate policy version changed
const PolicyLearnedIDBase = 10000
const ProfileCPUFileFmt string = ProfileFolder + "%scpu.prof"
const ProfileCommonGroup string = "common" // nodes
profiles
const ProfileFileAccess string = "fileAccess"
const ProfileFileAccessStore string = CLUSWorkloadProfileStore + ProfileFileAccess + "/"
const ProfileFileMonitor string = "file"
const ProfileFileMonitorStore string = CLUSWorkloadProfileStore + ProfileFileMonitor + "/"
const ProfileFileScriptStore string = CLUSWorkloadProfileStore + ProfileScript + "/"
const ProfileFolder string = "/var/neuvector/profile/"
const ProfileGoroutineFileFmt string = ProfileFolder + "%sgoroutine.prof"
const ProfileGroup string = "group"
const ProfileGroupStore string = CLUSWorkloadProfileStore + ProfileGroup + "/"
const ProfileMemoryFileFmt string = ProfileFolder + "%smemory.prof"
const ProfileProcess string = "process"
const ProfileProcessStore string = CLUSWorkloadProfileStore + ProfileProcess + "/"
const ProfileScript string = "script"
const QuarantineReasonUser string = "user-configured"
QuarantineReason:
const RegularCVEDBName = "cvedb.regular"
const SnifferIdAgentField = 8
const SpecialIPNetDefaultName string = "SpecialIPNet"
const UnusedGroupAgingDefault uint8 = 24 //aging time in Hour
const UnusedGroupAgingMax uint8 = 168 //aging time in Hour,24*7
const WafRuleName string = "wafrule"
const WafRuleStore string = CLUSNetworkStore + WafRuleName + "/"
Variables ¶
var AwsRegionAll = []string{ endpoints.ApEast1RegionID, endpoints.ApNortheast1RegionID, endpoints.ApNortheast2RegionID, endpoints.ApSouth1RegionID, endpoints.ApSoutheast1RegionID, endpoints.ApSoutheast2RegionID, endpoints.CaCentral1RegionID, endpoints.EuCentral1RegionID, endpoints.EuNorth1RegionID, endpoints.EuWest1RegionID, endpoints.EuWest2RegionID, endpoints.EuWest3RegionID, endpoints.MeSouth1RegionID, endpoints.SaEast1RegionID, endpoints.UsEast1RegionID, endpoints.UsEast2RegionID, endpoints.UsWest1RegionID, endpoints.UsWest2RegionID, }
var CLUSEndpointIngress string = "ingress"
var CLUSHostAddrGroup string = "nv.hostaddr_group" //used as wlid for "nodes" in policy calculation
var CLUSIPExternal net.IP = net.IPv4zero
var CLUSLearnedHostPrefix string = "Host:"
var CLUSLearnedWorkloadPrefix string = "Workload:"
var CLUSWLAddress string = "nv.address"
var CLUSWLAddressGroup string = "nv.address_group"
var CLUSWLExternal string = "nv.external"
var CLUSWLFqdnPrefix string = "fqdn:"
var CLUSWLModeGroup string = "nv.mode_group"
var CLUSWLService string = "nv.service"
var KickLoginSessionsType_name = map[int32]string{
0: "KickByServer",
1: "KickByFed",
2: "KickByUser",
}
var KickLoginSessionsType_value = map[string]int32{
"KickByServer": 0,
"KickByFed": 1,
"KickByUser": 2,
}
var ProfilingCmd_name = map[int32]string{
0: "StartProfiling",
1: "StopProfiling",
}
var ProfilingCmd_value = map[string]int32{
"StartProfiling": 0,
"StopProfiling": 1,
}
var ProfilingMethod_name = map[int32]string{
0: "CPU",
1: "Memory",
}
var ProfilingMethod_value = map[string]int32{
"CPU": 0,
"Memory": 1,
}
var ReportRespAction_name = map[int32]string{
0: "Done",
1: "Resend",
}
var ReportRespAction_value = map[string]int32{
"Done": 0,
"Resend": 1,
}
var ScanErrorCode_name = map[int32]string{
0: "ScanErrNone",
1: "ScanErrNetwork",
2: "ScanErrNotSupport",
3: "ScanErrSizeOverLimit",
4: "ScanErrPackage",
5: "ScanErrDatabase",
6: "ScanErrTimeout",
7: "ScanErrInProgress",
8: "ScanErrRegistryAPI",
9: "ScanErrFileSystem",
10: "ScanErrContainerAPI",
11: "ScanErrXrayAPI",
12: "ScanErrContainerExit",
13: "ScanErrAuthentication",
14: "ScanErrCertificate",
15: "ScanErrCanceled",
16: "ScanErrDriverAPINotSupport",
17: "ScanErrImageNotFound",
18: "ScanErrAwsDownloadErr",
19: "ScanErrArgument",
}
var ScanErrorCode_value = map[string]int32{
"ScanErrNone": 0,
"ScanErrNetwork": 1,
"ScanErrNotSupport": 2,
"ScanErrSizeOverLimit": 3,
"ScanErrPackage": 4,
"ScanErrDatabase": 5,
"ScanErrTimeout": 6,
"ScanErrInProgress": 7,
"ScanErrRegistryAPI": 8,
"ScanErrFileSystem": 9,
"ScanErrContainerAPI": 10,
"ScanErrXrayAPI": 11,
"ScanErrContainerExit": 12,
"ScanErrAuthentication": 13,
"ScanErrCertificate": 14,
"ScanErrCanceled": 15,
"ScanErrDriverAPINotSupport": 16,
"ScanErrImageNotFound": 17,
"ScanErrAwsDownloadErr": 18,
"ScanErrArgument": 19,
}
var ScanObjectType_name = map[int32]string{
0: "CONTAINER",
1: "HOST",
2: "IMAGE",
3: "PLATFORM",
4: "SERVERLESS",
}
var ScanObjectType_value = map[string]int32{
"CONTAINER": 0,
"HOST": 1,
"IMAGE": 2,
"PLATFORM": 3,
"SERVERLESS": 4,
}
var ScanProvider_name = map[int32]string{
0: "Neuvector",
1: "JFrogXray",
}
var ScanProvider_value = map[string]int32{
"Neuvector": 0,
"JFrogXray": 1,
}
var ScanVulStatus_name = map[int32]string{
0: "Unpatched",
1: "FixExists",
2: "WillNotFix",
3: "Unaffected",
}
var ScanVulStatus_value = map[string]int32{
"Unpatched": 0,
"FixExists": 1,
"WillNotFix": 2,
"Unaffected": 3,
}
var SnifferCmd_name = map[int32]string{
0: "StartSniffer",
1: "StopSniffer",
2: "RemoveSniffer",
}
var SnifferCmd_value = map[string]int32{
"StartSniffer": 0,
"StopSniffer": 1,
"RemoveSniffer": 2,
}
var SnifferStatus_name = map[int32]string{
0: "Failed",
1: "Running",
2: "Stopped",
}
var SnifferStatus_value = map[string]int32{
"Failed": 0,
"Running": 1,
"Stopped": 2,
}
var StoreWatcherAction_name = map[int32]string{
0: "PauseWatcher",
1: "ResumeWatcher",
}
var StoreWatcherAction_value = map[string]int32{
"PauseWatcher": 0,
"ResumeWatcher": 1,
}
Functions ¶
func CLUSAdmissionCertKey ¶
func CLUSAdmissionRuleKey ¶
func CLUSAdmissionStateKey ¶
func CLUSAdmissionStatsKey ¶
func CLUSAgentEventLogKey ¶
func CLUSAgentKey ¶
func CLUSAuditLogKey ¶
func CLUSBenchKey ¶
func CLUSBenchReportKey ¶
func CLUSCloudCfgKey ¶
func CLUSCloudFuncKey ¶
func CLUSCloudKey ¶
func CLUSCloudKey2Type ¶
func CLUSComplianceKey2Type ¶
func CLUSConfigKey2Config ¶
func CLUSControllerKey ¶
func CLUSCrdKey ¶
func CLUSCrdQueueKey ¶
func CLUSCtrlDistLockKey ¶
func CLUSCtrlUsageReportKey ¶
func CLUSDeviceKey2ID ¶
func CLUSDlpGroupConfigKey ¶
func CLUSDlpGroupKey2Name ¶
func CLUSDlpRuleConfigKey ¶
func CLUSDlpRuleKey ¶
func CLUSDlpRuleKey2Name ¶
func CLUSDlpWorkloadRulesKey ¶
func CLUSDomainConfigKey ¶
func CLUSDomainKey ¶
func CLUSDomainKey2Name ¶
func CLUSExpiredTokenKey ¶
func CLUSFedJointClusterKey ¶
func CLUSFedKey2CfgKey ¶
func CLUSFedKey2ClusterIdKey ¶
func CLUSFileAccessRuleKey ¶
func CLUSFileMonitorKey ¶
func CLUSFqdnIpKey ¶
func CLUSGroupKey ¶
func CLUSGroupKey2GroupName ¶
func CLUSGroupKey2Name ¶
func CLUSGroupNetworkKey ¶
func CLUSHostKey ¶
func CLUSHostKey2ID ¶
func CLUSImportOpKey ¶
func CLUSIncidentLogKey ¶
func CLUSInternalIPNetsKey ¶
func CLUSIsPolicyRuleKey ¶
func CLUSIsPolicyRuleListKey ¶
func CLUSKey2Target ¶
func CLUSKeyLastToken ¶
func CLUSKeyLength ¶
func CLUSKeyNthToken ¶
func CLUSNetworkEPHostStore ¶
func CLUSNetworkEPKey ¶
func CLUSNetworkEPKey2ID ¶
func CLUSNetworkKey2Subject ¶
func CLUSNodeProfileGroupKey ¶
func CLUSNodeProfileKey ¶
func CLUSNodeProfileStoreKey ¶
func CLUSNodeProfileSubkey ¶
func CLUSObjectCertKey ¶
func CLUSObjectKey2Object ¶
func CLUSPolicyIPRulesKey ¶
func CLUSPolicyRuleKey ¶
func CLUSPolicyRuleKey2ID ¶
func CLUSPolicyRuleListKey ¶
func CLUSProfileConfigKey ¶
func CLUSProfileKey ¶
func CLUSProfileKey2Name ¶
func CLUSPwdProfileKey ¶
func CLUSRegistryConfigKey ¶
func CLUSRegistryStateKey ¶
func CLUSResponseRuleKey ¶
func CLUSResponseRuleListKey ¶
func CLUSScanDataHostKey ¶
func CLUSScanDataPlatformKey ¶
func CLUSScanDataWorkloadKey ¶
func CLUSScanKey2Subject ¶
func CLUSScanStateHostKey ¶
func CLUSScanStateKey2ID ¶
func CLUSScanStateKey2Type ¶
func CLUSScannerKey ¶
func CLUSScannerKey2ID ¶
func CLUSScannerStatsKey ¶
func CLUSServerKey ¶
func CLUSThreatLogKey ¶
func CLUSUniconfAgentKey ¶
func CLUSUniconfKey2ID ¶
func CLUSUniconfKey2Subject ¶
func CLUSUniconfWorkloadKey ¶
func CLUSUserKey ¶
func CLUSWafGroupConfigKey ¶
func CLUSWafGroupKey2Name ¶
func CLUSWafRuleConfigKey ¶
func CLUSWafRuleKey ¶
func CLUSWafRuleKey2Name ¶
func CLUSWorkloadHostStore ¶
Host ID is included in the workload key to helps us retrieve all workloads on a host quickly. Without it, we have to loop through all workload keys; using agent ID is also problematic, as a new agent has no idea of the agent ID when the workload was created.
func CLUSWorkloadKey ¶
func CLUSWorkloadKey2ID ¶
func EqualMatch ¶
func IsGroupMember ¶
func IsGroupMember(group *CLUSGroup, workload *CLUSWorkload) bool
func IsSvcIpGroupMember ¶
func IsSvcIpGroupSelected ¶
func IsSvcIpGroupSelected(svcipgroup *CLUSGroup, selector []CLUSCriteriaEntry) bool
func IsWorkloadSelected ¶
func IsWorkloadSelected(workload *CLUSWorkload, selector []CLUSCriteriaEntry) bool
For criteria of same type, apply 'or' if there is at least one positive match;
apply 'and' if all are negative match;
For different criteria type, apply 'and'
func QuarantineReasonEvent ¶
func RegisterControllerAgentServiceServer ¶
func RegisterControllerAgentServiceServer(s *grpc.Server, srv ControllerAgentServiceServer)
func RegisterControllerCapServiceServer ¶
func RegisterControllerCapServiceServer(s *grpc.Server, srv ControllerCapServiceServer)
func RegisterControllerCtrlServiceServer ¶
func RegisterControllerCtrlServiceServer(s *grpc.Server, srv ControllerCtrlServiceServer)
func RegisterControllerScanServiceServer ¶
func RegisterControllerScanServiceServer(s *grpc.Server, srv ControllerScanServiceServer)
func RegisterControllerUpgradeServiceServer ¶
func RegisterControllerUpgradeServiceServer(s *grpc.Server, srv ControllerUpgradeServiceServer)
func RegisterEnforcerCapServiceServer ¶
func RegisterEnforcerCapServiceServer(s *grpc.Server, srv EnforcerCapServiceServer)
func RegisterEnforcerScanServiceServer ¶
func RegisterEnforcerScanServiceServer(s *grpc.Server, srv EnforcerScanServiceServer)
func RegisterEnforcerServiceServer ¶
func RegisterEnforcerServiceServer(s *grpc.Server, srv EnforcerServiceServer)
func RegisterScannerServiceServer ¶
func RegisterScannerServiceServer(s *grpc.Server, srv ScannerServiceServer)
Types ¶
type AccessObject ¶
type AccessObject interface {
GetDomain(f GetAccessObjectFunc) ([]string, []string) // ([]string, []string)
}
type BenchStatus ¶
type BenchStatus int
const ( BenchStatusIdle BenchStatus = iota BenchStatusScheduled BenchStatusRunning BenchStatusFinished BenchStatusNotSupport BenchStatusDockerHostFail BenchStatusDockerContainerFail BenchStatusKubeMasterFail BenchStatusKubeWorkerFail BenchStatusMax )
type BenchType ¶
type BenchType string
const ( BenchDockerHost BenchType = "docker_host" BenchDockerContainer BenchType = "docker_container" // all containers report BenchKubeMaster BenchType = "kube_master" BenchKubeWorker BenchType = "kube_worker" BenchContainer BenchType = "container" // per-container report BenchCustomHost BenchType = "custom_host" BenchCustomContainer BenchType = "custom_container" BenchContainerSecret BenchType = "container_secret" BenchContainerSetID BenchType = "container_setid" )
type CLUSAWSAccountKey ¶
type CLUSActivePwdProfileConfig ¶
type CLUSActivePwdProfileConfig struct {
Name string `json:"name"` // name of the active password profile to use for the whole cluster
}
type CLUSAdmCtrlState ¶
type CLUSAdmRuleCriterion ¶
type CLUSAdmRuleCriterion struct { Name string `json:"name"` Op string `json:"op"` Value string `json:"value"` ValueSlice []string `json:"value_slice"` SubCriteria []*CLUSAdmRuleCriterion `json:"sub_criteria,omitempty"` }
type CLUSAdmissionCert ¶
type CLUSAdmissionCert struct { CN string `json:"cn"` CaKeyPath string `json:"ca_key_path"` CaKey []byte `json:"ca_key"` CaCertPath string `json:"ca_cert_path"` CaCert []byte `json:"ca_cert"` KeyPath string `json:"key_path"` Key []byte `json:"key"` CertPath string `json:"cert_path"` Cert []byte `json:"cert"` }
type CLUSAdmissionCertCloaked ¶
type CLUSAdmissionCertCloaked struct { CN string `json:"cn"` CaKeyPath string `json:"ca_key_path"` // obsolete, use const AdmCAKeyPath CaKey []byte `json:"ca_key"` // not written to kv CaCertPath string `json:"ca_cert_path"` // obsolete, use const AdmCACertPath CaCert []byte `json:"ca_cert"` // not written to kv KeyPath string `json:"key_path"` // obsolete, calc at runtime like "neuvector-svc-admission-webhook.{ns}.svc.key.pem" Key []byte `json:"key"` // not written to kv CertPath string `json:"cert_path"` // obsolete, calc at runtime like "neuvector-svc-admission-webhook.{ns}.svc.cert.pem" Cert []byte `json:"cert"` // not written to kv CaKeyNew string `json:"ca_key_new,cloak"` // for v.3.0 CaCertNew string `json:"ca_cert_new,cloak"` // for v.3.0 KeyNew string `json:"key_new,cloak"` // for v.3.0 CertNew string `json:"cert_new,cloak"` // for v.3.0, cert for webhook server Cloaked bool `json:"cloaked"` }
type CLUSAdmissionRequest ¶
type CLUSAdmissionRequest struct { ID string `protobuf:"bytes,1,opt,name=ID" json:"ID,omitempty"` HostID string `protobuf:"bytes,2,opt,name=HostID" json:"HostID,omitempty"` HostCPUs int64 `protobuf:"varint,3,opt,name=HostCPUs" json:"HostCPUs,omitempty"` HostMemory int64 `protobuf:"varint,4,opt,name=HostMemory" json:"HostMemory,omitempty"` }
func (*CLUSAdmissionRequest) Descriptor ¶
func (*CLUSAdmissionRequest) Descriptor() ([]byte, []int)
func (*CLUSAdmissionRequest) GetHostCPUs ¶
func (m *CLUSAdmissionRequest) GetHostCPUs() int64
func (*CLUSAdmissionRequest) GetHostID ¶
func (m *CLUSAdmissionRequest) GetHostID() string
func (*CLUSAdmissionRequest) GetHostMemory ¶
func (m *CLUSAdmissionRequest) GetHostMemory() int64
func (*CLUSAdmissionRequest) GetID ¶
func (m *CLUSAdmissionRequest) GetID() string
func (*CLUSAdmissionRequest) ProtoMessage ¶
func (*CLUSAdmissionRequest) ProtoMessage()
func (*CLUSAdmissionRequest) Reset ¶
func (m *CLUSAdmissionRequest) Reset()
func (*CLUSAdmissionRequest) String ¶
func (m *CLUSAdmissionRequest) String() string
type CLUSAdmissionResponse ¶
type CLUSAdmissionResponse struct { Allowed bool `protobuf:"varint,1,opt,name=Allowed" json:"Allowed,omitempty"` Reason string `protobuf:"bytes,2,opt,name=Reason" json:"Reason,omitempty"` }
func (*CLUSAdmissionResponse) Descriptor ¶
func (*CLUSAdmissionResponse) Descriptor() ([]byte, []int)
func (*CLUSAdmissionResponse) GetAllowed ¶
func (m *CLUSAdmissionResponse) GetAllowed() bool
func (*CLUSAdmissionResponse) GetReason ¶
func (m *CLUSAdmissionResponse) GetReason() string
func (*CLUSAdmissionResponse) ProtoMessage ¶
func (*CLUSAdmissionResponse) ProtoMessage()
func (*CLUSAdmissionResponse) Reset ¶
func (m *CLUSAdmissionResponse) Reset()
func (*CLUSAdmissionResponse) String ¶
func (m *CLUSAdmissionResponse) String() string
type CLUSAdmissionRule ¶
type CLUSAdmissionRule struct { ID uint32 `json:"id"` Category string `json:"category"` Comment string `json:"comment"` Criteria []*CLUSAdmRuleCriterion `json:"criteria"` Disable bool `json:"disable"` Critical bool `json:"critical"` CfgType TCfgType `json:"cfg_type"` RuleType string `json:"rule_type"` // "exception", "deny" }
func (*CLUSAdmissionRule) GetDomain ¶
func (o *CLUSAdmissionRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSAdmissionRules ¶
type CLUSAdmissionRules struct { RuleMap map[uint32]*CLUSAdmissionRule `json:"rule_map"` // key is rule ID RuleHeads []*CLUSRuleHead `json:"rule_heads"` }
type CLUSAdmissionState ¶
type CLUSAdmissionState struct { Enable bool `json:"enable"` Mode string `json:"mode"` DefaultAction string `json:"default_action"` AdmClientMode string `json:"adm_client_mode"` FailurePolicy string `json:"failure_policy"` // empty means "Ignore". it's only for neuvector-svc-admission-webhook TimeoutSeconds int32 `json:"timeout_seconds"` // 0 means 30 NvDeployStatus map[string]bool `json:"nvDeployStatus"` // key is NvDeploymentName/NvAdmSvcName/NvCrdSvcName. value being true means the k8s resource exists CtrlStates map[string]*CLUSAdmCtrlState `json:"ctrl_states"` // key is NvAdmValidateType CfgType TCfgType `json:"cfg_type"` }
NvDeployStatus field is only for object/config/admission_control/default/state only
func (*CLUSAdmissionState) GetDomain ¶
func (o *CLUSAdmissionState) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSAdmissionStats ¶
type CLUSAdmissionStats struct { K8sAllowedRequests uint64 `json:"k8s_allowed_requests"` K8sDeniedRequests uint64 `json:"k8s_denied_requests"` K8sErroneousRequests uint64 `json:"k8s_erroneous_requests"` K8sIgnoredRequests uint64 `json:"k8s_ignored_requests"` K8sProcessingRequests int64 `json:"k8s_processing_requests"` JenkinsAllowedRequests uint64 `json:"jenkins_allowed_requests"` // obsolete JenkinsDeniedRequests uint64 `json:"jenkins_denied_requests"` // obsolete JenkinsErroneousRequests uint64 `json:"jenkins_erroneous_requests"` // obsolete }
func (*CLUSAdmissionStats) GetDomain ¶
func (o *CLUSAdmissionStats) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSAgent ¶
type CLUSAgent struct {
CLUSDevice
}
type CLUSAgentConfig ¶
type CLUSAgentConfig struct { Debug []string `json:"debug,omitempty"` DisableNvProtectMode bool `json:"disable_nvprotect"` DisableKvCongestCtl bool `json:"disable_kvcctl"` }
func (*CLUSAgentConfig) GetDomain ¶
func (o *CLUSAgentConfig) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSApp ¶
type CLUSApp struct { CLUSProtoPort Proto uint32 `json:"protocol"` Server uint32 `json:"server"` Application uint32 `json:"application"` }
type CLUSApplicationListDummy ¶
type CLUSApplicationListDummy struct{} // dummy type just for access control checking purpose
func (*CLUSApplicationListDummy) GetDomain ¶
func (o *CLUSApplicationListDummy) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSAuditBenchItem ¶
type CLUSAuditLog ¶
type CLUSAuditLog struct { ID TLogAudit `json:"id"` HostID string `json:"host_id"` HostName string `json:"host_name"` AgentID string `json:"agent_id"` AgentName string `json:"agent_name"` WorkloadID string `json:"workload_id"` WorkloadName string `json:"workload_name"` Count uint32 `json:"count"` ReportedAt time.Time `json:"reported_at"` Items []CLUSAuditBenchItem `json:"items"` Props map[string]string `json:"props"` Region string `json:"region,omitempty"` ProjectName string `json:"project_name,omitempty"` }
type CLUSAwsFuncPermission ¶
type CLUSAwsFuncScanInput ¶
type CLUSAwsFuncScanOutput ¶
type CLUSAwsFuncScanOutput struct { AllowedRes map[string]CLUSAwsFuncPermission `json:"allowd_res"` // key: policyName value: list of resource ReqRes map[string][]string `json:"req_res"` // key: policyName value: list of resource ScanState string `json:"scan_state"` ScanError string `json:"scan_error"` ScanResult CLUSScanReport `json:"scan_result"` Arn string `json:"arn"` NvSecID string `json:"nvsecid"` Version string `json:"version"` }
type CLUSAwsFuncScanOutputList ¶
type CLUSAwsFuncScanOutputList struct { AwsLambdaRecord [MaxLambdaHistory]*CLUSAwsFuncScanOutput `json:"aws_lambda_record"` SlsUploadOutput *CLUSAwsFuncScanOutput `json:"sls_upload_output"` }
func (*CLUSAwsFuncScanOutputList) GetDomain ¶
func (o *CLUSAwsFuncScanOutputList) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSAwsLambdaFunc ¶
type CLUSAwsLambdaFunc struct { Name string `json:"func_name"` CodeSha256 string `json:"code_sha256"` Status string `json:"status"` ScanResult string `json:"scan_result"` PermitLevel string `json:"PermitLevel"` Role string `json:"role"` Arn string `json:"arn"` NvSecID string `json:"nv_sec_id"` Version string `json:"version"` HighVuls int `json:"high"` MedVuls int `json:"medium"` }
type CLUSAwsLambdaRegionRes ¶
type CLUSAwsLambdaRegionRes struct { Region string `json:"region"` Status string `json:"status"` LambdaFunc map[string]*CLUSAwsLambdaFunc `json:"lambda_func"` }
type CLUSAwsLambdaRes ¶
type CLUSAwsLambdaRes struct { Status string `json:"status"` ResourceMap map[string]*CLUSAwsLambdaRegionRes `json:"aws_region_resource"` }
type CLUSAwsProjectCfg ¶
type CLUSAwsProjectCfg struct { AccID string `json:"accid,cloak"` AccKey string `json:"acckey,cloak"` ProjectName string `json:"projectname"` RegionList []string `json:"region_list"` }
func (*CLUSAwsProjectCfg) GetDomain ¶
func (o *CLUSAwsProjectCfg) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSAwsResource ¶
type CLUSAwsResource struct { AccID string `json:"accid,cloak"` AccKey string `json:"acckey,cloak"` ProjectName string `json:"projectname"` RegionList []string `json:"region_list"` ResLambda *CLUSAwsLambdaRes `json:"aws_lambda_resource"` }
func (*CLUSAwsResource) GetDomain ¶
func (o *CLUSAwsResource) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSAwsScanInput ¶
type CLUSAwsScanInput struct { AccID string `json:"accid,cloak"` AccKey string `json:"acckey,cloak"` ProjectName string `json:"projectname"` ScanFunctionList []*CLUSAwsFuncScanInput `json:"scanFunctionList"` DelFunctionList []*CLUSAwsFuncScanInput `json:"DelFunctionList"` }
type CLUSBenchItem ¶
type CLUSBenchItem struct { Level string `json:"level"` TestNum string `json:"test_number"` Header string `json:"header"` Message []string `json:"message"` Remediation string `json:"remediation"` Scored bool `json:"scored"` Automated bool `json:"automated"` Profile string `json:"profile"` Group string `json:"group"` }
type CLUSBenchReport ¶
type CLUSBenchReport struct { Status BenchStatus `json:"status"` RunAt time.Time `json:"run_at"` Version string `json:"version"` Items []*CLUSBenchItem `json:"items"` }
func (*CLUSBenchReport) GetDomain ¶
func (o *CLUSBenchReport) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSBenchSecretReport ¶
type CLUSBenchSecretReport struct { Status BenchStatus `json:"status"` RunAt time.Time `json:"run_at"` Items []CLUSSecretLog `json:"items"` }
CLUSBenchSecretReport provides reports at REST layer
type CLUSBoolean ¶
type CLUSBoolean struct {
Value bool `protobuf:"varint,1,opt,name=Value" json:"Value,omitempty"`
}
func (*CLUSBoolean) Descriptor ¶
func (*CLUSBoolean) Descriptor() ([]byte, []int)
func (*CLUSBoolean) GetValue ¶
func (m *CLUSBoolean) GetValue() bool
func (*CLUSBoolean) ProtoMessage ¶
func (*CLUSBoolean) ProtoMessage()
func (*CLUSBoolean) Reset ¶
func (m *CLUSBoolean) Reset()
func (*CLUSBoolean) String ¶
func (m *CLUSBoolean) String() string
type CLUSCIScanDummy ¶
type CLUSCIScanDummy struct{} // dummy type just for access control checking purpose
func (*CLUSCIScanDummy) GetDomain ¶
func (o *CLUSCIScanDummy) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSComplianceProfile ¶
type CLUSComplianceProfile struct { Name string `json:"name"` DisableSystem bool `json:"disable_system"` Entries map[string]CLUSComplianceProfileEntry `json:"entries"` }
func (*CLUSComplianceProfile) GetDomain ¶
func (o *CLUSComplianceProfile) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSConnection ¶
type CLUSConnection struct { AgentID string `protobuf:"bytes,1,opt,name=AgentID" json:"AgentID,omitempty"` HostID string `protobuf:"bytes,2,opt,name=HostID" json:"HostID,omitempty"` ClientWL string `protobuf:"bytes,3,opt,name=ClientWL" json:"ClientWL,omitempty"` ServerWL string `protobuf:"bytes,4,opt,name=ServerWL" json:"ServerWL,omitempty"` ClientIP []byte `protobuf:"bytes,5,opt,name=ClientIP,proto3" json:"ClientIP,omitempty"` ServerIP []byte `protobuf:"bytes,6,opt,name=ServerIP,proto3" json:"ServerIP,omitempty"` Scope string `protobuf:"bytes,7,opt,name=Scope" json:"Scope,omitempty"` Network string `protobuf:"bytes,8,opt,name=Network" json:"Network,omitempty"` ClientPort uint32 `protobuf:"varint,9,opt,name=ClientPort" json:"ClientPort,omitempty"` ServerPort uint32 `protobuf:"varint,10,opt,name=ServerPort" json:"ServerPort,omitempty"` IPProto uint32 `protobuf:"varint,11,opt,name=IPProto" json:"IPProto,omitempty"` Application uint32 `protobuf:"varint,12,opt,name=Application" json:"Application,omitempty"` Bytes uint64 `protobuf:"varint,13,opt,name=Bytes" json:"Bytes,omitempty"` Sessions uint32 `protobuf:"varint,14,opt,name=Sessions" json:"Sessions,omitempty"` FirstSeenAt uint32 `protobuf:"varint,15,opt,name=FirstSeenAt" json:"FirstSeenAt,omitempty"` LastSeenAt uint32 `protobuf:"varint,16,opt,name=LastSeenAt" json:"LastSeenAt,omitempty"` ThreatID uint32 `protobuf:"varint,17,opt,name=ThreatID" json:"ThreatID,omitempty"` Severity uint32 `protobuf:"varint,18,opt,name=Severity" json:"Severity,omitempty"` PolicyAction uint32 `protobuf:"varint,19,opt,name=PolicyAction" json:"PolicyAction,omitempty"` Ingress bool `protobuf:"varint,20,opt,name=Ingress" json:"Ingress,omitempty"` ExternalPeer bool `protobuf:"varint,21,opt,name=ExternalPeer" json:"ExternalPeer,omitempty"` LocalPeer bool `protobuf:"varint,22,opt,name=LocalPeer" json:"LocalPeer,omitempty"` PolicyId uint32 `protobuf:"varint,23,opt,name=PolicyId" json:"PolicyId,omitempty"` Violates uint32 `protobuf:"varint,24,opt,name=Violates" json:"Violates,omitempty"` LogUID string `protobuf:"bytes,25,opt,name=LogUID" json:"LogUID,omitempty"` Xff bool `protobuf:"varint,26,opt,name=Xff" json:"Xff,omitempty"` SvcExtIP bool `protobuf:"varint,27,opt,name=SvcExtIP" json:"SvcExtIP,omitempty"` ToSidecar bool `protobuf:"varint,28,opt,name=ToSidecar" json:"ToSidecar,omitempty"` }
func (*CLUSConnection) Descriptor ¶
func (*CLUSConnection) Descriptor() ([]byte, []int)
func (*CLUSConnection) GetAgentID ¶
func (m *CLUSConnection) GetAgentID() string
func (*CLUSConnection) GetApplication ¶
func (m *CLUSConnection) GetApplication() uint32
func (*CLUSConnection) GetBytes ¶
func (m *CLUSConnection) GetBytes() uint64
func (*CLUSConnection) GetClientIP ¶
func (m *CLUSConnection) GetClientIP() []byte
func (*CLUSConnection) GetClientPort ¶
func (m *CLUSConnection) GetClientPort() uint32
func (*CLUSConnection) GetClientWL ¶
func (m *CLUSConnection) GetClientWL() string
func (*CLUSConnection) GetExternalPeer ¶
func (m *CLUSConnection) GetExternalPeer() bool
func (*CLUSConnection) GetFirstSeenAt ¶
func (m *CLUSConnection) GetFirstSeenAt() uint32
func (*CLUSConnection) GetHostID ¶
func (m *CLUSConnection) GetHostID() string
func (*CLUSConnection) GetIPProto ¶
func (m *CLUSConnection) GetIPProto() uint32
func (*CLUSConnection) GetIngress ¶
func (m *CLUSConnection) GetIngress() bool
func (*CLUSConnection) GetLastSeenAt ¶
func (m *CLUSConnection) GetLastSeenAt() uint32
func (*CLUSConnection) GetLocalPeer ¶
func (m *CLUSConnection) GetLocalPeer() bool
func (*CLUSConnection) GetLogUID ¶
func (m *CLUSConnection) GetLogUID() string
func (*CLUSConnection) GetNetwork ¶
func (m *CLUSConnection) GetNetwork() string
func (*CLUSConnection) GetPolicyAction ¶
func (m *CLUSConnection) GetPolicyAction() uint32
func (*CLUSConnection) GetPolicyId ¶
func (m *CLUSConnection) GetPolicyId() uint32
func (*CLUSConnection) GetScope ¶
func (m *CLUSConnection) GetScope() string
func (*CLUSConnection) GetServerIP ¶
func (m *CLUSConnection) GetServerIP() []byte
func (*CLUSConnection) GetServerPort ¶
func (m *CLUSConnection) GetServerPort() uint32
func (*CLUSConnection) GetServerWL ¶
func (m *CLUSConnection) GetServerWL() string
func (*CLUSConnection) GetSessions ¶
func (m *CLUSConnection) GetSessions() uint32
func (*CLUSConnection) GetSeverity ¶
func (m *CLUSConnection) GetSeverity() uint32
func (*CLUSConnection) GetSvcExtIP ¶
func (m *CLUSConnection) GetSvcExtIP() bool
func (*CLUSConnection) GetThreatID ¶
func (m *CLUSConnection) GetThreatID() uint32
func (*CLUSConnection) GetToSidecar ¶
func (m *CLUSConnection) GetToSidecar() bool
func (*CLUSConnection) GetViolates ¶
func (m *CLUSConnection) GetViolates() uint32
func (*CLUSConnection) GetXff ¶
func (m *CLUSConnection) GetXff() bool
func (*CLUSConnection) ProtoMessage ¶
func (*CLUSConnection) ProtoMessage()
func (*CLUSConnection) Reset ¶
func (m *CLUSConnection) Reset()
func (*CLUSConnection) String ¶
func (m *CLUSConnection) String() string
type CLUSConnectionArray ¶
type CLUSConnectionArray struct {
Connections []*CLUSConnection `protobuf:"bytes,1,rep,name=Connections" json:"Connections,omitempty"`
}
func (*CLUSConnectionArray) Descriptor ¶
func (*CLUSConnectionArray) Descriptor() ([]byte, []int)
func (*CLUSConnectionArray) GetConnections ¶
func (m *CLUSConnectionArray) GetConnections() []*CLUSConnection
func (*CLUSConnectionArray) ProtoMessage ¶
func (*CLUSConnectionArray) ProtoMessage()
func (*CLUSConnectionArray) Reset ¶
func (m *CLUSConnectionArray) Reset()
func (*CLUSConnectionArray) String ¶
func (m *CLUSConnectionArray) String() string
type CLUSContainerLogReq ¶
type CLUSContainerLogReq struct { Id string `protobuf:"bytes,1,opt,name=Id" json:"Id,omitempty"` Start int32 `protobuf:"varint,2,opt,name=Start" json:"Start,omitempty"` Limit uint32 `protobuf:"varint,3,opt,name=Limit" json:"Limit,omitempty"` }
func (*CLUSContainerLogReq) Descriptor ¶
func (*CLUSContainerLogReq) Descriptor() ([]byte, []int)
func (*CLUSContainerLogReq) GetId ¶
func (m *CLUSContainerLogReq) GetId() string
func (*CLUSContainerLogReq) GetLimit ¶
func (m *CLUSContainerLogReq) GetLimit() uint32
func (*CLUSContainerLogReq) GetStart ¶
func (m *CLUSContainerLogReq) GetStart() int32
func (*CLUSContainerLogReq) ProtoMessage ¶
func (*CLUSContainerLogReq) ProtoMessage()
func (*CLUSContainerLogReq) Reset ¶
func (m *CLUSContainerLogReq) Reset()
func (*CLUSContainerLogReq) String ¶
func (m *CLUSContainerLogReq) String() string
type CLUSContainerLogRes ¶
type CLUSContainerLogRes struct {
LogZb []byte `protobuf:"bytes,1,opt,name=LogZb,proto3" json:"LogZb,omitempty"`
}
func (*CLUSContainerLogRes) Descriptor ¶
func (*CLUSContainerLogRes) Descriptor() ([]byte, []int)
func (*CLUSContainerLogRes) GetLogZb ¶
func (m *CLUSContainerLogRes) GetLogZb() []byte
func (*CLUSContainerLogRes) ProtoMessage ¶
func (*CLUSContainerLogRes) ProtoMessage()
func (*CLUSContainerLogRes) Reset ¶
func (m *CLUSContainerLogRes) Reset()
func (*CLUSContainerLogRes) String ¶
func (m *CLUSContainerLogRes) String() string
type CLUSController ¶
type CLUSController struct { CLUSDevice Leader bool `json:"leader"` OrchConnStatus string `json:"orch_conn_status"` OrchConnLastError string `json:"orch_conn_last_error"` }
func (*CLUSController) GetDomain ¶
func (o *CLUSController) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSControllerConfig ¶
type CLUSControllerConfig struct {
Debug []string `json:"debug,omitempty"`
}
func (*CLUSControllerConfig) GetDomain ¶
func (o *CLUSControllerConfig) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSControllerCounter ¶
type CLUSControllerCounter struct { GraphNodes uint32 `protobuf:"varint,1,opt,name=GraphNodes" json:"GraphNodes,omitempty"` GoRoutines uint32 `protobuf:"varint,2,opt,name=GoRoutines" json:"GoRoutines,omitempty"` Lsof []byte `protobuf:"bytes,3,opt,name=Lsof,proto3" json:"Lsof,omitempty"` PS []byte `protobuf:"bytes,4,opt,name=PS,proto3" json:"PS,omitempty"` ScanTasks uint32 `protobuf:"varint,5,opt,name=ScanTasks" json:"ScanTasks,omitempty"` }
func (*CLUSControllerCounter) Descriptor ¶
func (*CLUSControllerCounter) Descriptor() ([]byte, []int)
func (*CLUSControllerCounter) GetGoRoutines ¶
func (m *CLUSControllerCounter) GetGoRoutines() uint32
func (*CLUSControllerCounter) GetGraphNodes ¶
func (m *CLUSControllerCounter) GetGraphNodes() uint32
func (*CLUSControllerCounter) GetLsof ¶
func (m *CLUSControllerCounter) GetLsof() []byte
func (*CLUSControllerCounter) GetPS ¶
func (m *CLUSControllerCounter) GetPS() []byte
func (*CLUSControllerCounter) GetScanTasks ¶
func (m *CLUSControllerCounter) GetScanTasks() uint32
func (*CLUSControllerCounter) ProtoMessage ¶
func (*CLUSControllerCounter) ProtoMessage()
func (*CLUSControllerCounter) Reset ¶
func (m *CLUSControllerCounter) Reset()
func (*CLUSControllerCounter) String ¶
func (m *CLUSControllerCounter) String() string
type CLUSCrdEventRecord ¶
type CLUSCrdEventRecord struct {
CrdEventRecord []string
}
type CLUSCrdFileRule ¶
type CLUSCrdProcessProfile ¶
type CLUSCrdProcessProfile struct {
Baseline string `json:"baseline"` // "default" or "shield", for process profile
}
type CLUSCrdProcessRule ¶
type CLUSCrdRecord ¶
type CLUSCrdRecord struct {
CrdRecord *admissionv1beta1.AdmissionReview
}
type CLUSCrdSecurityRule ¶
type CLUSCrdSecurityRule struct { Name string `json:"name"` Groups []string `json:"groups"` Rules map[string]uint32 `json:"rules"` ProfileName string `json:"profile_name"` ProfileMode string `json:"profile_mode"` ProcessProfile CLUSCrdProcessProfile `json:"process_profile"` ProcessRules []CLUSCrdProcessRule `json:"process_rules"` FileRules []CLUSCrdFileRule `json:"file_rules"` WafGroupSensors []string `json:"waf_group_sensors"` // waf sensors associated with the target group AdmCtrlRules map[string]uint32 `json:"admctrl_rules"` // map key is the generated name of admission control rule, valud is assigned rule id WafSensor string `json:"waf_sensor"` // waf sensor defined in this crd security rule }
type CLUSCriteriaEntry ¶
type CLUSCtrlVersion ¶
type CLUSCustomCheck ¶
func (*CLUSCustomCheck) GetDomain ¶
func (o *CLUSCustomCheck) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSCustomCheckGroup ¶
type CLUSCustomCheckGroup struct {
Scripts []*CLUSCustomCheck `json:"scripts"`
}
type CLUSDatapathCounter ¶
type CLUSDatapathCounter struct { RXPackets uint64 `protobuf:"varint,1,opt,name=RXPackets" json:"RXPackets,omitempty"` RXDropPackets uint64 `protobuf:"varint,2,opt,name=RXDropPackets" json:"RXDropPackets,omitempty"` TXPackets uint64 `protobuf:"varint,3,opt,name=TXPackets" json:"TXPackets,omitempty"` TXDropPackets uint64 `protobuf:"varint,4,opt,name=TXDropPackets" json:"TXDropPackets,omitempty"` ErrorPackets uint64 `protobuf:"varint,5,opt,name=ErrorPackets" json:"ErrorPackets,omitempty"` NoWorkloadPackets uint64 `protobuf:"varint,6,opt,name=NoWorkloadPackets" json:"NoWorkloadPackets,omitempty"` IPv4Packets uint64 `protobuf:"varint,7,opt,name=IPv4Packets" json:"IPv4Packets,omitempty"` IPv6Packets uint64 `protobuf:"varint,8,opt,name=IPv6Packets" json:"IPv6Packets,omitempty"` TCPPackets uint64 `protobuf:"varint,9,opt,name=TCPPackets" json:"TCPPackets,omitempty"` TCPNoSessionPackets uint64 `protobuf:"varint,10,opt,name=TCPNoSessionPackets" json:"TCPNoSessionPackets,omitempty"` UDPPackets uint64 `protobuf:"varint,11,opt,name=UDPPackets" json:"UDPPackets,omitempty"` ICMPPackets uint64 `protobuf:"varint,12,opt,name=ICMPPackets" json:"ICMPPackets,omitempty"` OtherPackets uint64 `protobuf:"varint,13,opt,name=OtherPackets" json:"OtherPackets,omitempty"` Fragments uint64 `protobuf:"varint,14,opt,name=Fragments" json:"Fragments,omitempty"` TimeoutFragments uint64 `protobuf:"varint,15,opt,name=TimeoutFragments" json:"TimeoutFragments,omitempty"` TotalSessions uint64 `protobuf:"varint,16,opt,name=TotalSessions" json:"TotalSessions,omitempty"` TCPSessions uint64 `protobuf:"varint,17,opt,name=TCPSessions" json:"TCPSessions,omitempty"` UDPSessions uint64 `protobuf:"varint,18,opt,name=UDPSessions" json:"UDPSessions,omitempty"` ICMPSessions uint64 `protobuf:"varint,19,opt,name=ICMPSessions" json:"ICMPSessions,omitempty"` IPSessions uint64 `protobuf:"varint,20,opt,name=IPSessions" json:"IPSessions,omitempty"` DropMeters uint64 `protobuf:"varint,21,opt,name=DropMeters" json:"DropMeters,omitempty"` ProxyMeters uint64 `protobuf:"varint,22,opt,name=ProxyMeters" json:"ProxyMeters,omitempty"` CurMeters uint64 `protobuf:"varint,23,opt,name=CurMeters" json:"CurMeters,omitempty"` CurLogCaches uint64 `protobuf:"varint,24,opt,name=CurLogCaches" json:"CurLogCaches,omitempty"` FreedFragments uint64 `protobuf:"varint,25,opt,name=FreedFragments" json:"FreedFragments,omitempty"` Assemblys uint64 `protobuf:"varint,26,opt,name=Assemblys" json:"Assemblys,omitempty"` FreedAssemblys uint64 `protobuf:"varint,27,opt,name=FreedAssemblys" json:"FreedAssemblys,omitempty"` ParserSessions []uint64 `protobuf:"varint,28,rep,packed,name=ParserSessions" json:"ParserSessions,omitempty"` ParserPackets []uint64 `protobuf:"varint,29,rep,packed,name=ParserPackets" json:"ParserPackets,omitempty"` PolicyType1Rules uint32 `protobuf:"varint,30,opt,name=PolicyType1Rules" json:"PolicyType1Rules,omitempty"` PolicyType2Rules uint32 `protobuf:"varint,31,opt,name=PolicyType2Rules" json:"PolicyType2Rules,omitempty"` PolicyDomains uint32 `protobuf:"varint,32,opt,name=PolicyDomains" json:"PolicyDomains,omitempty"` PolicyDomainIPs uint32 `protobuf:"varint,33,opt,name=PolicyDomainIPs" json:"PolicyDomainIPs,omitempty"` GoRoutines uint32 `protobuf:"varint,34,opt,name=GoRoutines" json:"GoRoutines,omitempty"` Lsof []byte `protobuf:"bytes,35,opt,name=Lsof,proto3" json:"Lsof,omitempty"` PS []byte `protobuf:"bytes,36,opt,name=PS,proto3" json:"PS,omitempty"` LimitDropConns uint64 `protobuf:"varint,37,opt,name=LimitDropConns" json:"LimitDropConns,omitempty"` LimitPassConns uint64 `protobuf:"varint,38,opt,name=LimitPassConns" json:"LimitPassConns,omitempty"` }
func (*CLUSDatapathCounter) Descriptor ¶
func (*CLUSDatapathCounter) Descriptor() ([]byte, []int)
func (*CLUSDatapathCounter) GetAssemblys ¶
func (m *CLUSDatapathCounter) GetAssemblys() uint64
func (*CLUSDatapathCounter) GetCurLogCaches ¶
func (m *CLUSDatapathCounter) GetCurLogCaches() uint64
func (*CLUSDatapathCounter) GetCurMeters ¶
func (m *CLUSDatapathCounter) GetCurMeters() uint64
func (*CLUSDatapathCounter) GetDropMeters ¶
func (m *CLUSDatapathCounter) GetDropMeters() uint64
func (*CLUSDatapathCounter) GetErrorPackets ¶
func (m *CLUSDatapathCounter) GetErrorPackets() uint64
func (*CLUSDatapathCounter) GetFragments ¶
func (m *CLUSDatapathCounter) GetFragments() uint64
func (*CLUSDatapathCounter) GetFreedAssemblys ¶
func (m *CLUSDatapathCounter) GetFreedAssemblys() uint64
func (*CLUSDatapathCounter) GetFreedFragments ¶
func (m *CLUSDatapathCounter) GetFreedFragments() uint64
func (*CLUSDatapathCounter) GetGoRoutines ¶
func (m *CLUSDatapathCounter) GetGoRoutines() uint32
func (*CLUSDatapathCounter) GetICMPPackets ¶
func (m *CLUSDatapathCounter) GetICMPPackets() uint64
func (*CLUSDatapathCounter) GetICMPSessions ¶
func (m *CLUSDatapathCounter) GetICMPSessions() uint64
func (*CLUSDatapathCounter) GetIPSessions ¶
func (m *CLUSDatapathCounter) GetIPSessions() uint64
func (*CLUSDatapathCounter) GetIPv4Packets ¶
func (m *CLUSDatapathCounter) GetIPv4Packets() uint64
func (*CLUSDatapathCounter) GetIPv6Packets ¶
func (m *CLUSDatapathCounter) GetIPv6Packets() uint64
func (*CLUSDatapathCounter) GetLimitDropConns ¶
func (m *CLUSDatapathCounter) GetLimitDropConns() uint64
func (*CLUSDatapathCounter) GetLimitPassConns ¶
func (m *CLUSDatapathCounter) GetLimitPassConns() uint64
func (*CLUSDatapathCounter) GetLsof ¶
func (m *CLUSDatapathCounter) GetLsof() []byte
func (*CLUSDatapathCounter) GetNoWorkloadPackets ¶
func (m *CLUSDatapathCounter) GetNoWorkloadPackets() uint64
func (*CLUSDatapathCounter) GetOtherPackets ¶
func (m *CLUSDatapathCounter) GetOtherPackets() uint64
func (*CLUSDatapathCounter) GetPS ¶
func (m *CLUSDatapathCounter) GetPS() []byte
func (*CLUSDatapathCounter) GetParserPackets ¶
func (m *CLUSDatapathCounter) GetParserPackets() []uint64
func (*CLUSDatapathCounter) GetParserSessions ¶
func (m *CLUSDatapathCounter) GetParserSessions() []uint64
func (*CLUSDatapathCounter) GetPolicyDomainIPs ¶
func (m *CLUSDatapathCounter) GetPolicyDomainIPs() uint32
func (*CLUSDatapathCounter) GetPolicyDomains ¶
func (m *CLUSDatapathCounter) GetPolicyDomains() uint32
func (*CLUSDatapathCounter) GetPolicyType1Rules ¶
func (m *CLUSDatapathCounter) GetPolicyType1Rules() uint32
func (*CLUSDatapathCounter) GetPolicyType2Rules ¶
func (m *CLUSDatapathCounter) GetPolicyType2Rules() uint32
func (*CLUSDatapathCounter) GetProxyMeters ¶
func (m *CLUSDatapathCounter) GetProxyMeters() uint64
func (*CLUSDatapathCounter) GetRXDropPackets ¶
func (m *CLUSDatapathCounter) GetRXDropPackets() uint64
func (*CLUSDatapathCounter) GetRXPackets ¶
func (m *CLUSDatapathCounter) GetRXPackets() uint64
func (*CLUSDatapathCounter) GetTCPNoSessionPackets ¶
func (m *CLUSDatapathCounter) GetTCPNoSessionPackets() uint64
func (*CLUSDatapathCounter) GetTCPPackets ¶
func (m *CLUSDatapathCounter) GetTCPPackets() uint64
func (*CLUSDatapathCounter) GetTCPSessions ¶
func (m *CLUSDatapathCounter) GetTCPSessions() uint64
func (*CLUSDatapathCounter) GetTXDropPackets ¶
func (m *CLUSDatapathCounter) GetTXDropPackets() uint64
func (*CLUSDatapathCounter) GetTXPackets ¶
func (m *CLUSDatapathCounter) GetTXPackets() uint64
func (*CLUSDatapathCounter) GetTimeoutFragments ¶
func (m *CLUSDatapathCounter) GetTimeoutFragments() uint64
func (*CLUSDatapathCounter) GetTotalSessions ¶
func (m *CLUSDatapathCounter) GetTotalSessions() uint64
func (*CLUSDatapathCounter) GetUDPPackets ¶
func (m *CLUSDatapathCounter) GetUDPPackets() uint64
func (*CLUSDatapathCounter) GetUDPSessions ¶
func (m *CLUSDatapathCounter) GetUDPSessions() uint64
func (*CLUSDatapathCounter) ProtoMessage ¶
func (*CLUSDatapathCounter) ProtoMessage()
func (*CLUSDatapathCounter) Reset ¶
func (m *CLUSDatapathCounter) Reset()
func (*CLUSDatapathCounter) String ¶
func (m *CLUSDatapathCounter) String() string
type CLUSDerivedDlpRule ¶
type CLUSDerivedDlpRule struct { Name string `protobuf:"bytes,1,opt,name=Name" json:"Name,omitempty"` Action uint32 `protobuf:"varint,2,opt,name=Action" json:"Action,omitempty"` }
func (*CLUSDerivedDlpRule) Descriptor ¶
func (*CLUSDerivedDlpRule) Descriptor() ([]byte, []int)
func (*CLUSDerivedDlpRule) GetAction ¶
func (m *CLUSDerivedDlpRule) GetAction() uint32
func (*CLUSDerivedDlpRule) GetDomain ¶
func (o *CLUSDerivedDlpRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
func (*CLUSDerivedDlpRule) GetName ¶
func (m *CLUSDerivedDlpRule) GetName() string
func (*CLUSDerivedDlpRule) ProtoMessage ¶
func (*CLUSDerivedDlpRule) ProtoMessage()
func (*CLUSDerivedDlpRule) Reset ¶
func (m *CLUSDerivedDlpRule) Reset()
func (*CLUSDerivedDlpRule) String ¶
func (m *CLUSDerivedDlpRule) String() string
type CLUSDerivedDlpRuleArray ¶
type CLUSDerivedDlpRuleArray struct { Mode string `protobuf:"bytes,1,opt,name=Mode" json:"Mode,omitempty"` DefAct uint32 `protobuf:"varint,2,opt,name=DefAct" json:"DefAct,omitempty"` ApplyDir int32 `protobuf:"varint,3,opt,name=ApplyDir" json:"ApplyDir,omitempty"` WlMacs []string `protobuf:"bytes,4,rep,name=WlMacs" json:"WlMacs,omitempty"` DlpRules []*CLUSDerivedDlpRule `protobuf:"bytes,5,rep,name=DlpRules" json:"DlpRules,omitempty"` WafRules []*CLUSDerivedDlpRule `protobuf:"bytes,6,rep,name=WafRules" json:"WafRules,omitempty"` Rids []uint32 `protobuf:"varint,7,rep,packed,name=rids" json:"rids,omitempty"` Wafrids []uint32 `protobuf:"varint,8,rep,packed,name=wafrids" json:"wafrids,omitempty"` RuleType string `protobuf:"bytes,9,opt,name=RuleType" json:"RuleType,omitempty"` }
func (*CLUSDerivedDlpRuleArray) Descriptor ¶
func (*CLUSDerivedDlpRuleArray) Descriptor() ([]byte, []int)
func (*CLUSDerivedDlpRuleArray) GetApplyDir ¶
func (m *CLUSDerivedDlpRuleArray) GetApplyDir() int32
func (*CLUSDerivedDlpRuleArray) GetDefAct ¶
func (m *CLUSDerivedDlpRuleArray) GetDefAct() uint32
func (*CLUSDerivedDlpRuleArray) GetDlpRules ¶
func (m *CLUSDerivedDlpRuleArray) GetDlpRules() []*CLUSDerivedDlpRule
func (*CLUSDerivedDlpRuleArray) GetMode ¶
func (m *CLUSDerivedDlpRuleArray) GetMode() string
func (*CLUSDerivedDlpRuleArray) GetRids ¶
func (m *CLUSDerivedDlpRuleArray) GetRids() []uint32
func (*CLUSDerivedDlpRuleArray) GetRuleType ¶
func (m *CLUSDerivedDlpRuleArray) GetRuleType() string
func (*CLUSDerivedDlpRuleArray) GetWafRules ¶
func (m *CLUSDerivedDlpRuleArray) GetWafRules() []*CLUSDerivedDlpRule
func (*CLUSDerivedDlpRuleArray) GetWafrids ¶
func (m *CLUSDerivedDlpRuleArray) GetWafrids() []uint32
func (*CLUSDerivedDlpRuleArray) GetWlMacs ¶
func (m *CLUSDerivedDlpRuleArray) GetWlMacs() []string
func (*CLUSDerivedDlpRuleArray) ProtoMessage ¶
func (*CLUSDerivedDlpRuleArray) ProtoMessage()
func (*CLUSDerivedDlpRuleArray) Reset ¶
func (m *CLUSDerivedDlpRuleArray) Reset()
func (*CLUSDerivedDlpRuleArray) String ¶
func (m *CLUSDerivedDlpRuleArray) String() string
type CLUSDerivedDlpRuleEntry ¶
type CLUSDerivedDlpRuleEntry struct { Name string `protobuf:"bytes,1,opt,name=Name" json:"Name,omitempty"` ID uint32 `protobuf:"varint,2,opt,name=ID" json:"ID,omitempty"` Patterns []string `protobuf:"bytes,3,rep,name=Patterns" json:"Patterns,omitempty"` }
func (*CLUSDerivedDlpRuleEntry) Descriptor ¶
func (*CLUSDerivedDlpRuleEntry) Descriptor() ([]byte, []int)
func (*CLUSDerivedDlpRuleEntry) GetDomain ¶
func (o *CLUSDerivedDlpRuleEntry) GetDomain(f GetAccessObjectFunc) ([]string, []string)
func (*CLUSDerivedDlpRuleEntry) GetID ¶
func (m *CLUSDerivedDlpRuleEntry) GetID() uint32
func (*CLUSDerivedDlpRuleEntry) GetName ¶
func (m *CLUSDerivedDlpRuleEntry) GetName() string
func (*CLUSDerivedDlpRuleEntry) GetPatterns ¶
func (m *CLUSDerivedDlpRuleEntry) GetPatterns() []string
func (*CLUSDerivedDlpRuleEntry) ProtoMessage ¶
func (*CLUSDerivedDlpRuleEntry) ProtoMessage()
func (*CLUSDerivedDlpRuleEntry) Reset ¶
func (m *CLUSDerivedDlpRuleEntry) Reset()
func (*CLUSDerivedDlpRuleEntry) String ¶
func (m *CLUSDerivedDlpRuleEntry) String() string
type CLUSDerivedDlpRuleEntryArray ¶
type CLUSDerivedDlpRuleEntryArray struct {
DlpRuleEntries []*CLUSDerivedDlpRuleEntry `protobuf:"bytes,1,rep,name=DlpRuleEntries" json:"DlpRuleEntries,omitempty"`
}
func (*CLUSDerivedDlpRuleEntryArray) Descriptor ¶
func (*CLUSDerivedDlpRuleEntryArray) Descriptor() ([]byte, []int)
func (*CLUSDerivedDlpRuleEntryArray) GetDlpRuleEntries ¶
func (m *CLUSDerivedDlpRuleEntryArray) GetDlpRuleEntries() []*CLUSDerivedDlpRuleEntry
func (*CLUSDerivedDlpRuleEntryArray) ProtoMessage ¶
func (*CLUSDerivedDlpRuleEntryArray) ProtoMessage()
func (*CLUSDerivedDlpRuleEntryArray) Reset ¶
func (m *CLUSDerivedDlpRuleEntryArray) Reset()
func (*CLUSDerivedDlpRuleEntryArray) String ¶
func (m *CLUSDerivedDlpRuleEntryArray) String() string
type CLUSDerivedDlpRuleMac ¶
type CLUSDerivedDlpRuleMac struct {
Mac string `protobuf:"bytes,1,opt,name=Mac" json:"Mac,omitempty"`
}
func (*CLUSDerivedDlpRuleMac) Descriptor ¶
func (*CLUSDerivedDlpRuleMac) Descriptor() ([]byte, []int)
func (*CLUSDerivedDlpRuleMac) GetDomain ¶
func (o *CLUSDerivedDlpRuleMac) GetDomain(f GetAccessObjectFunc) ([]string, []string)
func (*CLUSDerivedDlpRuleMac) GetMac ¶
func (m *CLUSDerivedDlpRuleMac) GetMac() string
func (*CLUSDerivedDlpRuleMac) ProtoMessage ¶
func (*CLUSDerivedDlpRuleMac) ProtoMessage()
func (*CLUSDerivedDlpRuleMac) Reset ¶
func (m *CLUSDerivedDlpRuleMac) Reset()
func (*CLUSDerivedDlpRuleMac) String ¶
func (m *CLUSDerivedDlpRuleMac) String() string
type CLUSDerivedDlpRuleMacArray ¶
type CLUSDerivedDlpRuleMacArray struct {
DlpRuleMacs []*CLUSDerivedDlpRuleMac `protobuf:"bytes,1,rep,name=DlpRuleMacs" json:"DlpRuleMacs,omitempty"`
}
func (*CLUSDerivedDlpRuleMacArray) Descriptor ¶
func (*CLUSDerivedDlpRuleMacArray) Descriptor() ([]byte, []int)
func (*CLUSDerivedDlpRuleMacArray) GetDlpRuleMacs ¶
func (m *CLUSDerivedDlpRuleMacArray) GetDlpRuleMacs() []*CLUSDerivedDlpRuleMac
func (*CLUSDerivedDlpRuleMacArray) ProtoMessage ¶
func (*CLUSDerivedDlpRuleMacArray) ProtoMessage()
func (*CLUSDerivedDlpRuleMacArray) Reset ¶
func (m *CLUSDerivedDlpRuleMacArray) Reset()
func (*CLUSDerivedDlpRuleMacArray) String ¶
func (m *CLUSDerivedDlpRuleMacArray) String() string
type CLUSDerivedDlpRuleMap ¶
type CLUSDerivedDlpRuleMap struct {
DlpRuleMap map[string]*CLUSDerivedDlpRuleArray `` /* 140-byte string literal not displayed */
}
func (*CLUSDerivedDlpRuleMap) Descriptor ¶
func (*CLUSDerivedDlpRuleMap) Descriptor() ([]byte, []int)
func (*CLUSDerivedDlpRuleMap) GetDlpRuleMap ¶
func (m *CLUSDerivedDlpRuleMap) GetDlpRuleMap() map[string]*CLUSDerivedDlpRuleArray
func (*CLUSDerivedDlpRuleMap) ProtoMessage ¶
func (*CLUSDerivedDlpRuleMap) ProtoMessage()
func (*CLUSDerivedDlpRuleMap) Reset ¶
func (m *CLUSDerivedDlpRuleMap) Reset()
func (*CLUSDerivedDlpRuleMap) String ¶
func (m *CLUSDerivedDlpRuleMap) String() string
type CLUSDerivedFileRule ¶
type CLUSDerivedFileRule struct { Recursive bool `protobuf:"varint,1,opt,name=Recursive" json:"Recursive,omitempty"` Filter string `protobuf:"bytes,2,opt,name=Filter" json:"Filter,omitempty"` Path string `protobuf:"bytes,3,opt,name=Path" json:"Path,omitempty"` Regex string `protobuf:"bytes,4,opt,name=Regex" json:"Regex,omitempty"` Behavior string `protobuf:"bytes,5,opt,name=Behavior" json:"Behavior,omitempty"` GroupName string `protobuf:"bytes,6,opt,name=GroupName" json:"GroupName,omitempty"` Apps []string `protobuf:"bytes,7,rep,name=Apps" json:"Apps,omitempty"` CfgType string `protobuf:"bytes,8,opt,name=CfgType" json:"CfgType,omitempty"` }
func (*CLUSDerivedFileRule) Descriptor ¶
func (*CLUSDerivedFileRule) Descriptor() ([]byte, []int)
func (*CLUSDerivedFileRule) GetApps ¶
func (m *CLUSDerivedFileRule) GetApps() []string
func (*CLUSDerivedFileRule) GetBehavior ¶
func (m *CLUSDerivedFileRule) GetBehavior() string
func (*CLUSDerivedFileRule) GetCfgType ¶
func (m *CLUSDerivedFileRule) GetCfgType() string
func (*CLUSDerivedFileRule) GetFilter ¶
func (m *CLUSDerivedFileRule) GetFilter() string
func (*CLUSDerivedFileRule) GetGroupName ¶
func (m *CLUSDerivedFileRule) GetGroupName() string
func (*CLUSDerivedFileRule) GetPath ¶
func (m *CLUSDerivedFileRule) GetPath() string
func (*CLUSDerivedFileRule) GetRecursive ¶
func (m *CLUSDerivedFileRule) GetRecursive() bool
func (*CLUSDerivedFileRule) GetRegex ¶
func (m *CLUSDerivedFileRule) GetRegex() string
func (*CLUSDerivedFileRule) ProtoMessage ¶
func (*CLUSDerivedFileRule) ProtoMessage()
func (*CLUSDerivedFileRule) Reset ¶
func (m *CLUSDerivedFileRule) Reset()
func (*CLUSDerivedFileRule) String ¶
func (m *CLUSDerivedFileRule) String() string
type CLUSDerivedFileRuleArray ¶
type CLUSDerivedFileRuleArray struct {
Rules []*CLUSDerivedFileRule `protobuf:"bytes,1,rep,name=Rules" json:"Rules,omitempty"`
}
func (*CLUSDerivedFileRuleArray) Descriptor ¶
func (*CLUSDerivedFileRuleArray) Descriptor() ([]byte, []int)
func (*CLUSDerivedFileRuleArray) GetRules ¶
func (m *CLUSDerivedFileRuleArray) GetRules() []*CLUSDerivedFileRule
func (*CLUSDerivedFileRuleArray) ProtoMessage ¶
func (*CLUSDerivedFileRuleArray) ProtoMessage()
func (*CLUSDerivedFileRuleArray) Reset ¶
func (m *CLUSDerivedFileRuleArray) Reset()
func (*CLUSDerivedFileRuleArray) String ¶
func (m *CLUSDerivedFileRuleArray) String() string
type CLUSDerivedPolicyApp ¶
type CLUSDerivedPolicyApp struct { App uint32 `protobuf:"varint,1,opt,name=App" json:"App,omitempty"` Action uint32 `protobuf:"varint,2,opt,name=Action" json:"Action,omitempty"` RuleID uint32 `protobuf:"varint,3,opt,name=RuleID" json:"RuleID,omitempty"` }
func (*CLUSDerivedPolicyApp) Descriptor ¶
func (*CLUSDerivedPolicyApp) Descriptor() ([]byte, []int)
func (*CLUSDerivedPolicyApp) GetAction ¶
func (m *CLUSDerivedPolicyApp) GetAction() uint32
func (*CLUSDerivedPolicyApp) GetApp ¶
func (m *CLUSDerivedPolicyApp) GetApp() uint32
func (*CLUSDerivedPolicyApp) GetRuleID ¶
func (m *CLUSDerivedPolicyApp) GetRuleID() uint32
func (*CLUSDerivedPolicyApp) ProtoMessage ¶
func (*CLUSDerivedPolicyApp) ProtoMessage()
func (*CLUSDerivedPolicyApp) Reset ¶
func (m *CLUSDerivedPolicyApp) Reset()
func (*CLUSDerivedPolicyApp) String ¶
func (m *CLUSDerivedPolicyApp) String() string
type CLUSDerivedPolicyRule ¶
type CLUSDerivedPolicyRule struct { ID uint32 `protobuf:"varint,1,opt,name=ID" json:"ID,omitempty"` SrcIP []byte `protobuf:"bytes,2,opt,name=SrcIP,proto3" json:"SrcIP,omitempty"` DstIP []byte `protobuf:"bytes,3,opt,name=DstIP,proto3" json:"DstIP,omitempty"` SrcIPR []byte `protobuf:"bytes,4,opt,name=SrcIPR,proto3" json:"SrcIPR,omitempty"` DstIPR []byte `protobuf:"bytes,5,opt,name=DstIPR,proto3" json:"DstIPR,omitempty"` Port uint32 `protobuf:"varint,6,opt,name=Port" json:"Port,omitempty"` PortR uint32 `protobuf:"varint,7,opt,name=PortR" json:"PortR,omitempty"` IPProto uint32 `protobuf:"varint,8,opt,name=IPProto" json:"IPProto,omitempty"` Action uint32 `protobuf:"varint,9,opt,name=Action" json:"Action,omitempty"` Ingress bool `protobuf:"varint,10,opt,name=Ingress" json:"Ingress,omitempty"` FQDN string `protobuf:"bytes,11,opt,name=FQDN" json:"FQDN,omitempty"` Apps []*CLUSDerivedPolicyApp `protobuf:"bytes,12,rep,name=Apps" json:"Apps,omitempty"` }
func (*CLUSDerivedPolicyRule) Descriptor ¶
func (*CLUSDerivedPolicyRule) Descriptor() ([]byte, []int)
func (*CLUSDerivedPolicyRule) GetAction ¶
func (m *CLUSDerivedPolicyRule) GetAction() uint32
func (*CLUSDerivedPolicyRule) GetApps ¶
func (m *CLUSDerivedPolicyRule) GetApps() []*CLUSDerivedPolicyApp
func (*CLUSDerivedPolicyRule) GetDomain ¶
func (o *CLUSDerivedPolicyRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
func (*CLUSDerivedPolicyRule) GetDstIP ¶
func (m *CLUSDerivedPolicyRule) GetDstIP() []byte
func (*CLUSDerivedPolicyRule) GetDstIPR ¶
func (m *CLUSDerivedPolicyRule) GetDstIPR() []byte
func (*CLUSDerivedPolicyRule) GetFQDN ¶
func (m *CLUSDerivedPolicyRule) GetFQDN() string
func (*CLUSDerivedPolicyRule) GetID ¶
func (m *CLUSDerivedPolicyRule) GetID() uint32
func (*CLUSDerivedPolicyRule) GetIPProto ¶
func (m *CLUSDerivedPolicyRule) GetIPProto() uint32
func (*CLUSDerivedPolicyRule) GetIngress ¶
func (m *CLUSDerivedPolicyRule) GetIngress() bool
func (*CLUSDerivedPolicyRule) GetPort ¶
func (m *CLUSDerivedPolicyRule) GetPort() uint32
func (*CLUSDerivedPolicyRule) GetPortR ¶
func (m *CLUSDerivedPolicyRule) GetPortR() uint32
func (*CLUSDerivedPolicyRule) GetSrcIP ¶
func (m *CLUSDerivedPolicyRule) GetSrcIP() []byte
func (*CLUSDerivedPolicyRule) GetSrcIPR ¶
func (m *CLUSDerivedPolicyRule) GetSrcIPR() []byte
func (*CLUSDerivedPolicyRule) ProtoMessage ¶
func (*CLUSDerivedPolicyRule) ProtoMessage()
func (*CLUSDerivedPolicyRule) Reset ¶
func (m *CLUSDerivedPolicyRule) Reset()
func (*CLUSDerivedPolicyRule) String ¶
func (m *CLUSDerivedPolicyRule) String() string
type CLUSDerivedPolicyRuleArray ¶
type CLUSDerivedPolicyRuleArray struct {
Rules []*CLUSDerivedPolicyRule `protobuf:"bytes,1,rep,name=Rules" json:"Rules,omitempty"`
}
func (*CLUSDerivedPolicyRuleArray) Descriptor ¶
func (*CLUSDerivedPolicyRuleArray) Descriptor() ([]byte, []int)
func (*CLUSDerivedPolicyRuleArray) GetRules ¶
func (m *CLUSDerivedPolicyRuleArray) GetRules() []*CLUSDerivedPolicyRule
func (*CLUSDerivedPolicyRuleArray) ProtoMessage ¶
func (*CLUSDerivedPolicyRuleArray) ProtoMessage()
func (*CLUSDerivedPolicyRuleArray) Reset ¶
func (m *CLUSDerivedPolicyRuleArray) Reset()
func (*CLUSDerivedPolicyRuleArray) String ¶
func (m *CLUSDerivedPolicyRuleArray) String() string
type CLUSDerivedPolicyRuleMap ¶
type CLUSDerivedPolicyRuleMap struct {
RuleMap map[string]*CLUSDerivedPolicyRuleArray `` /* 134-byte string literal not displayed */
}
func (*CLUSDerivedPolicyRuleMap) Descriptor ¶
func (*CLUSDerivedPolicyRuleMap) Descriptor() ([]byte, []int)
func (*CLUSDerivedPolicyRuleMap) GetRuleMap ¶
func (m *CLUSDerivedPolicyRuleMap) GetRuleMap() map[string]*CLUSDerivedPolicyRuleArray
func (*CLUSDerivedPolicyRuleMap) ProtoMessage ¶
func (*CLUSDerivedPolicyRuleMap) ProtoMessage()
func (*CLUSDerivedPolicyRuleMap) Reset ¶
func (m *CLUSDerivedPolicyRuleMap) Reset()
func (*CLUSDerivedPolicyRuleMap) String ¶
func (m *CLUSDerivedPolicyRuleMap) String() string
type CLUSDerivedProcessRule ¶
type CLUSDerivedProcessRule struct { Name string `protobuf:"bytes,1,opt,name=Name" json:"Name,omitempty"` Path string `protobuf:"bytes,2,opt,name=Path" json:"Path,omitempty"` Action string `protobuf:"bytes,3,opt,name=Action" json:"Action,omitempty"` CreatedAt uint64 `protobuf:"varint,4,opt,name=CreatedAt" json:"CreatedAt,omitempty"` UpdateAt uint64 `protobuf:"varint,5,opt,name=UpdateAt" json:"UpdateAt,omitempty"` GroupName string `protobuf:"bytes,6,opt,name=GroupName" json:"GroupName,omitempty"` CfgType string `protobuf:"bytes,7,opt,name=CfgType" json:"CfgType,omitempty"` }
func (*CLUSDerivedProcessRule) Descriptor ¶
func (*CLUSDerivedProcessRule) Descriptor() ([]byte, []int)
func (*CLUSDerivedProcessRule) GetAction ¶
func (m *CLUSDerivedProcessRule) GetAction() string
func (*CLUSDerivedProcessRule) GetCfgType ¶
func (m *CLUSDerivedProcessRule) GetCfgType() string
func (*CLUSDerivedProcessRule) GetCreatedAt ¶
func (m *CLUSDerivedProcessRule) GetCreatedAt() uint64
func (*CLUSDerivedProcessRule) GetGroupName ¶
func (m *CLUSDerivedProcessRule) GetGroupName() string
func (*CLUSDerivedProcessRule) GetName ¶
func (m *CLUSDerivedProcessRule) GetName() string
func (*CLUSDerivedProcessRule) GetPath ¶
func (m *CLUSDerivedProcessRule) GetPath() string
func (*CLUSDerivedProcessRule) GetUpdateAt ¶
func (m *CLUSDerivedProcessRule) GetUpdateAt() uint64
func (*CLUSDerivedProcessRule) ProtoMessage ¶
func (*CLUSDerivedProcessRule) ProtoMessage()
func (*CLUSDerivedProcessRule) Reset ¶
func (m *CLUSDerivedProcessRule) Reset()
func (*CLUSDerivedProcessRule) String ¶
func (m *CLUSDerivedProcessRule) String() string
type CLUSDerivedProcessRuleArray ¶
type CLUSDerivedProcessRuleArray struct {
Rules []*CLUSDerivedProcessRule `protobuf:"bytes,1,rep,name=Rules" json:"Rules,omitempty"`
}
func (*CLUSDerivedProcessRuleArray) Descriptor ¶
func (*CLUSDerivedProcessRuleArray) Descriptor() ([]byte, []int)
func (*CLUSDerivedProcessRuleArray) GetRules ¶
func (m *CLUSDerivedProcessRuleArray) GetRules() []*CLUSDerivedProcessRule
func (*CLUSDerivedProcessRuleArray) ProtoMessage ¶
func (*CLUSDerivedProcessRuleArray) ProtoMessage()
func (*CLUSDerivedProcessRuleArray) Reset ¶
func (m *CLUSDerivedProcessRuleArray) Reset()
func (*CLUSDerivedProcessRuleArray) String ¶
func (m *CLUSDerivedProcessRuleArray) String() string
type CLUSDevice ¶
type CLUSDevice struct { ID string `json:"id"` Name string `json:"name"` SelfHostname string `json:"self_hostname"` HostName string `json:"host_name"` HostID string `json:"host_id"` Domain string `json:"domain"` NetworkMode string `json:"network_mode"` PidMode string `json:"pid_mode"` Ver string `json:"version"` Labels map[string]string `json:"labels"` CreatedAt time.Time `json:"created_at"` StartedAt time.Time `json:"started_at"` JoinedAt time.Time `json:"joined_at"` MemoryLimit int64 `json:"memory_limit"` CPUs string `json:"cpus"` ClusterIP string `json:"cluster_ip"` RPCServerPort uint16 `json:"rpc_server_port"` Pid int `json:"pid"` Ifaces map[string][]CLUSIPAddr `json:"interfaces"` }
type CLUSDistLocker ¶
type CLUSDlpCriteriaEntry ¶
type CLUSDlpGroup ¶
type CLUSDlpGroup struct { Name string `json:"name"` Status bool `json:"status"` Sensors []*CLUSDlpSetting `json:"sensors"` }
func (*CLUSDlpGroup) GetDomain ¶
func (o *CLUSDlpGroup) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSDlpRule ¶
type CLUSDlpRule struct { Name string `json:"name"` ID uint32 `json:"id"` Patterns []CLUSDlpCriteriaEntry `json:"patterns"` }
func (*CLUSDlpRule) GetDomain ¶
func (o *CLUSDlpRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSDlpSensor ¶
type CLUSDlpSensor struct { Name string `json:"name"` Groups map[string]string `json:"groups,omitempty"` //group to action mapping, RuleListNames map[string]string `json:"rule_list_names,omitempty"` RuleList map[string]*CLUSDlpRule `json:"rule_list,omitempty"` PreRuleList map[string][]*CLUSDlpRule `json:"pre_rule_list,omitempty"` Comment string `json:"comment,omitempty"` Predefine bool `json:"predefine,omitempty"` }
func (*CLUSDlpSensor) GetDomain ¶
func (o *CLUSDlpSensor) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSDlpSetting ¶
type CLUSDlpWorkloadRule ¶
type CLUSDlpWorkloadRule struct { WorkloadId string `json:"workload_id"` PolicyMode string `json:"mode,omitempty"` RuleListNames []*CLUSDlpSetting `json:"rule_list_names"` RuleIds []uint32 `json:"rule_ids"` RuleType string `json:"ruletype"` }
type CLUSDomain ¶
type CLUSDomain struct { Name string `json:"name"` Dummy bool `json:"dummy"` Disable bool `json:"disable"` Tags []string `json:"tags"` }
func (*CLUSDomain) GetDomain ¶
func (o *CLUSDomain) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSEventCondition ¶
type CLUSEventLog ¶
type CLUSEventLog struct { Event TLogEvent `json:"event"` HostID string `json:"host_id"` HostName string `json:"host_name"` ControllerID string `json:"controller_id"` ControllerName string `json:"controller_name"` AgentID string `json:"agent_id"` AgentName string `json:"agent_name"` WorkloadID string `json:"workload_id"` WorkloadName string `json:"workload_name"` ReportedAt time.Time `json:"reported_at"` User string `json:"user"` UserRoles map[string]string `json:"user_roles"` UserAddr string `json:"user_addr"` UserSession string `json:"user_session"` RESTMethod string `json:"rest_method,omitempty"` RESTRequest string `json:"rest_request,omitempty"` RESTBody string `json:"rest_body,omitempty"` EnforcerLimit int `json:"enforcer_limit,omitempty"` LicenseExpire time.Time `json:"license_expire,omitempty"` Msg string `json:"message"` }
type CLUSFedAdmCtrlRulesData ¶
type CLUSFedAdmCtrlRulesData struct { Revision uint64 `json:"revision"` Rules map[string]*CLUSAdmissionRules `json:"rules"` // key is fed rules type }
type CLUSFedClusterStatus ¶
type CLUSFedClusterStatus struct {
Status int `json:"status"` // status of a joint cluster
}
type CLUSFedDoPingPoll ¶
type CLUSFedFileMonitorData ¶
type CLUSFedFileMonitorData struct { Revision uint64 `json:"revision"` Profiles []*CLUSFileMonitorProfile `json:"profiles"` AccessRules []*CLUSFileAccessRule `json:"access_rules"` }
type CLUSFedGroupsData ¶
type CLUSFedJoinedClusterList ¶
type CLUSFedJoinedClusterList struct {
IDs []string `json:"ids,omitempty"` // all non-master clusters' id in the federation
}
type CLUSFedJointClusterInfo ¶
type CLUSFedJointClusterInfo struct { Disabled bool `json:"disabled"` Name string `json:"name"` ID string `json:"id"` Secret string `json:"secret,cloak"` // generated by joint cluster befor joining federation ClientKey string `json:"client_key,cloak"` // base64 encoded ClientCert string `json:"client_cert,cloak"` // base64 encoded User string `json:"user,omitempty"` // the user who joins this cluster to federation RestInfo CLUSRestServerInfo `json:"rest_info"` ProxyRequired bool `json:"proxy_required"` // a joint cluster may be reachable without proxy even master cluster is configured to use proxy. decided when it joins fed }
type CLUSFedMasterClusterInfo ¶
type CLUSFedMasterClusterInfo struct { Disabled bool `json:"disabled"` Name string `json:"name"` ID string `json:"id"` Secret string `json:"secret,cloak"` // used for encryoting/decrypting join_ticket issued by the master cluster CACert string `json:"ca_cert,cloak"` // base64 encoded User string `json:"user,omitempty"` // the user who promotes this cluster to master cluster in federation RestInfo CLUSRestServerInfo `json:"rest_info"` }
type CLUSFedMembership ¶
type CLUSFedMembership struct { FedRole string `json:"fed_role"` // "", "master" or "joint" PingInterval uint32 `json:"ping_interval,omitempty"` // in minute, for master cluster to ping joing clusters PollInterval uint32 `json:"poll_interval,omitempty"` // in minute, for joint clusters to poll master cluster LocalRestInfo CLUSRestServerInfo `json:"local_rest_info"` // meaningful when the role is "" MasterCluster CLUSFedMasterClusterInfo `json:"master_cluster,omitempty"` // meaningful when the role is "master" or "joint" JointCluster CLUSFedJointClusterInfo `json:"joint_cluster,omitempty"` // meaningful when the role is "joint" PendingDismiss bool `json:"pending_dismiss"` // set to true when the cluster is demoted/kicked & leaves fed. set to false when the fed rules cleanup is done PendingDismissAt time.Time `json:"pending_dismiss_at"` UseProxy string `json:"use_proxy"` // http / https }
func (*CLUSFedMembership) GetDomain ¶
func (o *CLUSFedMembership) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSFedNetworkRulesData ¶
type CLUSFedNetworkRulesData struct { Revision uint64 `json:"revision"` Rules []*CLUSPolicyRule `json:"rules"` RuleHeads []*CLUSRuleHead `json:"rule_heads"` }
type CLUSFedProcessProfileData ¶
type CLUSFedProcessProfileData struct { Revision uint64 `json:"revision"` Profiles []*CLUSProcessProfile `json:"profiles"` }
type CLUSFedResponseRulesData ¶
type CLUSFedResponseRulesData struct { Revision uint64 `json:"revision"` Rules map[uint32]*CLUSResponseRule `json:"rules"` RuleHeads []*CLUSRuleHead `json:"rule_heads"` }
type CLUSFedRulesRevision ¶
type CLUSFedRulesRevision struct {
Revisions map[string]uint64 `json:"revisions"` // key is fed rules type, value is revision
}
fed ruleTypes' revision data. stored under object/config/federation/rules_revision
func CLUSEmptyFedRulesRevision ¶
func CLUSEmptyFedRulesRevision() *CLUSFedRulesRevision
type CLUSFedSystemConfigData ¶
type CLUSFedSystemConfigData struct { Revision uint64 `json:"revision"` SystemConfig *CLUSSystemConfig `json:"system_config"` }
type CLUSFileAccessRule ¶
type CLUSFileAccessRule struct { Group string Filters map[string]*CLUSFileAccessFilterRule `json:"filters"` FiltersCRD map[string]*CLUSFileAccessFilterRule `json:"filters_crd"` }
type CLUSFileAccessRuleArray ¶
type CLUSFileAccessRuleArray struct {
Rules []*CLUSFileAccessRuleReq `protobuf:"bytes,1,rep,name=Rules" json:"Rules,omitempty"`
}
func (*CLUSFileAccessRuleArray) Descriptor ¶
func (*CLUSFileAccessRuleArray) Descriptor() ([]byte, []int)
func (*CLUSFileAccessRuleArray) GetRules ¶
func (m *CLUSFileAccessRuleArray) GetRules() []*CLUSFileAccessRuleReq
func (*CLUSFileAccessRuleArray) ProtoMessage ¶
func (*CLUSFileAccessRuleArray) ProtoMessage()
func (*CLUSFileAccessRuleArray) Reset ¶
func (m *CLUSFileAccessRuleArray) Reset()
func (*CLUSFileAccessRuleArray) String ¶
func (m *CLUSFileAccessRuleArray) String() string
type CLUSFileAccessRuleReq ¶
type CLUSFileAccessRuleReq struct { GroupName string `protobuf:"bytes,1,opt,name=GroupName" json:"GroupName,omitempty"` Filter string `protobuf:"bytes,2,opt,name=Filter" json:"Filter,omitempty"` Path string `protobuf:"bytes,3,opt,name=Path" json:"Path,omitempty"` }
func (*CLUSFileAccessRuleReq) Descriptor ¶
func (*CLUSFileAccessRuleReq) Descriptor() ([]byte, []int)
func (*CLUSFileAccessRuleReq) GetFilter ¶
func (m *CLUSFileAccessRuleReq) GetFilter() string
func (*CLUSFileAccessRuleReq) GetGroupName ¶
func (m *CLUSFileAccessRuleReq) GetGroupName() string
func (*CLUSFileAccessRuleReq) GetPath ¶
func (m *CLUSFileAccessRuleReq) GetPath() string
func (*CLUSFileAccessRuleReq) ProtoMessage ¶
func (*CLUSFileAccessRuleReq) ProtoMessage()
func (*CLUSFileAccessRuleReq) Reset ¶
func (m *CLUSFileAccessRuleReq) Reset()
func (*CLUSFileAccessRuleReq) String ¶
func (m *CLUSFileAccessRuleReq) String() string
type CLUSFileMonitorFile ¶
type CLUSFileMonitorFile struct { Path string `protobuf:"bytes,1,opt,name=Path" json:"Path,omitempty"` Mask uint64 `protobuf:"varint,2,opt,name=Mask" json:"Mask,omitempty"` IsDir bool `protobuf:"varint,3,opt,name=IsDir" json:"IsDir,omitempty"` Protect bool `protobuf:"varint,4,opt,name=Protect" json:"Protect,omitempty"` Files []string `protobuf:"bytes,5,rep,name=Files" json:"Files,omitempty"` }
func (*CLUSFileMonitorFile) Descriptor ¶
func (*CLUSFileMonitorFile) Descriptor() ([]byte, []int)
func (*CLUSFileMonitorFile) GetFiles ¶
func (m *CLUSFileMonitorFile) GetFiles() []string
func (*CLUSFileMonitorFile) GetIsDir ¶
func (m *CLUSFileMonitorFile) GetIsDir() bool
func (*CLUSFileMonitorFile) GetMask ¶
func (m *CLUSFileMonitorFile) GetMask() uint64
func (*CLUSFileMonitorFile) GetPath ¶
func (m *CLUSFileMonitorFile) GetPath() string
func (*CLUSFileMonitorFile) GetProtect ¶
func (m *CLUSFileMonitorFile) GetProtect() bool
func (*CLUSFileMonitorFile) ProtoMessage ¶
func (*CLUSFileMonitorFile) ProtoMessage()
func (*CLUSFileMonitorFile) Reset ¶
func (m *CLUSFileMonitorFile) Reset()
func (*CLUSFileMonitorFile) String ¶
func (m *CLUSFileMonitorFile) String() string
type CLUSFileMonitorFileArray ¶
type CLUSFileMonitorFileArray struct {
Files []*CLUSFileMonitorFile `protobuf:"bytes,1,rep,name=Files" json:"Files,omitempty"`
}
func (*CLUSFileMonitorFileArray) Descriptor ¶
func (*CLUSFileMonitorFileArray) Descriptor() ([]byte, []int)
func (*CLUSFileMonitorFileArray) GetFiles ¶
func (m *CLUSFileMonitorFileArray) GetFiles() []*CLUSFileMonitorFile
func (*CLUSFileMonitorFileArray) ProtoMessage ¶
func (*CLUSFileMonitorFileArray) ProtoMessage()
func (*CLUSFileMonitorFileArray) Reset ¶
func (m *CLUSFileMonitorFileArray) Reset()
func (*CLUSFileMonitorFileArray) String ¶
func (m *CLUSFileMonitorFileArray) String() string
type CLUSFileMonitorFilter ¶
type CLUSFileMonitorProfile ¶
type CLUSFileMonitorProfile struct { Group string Mode string CfgType TCfgType `json:"cfg_type"` Filters []CLUSFileMonitorFilter `json:"filters"` FiltersCRD []CLUSFileMonitorFilter `json:"filters_crd"` }
func (*CLUSFileMonitorProfile) GetDomain ¶
func (o *CLUSFileMonitorProfile) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSFilePacket ¶
type CLUSFilePacket struct { Data []byte `protobuf:"bytes,1,opt,name=Data,proto3" json:"Data,omitempty"` Name string `protobuf:"bytes,2,opt,name=Name" json:"Name,omitempty"` Len uint32 `protobuf:"varint,3,opt,name=Len" json:"Len,omitempty"` }
func (*CLUSFilePacket) Descriptor ¶
func (*CLUSFilePacket) Descriptor() ([]byte, []int)
func (*CLUSFilePacket) GetData ¶
func (m *CLUSFilePacket) GetData() []byte
func (*CLUSFilePacket) GetLen ¶
func (m *CLUSFilePacket) GetLen() uint32
func (*CLUSFilePacket) GetName ¶
func (m *CLUSFilePacket) GetName() string
func (*CLUSFilePacket) ProtoMessage ¶
func (*CLUSFilePacket) ProtoMessage()
func (*CLUSFilePacket) Reset ¶
func (m *CLUSFilePacket) Reset()
func (*CLUSFilePacket) String ¶
func (m *CLUSFilePacket) String() string
type CLUSFilter ¶
type CLUSFilter struct { Workload string `protobuf:"bytes,1,opt,name=Workload" json:"Workload,omitempty"` ID uint32 `protobuf:"varint,2,opt,name=ID" json:"ID,omitempty"` Start uint32 `protobuf:"varint,3,opt,name=Start" json:"Start,omitempty"` Limit uint32 `protobuf:"varint,4,opt,name=Limit" json:"Limit,omitempty"` }
func (*CLUSFilter) Descriptor ¶
func (*CLUSFilter) Descriptor() ([]byte, []int)
func (*CLUSFilter) GetID ¶
func (m *CLUSFilter) GetID() uint32
func (*CLUSFilter) GetLimit ¶
func (m *CLUSFilter) GetLimit() uint32
func (*CLUSFilter) GetStart ¶
func (m *CLUSFilter) GetStart() uint32
func (*CLUSFilter) GetWorkload ¶
func (m *CLUSFilter) GetWorkload() string
func (*CLUSFilter) ProtoMessage ¶
func (*CLUSFilter) ProtoMessage()
func (*CLUSFilter) Reset ¶
func (m *CLUSFilter) Reset()
func (*CLUSFilter) String ¶
func (m *CLUSFilter) String() string
type CLUSFqdnIp ¶
type CLUSGCRKey ¶
type CLUSGCRKey struct {
JsonKey string `json:"json_key,cloak"`
}
type CLUSGraphOps ¶
type CLUSGraphOps struct { From string `protobuf:"bytes,1,opt,name=From" json:"From,omitempty"` To string `protobuf:"bytes,2,opt,name=To" json:"To,omitempty"` Endpoint string `protobuf:"bytes,3,opt,name=Endpoint" json:"Endpoint,omitempty"` Alias string `protobuf:"bytes,4,opt,name=Alias" json:"Alias,omitempty"` }
func (*CLUSGraphOps) Descriptor ¶
func (*CLUSGraphOps) Descriptor() ([]byte, []int)
func (*CLUSGraphOps) GetAlias ¶
func (m *CLUSGraphOps) GetAlias() string
func (*CLUSGraphOps) GetEndpoint ¶
func (m *CLUSGraphOps) GetEndpoint() string
func (*CLUSGraphOps) GetFrom ¶
func (m *CLUSGraphOps) GetFrom() string
func (*CLUSGraphOps) GetTo ¶
func (m *CLUSGraphOps) GetTo() string
func (*CLUSGraphOps) ProtoMessage ¶
func (*CLUSGraphOps) ProtoMessage()
func (*CLUSGraphOps) Reset ¶
func (m *CLUSGraphOps) Reset()
func (*CLUSGraphOps) String ¶
func (m *CLUSGraphOps) String() string
type CLUSGroup ¶
type CLUSGroup struct { Name string `json:"name"` Comment string `json:"comment"` Learned_UNUSED bool `json:"learned"` Reserved bool `json:"reserved"` Criteria []CLUSCriteriaEntry `json:"criteria"` Domain string `json:"domain"` CreaterDomains []string `json:"creater_domains"` PolicyMode string `json:"policy_mode,omitempty"` ProfileMode string `json:"profile_mode,omitempty"` NotScored bool `json:"not_scored,omitempty"` Kind string `json:"kind,omitempty"` PlatformRole string `json:"platform_role"` CapIntcp bool `json:"cap_intcp"` CfgType TCfgType `json:"cfg_type"` }
type CLUSGroupIPPolicy ¶
type CLUSGroupIPPolicy struct { ID uint32 `json:"policy_id"` From []*CLUSWorkloadAddr `json:"from_addr"` To []*CLUSWorkloadAddr `json:"to_addr,omitempty"` Action uint8 `json:"action"` }
type CLUSGroupIPPolicyVer ¶
type CLUSHost ¶
type CLUSHost struct { ID string `json:"id"` Name string `json:"name"` Runtime string `json:"runtime"` Platform string `json:"platform"` Flavor string `json:"flavor"` // platform flavor Network string `json:"network"` RuntimeVer string `json:"runtime_version"` RuntimeAPIVer string `json:"runtime_api_version"` OS string `json:"os"` Kernel string `json:"kernel"` CPUs int64 `json:"cpus"` Memory int64 `json:"memory"` Ifaces map[string][]CLUSIPAddr `json:"interfaces"` TunnelIP []net.IPNet `json:"tunnel_ips"` CapDockerBench bool `json:"cap_docker_bench"` CapKubeBench bool `json:"cap_kube_bench"` StorageDriver string `json:"storage_driver"` CgroupVersion int `json:"cgroup_version"` }
type CLUSIBMSAConfig ¶
type CLUSIBMSAConfig struct { AccountID string `json:"accountID,cloak"` APIKey string `json:"apikey,cloak"` ProviderID string `json:"providerId,cloak"` // service-id FindingsURL string `json:"findingsURL"` TokenURL string `json:"tokenURL"` }
func (*CLUSIBMSAConfig) GetDomain ¶
func (o *CLUSIBMSAConfig) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSIBMSAConfigNV ¶
type CLUSIBMSAOnboardData ¶
type CLUSIPAddr ¶
type CLUSIPPort ¶
type CLUSImage ¶
type CLUSImportTask ¶
type CLUSImportTask struct { TID string `json:"tid"` ImportType string `json:"import_type"` CtrlerID string `json:"ctrler_id"` TempFilename string `json:"temp_filename"` Status string `json:"status"` Percentage int `json:"percentage"` TotalLines int `json:"total_lines"` LastUpdateTime time.Time `json:"last_update_time"` CallerFullname string `json:"caller_fullname"` CallerRemote string `json:"caller_remote"` CallerID string `json:"caller_id"` }
type CLUSIncidentLog ¶
type CLUSIncidentLog struct { LogUID string `json:"log_uid"` ID TLogIncident `json:"id"` HostID string `json:"host_id"` HostName string `json:"host_name"` AgentID string `json:"agent_id"` AgentName string `json:"agent_name"` WorkloadID string `json:"workload_id"` WorkloadName string `json:"workload_name"` ReportedAt time.Time `json:"reported_at"` ProcName string `json:"process_name,omitempty"` ProcPath string `json:"process_path,omitempty"` ProcCmds []string `json:"process_cmd,omitempty"` ProcRealUID int `json:"proc_real_uid,omitempty"` ProcEffUID int `json:"proc_eff_uid,omitempty"` ProcRealUser string `json:"proc_real_user,omitempty"` ProcEffUser string `json:"proc_eff_user,omitempty"` FilePath string `json:"file_path,omitempty"` Files []string `json:"file_name,omitempty"` LocalIP net.IP `json:"local_ip,omitempty"` RemoteIP net.IP `json:"remote_ip,omitempty"` EtherType uint16 `json:"ether_type"` LocalPort uint16 `json:"local_port,omitempty"` RemotePort uint16 `json:"remote_port,omitempty"` IPProto uint8 `json:"ip_proto,omitempty"` ConnIngress bool `json:"conn_ingress"` LocalPeer bool `json:"local_peer"` ProcPName string `json:"process_parent_name,omitempty"` ProcPPath string `json:"process_parent_path,omitempty"` Count int `json:"count,omitempty"` StartAt time.Time `json:"start_at,omitempty"` Action string `json:"action"` RuleID string `json:"rule_id"` Group string `json:"group"` Msg string `json:"message"` }
type CLUSKick ¶
type CLUSKick struct { CtrlID string `protobuf:"bytes,1,opt,name=CtrlID" json:"CtrlID,omitempty"` Reason string `protobuf:"bytes,2,opt,name=Reason" json:"Reason,omitempty"` }
func (*CLUSKick) Descriptor ¶
func (*CLUSKick) ProtoMessage ¶
func (*CLUSKick) ProtoMessage()
type CLUSKickLoginSessionsRequest ¶
type CLUSKickLoginSessionsRequest struct { CtrlerID string `protobuf:"bytes,1,opt,name=CtrlerID" json:"CtrlerID,omitempty"` Type KickLoginSessionsType `protobuf:"varint,2,opt,name=Type,enum=share.KickLoginSessionsType" json:"Type,omitempty"` Server string `protobuf:"bytes,3,opt,name=Server" json:"Server,omitempty"` UserFullname string `protobuf:"bytes,4,opt,name=UserFullname" json:"UserFullname,omitempty"` UserServer string `protobuf:"bytes,5,opt,name=UserServer" json:"UserServer,omitempty"` UserName string `protobuf:"bytes,6,opt,name=UserName" json:"UserName,omitempty"` }
func (*CLUSKickLoginSessionsRequest) Descriptor ¶
func (*CLUSKickLoginSessionsRequest) Descriptor() ([]byte, []int)
func (*CLUSKickLoginSessionsRequest) GetCtrlerID ¶
func (m *CLUSKickLoginSessionsRequest) GetCtrlerID() string
func (*CLUSKickLoginSessionsRequest) GetServer ¶
func (m *CLUSKickLoginSessionsRequest) GetServer() string
func (*CLUSKickLoginSessionsRequest) GetType ¶
func (m *CLUSKickLoginSessionsRequest) GetType() KickLoginSessionsType
func (*CLUSKickLoginSessionsRequest) GetUserFullname ¶
func (m *CLUSKickLoginSessionsRequest) GetUserFullname() string
func (*CLUSKickLoginSessionsRequest) GetUserName ¶
func (m *CLUSKickLoginSessionsRequest) GetUserName() string
func (*CLUSKickLoginSessionsRequest) GetUserServer ¶
func (m *CLUSKickLoginSessionsRequest) GetUserServer() string
func (*CLUSKickLoginSessionsRequest) ProtoMessage ¶
func (*CLUSKickLoginSessionsRequest) ProtoMessage()
func (*CLUSKickLoginSessionsRequest) Reset ¶
func (m *CLUSKickLoginSessionsRequest) Reset()
func (*CLUSKickLoginSessionsRequest) String ¶
func (m *CLUSKickLoginSessionsRequest) String() string
type CLUSLogFilter ¶
type CLUSLogFilter struct {
Tail int `json:"tail"`
}
type CLUSLoginTokenInfo ¶
type CLUSLoginTokenInfo struct { CtrlerID string `protobuf:"bytes,1,opt,name=CtrlerID" json:"CtrlerID,omitempty"` LoginID string `protobuf:"bytes,2,opt,name=LoginID" json:"LoginID,omitempty"` UserFullname string `protobuf:"bytes,3,opt,name=UserFullname" json:"UserFullname,omitempty"` LoginToken string `protobuf:"bytes,4,opt,name=LoginToken" json:"LoginToken,omitempty"` }
func (*CLUSLoginTokenInfo) Descriptor ¶
func (*CLUSLoginTokenInfo) Descriptor() ([]byte, []int)
func (*CLUSLoginTokenInfo) GetCtrlerID ¶
func (m *CLUSLoginTokenInfo) GetCtrlerID() string
func (*CLUSLoginTokenInfo) GetLoginID ¶
func (m *CLUSLoginTokenInfo) GetLoginID() string
func (*CLUSLoginTokenInfo) GetLoginToken ¶
func (m *CLUSLoginTokenInfo) GetLoginToken() string
func (*CLUSLoginTokenInfo) GetUserFullname ¶
func (m *CLUSLoginTokenInfo) GetUserFullname() string
func (*CLUSLoginTokenInfo) ProtoMessage ¶
func (*CLUSLoginTokenInfo) ProtoMessage()
func (*CLUSLoginTokenInfo) Reset ¶
func (m *CLUSLoginTokenInfo) Reset()
func (*CLUSLoginTokenInfo) String ¶
func (m *CLUSLoginTokenInfo) String() string
type CLUSMappedPort ¶
type CLUSMappedPort struct { CLUSProtoPort HostIP net.IP `json:"host_ip"` HostPort uint16 `json:"host_port"` }
type CLUSMeter ¶
type CLUSMeter struct { MeterID uint32 `protobuf:"varint,1,opt,name=MeterID" json:"MeterID,omitempty"` Workload string `protobuf:"bytes,2,opt,name=Workload" json:"Workload,omitempty"` PeerIP []byte `protobuf:"bytes,3,opt,name=PeerIP,proto3" json:"PeerIP,omitempty"` Count uint32 `protobuf:"varint,4,opt,name=Count" json:"Count,omitempty"` LastCount uint32 `protobuf:"varint,5,opt,name=LastCount" json:"LastCount,omitempty"` Idle uint32 `protobuf:"varint,6,opt,name=Idle" json:"Idle,omitempty"` Span uint32 `protobuf:"varint,7,opt,name=Span" json:"Span,omitempty"` UpperLimit uint32 `protobuf:"varint,8,opt,name=UpperLimit" json:"UpperLimit,omitempty"` LowerLimit uint32 `protobuf:"varint,9,opt,name=LowerLimit" json:"LowerLimit,omitempty"` Tap bool `protobuf:"varint,10,opt,name=Tap" json:"Tap,omitempty"` }
func (*CLUSMeter) Descriptor ¶
func (*CLUSMeter) GetLastCount ¶
func (*CLUSMeter) GetLowerLimit ¶
func (*CLUSMeter) GetMeterID ¶
func (*CLUSMeter) GetUpperLimit ¶
func (*CLUSMeter) GetWorkload ¶
func (*CLUSMeter) ProtoMessage ¶
func (*CLUSMeter) ProtoMessage()
type CLUSMeterArray ¶
type CLUSMeterArray struct {
Meters []*CLUSMeter `protobuf:"bytes,1,rep,name=Meters" json:"Meters,omitempty"`
}
func (*CLUSMeterArray) Descriptor ¶
func (*CLUSMeterArray) Descriptor() ([]byte, []int)
func (*CLUSMeterArray) GetMeters ¶
func (m *CLUSMeterArray) GetMeters() []*CLUSMeter
func (*CLUSMeterArray) ProtoMessage ¶
func (*CLUSMeterArray) ProtoMessage()
func (*CLUSMeterArray) Reset ¶
func (m *CLUSMeterArray) Reset()
func (*CLUSMeterArray) String ¶
func (m *CLUSMeterArray) String() string
type CLUSMetry ¶
type CLUSMetry struct { CPU float64 `protobuf:"fixed64,1,opt,name=CPU" json:"CPU,omitempty"` Memory uint64 `protobuf:"varint,2,opt,name=Memory" json:"Memory,omitempty"` SessionIn uint32 `protobuf:"varint,3,opt,name=SessionIn" json:"SessionIn,omitempty"` SessionOut uint32 `protobuf:"varint,4,opt,name=SessionOut" json:"SessionOut,omitempty"` SessionCurIn uint32 `protobuf:"varint,5,opt,name=SessionCurIn" json:"SessionCurIn,omitempty"` SessionCurOut uint32 `protobuf:"varint,6,opt,name=SessionCurOut" json:"SessionCurOut,omitempty"` PacketIn uint64 `protobuf:"varint,7,opt,name=PacketIn" json:"PacketIn,omitempty"` PacketOut uint64 `protobuf:"varint,8,opt,name=PacketOut" json:"PacketOut,omitempty"` ByteIn uint64 `protobuf:"varint,9,opt,name=ByteIn" json:"ByteIn,omitempty"` ByteOut uint64 `protobuf:"varint,10,opt,name=ByteOut" json:"ByteOut,omitempty"` }
func (*CLUSMetry) Descriptor ¶
func (*CLUSMetry) GetByteOut ¶
func (*CLUSMetry) GetPacketIn ¶
func (*CLUSMetry) GetPacketOut ¶
func (*CLUSMetry) GetSessionCurIn ¶
func (*CLUSMetry) GetSessionCurOut ¶
func (*CLUSMetry) GetSessionIn ¶
func (*CLUSMetry) GetSessionOut ¶
func (*CLUSMetry) ProtoMessage ¶
func (*CLUSMetry) ProtoMessage()
type CLUSNetworkEP ¶
type CLUSPolicyRule ¶
type CLUSPolicyRule struct { ID uint32 `json:"id"` Comment string `json:"comment"` From string `json:"from"` // group name To string `json:"to"` // group name FromHost string `json:"from_host"` ToHost string `json:"to_host"` Ports string `json:"ports"` // free-style port list Applications []uint32 `json:"applications"` Action string `json:"action"` Learned_UNUSED bool `json:"learned"` Disable bool `json:"Disable"` CreatedAt time.Time `json:"created_at"` LastModAt time.Time `json:"last_modified_at"` CfgType TCfgType `json:"cfg_type"` Priority uint32 `json:"priority"` }
func (*CLUSPolicyRule) GetDomain ¶
func (o *CLUSPolicyRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSPolicyRuleCheck ¶
type CLUSPolicyRuleCheck struct { ID uint32 `protobuf:"varint,1,opt,name=ID" json:"ID,omitempty"` From string `protobuf:"bytes,2,opt,name=From" json:"From,omitempty"` To string `protobuf:"bytes,3,opt,name=To" json:"To,omitempty"` Ports string `protobuf:"bytes,4,opt,name=Ports" json:"Ports,omitempty"` Applications []uint32 `protobuf:"varint,5,rep,packed,name=Applications" json:"Applications,omitempty"` Learned bool `protobuf:"varint,6,opt,name=Learned" json:"Learned,omitempty"` Disabled bool `protobuf:"varint,7,opt,name=Disabled" json:"Disabled,omitempty"` CreatedTS int64 `protobuf:"varint,8,opt,name=CreatedTS" json:"CreatedTS,omitempty"` LastModTS int64 `protobuf:"varint,9,opt,name=LastModTS" json:"LastModTS,omitempty"` }
func (*CLUSPolicyRuleCheck) Descriptor ¶
func (*CLUSPolicyRuleCheck) Descriptor() ([]byte, []int)
func (*CLUSPolicyRuleCheck) GetApplications ¶
func (m *CLUSPolicyRuleCheck) GetApplications() []uint32
func (*CLUSPolicyRuleCheck) GetCreatedTS ¶
func (m *CLUSPolicyRuleCheck) GetCreatedTS() int64
func (*CLUSPolicyRuleCheck) GetDisabled ¶
func (m *CLUSPolicyRuleCheck) GetDisabled() bool
func (*CLUSPolicyRuleCheck) GetFrom ¶
func (m *CLUSPolicyRuleCheck) GetFrom() string
func (*CLUSPolicyRuleCheck) GetID ¶
func (m *CLUSPolicyRuleCheck) GetID() uint32
func (*CLUSPolicyRuleCheck) GetLastModTS ¶
func (m *CLUSPolicyRuleCheck) GetLastModTS() int64
func (*CLUSPolicyRuleCheck) GetLearned ¶
func (m *CLUSPolicyRuleCheck) GetLearned() bool
func (*CLUSPolicyRuleCheck) GetPorts ¶
func (m *CLUSPolicyRuleCheck) GetPorts() string
func (*CLUSPolicyRuleCheck) GetTo ¶
func (m *CLUSPolicyRuleCheck) GetTo() string
func (*CLUSPolicyRuleCheck) ProtoMessage ¶
func (*CLUSPolicyRuleCheck) ProtoMessage()
func (*CLUSPolicyRuleCheck) Reset ¶
func (m *CLUSPolicyRuleCheck) Reset()
func (*CLUSPolicyRuleCheck) String ¶
func (m *CLUSPolicyRuleCheck) String() string
type CLUSPolicyRuleMismatch ¶
type CLUSPolicyRuleMismatch struct { ClusterRule *CLUSPolicyRuleCheck `protobuf:"bytes,1,opt,name=ClusterRule" json:"ClusterRule,omitempty"` LearnedRule *CLUSPolicyRuleCheck `protobuf:"bytes,2,opt,name=LearnedRule" json:"LearnedRule,omitempty"` }
func (*CLUSPolicyRuleMismatch) Descriptor ¶
func (*CLUSPolicyRuleMismatch) Descriptor() ([]byte, []int)
func (*CLUSPolicyRuleMismatch) GetClusterRule ¶
func (m *CLUSPolicyRuleMismatch) GetClusterRule() *CLUSPolicyRuleCheck
func (*CLUSPolicyRuleMismatch) GetLearnedRule ¶
func (m *CLUSPolicyRuleMismatch) GetLearnedRule() *CLUSPolicyRuleCheck
func (*CLUSPolicyRuleMismatch) ProtoMessage ¶
func (*CLUSPolicyRuleMismatch) ProtoMessage()
func (*CLUSPolicyRuleMismatch) Reset ¶
func (m *CLUSPolicyRuleMismatch) Reset()
func (*CLUSPolicyRuleMismatch) String ¶
func (m *CLUSPolicyRuleMismatch) String() string
type CLUSPolicySyncStatus ¶
type CLUSPolicySyncStatus struct { Leader bool `protobuf:"varint,1,opt,name=Leader" json:"Leader,omitempty"` GraphNodeCount uint32 `protobuf:"varint,2,opt,name=GraphNodeCount" json:"GraphNodeCount,omitempty"` LearnedRuleMax uint32 `protobuf:"varint,3,opt,name=LearnedRuleMax" json:"LearnedRuleMax,omitempty"` Mismatches []*CLUSPolicyRuleMismatch `protobuf:"bytes,4,rep,name=Mismatches" json:"Mismatches,omitempty"` }
func (*CLUSPolicySyncStatus) Descriptor ¶
func (*CLUSPolicySyncStatus) Descriptor() ([]byte, []int)
func (*CLUSPolicySyncStatus) GetGraphNodeCount ¶
func (m *CLUSPolicySyncStatus) GetGraphNodeCount() uint32
func (*CLUSPolicySyncStatus) GetLeader ¶
func (m *CLUSPolicySyncStatus) GetLeader() bool
func (*CLUSPolicySyncStatus) GetLearnedRuleMax ¶
func (m *CLUSPolicySyncStatus) GetLearnedRuleMax() uint32
func (*CLUSPolicySyncStatus) GetMismatches ¶
func (m *CLUSPolicySyncStatus) GetMismatches() []*CLUSPolicyRuleMismatch
func (*CLUSPolicySyncStatus) ProtoMessage ¶
func (*CLUSPolicySyncStatus) ProtoMessage()
func (*CLUSPolicySyncStatus) Reset ¶
func (m *CLUSPolicySyncStatus) Reset()
func (*CLUSPolicySyncStatus) String ¶
func (m *CLUSPolicySyncStatus) String() string
type CLUSPortApp ¶
type CLUSProbeContainer ¶
type CLUSProbeContainer struct { Id string `protobuf:"bytes,1,opt,name=Id" json:"Id,omitempty"` Pid int32 `protobuf:"varint,2,opt,name=Pid" json:"Pid,omitempty"` Children []int32 `protobuf:"varint,3,rep,packed,name=Children" json:"Children,omitempty"` PortsMap string `protobuf:"bytes,4,opt,name=PortsMap" json:"PortsMap,omitempty"` }
func (*CLUSProbeContainer) Descriptor ¶
func (*CLUSProbeContainer) Descriptor() ([]byte, []int)
func (*CLUSProbeContainer) GetChildren ¶
func (m *CLUSProbeContainer) GetChildren() []int32
func (*CLUSProbeContainer) GetId ¶
func (m *CLUSProbeContainer) GetId() string
func (*CLUSProbeContainer) GetPid ¶
func (m *CLUSProbeContainer) GetPid() int32
func (*CLUSProbeContainer) GetPortsMap ¶
func (m *CLUSProbeContainer) GetPortsMap() string
func (*CLUSProbeContainer) ProtoMessage ¶
func (*CLUSProbeContainer) ProtoMessage()
func (*CLUSProbeContainer) Reset ¶
func (m *CLUSProbeContainer) Reset()
func (*CLUSProbeContainer) String ¶
func (m *CLUSProbeContainer) String() string
type CLUSProbeContainerArray ¶
type CLUSProbeContainerArray struct {
Containers []*CLUSProbeContainer `protobuf:"bytes,1,rep,name=Containers" json:"Containers,omitempty"`
}
func (*CLUSProbeContainerArray) Descriptor ¶
func (*CLUSProbeContainerArray) Descriptor() ([]byte, []int)
func (*CLUSProbeContainerArray) GetContainers ¶
func (m *CLUSProbeContainerArray) GetContainers() []*CLUSProbeContainer
func (*CLUSProbeContainerArray) ProtoMessage ¶
func (*CLUSProbeContainerArray) ProtoMessage()
func (*CLUSProbeContainerArray) Reset ¶
func (m *CLUSProbeContainerArray) Reset()
func (*CLUSProbeContainerArray) String ¶
func (m *CLUSProbeContainerArray) String() string
type CLUSProbeProcess ¶
type CLUSProbeProcess struct { Pid int32 `protobuf:"varint,1,opt,name=Pid" json:"Pid,omitempty"` Ppid int32 `protobuf:"varint,2,opt,name=Ppid" json:"Ppid,omitempty"` Name string `protobuf:"bytes,3,opt,name=Name" json:"Name,omitempty"` Ruid uint32 `protobuf:"varint,4,opt,name=Ruid" json:"Ruid,omitempty"` Euid uint32 `protobuf:"varint,5,opt,name=Euid" json:"Euid,omitempty"` ScanTimes uint32 `protobuf:"varint,6,opt,name=ScanTimes" json:"ScanTimes,omitempty"` StartTime uint64 `protobuf:"varint,7,opt,name=StartTime" json:"StartTime,omitempty"` Reported uint32 `protobuf:"varint,8,opt,name=Reported" json:"Reported,omitempty"` Container string `protobuf:"bytes,9,opt,name=Container" json:"Container,omitempty"` }
func (*CLUSProbeProcess) Descriptor ¶
func (*CLUSProbeProcess) Descriptor() ([]byte, []int)
func (*CLUSProbeProcess) GetContainer ¶
func (m *CLUSProbeProcess) GetContainer() string
func (*CLUSProbeProcess) GetEuid ¶
func (m *CLUSProbeProcess) GetEuid() uint32
func (*CLUSProbeProcess) GetName ¶
func (m *CLUSProbeProcess) GetName() string
func (*CLUSProbeProcess) GetPid ¶
func (m *CLUSProbeProcess) GetPid() int32
func (*CLUSProbeProcess) GetPpid ¶
func (m *CLUSProbeProcess) GetPpid() int32
func (*CLUSProbeProcess) GetReported ¶
func (m *CLUSProbeProcess) GetReported() uint32
func (*CLUSProbeProcess) GetRuid ¶
func (m *CLUSProbeProcess) GetRuid() uint32
func (*CLUSProbeProcess) GetScanTimes ¶
func (m *CLUSProbeProcess) GetScanTimes() uint32
func (*CLUSProbeProcess) GetStartTime ¶
func (m *CLUSProbeProcess) GetStartTime() uint64
func (*CLUSProbeProcess) ProtoMessage ¶
func (*CLUSProbeProcess) ProtoMessage()
func (*CLUSProbeProcess) Reset ¶
func (m *CLUSProbeProcess) Reset()
func (*CLUSProbeProcess) String ¶
func (m *CLUSProbeProcess) String() string
type CLUSProbeProcessArray ¶
type CLUSProbeProcessArray struct {
Processes []*CLUSProbeProcess `protobuf:"bytes,1,rep,name=Processes" json:"Processes,omitempty"`
}
func (*CLUSProbeProcessArray) Descriptor ¶
func (*CLUSProbeProcessArray) Descriptor() ([]byte, []int)
func (*CLUSProbeProcessArray) GetProcesses ¶
func (m *CLUSProbeProcessArray) GetProcesses() []*CLUSProbeProcess
func (*CLUSProbeProcessArray) ProtoMessage ¶
func (*CLUSProbeProcessArray) ProtoMessage()
func (*CLUSProbeProcessArray) Reset ¶
func (m *CLUSProbeProcessArray) Reset()
func (*CLUSProbeProcessArray) String ¶
func (m *CLUSProbeProcessArray) String() string
type CLUSProbeSummary ¶
type CLUSProbeSummary struct { ContainerMap uint32 `protobuf:"varint,1,opt,name=ContainerMap" json:"ContainerMap,omitempty"` PidContainerMap uint32 `protobuf:"varint,2,opt,name=PidContainerMap" json:"PidContainerMap,omitempty"` PidProcMap uint32 `protobuf:"varint,3,opt,name=PidProcMap" json:"PidProcMap,omitempty"` NewProcesses uint32 `protobuf:"varint,4,opt,name=NewProcesses" json:"NewProcesses,omitempty"` NewSuspicProc uint32 `protobuf:"varint,5,opt,name=NewSuspicProc" json:"NewSuspicProc,omitempty"` ContainerStops uint32 `protobuf:"varint,6,opt,name=ContainerStops" json:"ContainerStops,omitempty"` WLStorageWatch uint32 `protobuf:"varint,7,opt,name=WLStorageWatch" json:"WLStorageWatch,omitempty"` PidSet uint32 `protobuf:"varint,8,opt,name=PidSet" json:"PidSet,omitempty"` SessionTable uint32 `protobuf:"varint,9,opt,name=SessionTable" json:"SessionTable,omitempty"` InotifyWatches uint32 `protobuf:"varint,10,opt,name=InotifyWatches" json:"InotifyWatches,omitempty"` ProcBlockRoots uint32 `protobuf:"varint,11,opt,name=ProcBlockRoots" json:"ProcBlockRoots,omitempty"` ProcBlockMarks uint32 `protobuf:"varint,12,opt,name=ProcBlockMarks" json:"ProcBlockMarks,omitempty"` ProcBlockEntryCnt uint32 `protobuf:"varint,13,opt,name=ProcBlockEntryCnt" json:"ProcBlockEntryCnt,omitempty"` ProcBlockDirMonCnt uint32 `protobuf:"varint,14,opt,name=ProcBlockDirMonCnt" json:"ProcBlockDirMonCnt,omitempty"` FileMonEvents uint32 `protobuf:"varint,15,opt,name=FileMonEvents" json:"FileMonEvents,omitempty"` FileMonGroups uint32 `protobuf:"varint,16,opt,name=FileMonGroups" json:"FileMonGroups,omitempty"` FileMonFaRoots uint32 `protobuf:"varint,17,opt,name=FileMonFaRoots" json:"FileMonFaRoots,omitempty"` FileMonFaMntRoots uint32 `protobuf:"varint,18,opt,name=FileMonFaMntRoots" json:"FileMonFaMntRoots,omitempty"` FileMonFaDirMarks uint32 `protobuf:"varint,19,opt,name=FileMonFaDirMarks" json:"FileMonFaDirMarks,omitempty"` FileMonFaRules uint32 `protobuf:"varint,20,opt,name=FileMonFaRules" json:"FileMonFaRules,omitempty"` FileMonFaPaths uint32 `protobuf:"varint,21,opt,name=FileMonFaPaths" json:"FileMonFaPaths,omitempty"` FileMonFaDirs uint32 `protobuf:"varint,22,opt,name=FileMonFaDirs" json:"FileMonFaDirs,omitempty"` FileMonInWds uint32 `protobuf:"varint,23,opt,name=FileMonInWds" json:"FileMonInWds,omitempty"` FileMonInPaths uint32 `protobuf:"varint,24,opt,name=FileMonInPaths" json:"FileMonInPaths,omitempty"` FileMonInDirs uint32 `protobuf:"varint,25,opt,name=FileMonInDirs" json:"FileMonInDirs,omitempty"` MaxEvalChanQueued uint32 `protobuf:"varint,26,opt,name=MaxEvalChanQueued" json:"MaxEvalChanQueued,omitempty"` MaxGoroutines uint32 `protobuf:"varint,27,opt,name=MaxGoroutines" json:"MaxGoroutines,omitempty"` }
func (*CLUSProbeSummary) Descriptor ¶
func (*CLUSProbeSummary) Descriptor() ([]byte, []int)
func (*CLUSProbeSummary) GetContainerMap ¶
func (m *CLUSProbeSummary) GetContainerMap() uint32
func (*CLUSProbeSummary) GetContainerStops ¶
func (m *CLUSProbeSummary) GetContainerStops() uint32
func (*CLUSProbeSummary) GetFileMonEvents ¶
func (m *CLUSProbeSummary) GetFileMonEvents() uint32
func (*CLUSProbeSummary) GetFileMonFaDirMarks ¶
func (m *CLUSProbeSummary) GetFileMonFaDirMarks() uint32
func (*CLUSProbeSummary) GetFileMonFaDirs ¶
func (m *CLUSProbeSummary) GetFileMonFaDirs() uint32
func (*CLUSProbeSummary) GetFileMonFaMntRoots ¶
func (m *CLUSProbeSummary) GetFileMonFaMntRoots() uint32
func (*CLUSProbeSummary) GetFileMonFaPaths ¶
func (m *CLUSProbeSummary) GetFileMonFaPaths() uint32
func (*CLUSProbeSummary) GetFileMonFaRoots ¶
func (m *CLUSProbeSummary) GetFileMonFaRoots() uint32
func (*CLUSProbeSummary) GetFileMonFaRules ¶
func (m *CLUSProbeSummary) GetFileMonFaRules() uint32
func (*CLUSProbeSummary) GetFileMonGroups ¶
func (m *CLUSProbeSummary) GetFileMonGroups() uint32
func (*CLUSProbeSummary) GetFileMonInDirs ¶
func (m *CLUSProbeSummary) GetFileMonInDirs() uint32
func (*CLUSProbeSummary) GetFileMonInPaths ¶
func (m *CLUSProbeSummary) GetFileMonInPaths() uint32
func (*CLUSProbeSummary) GetFileMonInWds ¶
func (m *CLUSProbeSummary) GetFileMonInWds() uint32
func (*CLUSProbeSummary) GetInotifyWatches ¶
func (m *CLUSProbeSummary) GetInotifyWatches() uint32
func (*CLUSProbeSummary) GetMaxEvalChanQueued ¶
func (m *CLUSProbeSummary) GetMaxEvalChanQueued() uint32
func (*CLUSProbeSummary) GetMaxGoroutines ¶
func (m *CLUSProbeSummary) GetMaxGoroutines() uint32
func (*CLUSProbeSummary) GetNewProcesses ¶
func (m *CLUSProbeSummary) GetNewProcesses() uint32
func (*CLUSProbeSummary) GetNewSuspicProc ¶
func (m *CLUSProbeSummary) GetNewSuspicProc() uint32
func (*CLUSProbeSummary) GetPidContainerMap ¶
func (m *CLUSProbeSummary) GetPidContainerMap() uint32
func (*CLUSProbeSummary) GetPidProcMap ¶
func (m *CLUSProbeSummary) GetPidProcMap() uint32
func (*CLUSProbeSummary) GetPidSet ¶
func (m *CLUSProbeSummary) GetPidSet() uint32
func (*CLUSProbeSummary) GetProcBlockDirMonCnt ¶
func (m *CLUSProbeSummary) GetProcBlockDirMonCnt() uint32
func (*CLUSProbeSummary) GetProcBlockEntryCnt ¶
func (m *CLUSProbeSummary) GetProcBlockEntryCnt() uint32
func (*CLUSProbeSummary) GetProcBlockMarks ¶
func (m *CLUSProbeSummary) GetProcBlockMarks() uint32
func (*CLUSProbeSummary) GetProcBlockRoots ¶
func (m *CLUSProbeSummary) GetProcBlockRoots() uint32
func (*CLUSProbeSummary) GetSessionTable ¶
func (m *CLUSProbeSummary) GetSessionTable() uint32
func (*CLUSProbeSummary) GetWLStorageWatch ¶
func (m *CLUSProbeSummary) GetWLStorageWatch() uint32
func (*CLUSProbeSummary) ProtoMessage ¶
func (*CLUSProbeSummary) ProtoMessage()
func (*CLUSProbeSummary) Reset ¶
func (m *CLUSProbeSummary) Reset()
func (*CLUSProbeSummary) String ¶
func (m *CLUSProbeSummary) String() string
type CLUSProcProfileArray ¶
type CLUSProcProfileArray struct {
Processes []*CLUSProcProfileReq `protobuf:"bytes,1,rep,name=Processes" json:"Processes,omitempty"`
}
func (*CLUSProcProfileArray) Descriptor ¶
func (*CLUSProcProfileArray) Descriptor() ([]byte, []int)
func (*CLUSProcProfileArray) GetProcesses ¶
func (m *CLUSProcProfileArray) GetProcesses() []*CLUSProcProfileReq
func (*CLUSProcProfileArray) ProtoMessage ¶
func (*CLUSProcProfileArray) ProtoMessage()
func (*CLUSProcProfileArray) Reset ¶
func (m *CLUSProcProfileArray) Reset()
func (*CLUSProcProfileArray) String ¶
func (m *CLUSProcProfileArray) String() string
type CLUSProcProfileReq ¶
type CLUSProcProfileReq struct { GroupName string `protobuf:"bytes,1,opt,name=GroupName" json:"GroupName,omitempty"` Name string `protobuf:"bytes,2,opt,name=Name" json:"Name,omitempty"` Path string `protobuf:"bytes,3,opt,name=Path" json:"Path,omitempty"` User string `protobuf:"bytes,4,opt,name=User" json:"User,omitempty"` Uid int32 `protobuf:"varint,5,opt,name=Uid" json:"Uid,omitempty"` Hash []byte `protobuf:"bytes,6,opt,name=Hash,proto3" json:"Hash,omitempty"` Action string `protobuf:"bytes,7,opt,name=Action" json:"Action,omitempty"` }
func (*CLUSProcProfileReq) Descriptor ¶
func (*CLUSProcProfileReq) Descriptor() ([]byte, []int)
func (*CLUSProcProfileReq) GetAction ¶
func (m *CLUSProcProfileReq) GetAction() string
func (*CLUSProcProfileReq) GetGroupName ¶
func (m *CLUSProcProfileReq) GetGroupName() string
func (*CLUSProcProfileReq) GetHash ¶
func (m *CLUSProcProfileReq) GetHash() []byte
func (*CLUSProcProfileReq) GetName ¶
func (m *CLUSProcProfileReq) GetName() string
func (*CLUSProcProfileReq) GetPath ¶
func (m *CLUSProcProfileReq) GetPath() string
func (*CLUSProcProfileReq) GetUid ¶
func (m *CLUSProcProfileReq) GetUid() int32
func (*CLUSProcProfileReq) GetUser ¶
func (m *CLUSProcProfileReq) GetUser() string
func (*CLUSProcProfileReq) ProtoMessage ¶
func (*CLUSProcProfileReq) ProtoMessage()
func (*CLUSProcProfileReq) Reset ¶
func (m *CLUSProcProfileReq) Reset()
func (*CLUSProcProfileReq) String ¶
func (m *CLUSProcProfileReq) String() string
type CLUSProcess ¶
type CLUSProcess struct { Name string `protobuf:"bytes,1,opt,name=Name" json:"Name,omitempty"` Pid uint32 `protobuf:"varint,2,opt,name=Pid" json:"Pid,omitempty"` PPid uint32 `protobuf:"varint,3,opt,name=PPid" json:"PPid,omitempty"` PGid uint32 `protobuf:"varint,4,opt,name=PGid" json:"PGid,omitempty"` PSid uint32 `protobuf:"varint,5,opt,name=PSid" json:"PSid,omitempty"` RUid uint32 `protobuf:"varint,6,opt,name=RUid" json:"RUid,omitempty"` EUid uint32 `protobuf:"varint,7,opt,name=EUid" json:"EUid,omitempty"` Cmds []string `protobuf:"bytes,8,rep,name=Cmds" json:"Cmds,omitempty"` Root bool `protobuf:"varint,9,opt,name=Root" json:"Root,omitempty"` User string `protobuf:"bytes,10,opt,name=User" json:"User,omitempty"` Status string `protobuf:"bytes,11,opt,name=Status" json:"Status,omitempty"` StartAt int64 `protobuf:"varint,12,opt,name=StartAt" json:"StartAt,omitempty"` Action string `protobuf:"bytes,13,opt,name=Action" json:"Action,omitempty"` }
func (*CLUSProcess) Descriptor ¶
func (*CLUSProcess) Descriptor() ([]byte, []int)
func (*CLUSProcess) GetAction ¶
func (m *CLUSProcess) GetAction() string
func (*CLUSProcess) GetCmds ¶
func (m *CLUSProcess) GetCmds() []string
func (*CLUSProcess) GetEUid ¶
func (m *CLUSProcess) GetEUid() uint32
func (*CLUSProcess) GetName ¶
func (m *CLUSProcess) GetName() string
func (*CLUSProcess) GetPGid ¶
func (m *CLUSProcess) GetPGid() uint32
func (*CLUSProcess) GetPPid ¶
func (m *CLUSProcess) GetPPid() uint32
func (*CLUSProcess) GetPSid ¶
func (m *CLUSProcess) GetPSid() uint32
func (*CLUSProcess) GetPid ¶
func (m *CLUSProcess) GetPid() uint32
func (*CLUSProcess) GetRUid ¶
func (m *CLUSProcess) GetRUid() uint32
func (*CLUSProcess) GetRoot ¶
func (m *CLUSProcess) GetRoot() bool
func (*CLUSProcess) GetStartAt ¶
func (m *CLUSProcess) GetStartAt() int64
func (*CLUSProcess) GetStatus ¶
func (m *CLUSProcess) GetStatus() string
func (*CLUSProcess) GetUser ¶
func (m *CLUSProcess) GetUser() string
func (*CLUSProcess) ProtoMessage ¶
func (*CLUSProcess) ProtoMessage()
func (*CLUSProcess) Reset ¶
func (m *CLUSProcess) Reset()
func (*CLUSProcess) String ¶
func (m *CLUSProcess) String() string
type CLUSProcessArray ¶
type CLUSProcessArray struct {
Processes []*CLUSProcess `protobuf:"bytes,1,rep,name=Processes" json:"Processes,omitempty"`
}
func (*CLUSProcessArray) Descriptor ¶
func (*CLUSProcessArray) Descriptor() ([]byte, []int)
func (*CLUSProcessArray) GetProcesses ¶
func (m *CLUSProcessArray) GetProcesses() []*CLUSProcess
func (*CLUSProcessArray) ProtoMessage ¶
func (*CLUSProcessArray) ProtoMessage()
func (*CLUSProcessArray) Reset ¶
func (m *CLUSProcessArray) Reset()
func (*CLUSProcessArray) String ¶
func (m *CLUSProcessArray) String() string
type CLUSProcessProfile ¶
type CLUSProcessProfile struct { Group string `json:"group"` AlertDisable bool `json:"alert_disabled"` HashEnable bool `json:"hash_enabled"` Mode string `json:"mode"` Baseline string `json:"baseline"` Process []*CLUSProcessProfileEntry `json:"process"` CfgType TCfgType `json:"cfg_type"` }
func (*CLUSProcessProfile) GetDomain ¶
func (o *CLUSProcessProfile) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSProcessProfileEntry ¶
type CLUSProcessProfileEntry struct { Name string `json:"name"` Path string `json:"path"` User string `json:"user"` Uid int32 `json:"uid"` Hash []byte `json:"hash"` Action string `json:"action"` CfgType TCfgType `json:"cfg_type"` CreatedAt time.Time `json:"created_at"` UpdatedAt time.Time `json:"updated_at"` Uuid string `json:"uuid"` DerivedGroup string `json:"dgroup"` AllowFileUpdate bool `json:"allow_update"` }
type CLUSProfilingRequest ¶
type CLUSProfilingRequest struct { Cmd ProfilingCmd `protobuf:"varint,1,opt,name=Cmd,enum=share.ProfilingCmd" json:"Cmd,omitempty"` Methods []ProfilingMethod `protobuf:"varint,2,rep,packed,name=Methods,enum=share.ProfilingMethod" json:"Methods,omitempty"` Duration uint32 `protobuf:"varint,3,opt,name=Duration" json:"Duration,omitempty"` }
func (*CLUSProfilingRequest) Descriptor ¶
func (*CLUSProfilingRequest) Descriptor() ([]byte, []int)
func (*CLUSProfilingRequest) GetCmd ¶
func (m *CLUSProfilingRequest) GetCmd() ProfilingCmd
func (*CLUSProfilingRequest) GetDuration ¶
func (m *CLUSProfilingRequest) GetDuration() uint32
func (*CLUSProfilingRequest) GetMethods ¶
func (m *CLUSProfilingRequest) GetMethods() []ProfilingMethod
func (*CLUSProfilingRequest) ProtoMessage ¶
func (*CLUSProfilingRequest) ProtoMessage()
func (*CLUSProfilingRequest) Reset ¶
func (m *CLUSProfilingRequest) Reset()
func (*CLUSProfilingRequest) String ¶
func (m *CLUSProfilingRequest) String() string
type CLUSProtoPort ¶
type CLUSPwdProfile ¶
type CLUSPwdProfile struct { Name string `json:"name"` Comment string `json:"comment"` MinLen int `json:"min_len"` MinUpperCount int `json:"min_uppercase_count"` // for alphabet characters MinLowerCount int `json:"min_lowercase_count"` // for alphabet characters MinDigitCount int `json:"min_digit_count"` MinSpecialCount int `json:"min_special_count"` EnablePwdExpiration bool `json:"enable_password_expiration"` PwdExpireAfterDays int `json:"password_expire_after_days"` // must be > 0 when EnablePwdExpiration is true EnablePwdHistory bool `json:"enable_password_history"` PwdHistoryCount int `json:"password_keep_history_count"` EnableBlockAfterFailedLogin bool `json:"enable_block_after_failed_login"` // for "Block X minutes after N times failed attempts" BlockAfterFailedCount int `json:"block_after_failed_login_count"` // must be > 0 when EnableBlockAfterFailedLogin is true BlockMinutes int `json:"block_minutes"` // must be > 0 when EnableBlockAfterFailedLogin is true }
func (*CLUSPwdProfile) GetDomain ¶
func (o *CLUSPwdProfile) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSRegistryConfig ¶
type CLUSRegistryConfig struct { Registry string `json:"registry"` Name string `json:"name"` Type string `json:"type"` Username string `json:"username"` Password string `json:"password,cloak"` AuthToken string `json:"auth_token,cloak"` AuthWithToken bool `json:"auth_with_token"` Domains []string `json:"domains"` CreaterDomains []string `json:"creater_domains"` Filters []string `json:"filters"` ParsedFilters []*CLUSRegistryFilter `json:"parsed_filters"` RescanImage bool `json:"rescan_image"` ScanLayers bool `json:"scan_layers"` DisableFiles bool `json:"disable_files"` RepoLimit int `json:"repo_limit"` TagLimit int `json:"tag_limit"` Schedule string `json:"schedule"` PollPeriod int `json:"poll_period"` AwsKey *CLUSAWSAccountKey `json:"aws_key"` GcrKey *CLUSGCRKey `json:"gcr_key"` JfrogMode string `json:"jfrog_mode"` JfrogAQL bool `json:"jfrog_aql"` GitlabApiUrl string `json:"gitlab_api_url"` GitlabPrivateToken string `json:"gitlab_private_token,cloak"` IBMCloudAccount string `json:"ibmcloud_account"` IBMCloudTokenURL string `json:"ibmcloud_token_url"` }
func (*CLUSRegistryConfig) GetDomain ¶
func (o *CLUSRegistryConfig) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSRegistryFilter ¶
type CLUSRegistryFilter struct { Org string `json:"organization"` Repo string `json:"repository"` Tag string `json:"tag"` }
func (*CLUSRegistryFilter) GetDomain ¶
func (o *CLUSRegistryFilter) GetDomain(f GetAccessObjectFunc) ([]string, []string)
for registry filter in openshift registry only
type CLUSRegistryImageSummary ¶
type CLUSRegistryImageSummary struct { ImageID string `json:"image_id"` Registry string `json:"registry"` RegName string `json:"reg_name"` Images []CLUSImage `json:"repo_tag"` Digest string `json:"digest"` ScannedAt time.Time `json:"scanned_at"` BaseOS string `json:"base_os"` Version string `json:"version"` Result ScanErrorCode `json:"result"` Status string `json:"status"` Author string `json:"author"` RunAsRoot bool `json:"run_as_root"` Signed bool `json:"signed"` // [2019.Apr] comment out until we can accurately tell it ScanFlags uint32 `json:"scan_flags"` Provider ScanProvider `json:"provider"` Size int64 `json:"size"` }
func (*CLUSRegistryImageSummary) GetDomain ¶
func (o *CLUSRegistryImageSummary) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSRegistryState ¶
type CLUSRegistryTypeDummy ¶
type CLUSRegistryTypeDummy struct{} // dummy type just for access control checking purpose
func (*CLUSRegistryTypeDummy) GetDomain ¶
func (o *CLUSRegistryTypeDummy) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSReportResponse ¶
type CLUSReportResponse struct { Action ReportRespAction `protobuf:"varint,1,opt,name=Action,enum=share.ReportRespAction" json:"Action,omitempty"` ReportInterval uint32 `protobuf:"varint,2,opt,name=ReportInterval" json:"ReportInterval,omitempty"` }
func (*CLUSReportResponse) Descriptor ¶
func (*CLUSReportResponse) Descriptor() ([]byte, []int)
func (*CLUSReportResponse) GetAction ¶
func (m *CLUSReportResponse) GetAction() ReportRespAction
func (*CLUSReportResponse) GetReportInterval ¶
func (m *CLUSReportResponse) GetReportInterval() uint32
func (*CLUSReportResponse) ProtoMessage ¶
func (*CLUSReportResponse) ProtoMessage()
func (*CLUSReportResponse) Reset ¶
func (m *CLUSReportResponse) Reset()
func (*CLUSReportResponse) String ¶
func (m *CLUSReportResponse) String() string
type CLUSResponseRule ¶
type CLUSResponseRule struct { ID uint32 `json:"id"` Event string `json:"event"` Comment string `json:"comment,omitempty"` Group string `json:"group,omitempty"` Conditions []CLUSEventCondition `json:"conditions,omitempty"` Actions []string `json:"actions"` Webhooks []string `json:"webhooks"` Disable bool `json:"disable,omitempty"` CfgType TCfgType `json:"cfg_type"` }
func (*CLUSResponseRule) GetDomain ¶
func (o *CLUSResponseRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSResponseRuleOptionsDummy ¶
type CLUSResponseRuleOptionsDummy struct{} // dummy type just for access control checking purpose
func (*CLUSResponseRuleOptionsDummy) GetDomain ¶
func (o *CLUSResponseRuleOptionsDummy) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSRestServerInfo ¶
type CLUSRolePermission ¶
type CLUSRuleHead ¶
type CLUSScanConfig ¶
type CLUSScanConfig struct {
AutoScan bool `json:"auto_scan"`
}
func (*CLUSScanConfig) GetDomain ¶
func (o *CLUSScanConfig) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSScanReport ¶
type CLUSScanReport struct { ScannedAt time.Time `json:"scanned_at"` ScanResult }
ScanResult is used for local RPC so the structure can be stored in the cluster
func (*CLUSScanReport) GetDomain ¶
func (o *CLUSScanReport) GetDomain(f GetAccessObjectFunc) ([]string, []string)
for scan report in openshift registry only
type CLUSScanState ¶
type CLUSScannedVulInfo ¶
type CLUSScannedVulInfoSimple ¶
type CLUSScannedVulInfoSimple struct {
Score float32 `json:"score"`
}
type CLUSScanner ¶
type CLUSScanner struct { ID string `json:"id"` CVEDBVersion string `json:"db_version"` CVEDBCreateTime string `json:"db_create_time"` JoinedAt time.Time `json:"joined_at"` RPCServer string `json:"rpc_server"` RPCServerPort uint16 `json:"rpc_port"` BuiltIn bool `json:"builtin"` CVEDBEntries int `json:"db_entries"` }
func (*CLUSScanner) GetDomain ¶
func (o *CLUSScanner) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSScannerDB ¶
type CLUSScannerDB struct { CVEDBVersion string `json:"db_version"` CVEDBCreateTime string `json:"db_create_time"` CVEDB map[string]*ScanVulnerability `json:"db"` }
type CLUSScannerStats ¶
type CLUSScannerStats struct { ID string `json:"id"` TotalContainers int `json:"total_containers"` TotalHosts int `json:"total_hosts"` TotalImages int `json:"total_images"` TotalServerless int `json:"total_serverless"` ScannedContainers int `json:"scanned_containers"` ScannedHosts int `json:"scanned_hosts"` ScannedImages int `json:"scanned_images"` ScannedServerless int `json:"scanned_serverless"` }
type CLUSSecretLog ¶
type CLUSSecretLog struct { Type string `json:"type"` // secret type Text string `json:"secret"` // detected secret or signature Line string `json:"line"` // full line in the content File string `json:"path"` // file path RuleDesc string `json:"rule_desc"` // rule description Suggestion string `json:"suggestion"` // suggestion to reduce the risk }
CLUSSecretLog provides reports at scanner/enforcer layer
type CLUSServer ¶
type CLUSServer struct { Name string `json:"name"` Enable bool `json:"enable"` LDAP *CLUSServerLDAP `json:"ldap,omitempty"` SAML *CLUSServerSAML `json:"saml,omitempty"` OIDC *CLUSServerOIDC `json:"oidc,omitempty"` }
func (*CLUSServer) GetDomain ¶
func (o *CLUSServer) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSServerAuth ¶
type CLUSServerAuth struct { DefaultRole string `json:"default_role"` RoleGroups map[string][]string `json:"groups"` // role -> groups. obsolete since 4.2 GroupMappedRoles []*GroupRoleMapping `json:"group_mapped_roles"` // group -> (role -> domains). supported since 4.2 }
type CLUSServerLDAP ¶
type CLUSServerLDAP struct { CLUSServerAuth Type string `json:"type"` Hostname string `json:"hostname"` Port uint16 `json:"port"` SSL bool `json:"ssl"` BaseDN string `json:"base_dn"` BindDN string `json:"bind_dn"` // Must handle upgrade if it is cloaked BindPasswd string `json:"bind_password,cloak"` GroupMemberAttr string `json:"group_member_attr"` UserNameAttr string `json:"username_attr"` }
type CLUSServerOIDC ¶
type CLUSServerOIDC struct { CLUSServerAuth Issuer string `json:"issuer"` AuthURL string `json:"authorization_endpoint"` TokenURL string `json:"token_endpoint"` UserInfoURL string `json:"user_info_endpoint"` JWKSURL string `json:"jwks_endpoint"` ClientID string `json:"client_id"` // Must handle upgrade if it is cloaked ClientSecret string `json:"client_secret,cloak"` Scopes []string `json:"scopes"` GroupClaim string `json:"group_claim"` }
type CLUSServerSAML ¶
type CLUSServerSAML struct { CLUSServerAuth SSOURL string `json:"sso_url"` Issuer string `json:"issuer"` X509Cert string `json:"x509_cert,cloak"` GroupClaim string `json:"group_claim"` }
type CLUSSession ¶
type CLUSSession struct { ID uint32 `protobuf:"varint,1,opt,name=ID" json:"ID,omitempty"` Workload string `protobuf:"bytes,2,opt,name=Workload" json:"Workload,omitempty"` EtherType uint32 `protobuf:"varint,3,opt,name=EtherType" json:"EtherType,omitempty"` IPProto uint32 `protobuf:"varint,4,opt,name=IPProto" json:"IPProto,omitempty"` ClientMAC []byte `protobuf:"bytes,5,opt,name=ClientMAC,proto3" json:"ClientMAC,omitempty"` ServerMAC []byte `protobuf:"bytes,6,opt,name=ServerMAC,proto3" json:"ServerMAC,omitempty"` ClientIP []byte `protobuf:"bytes,7,opt,name=ClientIP,proto3" json:"ClientIP,omitempty"` ServerIP []byte `protobuf:"bytes,8,opt,name=ServerIP,proto3" json:"ServerIP,omitempty"` ClientPort uint32 `protobuf:"varint,9,opt,name=ClientPort" json:"ClientPort,omitempty"` ServerPort uint32 `protobuf:"varint,10,opt,name=ServerPort" json:"ServerPort,omitempty"` ICMPCode uint32 `protobuf:"varint,11,opt,name=ICMPCode" json:"ICMPCode,omitempty"` ICMPType uint32 `protobuf:"varint,12,opt,name=ICMPType" json:"ICMPType,omitempty"` ClientState uint32 `protobuf:"varint,13,opt,name=ClientState" json:"ClientState,omitempty"` ServerState uint32 `protobuf:"varint,14,opt,name=ServerState" json:"ServerState,omitempty"` ClientPkts uint32 `protobuf:"varint,15,opt,name=ClientPkts" json:"ClientPkts,omitempty"` ServerPkts uint32 `protobuf:"varint,16,opt,name=ServerPkts" json:"ServerPkts,omitempty"` ClientBytes uint64 `protobuf:"varint,17,opt,name=ClientBytes" json:"ClientBytes,omitempty"` ServerBytes uint64 `protobuf:"varint,18,opt,name=ServerBytes" json:"ServerBytes,omitempty"` Application uint32 `protobuf:"varint,19,opt,name=Application" json:"Application,omitempty"` Age uint32 `protobuf:"varint,20,opt,name=Age" json:"Age,omitempty"` Idle uint32 `protobuf:"varint,21,opt,name=Idle" json:"Idle,omitempty"` Life uint32 `protobuf:"varint,22,opt,name=Life" json:"Life,omitempty"` Ingress bool `protobuf:"varint,23,opt,name=Ingress" json:"Ingress,omitempty"` Tap bool `protobuf:"varint,24,opt,name=Tap" json:"Tap,omitempty"` Mid bool `protobuf:"varint,25,opt,name=Mid" json:"Mid,omitempty"` PolicyId uint32 `protobuf:"varint,26,opt,name=PolicyId" json:"PolicyId,omitempty"` PolicyAction uint32 `protobuf:"varint,27,opt,name=PolicyAction" json:"PolicyAction,omitempty"` ClientAsmPkts uint32 `protobuf:"varint,28,opt,name=ClientAsmPkts" json:"ClientAsmPkts,omitempty"` ServerAsmPkts uint32 `protobuf:"varint,29,opt,name=ServerAsmPkts" json:"ServerAsmPkts,omitempty"` ClientAsmBytes uint64 `protobuf:"varint,30,opt,name=ClientAsmBytes" json:"ClientAsmBytes,omitempty"` ServerAsmBytes uint64 `protobuf:"varint,31,opt,name=ServerAsmBytes" json:"ServerAsmBytes,omitempty"` HostMode bool `protobuf:"varint,32,opt,name=HostMode" json:"HostMode,omitempty"` XffIP []byte `protobuf:"bytes,33,opt,name=XffIP,proto3" json:"XffIP,omitempty"` XffApp uint32 `protobuf:"varint,34,opt,name=XffApp" json:"XffApp,omitempty"` XffPort uint32 `protobuf:"varint,35,opt,name=XffPort" json:"XffPort,omitempty"` }
func (*CLUSSession) Descriptor ¶
func (*CLUSSession) Descriptor() ([]byte, []int)
func (*CLUSSession) GetAge ¶
func (m *CLUSSession) GetAge() uint32
func (*CLUSSession) GetApplication ¶
func (m *CLUSSession) GetApplication() uint32
func (*CLUSSession) GetClientAsmBytes ¶
func (m *CLUSSession) GetClientAsmBytes() uint64
func (*CLUSSession) GetClientAsmPkts ¶
func (m *CLUSSession) GetClientAsmPkts() uint32
func (*CLUSSession) GetClientBytes ¶
func (m *CLUSSession) GetClientBytes() uint64
func (*CLUSSession) GetClientIP ¶
func (m *CLUSSession) GetClientIP() []byte
func (*CLUSSession) GetClientMAC ¶
func (m *CLUSSession) GetClientMAC() []byte
func (*CLUSSession) GetClientPkts ¶
func (m *CLUSSession) GetClientPkts() uint32
func (*CLUSSession) GetClientPort ¶
func (m *CLUSSession) GetClientPort() uint32
func (*CLUSSession) GetClientState ¶
func (m *CLUSSession) GetClientState() uint32
func (*CLUSSession) GetDomain ¶
func (o *CLUSSession) GetDomain(f GetAccessObjectFunc) ([]string, []string)
Modify/delete session can only be done by admin
func (*CLUSSession) GetEtherType ¶
func (m *CLUSSession) GetEtherType() uint32
func (*CLUSSession) GetHostMode ¶
func (m *CLUSSession) GetHostMode() bool
func (*CLUSSession) GetICMPCode ¶
func (m *CLUSSession) GetICMPCode() uint32
func (*CLUSSession) GetICMPType ¶
func (m *CLUSSession) GetICMPType() uint32
func (*CLUSSession) GetID ¶
func (m *CLUSSession) GetID() uint32
func (*CLUSSession) GetIPProto ¶
func (m *CLUSSession) GetIPProto() uint32
func (*CLUSSession) GetIdle ¶
func (m *CLUSSession) GetIdle() uint32
func (*CLUSSession) GetIngress ¶
func (m *CLUSSession) GetIngress() bool
func (*CLUSSession) GetLife ¶
func (m *CLUSSession) GetLife() uint32
func (*CLUSSession) GetMid ¶
func (m *CLUSSession) GetMid() bool
func (*CLUSSession) GetPolicyAction ¶
func (m *CLUSSession) GetPolicyAction() uint32
func (*CLUSSession) GetPolicyId ¶
func (m *CLUSSession) GetPolicyId() uint32
func (*CLUSSession) GetServerAsmBytes ¶
func (m *CLUSSession) GetServerAsmBytes() uint64
func (*CLUSSession) GetServerAsmPkts ¶
func (m *CLUSSession) GetServerAsmPkts() uint32
func (*CLUSSession) GetServerBytes ¶
func (m *CLUSSession) GetServerBytes() uint64
func (*CLUSSession) GetServerIP ¶
func (m *CLUSSession) GetServerIP() []byte
func (*CLUSSession) GetServerMAC ¶
func (m *CLUSSession) GetServerMAC() []byte
func (*CLUSSession) GetServerPkts ¶
func (m *CLUSSession) GetServerPkts() uint32
func (*CLUSSession) GetServerPort ¶
func (m *CLUSSession) GetServerPort() uint32
func (*CLUSSession) GetServerState ¶
func (m *CLUSSession) GetServerState() uint32
func (*CLUSSession) GetTap ¶
func (m *CLUSSession) GetTap() bool
func (*CLUSSession) GetWorkload ¶
func (m *CLUSSession) GetWorkload() string
func (*CLUSSession) GetXffApp ¶
func (m *CLUSSession) GetXffApp() uint32
func (*CLUSSession) GetXffIP ¶
func (m *CLUSSession) GetXffIP() []byte
func (*CLUSSession) GetXffPort ¶
func (m *CLUSSession) GetXffPort() uint32
func (*CLUSSession) ProtoMessage ¶
func (*CLUSSession) ProtoMessage()
func (*CLUSSession) Reset ¶
func (m *CLUSSession) Reset()
func (*CLUSSession) String ¶
func (m *CLUSSession) String() string
type CLUSSessionArray ¶
type CLUSSessionArray struct {
Sessions []*CLUSSession `protobuf:"bytes,1,rep,name=Sessions" json:"Sessions,omitempty"`
}
func (*CLUSSessionArray) Descriptor ¶
func (*CLUSSessionArray) Descriptor() ([]byte, []int)
func (*CLUSSessionArray) GetSessions ¶
func (m *CLUSSessionArray) GetSessions() []*CLUSSession
func (*CLUSSessionArray) ProtoMessage ¶
func (*CLUSSessionArray) ProtoMessage()
func (*CLUSSessionArray) Reset ¶
func (m *CLUSSessionArray) Reset()
func (*CLUSSessionArray) String ¶
func (m *CLUSSessionArray) String() string
type CLUSSessionCounter ¶
type CLUSSessionCounter struct { CurSessions uint32 `protobuf:"varint,1,opt,name=CurSessions" json:"CurSessions,omitempty"` CurTCPSessions uint32 `protobuf:"varint,2,opt,name=CurTCPSessions" json:"CurTCPSessions,omitempty"` CurUDPSessions uint32 `protobuf:"varint,3,opt,name=CurUDPSessions" json:"CurUDPSessions,omitempty"` CurICMPSessions uint32 `protobuf:"varint,4,opt,name=CurICMPSessions" json:"CurICMPSessions,omitempty"` CurIPSessions uint32 `protobuf:"varint,5,opt,name=CurIPSessions" json:"CurIPSessions,omitempty"` }
func (*CLUSSessionCounter) Descriptor ¶
func (*CLUSSessionCounter) Descriptor() ([]byte, []int)
func (*CLUSSessionCounter) GetCurICMPSessions ¶
func (m *CLUSSessionCounter) GetCurICMPSessions() uint32
func (*CLUSSessionCounter) GetCurIPSessions ¶
func (m *CLUSSessionCounter) GetCurIPSessions() uint32
func (*CLUSSessionCounter) GetCurSessions ¶
func (m *CLUSSessionCounter) GetCurSessions() uint32
func (*CLUSSessionCounter) GetCurTCPSessions ¶
func (m *CLUSSessionCounter) GetCurTCPSessions() uint32
func (*CLUSSessionCounter) GetCurUDPSessions ¶
func (m *CLUSSessionCounter) GetCurUDPSessions() uint32
func (*CLUSSessionCounter) ProtoMessage ¶
func (*CLUSSessionCounter) ProtoMessage()
func (*CLUSSessionCounter) Reset ¶
func (m *CLUSSessionCounter) Reset()
func (*CLUSSessionCounter) String ¶
func (m *CLUSSessionCounter) String() string
type CLUSSetIdPermLog ¶
type CLUSSetIdPermLog struct { Types string `json:"types"` // setuid, setgid File string `json:"path"` // file path Evidence string `json:"evidence"` // file attributes }
CLUSSetIdPermLog provides reports at scanner/enforcer layer
type CLUSSniffer ¶
type CLUSSniffer struct { ID string `protobuf:"bytes,1,opt,name=ID" json:"ID,omitempty"` AgentID string `protobuf:"bytes,2,opt,name=AgentID" json:"AgentID,omitempty"` WorkloadID string `protobuf:"bytes,3,opt,name=WorkloadID" json:"WorkloadID,omitempty"` Status SnifferStatus `protobuf:"varint,4,opt,name=Status,enum=share.SnifferStatus" json:"Status,omitempty"` Args string `protobuf:"bytes,5,opt,name=Args" json:"Args,omitempty"` FileNumber uint32 `protobuf:"varint,6,opt,name=FileNumber" json:"FileNumber,omitempty"` Size int64 `protobuf:"varint,7,opt,name=Size" json:"Size,omitempty"` StartTime int64 `protobuf:"varint,8,opt,name=StartTime" json:"StartTime,omitempty"` StopTime int64 `protobuf:"varint,9,opt,name=StopTime" json:"StopTime,omitempty"` }
func (*CLUSSniffer) Descriptor ¶
func (*CLUSSniffer) Descriptor() ([]byte, []int)
func (*CLUSSniffer) GetAgentID ¶
func (m *CLUSSniffer) GetAgentID() string
func (*CLUSSniffer) GetArgs ¶
func (m *CLUSSniffer) GetArgs() string
func (*CLUSSniffer) GetFileNumber ¶
func (m *CLUSSniffer) GetFileNumber() uint32
func (*CLUSSniffer) GetID ¶
func (m *CLUSSniffer) GetID() string
func (*CLUSSniffer) GetSize ¶
func (m *CLUSSniffer) GetSize() int64
func (*CLUSSniffer) GetStartTime ¶
func (m *CLUSSniffer) GetStartTime() int64
func (*CLUSSniffer) GetStatus ¶
func (m *CLUSSniffer) GetStatus() SnifferStatus
func (*CLUSSniffer) GetStopTime ¶
func (m *CLUSSniffer) GetStopTime() int64
func (*CLUSSniffer) GetWorkloadID ¶
func (m *CLUSSniffer) GetWorkloadID() string
func (*CLUSSniffer) ProtoMessage ¶
func (*CLUSSniffer) ProtoMessage()
func (*CLUSSniffer) Reset ¶
func (m *CLUSSniffer) Reset()
func (*CLUSSniffer) String ¶
func (m *CLUSSniffer) String() string
type CLUSSnifferArray ¶
type CLUSSnifferArray struct {
Sniffers []*CLUSSniffer `protobuf:"bytes,1,rep,name=sniffers" json:"sniffers,omitempty"`
}
func (*CLUSSnifferArray) Descriptor ¶
func (*CLUSSnifferArray) Descriptor() ([]byte, []int)
func (*CLUSSnifferArray) GetSniffers ¶
func (m *CLUSSnifferArray) GetSniffers() []*CLUSSniffer
func (*CLUSSnifferArray) ProtoMessage ¶
func (*CLUSSnifferArray) ProtoMessage()
func (*CLUSSnifferArray) Reset ¶
func (m *CLUSSnifferArray) Reset()
func (*CLUSSnifferArray) String ¶
func (m *CLUSSnifferArray) String() string
type CLUSSnifferDownload ¶
type CLUSSnifferDownload struct {
ID string `protobuf:"bytes,1,opt,name=ID" json:"ID,omitempty"`
}
func (*CLUSSnifferDownload) Descriptor ¶
func (*CLUSSnifferDownload) Descriptor() ([]byte, []int)
func (*CLUSSnifferDownload) GetID ¶
func (m *CLUSSnifferDownload) GetID() string
func (*CLUSSnifferDownload) ProtoMessage ¶
func (*CLUSSnifferDownload) ProtoMessage()
func (*CLUSSnifferDownload) Reset ¶
func (m *CLUSSnifferDownload) Reset()
func (*CLUSSnifferDownload) String ¶
func (m *CLUSSnifferDownload) String() string
type CLUSSnifferDummy ¶
type CLUSSnifferDummy struct {
WorkloadDomain string `json:"workload_domain"`
}
func (*CLUSSnifferDummy) GetDomain ¶
func (o *CLUSSnifferDummy) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSSnifferFilter ¶
type CLUSSnifferFilter struct { ID string `protobuf:"bytes,1,opt,name=ID" json:"ID,omitempty"` Workload string `protobuf:"bytes,2,opt,name=Workload" json:"Workload,omitempty"` }
func (*CLUSSnifferFilter) Descriptor ¶
func (*CLUSSnifferFilter) Descriptor() ([]byte, []int)
func (*CLUSSnifferFilter) GetID ¶
func (m *CLUSSnifferFilter) GetID() string
func (*CLUSSnifferFilter) GetWorkload ¶
func (m *CLUSSnifferFilter) GetWorkload() string
func (*CLUSSnifferFilter) ProtoMessage ¶
func (*CLUSSnifferFilter) ProtoMessage()
func (*CLUSSnifferFilter) Reset ¶
func (m *CLUSSnifferFilter) Reset()
func (*CLUSSnifferFilter) String ¶
func (m *CLUSSnifferFilter) String() string
type CLUSSnifferPcap ¶
type CLUSSnifferPcap struct {
Pcap []byte `protobuf:"bytes,1,opt,name=Pcap,proto3" json:"Pcap,omitempty"`
}
func (*CLUSSnifferPcap) Descriptor ¶
func (*CLUSSnifferPcap) Descriptor() ([]byte, []int)
func (*CLUSSnifferPcap) GetPcap ¶
func (m *CLUSSnifferPcap) GetPcap() []byte
func (*CLUSSnifferPcap) ProtoMessage ¶
func (*CLUSSnifferPcap) ProtoMessage()
func (*CLUSSnifferPcap) Reset ¶
func (m *CLUSSnifferPcap) Reset()
func (*CLUSSnifferPcap) String ¶
func (m *CLUSSnifferPcap) String() string
type CLUSSnifferRequest ¶
type CLUSSnifferRequest struct { Cmd SnifferCmd `protobuf:"varint,1,opt,name=Cmd,enum=share.SnifferCmd" json:"Cmd,omitempty"` ID string `protobuf:"bytes,2,opt,name=ID" json:"ID,omitempty"` WorkloadID string `protobuf:"bytes,3,opt,name=WorkloadID" json:"WorkloadID,omitempty"` FileNumber uint32 `protobuf:"varint,4,opt,name=FileNumber" json:"FileNumber,omitempty"` FileSizeInMB uint32 `protobuf:"varint,5,opt,name=FileSizeInMB" json:"FileSizeInMB,omitempty"` Filter string `protobuf:"bytes,6,opt,name=Filter" json:"Filter,omitempty"` DurationInSecond uint32 `protobuf:"varint,7,opt,name=DurationInSecond" json:"DurationInSecond,omitempty"` }
func (*CLUSSnifferRequest) Descriptor ¶
func (*CLUSSnifferRequest) Descriptor() ([]byte, []int)
func (*CLUSSnifferRequest) GetCmd ¶
func (m *CLUSSnifferRequest) GetCmd() SnifferCmd
func (*CLUSSnifferRequest) GetDurationInSecond ¶
func (m *CLUSSnifferRequest) GetDurationInSecond() uint32
func (*CLUSSnifferRequest) GetFileNumber ¶
func (m *CLUSSnifferRequest) GetFileNumber() uint32
func (*CLUSSnifferRequest) GetFileSizeInMB ¶
func (m *CLUSSnifferRequest) GetFileSizeInMB() uint32
func (*CLUSSnifferRequest) GetFilter ¶
func (m *CLUSSnifferRequest) GetFilter() string
func (*CLUSSnifferRequest) GetID ¶
func (m *CLUSSnifferRequest) GetID() string
func (*CLUSSnifferRequest) GetWorkloadID ¶
func (m *CLUSSnifferRequest) GetWorkloadID() string
func (*CLUSSnifferRequest) ProtoMessage ¶
func (*CLUSSnifferRequest) ProtoMessage()
func (*CLUSSnifferRequest) Reset ¶
func (m *CLUSSnifferRequest) Reset()
func (*CLUSSnifferRequest) String ¶
func (m *CLUSSnifferRequest) String() string
type CLUSSnifferResponse ¶
type CLUSSnifferResponse struct {
ID string `protobuf:"bytes,1,opt,name=ID" json:"ID,omitempty"`
}
func (*CLUSSnifferResponse) Descriptor ¶
func (*CLUSSnifferResponse) Descriptor() ([]byte, []int)
func (*CLUSSnifferResponse) GetID ¶
func (m *CLUSSnifferResponse) GetID() string
func (*CLUSSnifferResponse) ProtoMessage ¶
func (*CLUSSnifferResponse) ProtoMessage()
func (*CLUSSnifferResponse) Reset ¶
func (m *CLUSSnifferResponse) Reset()
func (*CLUSSnifferResponse) String ¶
func (m *CLUSSnifferResponse) String() string
type CLUSSpecSubnet ¶
type CLUSStats ¶
type CLUSStats struct { ReadAt int64 `protobuf:"varint,1,opt,name=ReadAt" json:"ReadAt,omitempty"` Interval uint32 `protobuf:"varint,2,opt,name=Interval" json:"Interval,omitempty"` Total *CLUSMetry `protobuf:"bytes,3,opt,name=Total" json:"Total,omitempty"` Span1 *CLUSMetry `protobuf:"bytes,4,opt,name=Span1" json:"Span1,omitempty"` Span12 *CLUSMetry `protobuf:"bytes,5,opt,name=Span12" json:"Span12,omitempty"` Span60 *CLUSMetry `protobuf:"bytes,6,opt,name=Span60" json:"Span60,omitempty"` }
func (*CLUSStats) Descriptor ¶
func (*CLUSStats) GetInterval ¶
func (*CLUSStats) ProtoMessage ¶
func (*CLUSStats) ProtoMessage()
type CLUSStoreWatcherInfo ¶
type CLUSStoreWatcherInfo struct { CtrlerID string `protobuf:"bytes,1,opt,name=CtrlerID" json:"CtrlerID,omitempty"` Key string `protobuf:"bytes,2,opt,name=Key" json:"Key,omitempty"` Action StoreWatcherAction `protobuf:"varint,3,opt,name=Action,enum=share.StoreWatcherAction" json:"Action,omitempty"` }
func (*CLUSStoreWatcherInfo) Descriptor ¶
func (*CLUSStoreWatcherInfo) Descriptor() ([]byte, []int)
func (*CLUSStoreWatcherInfo) GetAction ¶
func (m *CLUSStoreWatcherInfo) GetAction() StoreWatcherAction
func (*CLUSStoreWatcherInfo) GetCtrlerID ¶
func (m *CLUSStoreWatcherInfo) GetCtrlerID() string
func (*CLUSStoreWatcherInfo) GetKey ¶
func (m *CLUSStoreWatcherInfo) GetKey() string
func (*CLUSStoreWatcherInfo) ProtoMessage ¶
func (*CLUSStoreWatcherInfo) ProtoMessage()
func (*CLUSStoreWatcherInfo) Reset ¶
func (m *CLUSStoreWatcherInfo) Reset()
func (*CLUSStoreWatcherInfo) String ¶
func (m *CLUSStoreWatcherInfo) String() string
type CLUSSubnet ¶
type CLUSSyncReply ¶
type CLUSSyncReply struct { Category string `protobuf:"bytes,1,opt,name=Category" json:"Category,omitempty"` Data []byte `protobuf:"bytes,2,opt,name=Data,proto3" json:"Data,omitempty"` }
func (*CLUSSyncReply) Descriptor ¶
func (*CLUSSyncReply) Descriptor() ([]byte, []int)
func (*CLUSSyncReply) GetCategory ¶
func (m *CLUSSyncReply) GetCategory() string
func (*CLUSSyncReply) GetData ¶
func (m *CLUSSyncReply) GetData() []byte
func (*CLUSSyncReply) ProtoMessage ¶
func (*CLUSSyncReply) ProtoMessage()
func (*CLUSSyncReply) Reset ¶
func (m *CLUSSyncReply) Reset()
func (*CLUSSyncReply) String ¶
func (m *CLUSSyncReply) String() string
type CLUSSyncRequest ¶
type CLUSSyncRequest struct { Category string `protobuf:"bytes,1,opt,name=Category" json:"Category,omitempty"` From string `protobuf:"bytes,2,opt,name=From" json:"From,omitempty"` }
func (*CLUSSyncRequest) Descriptor ¶
func (*CLUSSyncRequest) Descriptor() ([]byte, []int)
func (*CLUSSyncRequest) GetCategory ¶
func (m *CLUSSyncRequest) GetCategory() string
func (*CLUSSyncRequest) GetFrom ¶
func (m *CLUSSyncRequest) GetFrom() string
func (*CLUSSyncRequest) ProtoMessage ¶
func (*CLUSSyncRequest) ProtoMessage()
func (*CLUSSyncRequest) Reset ¶
func (m *CLUSSyncRequest) Reset()
func (*CLUSSyncRequest) String ¶
func (m *CLUSSyncRequest) String() string
type CLUSSyslogConfig ¶
type CLUSSyslogConfig struct { SyslogIP net.IP `json:"syslog_ip"` SyslogServer string `json:"syslog_server"` SyslogIPProto uint8 `json:"syslog_ip_proto"` SyslogPort uint16 `json:"syslog_port"` SyslogLevel string `json:"syslog_level"` SyslogEnable bool `json:"syslog_enable"` SyslogCategories []string `json:"syslog_categories"` SyslogInJSON bool `json:"syslog_in_json"` }
type CLUSSystemConfig ¶
type CLUSSystemConfig struct { NewServicePolicyMode string `json:"new_service_policy_mode"` NewServiceProfileBaseline string `json:"new_service_profile_baseline"` UnusedGroupAging uint8 `json:"unused_group_aging"` CLUSSyslogConfig SingleCVEPerSyslog bool `json:"single_cve_per_syslog"` AuthOrder []string `json:"auth_order"` AuthByPlatform bool `json:"auth_by_platform"` InternalSubnets []string `json:"configured_internal_subnets,omitempty"` WebhookEnable_UNUSED bool `json:"webhook_enable"` WebhookUrl_UNUSED string `json:"webhook_url"` Webhooks []CLUSWebhook `json:"webhooks"` ClusterName string `json:"cluster_name"` ControllerDebug []string `json:"controller_debug"` TapProxymesh bool `json:"tap_proxymesh"` RegistryHttpProxy CLUSProxy `json:"registry_http_proxy"` RegistryHttpsProxy CLUSProxy `json:"registry_https_proxy"` IBMSAConfigNV CLUSIBMSAConfigNV `json:"ibmsa_config_nv"` IBMSAConfig CLUSIBMSAConfig `json:"ibmsa_config"` IBMSAOnboardData CLUSIBMSAOnboardData `json:"ibmsa_onboard_data"` XffEnabled bool `json:"xff_enabled"` CfgType TCfgType `json:"cfg_type"` }
func (*CLUSSystemConfig) GetDomain ¶
func (o *CLUSSystemConfig) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSSystemUsageReport ¶
type CLUSSystemUsageReport struct { Signature string `json:"signature"` ReportedAt time.Time `json:"reported"` Platform string `json:"platform"` Hosts int `json:"hosts"` CPUCores int `json:"cores"` Controllers int `json:"controllers"` Agents int `json:"enforcers"` Scanners int `json:"scanners"` CVEDBVersion string `json:"cvedb_version"` Registries int `json:"registries"` Domains int `json:"domains"` RunningPods int `json:"running_pods"` Groups int `json:"groups"` MonitorGroups int `json:"moinitor_groups"` ProtectGroups int `json:"protect_groups"` PolicyRules int `json:"policy_rules"` AdmCtrlRules int `json:"adm_ctrl_rules"` RespRules int `json:"response_rules"` CRDRules int `json:"crd_rules"` Clusters int `json:"clusters"` SLessProjs int `json:"sl_projs"` InstallationID string `json:"installation_id"` }
type CLUSThreatLog ¶
type CLUSThreatLog struct { ID string `json:"id"` ThreatID uint32 `json:"threat_id"` Severity uint8 `json:"severity"` Action uint8 `json:"action"` CapLen uint16 `json:"cap_len"` Count uint32 `json:"count"` HostID string `json:"host_id"` HostName string `json:"host_name"` AgentID string `json:"agent_id"` AgentName string `json:"agent_name"` WorkloadID string `json:"workload_id"` WorkloadName string `json:"workload_name"` ReportedAt time.Time `json:"reported_at"` SrcIP net.IP `json:"src_ip"` DstIP net.IP `json:"dst_ip"` EtherType uint16 `json:"ether_type"` SrcPort uint16 `json:"src_port"` DstPort uint16 `json:"dst_port"` IPProto uint8 `json:"ip_proto"` ICMPCode uint8 `json:"icmp_code"` ICMPType uint8 `json:"icmp_type"` LocalPeer bool `json:"local_peer"` // Local host connection PktIngress bool `json:"pkt_ingress"` SessIngress bool `json:"sess_ingress"` Tap bool `json:"tap"` Application uint32 `json:"application"` Msg string `json:"message"` Packet string `json:"packet"` }
type CLUSUser ¶
type CLUSUser struct { Fullname string `json:"fullname"` Username string `json:"username"` PasswordHash string `json:"password_hash"` PwdResetTime time.Time `json:"pwd_reset_time"` PwdHashHistory []string `json:"pwd_hash_history"` // not including the current password's hash Domain string `json:"domain"` // This is not used. Other 'domain' maps to namespace, this is not. Server string `json:"server"` EMail string `json:"email"` Role string `json:"role"` RoleOverride bool `json:"role_oride"` // Used for shadow user Timeout uint32 `json:"timeout"` Locale string `json:"locale"` RoleDomains map[string][]string `json:"role_domains"` LastLoginAt time.Time `json:"last_login_at"` LoginCount uint32 `json:"login_count"` FailedLoginCount uint32 `json:"failed_login_count"` // failed consecutive login failure. reset to 0 after a successful login BlockLoginSince time.Time `json:"block_login_since"` // reset to 0 after a successful login }
type CLUSUserRole ¶
type CLUSUserRole struct { Name string `json:"name"` Comment string `json:"comment"` Reserved bool `json:"reserved"` // true for pre-defined non-hidden roles: fedAdmin/admin/reader Permissions []*CLUSRolePermission `json:"permissions"` }
func (*CLUSUserRole) GetDomain ¶
func (o *CLUSUserRole) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSUserRoleInternal ¶
type CLUSUserRoleInternal struct { Name string `json:"name"` Comment string `json:"comment"` Reserved bool `json:"reserved"` // true for pre-defined non-hidden roles: fedAdmin/admin/reader ReadPermits uint64 `json:"read_permits"` // sum of all read permissions of this role WritePermits uint64 `json:"write_permits"` // sum of all write permissions of this role }
type CLUSVolume ¶
type CLUSVulnerabilityProfile ¶
type CLUSVulnerabilityProfile struct { Name string `json:"name"` Entries []*CLUSVulnerabilityProfileEntry `json:"entries"` }
func (*CLUSVulnerabilityProfile) GetDomain ¶
func (o *CLUSVulnerabilityProfile) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSWafCriteriaEntry ¶
type CLUSWafCriteriaEntry struct { Key string `json:"key"` Value string `json:"value"` Op string `json:"op"` Context string `json:"context,omitempty"` }
waf
type CLUSWafGroup ¶
type CLUSWafGroup struct { Name string `json:"name"` Status bool `json:"status"` Sensors []*CLUSWafSetting `json:"sensors"` CfgType TCfgType `json:"cfg_type"` }
func (*CLUSWafGroup) GetDomain ¶
func (o *CLUSWafGroup) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSWafRule ¶
type CLUSWafRule struct { Name string `json:"name"` // internal waf rule name ID uint32 `json:"id"` Patterns []CLUSWafCriteriaEntry `json:"patterns"` CfgType TCfgType `json:"cfg_type"` }
func (*CLUSWafRule) GetDomain ¶
func (o *CLUSWafRule) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSWafSensor ¶
type CLUSWafSensor struct { Name string `json:"name"` Groups map[string]string `json:"groups,omitempty"` // group to action mapping, only for memory cache. it's always empty in kv RuleListNames map[string]string `json:"rule_list_names,omitempty"` // key, value: internal waf rule name; for non-default sensors RuleList map[string]*CLUSWafRule `json:"rule_list,omitempty"` // key: internal waf rule name; for default sensor only PreRuleList map[string][]*CLUSWafRule `json:"pre_rule_list,omitempty"` Comment string `json:"comment,omitempty"` Predefine bool `json:"predefine,omitempty"` CfgType TCfgType `json:"cfg_type"` }
func (*CLUSWafSensor) GetDomain ¶
func (o *CLUSWafSensor) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSWafSetting ¶
type CLUSWafWorkloadRule ¶
type CLUSWafWorkloadRule struct { WorkloadId string `json:"workload_id"` PolicyMode string `json:"mode,omitempty"` RuleListNames []*CLUSWafSetting `json:"rule_list_names"` RuleIds []uint32 `json:"rule_ids"` RuleType string `json:"ruletype"` }
type CLUSWebhook ¶
type CLUSWebhook struct { Name string `json:"name"` Url string `json:"url"` Enable bool `json:"enable"` Type string `json:"type"` CfgType TCfgType `json:"cfg_type"` }
func (*CLUSWebhook) GetDomain ¶
func (o *CLUSWebhook) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSWorkload ¶
type CLUSWorkload struct { ID string `json:"id"` Name string `json:"name"` AgentID string `json:"agent_id"` SelfHostname string `json:"self_hostname"` HostName string `json:"host_name"` HostID string `json:"host_id"` Image string `json:"image"` ImageID string `json:"image_id"` Privileged bool `json:"privileged"` RunAsRoot bool `json:"run_as_root"` NetworkMode string `json:"network_mode"` Service string `json:"service"` Domain string `json:"domain"` Author string `json:"author"` PlatformRole string `json:"platform_role"` CreatedAt time.Time `json:"created_at"` StartedAt time.Time `json:"started_at"` FinishedAt time.Time `json:"finished_at"` Running bool `json:"running"` CapIntcp bool `json:"cap_intcp"` CapSniff bool `json:"cap_sniff"` Inline bool `json:"inline"` Quarantine bool `json:"quarantine"` SecuredAt time.Time `json:"secured_at"` ExitCode int `json:"exit_code"` Pid int `json:"pid"` Ifaces map[string][]CLUSIPAddr `json:"interfaces"` Ports map[string]CLUSMappedPort `json:"ports"` Labels map[string]string `json:"labels"` Apps map[string]CLUSApp `json:"apps"` MemoryLimit int64 `json:"memory_limit"` CPUs string `json:"cpus"` ProxyMesh bool `json:"proxymesh"` Sidecar bool `json:"sidecar"` }
func (*CLUSWorkload) GetDomain ¶
func (o *CLUSWorkload) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSWorkloadAddr ¶
type CLUSWorkloadAddr struct { WlID string `json:"workload_id"` PolicyMode string `json:"mode,omitempty"` LocalIP []net.IP `json:"local_ip,omitempty"` GlobalIP []net.IP `json:"global_ip,omitempty"` NatIP []net.IP `json:"nat_ip,omitempty"` LocalPortApp []CLUSPortApp `json:"local_port_app,omitempty"` NatPortApp []CLUSPortApp `json:"nat_port_app,omitempty"` }
type CLUSWorkloadConfig ¶
type CLUSWorkloadDlpRules ¶
type CLUSWorkloadDlpRules struct { DlpRuleList []*CLUSDlpRule `json:"dlp_rule_list"` DlpWlRules []*CLUSDlpWorkloadRule `json:"dlp_wl_rules"` }
type CLUSWorkloadIntercept ¶
type CLUSWorkloadIntercept struct { ID string `protobuf:"bytes,1,opt,name=ID" json:"ID,omitempty"` Inline bool `protobuf:"varint,2,opt,name=Inline" json:"Inline,omitempty"` Quarantine bool `protobuf:"varint,3,opt,name=Quarantine" json:"Quarantine,omitempty"` Ports []*CLUSWorkloadInterceptPort `protobuf:"bytes,4,rep,name=Ports" json:"Ports,omitempty"` }
func (*CLUSWorkloadIntercept) Descriptor ¶
func (*CLUSWorkloadIntercept) Descriptor() ([]byte, []int)
func (*CLUSWorkloadIntercept) GetID ¶
func (m *CLUSWorkloadIntercept) GetID() string
func (*CLUSWorkloadIntercept) GetInline ¶
func (m *CLUSWorkloadIntercept) GetInline() bool
func (*CLUSWorkloadIntercept) GetPorts ¶
func (m *CLUSWorkloadIntercept) GetPorts() []*CLUSWorkloadInterceptPort
func (*CLUSWorkloadIntercept) GetQuarantine ¶
func (m *CLUSWorkloadIntercept) GetQuarantine() bool
func (*CLUSWorkloadIntercept) ProtoMessage ¶
func (*CLUSWorkloadIntercept) ProtoMessage()
func (*CLUSWorkloadIntercept) Reset ¶
func (m *CLUSWorkloadIntercept) Reset()
func (*CLUSWorkloadIntercept) String ¶
func (m *CLUSWorkloadIntercept) String() string
type CLUSWorkloadInterceptPort ¶
type CLUSWorkloadInterceptPort struct { Port string `protobuf:"bytes,1,opt,name=Port" json:"Port,omitempty"` Peer string `protobuf:"bytes,2,opt,name=Peer" json:"Peer,omitempty"` MAC []byte `protobuf:"bytes,3,opt,name=MAC,proto3" json:"MAC,omitempty"` UCMAC []byte `protobuf:"bytes,4,opt,name=UCMAC,proto3" json:"UCMAC,omitempty"` BCMAC []byte `protobuf:"bytes,5,opt,name=BCMAC,proto3" json:"BCMAC,omitempty"` InPort string `protobuf:"bytes,6,opt,name=InPort" json:"InPort,omitempty"` ExPort string `protobuf:"bytes,7,opt,name=ExPort" json:"ExPort,omitempty"` InPortRules string `protobuf:"bytes,8,opt,name=InPortRules" json:"InPortRules,omitempty"` ExPortRules string `protobuf:"bytes,9,opt,name=ExPortRules" json:"ExPortRules,omitempty"` EnforcerRules string `protobuf:"bytes,10,opt,name=EnforcerRules" json:"EnforcerRules,omitempty"` }
func (*CLUSWorkloadInterceptPort) Descriptor ¶
func (*CLUSWorkloadInterceptPort) Descriptor() ([]byte, []int)
func (*CLUSWorkloadInterceptPort) GetBCMAC ¶
func (m *CLUSWorkloadInterceptPort) GetBCMAC() []byte
func (*CLUSWorkloadInterceptPort) GetEnforcerRules ¶
func (m *CLUSWorkloadInterceptPort) GetEnforcerRules() string
func (*CLUSWorkloadInterceptPort) GetExPort ¶
func (m *CLUSWorkloadInterceptPort) GetExPort() string
func (*CLUSWorkloadInterceptPort) GetExPortRules ¶
func (m *CLUSWorkloadInterceptPort) GetExPortRules() string
func (*CLUSWorkloadInterceptPort) GetInPort ¶
func (m *CLUSWorkloadInterceptPort) GetInPort() string
func (*CLUSWorkloadInterceptPort) GetInPortRules ¶
func (m *CLUSWorkloadInterceptPort) GetInPortRules() string
func (*CLUSWorkloadInterceptPort) GetMAC ¶
func (m *CLUSWorkloadInterceptPort) GetMAC() []byte
func (*CLUSWorkloadInterceptPort) GetPeer ¶
func (m *CLUSWorkloadInterceptPort) GetPeer() string
func (*CLUSWorkloadInterceptPort) GetPort ¶
func (m *CLUSWorkloadInterceptPort) GetPort() string
func (*CLUSWorkloadInterceptPort) GetUCMAC ¶
func (m *CLUSWorkloadInterceptPort) GetUCMAC() []byte
func (*CLUSWorkloadInterceptPort) ProtoMessage ¶
func (*CLUSWorkloadInterceptPort) ProtoMessage()
func (*CLUSWorkloadInterceptPort) Reset ¶
func (m *CLUSWorkloadInterceptPort) Reset()
func (*CLUSWorkloadInterceptPort) String ¶
func (m *CLUSWorkloadInterceptPort) String() string
type CLUSWorkloadScanDummy ¶
type CLUSWorkloadScanDummy struct {
Domain string `json:"domain"`
}
func (*CLUSWorkloadScanDummy) GetDomain ¶
func (o *CLUSWorkloadScanDummy) GetDomain(f GetAccessObjectFunc) ([]string, []string)
type CLUSWorkloadWafRules ¶
type CLUSWorkloadWafRules struct { WafRuleList []*CLUSWafRule `json:"waf_rule_list"` WafWlRules []*CLUSWafWorkloadRule `json:"waf_wl_rules"` }
type CLUSX509Cert ¶
type CLUSX509Cert struct { CN string `json:"cn"` Key string `json:"key,cloak"` Cert string `json:"cert,cloak"` }
func (*CLUSX509Cert) IsEmpty ¶
func (c *CLUSX509Cert) IsEmpty() bool
type ContainerStats ¶
type ContainerStats struct { PrevCPU uint64 PrevCPUSystem uint64 ReadAt time.Time CurSlot uint Cpu [ContainerStatsSlots]float64 Memory [ContainerStatsSlots]uint64 }
type ControllerAgentServiceClient ¶
type ControllerAgentServiceClient interface { RequestAdmission(ctx context.Context, in *CLUSAdmissionRequest, opts ...grpc.CallOption) (*CLUSAdmissionResponse, error) ReportProcProfile(ctx context.Context, in *CLUSProcProfileArray, opts ...grpc.CallOption) (*CLUSReportResponse, error) ReportFileAccessRule(ctx context.Context, in *CLUSFileAccessRuleArray, opts ...grpc.CallOption) (*CLUSReportResponse, error) ReportConnections(ctx context.Context, in *CLUSConnectionArray, opts ...grpc.CallOption) (*CLUSReportResponse, error) }
func NewControllerAgentServiceClient ¶
func NewControllerAgentServiceClient(cc *grpc.ClientConn) ControllerAgentServiceClient
type ControllerAgentServiceServer ¶
type ControllerAgentServiceServer interface { RequestAdmission(context.Context, *CLUSAdmissionRequest) (*CLUSAdmissionResponse, error) ReportProcProfile(context.Context, *CLUSProcProfileArray) (*CLUSReportResponse, error) ReportFileAccessRule(context.Context, *CLUSFileAccessRuleArray) (*CLUSReportResponse, error) ReportConnections(context.Context, *CLUSConnectionArray) (*CLUSReportResponse, error) }
type ControllerCapServiceClient ¶
type ControllerCapServiceClient interface {
IsGRPCCompressed(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSBoolean, error)
}
func NewControllerCapServiceClient ¶
func NewControllerCapServiceClient(cc *grpc.ClientConn) ControllerCapServiceClient
type ControllerCapServiceServer ¶
type ControllerCapServiceServer interface {
IsGRPCCompressed(context.Context, *RPCVoid) (*CLUSBoolean, error)
}
type ControllerCtrlServiceClient ¶
type ControllerCtrlServiceClient interface { ReqSync(ctx context.Context, in *CLUSSyncRequest, opts ...grpc.CallOption) (*CLUSSyncReply, error) ReqSyncStream(ctx context.Context, in *CLUSSyncRequest, opts ...grpc.CallOption) (ControllerCtrlService_ReqSyncStreamClient, error) ReportConnections(ctx context.Context, in *CLUSConnectionArray, opts ...grpc.CallOption) (*RPCVoid, error) GetControllerCounter(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSControllerCounter, error) DeleteConversation(ctx context.Context, in *CLUSGraphOps, opts ...grpc.CallOption) (*RPCVoid, error) DeleteEndpoint(ctx context.Context, in *CLUSGraphOps, opts ...grpc.CallOption) (*RPCVoid, error) SetEndpointAlias(ctx context.Context, in *CLUSGraphOps, opts ...grpc.CallOption) (*RPCVoid, error) CheckPolicySyncStatus(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSPolicySyncStatus, error) TriggerSync(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*RPCVoid, error) ProfilingCmd(ctx context.Context, in *CLUSProfilingRequest, opts ...grpc.CallOption) (*RPCVoid, error) TriggerSyncLearnedPolicy(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*RPCVoid, error) PauseResumeStoreWatcher(ctx context.Context, in *CLUSStoreWatcherInfo, opts ...grpc.CallOption) (*RPCVoid, error) KickLoginSessions(ctx context.Context, in *CLUSKickLoginSessionsRequest, opts ...grpc.CallOption) (*RPCVoid, error) GetStats(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSStats, error) ResetLoginTokenTimer(ctx context.Context, in *CLUSLoginTokenInfo, opts ...grpc.CallOption) (*RPCVoid, error) }
func NewControllerCtrlServiceClient ¶
func NewControllerCtrlServiceClient(cc *grpc.ClientConn) ControllerCtrlServiceClient
type ControllerCtrlServiceServer ¶
type ControllerCtrlServiceServer interface { ReqSync(context.Context, *CLUSSyncRequest) (*CLUSSyncReply, error) ReqSyncStream(*CLUSSyncRequest, ControllerCtrlService_ReqSyncStreamServer) error ReportConnections(context.Context, *CLUSConnectionArray) (*RPCVoid, error) GetControllerCounter(context.Context, *RPCVoid) (*CLUSControllerCounter, error) DeleteConversation(context.Context, *CLUSGraphOps) (*RPCVoid, error) DeleteEndpoint(context.Context, *CLUSGraphOps) (*RPCVoid, error) SetEndpointAlias(context.Context, *CLUSGraphOps) (*RPCVoid, error) CheckPolicySyncStatus(context.Context, *RPCVoid) (*CLUSPolicySyncStatus, error) TriggerSync(context.Context, *RPCVoid) (*RPCVoid, error) ProfilingCmd(context.Context, *CLUSProfilingRequest) (*RPCVoid, error) TriggerSyncLearnedPolicy(context.Context, *RPCVoid) (*RPCVoid, error) PauseResumeStoreWatcher(context.Context, *CLUSStoreWatcherInfo) (*RPCVoid, error) KickLoginSessions(context.Context, *CLUSKickLoginSessionsRequest) (*RPCVoid, error) GetStats(context.Context, *RPCVoid) (*CLUSStats, error) ResetLoginTokenTimer(context.Context, *CLUSLoginTokenInfo) (*RPCVoid, error) }
type ControllerCtrlService_ReqSyncStreamClient ¶
type ControllerCtrlService_ReqSyncStreamClient interface { Recv() (*CLUSSyncReply, error) grpc.ClientStream }
type ControllerCtrlService_ReqSyncStreamServer ¶
type ControllerCtrlService_ReqSyncStreamServer interface { Send(*CLUSSyncReply) error grpc.ServerStream }
type ControllerScanServiceClient ¶
type ControllerScanServiceClient interface { ScannerRegister(ctx context.Context, in *ScannerRegisterData, opts ...grpc.CallOption) (*RPCVoid, error) ScannerRegisterStream(ctx context.Context, opts ...grpc.CallOption) (ControllerScanService_ScannerRegisterStreamClient, error) ScannerDeregister(ctx context.Context, in *ScannerDeregisterData, opts ...grpc.CallOption) (*RPCVoid, error) SubmitScanResult(ctx context.Context, in *ScanResult, opts ...grpc.CallOption) (*RPCVoid, error) }
func NewControllerScanServiceClient ¶
func NewControllerScanServiceClient(cc *grpc.ClientConn) ControllerScanServiceClient
type ControllerScanServiceServer ¶
type ControllerScanServiceServer interface { ScannerRegister(context.Context, *ScannerRegisterData) (*RPCVoid, error) ScannerRegisterStream(ControllerScanService_ScannerRegisterStreamServer) error ScannerDeregister(context.Context, *ScannerDeregisterData) (*RPCVoid, error) SubmitScanResult(context.Context, *ScanResult) (*RPCVoid, error) }
type ControllerScanService_ScannerRegisterStreamClient ¶
type ControllerScanService_ScannerRegisterStreamClient interface { Send(*ScannerRegisterData) error CloseAndRecv() (*RPCVoid, error) grpc.ClientStream }
type ControllerScanService_ScannerRegisterStreamServer ¶
type ControllerScanService_ScannerRegisterStreamServer interface { SendAndClose(*RPCVoid) error Recv() (*ScannerRegisterData, error) grpc.ServerStream }
type ControllerUpgradeServiceClient ¶
type ControllerUpgradeServiceClient interface { UpgradeScannerDB(ctx context.Context, opts ...grpc.CallOption) (ControllerUpgradeService_UpgradeScannerDBClient, error) SupportRegularDB(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSBoolean, error) SupportUpgradeDB(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSBoolean, error) }
func NewControllerUpgradeServiceClient ¶
func NewControllerUpgradeServiceClient(cc *grpc.ClientConn) ControllerUpgradeServiceClient
type ControllerUpgradeServiceServer ¶
type ControllerUpgradeServiceServer interface { UpgradeScannerDB(ControllerUpgradeService_UpgradeScannerDBServer) error SupportRegularDB(context.Context, *RPCVoid) (*CLUSBoolean, error) SupportUpgradeDB(context.Context, *RPCVoid) (*CLUSBoolean, error) }
type ControllerUpgradeService_UpgradeScannerDBClient ¶
type ControllerUpgradeService_UpgradeScannerDBClient interface { Send(*CLUSFilePacket) error CloseAndRecv() (*RPCVoid, error) grpc.ClientStream }
type ControllerUpgradeService_UpgradeScannerDBServer ¶
type ControllerUpgradeService_UpgradeScannerDBServer interface { SendAndClose(*RPCVoid) error Recv() (*CLUSFilePacket, error) grpc.ServerStream }
type EnforcerCapServiceClient ¶
type EnforcerCapServiceClient interface {
IsGRPCCompressed(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSBoolean, error)
}
func NewEnforcerCapServiceClient ¶
func NewEnforcerCapServiceClient(cc *grpc.ClientConn) EnforcerCapServiceClient
type EnforcerCapServiceServer ¶
type EnforcerCapServiceServer interface {
IsGRPCCompressed(context.Context, *RPCVoid) (*CLUSBoolean, error)
}
type EnforcerScanServiceClient ¶
type EnforcerScanServiceClient interface {
ScanGetFiles(ctx context.Context, in *ScanRunningRequest, opts ...grpc.CallOption) (*ScanData, error)
}
func NewEnforcerScanServiceClient ¶
func NewEnforcerScanServiceClient(cc *grpc.ClientConn) EnforcerScanServiceClient
type EnforcerScanServiceServer ¶
type EnforcerScanServiceServer interface {
ScanGetFiles(context.Context, *ScanRunningRequest) (*ScanData, error)
}
type EnforcerServiceClient ¶
type EnforcerServiceClient interface { Kick(ctx context.Context, in *CLUSKick, opts ...grpc.CallOption) (*RPCVoid, error) GetSessionList(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (EnforcerService_GetSessionListClient, error) ClearSession(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*RPCVoid, error) GetStats(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSStats, error) GetSessionCounter(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSSessionCounter, error) GetDatapathCounter(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSDatapathCounter, error) GetDerivedPolicyRules(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSDerivedPolicyRuleMap, error) ProbeSummary(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSProbeSummary, error) ProbeProcessMap(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSProbeProcessArray, error) ProbeContainerMap(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*CLUSProbeContainerArray, error) SnifferCmd(ctx context.Context, in *CLUSSnifferRequest, opts ...grpc.CallOption) (*CLUSSnifferResponse, error) GetSniffers(ctx context.Context, in *CLUSSnifferFilter, opts ...grpc.CallOption) (*CLUSSnifferArray, error) GetSnifferPcap(ctx context.Context, in *CLUSSnifferDownload, opts ...grpc.CallOption) (EnforcerService_GetSnifferPcapClient, error) GetContainerLogs(ctx context.Context, in *CLUSContainerLogReq, opts ...grpc.CallOption) (EnforcerService_GetContainerLogsClient, error) RunDockerBench(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*RPCVoid, error) RunKubernetesBench(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*RPCVoid, error) GetFileMonitorFile(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSFileMonitorFileArray, error) GetProcess(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSProcessArray, error) GetProcessHistory(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSProcessArray, error) GetDerivedDlpRules(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSDerivedDlpRuleMap, error) GetDerivedDlpRuleEntries(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSDerivedDlpRuleEntryArray, error) GetDerivedDlpRuleMacs(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSDerivedDlpRuleMacArray, error) GetDerivedWorkloadProcessRule(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSDerivedProcessRuleArray, error) GetDerivedWorkloadFileRule(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSDerivedFileRuleArray, error) GetContainerIntercept(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (*CLUSWorkloadIntercept, error) GetMeterList(ctx context.Context, in *CLUSFilter, opts ...grpc.CallOption) (EnforcerService_GetMeterListClient, error) ProfilingCmd(ctx context.Context, in *CLUSProfilingRequest, opts ...grpc.CallOption) (*RPCVoid, error) }
func NewEnforcerServiceClient ¶
func NewEnforcerServiceClient(cc *grpc.ClientConn) EnforcerServiceClient
type EnforcerServiceServer ¶
type EnforcerServiceServer interface { Kick(context.Context, *CLUSKick) (*RPCVoid, error) GetSessionList(*CLUSFilter, EnforcerService_GetSessionListServer) error ClearSession(context.Context, *CLUSFilter) (*RPCVoid, error) GetStats(context.Context, *CLUSFilter) (*CLUSStats, error) GetSessionCounter(context.Context, *RPCVoid) (*CLUSSessionCounter, error) GetDatapathCounter(context.Context, *RPCVoid) (*CLUSDatapathCounter, error) GetDerivedPolicyRules(context.Context, *CLUSFilter) (*CLUSDerivedPolicyRuleMap, error) ProbeSummary(context.Context, *RPCVoid) (*CLUSProbeSummary, error) ProbeProcessMap(context.Context, *RPCVoid) (*CLUSProbeProcessArray, error) ProbeContainerMap(context.Context, *RPCVoid) (*CLUSProbeContainerArray, error) SnifferCmd(context.Context, *CLUSSnifferRequest) (*CLUSSnifferResponse, error) GetSniffers(context.Context, *CLUSSnifferFilter) (*CLUSSnifferArray, error) GetSnifferPcap(*CLUSSnifferDownload, EnforcerService_GetSnifferPcapServer) error GetContainerLogs(*CLUSContainerLogReq, EnforcerService_GetContainerLogsServer) error RunDockerBench(context.Context, *RPCVoid) (*RPCVoid, error) RunKubernetesBench(context.Context, *RPCVoid) (*RPCVoid, error) GetFileMonitorFile(context.Context, *CLUSFilter) (*CLUSFileMonitorFileArray, error) GetProcess(context.Context, *CLUSFilter) (*CLUSProcessArray, error) GetProcessHistory(context.Context, *CLUSFilter) (*CLUSProcessArray, error) GetDerivedDlpRules(context.Context, *CLUSFilter) (*CLUSDerivedDlpRuleMap, error) GetDerivedDlpRuleEntries(context.Context, *CLUSFilter) (*CLUSDerivedDlpRuleEntryArray, error) GetDerivedDlpRuleMacs(context.Context, *CLUSFilter) (*CLUSDerivedDlpRuleMacArray, error) GetDerivedWorkloadProcessRule(context.Context, *CLUSFilter) (*CLUSDerivedProcessRuleArray, error) GetDerivedWorkloadFileRule(context.Context, *CLUSFilter) (*CLUSDerivedFileRuleArray, error) GetContainerIntercept(context.Context, *CLUSFilter) (*CLUSWorkloadIntercept, error) GetMeterList(*CLUSFilter, EnforcerService_GetMeterListServer) error ProfilingCmd(context.Context, *CLUSProfilingRequest) (*RPCVoid, error) }
type EnforcerService_GetContainerLogsClient ¶
type EnforcerService_GetContainerLogsClient interface { Recv() (*CLUSContainerLogRes, error) grpc.ClientStream }
type EnforcerService_GetContainerLogsServer ¶
type EnforcerService_GetContainerLogsServer interface { Send(*CLUSContainerLogRes) error grpc.ServerStream }
type EnforcerService_GetMeterListClient ¶
type EnforcerService_GetMeterListClient interface { Recv() (*CLUSMeterArray, error) grpc.ClientStream }
type EnforcerService_GetMeterListServer ¶
type EnforcerService_GetMeterListServer interface { Send(*CLUSMeterArray) error grpc.ServerStream }
type EnforcerService_GetSessionListClient ¶
type EnforcerService_GetSessionListClient interface { Recv() (*CLUSSessionArray, error) grpc.ClientStream }
type EnforcerService_GetSessionListServer ¶
type EnforcerService_GetSessionListServer interface { Send(*CLUSSessionArray) error grpc.ServerStream }
type EnforcerService_GetSnifferPcapClient ¶
type EnforcerService_GetSnifferPcapClient interface { Recv() (*CLUSSnifferPcap, error) grpc.ClientStream }
type EnforcerService_GetSnifferPcapServer ¶
type EnforcerService_GetSnifferPcapServer interface { Send(*CLUSSnifferPcap) error grpc.ServerStream }
type GetAccessObjectFunc ¶
type GetAccessObjectFunc func(string) AccessObject
type GroupRoleMapping ¶
type KickLoginSessionsType ¶
type KickLoginSessionsType int32
const ( KickLoginSessionsType_KickByServer KickLoginSessionsType = 0 KickLoginSessionsType_KickByFed KickLoginSessionsType = 1 KickLoginSessionsType_KickByUser KickLoginSessionsType = 2 )
func (KickLoginSessionsType) EnumDescriptor ¶
func (KickLoginSessionsType) EnumDescriptor() ([]byte, []int)
func (KickLoginSessionsType) String ¶
func (x KickLoginSessionsType) String() string
type ProbeContainerStart ¶
type ProcRule ¶
type ProcRule struct { Active int `json:"active"` Group string `json:"group"` Rule CLUSProcessProfileEntry `json:"rule"` }
type ProcRuleMap ¶
type ProfilingCmd ¶
type ProfilingCmd int32
const ( ProfilingCmd_StartProfiling ProfilingCmd = 0 ProfilingCmd_StopProfiling ProfilingCmd = 1 )
func (ProfilingCmd) EnumDescriptor ¶
func (ProfilingCmd) EnumDescriptor() ([]byte, []int)
func (ProfilingCmd) String ¶
func (x ProfilingCmd) String() string
type ProfilingMethod ¶
type ProfilingMethod int32
const ( ProfilingMethod_CPU ProfilingMethod = 0 ProfilingMethod_Memory ProfilingMethod = 1 )
func (ProfilingMethod) EnumDescriptor ¶
func (ProfilingMethod) EnumDescriptor() ([]byte, []int)
func (ProfilingMethod) String ¶
func (x ProfilingMethod) String() string
type RPCVoid ¶
type RPCVoid struct { }
func (*RPCVoid) Descriptor ¶
func (*RPCVoid) ProtoMessage ¶
func (*RPCVoid) ProtoMessage()
type ReportRespAction ¶
type ReportRespAction int32
const ( ReportRespAction_Done ReportRespAction = 0 ReportRespAction_Resend ReportRespAction = 1 )
func (ReportRespAction) EnumDescriptor ¶
func (ReportRespAction) EnumDescriptor() ([]byte, []int)
func (ReportRespAction) String ¶
func (x ReportRespAction) String() string
type ScanAppPackage ¶
type ScanAppPackage struct { AppName string `protobuf:"bytes,1,opt,name=AppName" json:"AppName,omitempty"` ModuleName string `protobuf:"bytes,2,opt,name=ModuleName" json:"ModuleName,omitempty"` Version string `protobuf:"bytes,3,opt,name=Version" json:"Version,omitempty"` FileName string `protobuf:"bytes,4,opt,name=FileName" json:"FileName,omitempty"` }
func (*ScanAppPackage) Descriptor ¶
func (*ScanAppPackage) Descriptor() ([]byte, []int)
func (*ScanAppPackage) GetAppName ¶
func (m *ScanAppPackage) GetAppName() string
func (*ScanAppPackage) GetFileName ¶
func (m *ScanAppPackage) GetFileName() string
func (*ScanAppPackage) GetModuleName ¶
func (m *ScanAppPackage) GetModuleName() string
func (*ScanAppPackage) GetVersion ¶
func (m *ScanAppPackage) GetVersion() string
func (*ScanAppPackage) ProtoMessage ¶
func (*ScanAppPackage) ProtoMessage()
func (*ScanAppPackage) Reset ¶
func (m *ScanAppPackage) Reset()
func (*ScanAppPackage) String ¶
func (m *ScanAppPackage) String() string
type ScanAppRequest ¶
type ScanAppRequest struct {
Packages []*ScanAppPackage `protobuf:"bytes,1,rep,name=Packages" json:"Packages,omitempty"`
}
func (*ScanAppRequest) Descriptor ¶
func (*ScanAppRequest) Descriptor() ([]byte, []int)
func (*ScanAppRequest) GetPackages ¶
func (m *ScanAppRequest) GetPackages() []*ScanAppPackage
func (*ScanAppRequest) ProtoMessage ¶
func (*ScanAppRequest) ProtoMessage()
func (*ScanAppRequest) Reset ¶
func (m *ScanAppRequest) Reset()
func (*ScanAppRequest) String ¶
func (m *ScanAppRequest) String() string
type ScanAwsLambdaRequest ¶
type ScanAwsLambdaRequest struct { ResType string `protobuf:"bytes,1,opt,name=ResType" json:"ResType,omitempty"` FuncName string `protobuf:"bytes,2,opt,name=FuncName" json:"FuncName,omitempty"` Region string `protobuf:"bytes,3,opt,name=Region" json:"Region,omitempty"` FuncLink string `protobuf:"bytes,4,opt,name=FuncLink" json:"FuncLink,omitempty"` ScanSecrets bool `protobuf:"varint,5,opt,name=ScanSecrets" json:"ScanSecrets,omitempty"` }
func (*ScanAwsLambdaRequest) Descriptor ¶
func (*ScanAwsLambdaRequest) Descriptor() ([]byte, []int)
func (*ScanAwsLambdaRequest) GetFuncLink ¶
func (m *ScanAwsLambdaRequest) GetFuncLink() string
func (*ScanAwsLambdaRequest) GetFuncName ¶
func (m *ScanAwsLambdaRequest) GetFuncName() string
func (*ScanAwsLambdaRequest) GetRegion ¶
func (m *ScanAwsLambdaRequest) GetRegion() string
func (*ScanAwsLambdaRequest) GetResType ¶
func (m *ScanAwsLambdaRequest) GetResType() string
func (*ScanAwsLambdaRequest) GetScanSecrets ¶
func (m *ScanAwsLambdaRequest) GetScanSecrets() bool
func (*ScanAwsLambdaRequest) ProtoMessage ¶
func (*ScanAwsLambdaRequest) ProtoMessage()
func (*ScanAwsLambdaRequest) Reset ¶
func (m *ScanAwsLambdaRequest) Reset()
func (*ScanAwsLambdaRequest) String ¶
func (m *ScanAwsLambdaRequest) String() string
type ScanData ¶
type ScanData struct { Error ScanErrorCode `protobuf:"varint,1,opt,name=Error,enum=share.ScanErrorCode" json:"Error,omitempty"` Buffer []byte `protobuf:"bytes,2,opt,name=Buffer,proto3" json:"Buffer,omitempty"` }
func (*ScanData) Descriptor ¶
func (*ScanData) GetError ¶
func (m *ScanData) GetError() ScanErrorCode
func (*ScanData) ProtoMessage ¶
func (*ScanData) ProtoMessage()
type ScanErrorCode ¶
type ScanErrorCode int32
const ( ScanErrorCode_ScanErrNone ScanErrorCode = 0 ScanErrorCode_ScanErrNetwork ScanErrorCode = 1 ScanErrorCode_ScanErrNotSupport ScanErrorCode = 2 ScanErrorCode_ScanErrSizeOverLimit ScanErrorCode = 3 ScanErrorCode_ScanErrPackage ScanErrorCode = 4 ScanErrorCode_ScanErrDatabase ScanErrorCode = 5 ScanErrorCode_ScanErrTimeout ScanErrorCode = 6 ScanErrorCode_ScanErrInProgress ScanErrorCode = 7 ScanErrorCode_ScanErrRegistryAPI ScanErrorCode = 8 ScanErrorCode_ScanErrFileSystem ScanErrorCode = 9 ScanErrorCode_ScanErrContainerAPI ScanErrorCode = 10 ScanErrorCode_ScanErrXrayAPI ScanErrorCode = 11 ScanErrorCode_ScanErrContainerExit ScanErrorCode = 12 ScanErrorCode_ScanErrAuthentication ScanErrorCode = 13 ScanErrorCode_ScanErrCertificate ScanErrorCode = 14 ScanErrorCode_ScanErrCanceled ScanErrorCode = 15 ScanErrorCode_ScanErrDriverAPINotSupport ScanErrorCode = 16 ScanErrorCode_ScanErrImageNotFound ScanErrorCode = 17 ScanErrorCode_ScanErrAwsDownloadErr ScanErrorCode = 18 ScanErrorCode_ScanErrArgument ScanErrorCode = 19 )
func (ScanErrorCode) EnumDescriptor ¶
func (ScanErrorCode) EnumDescriptor() ([]byte, []int)
func (ScanErrorCode) String ¶
func (x ScanErrorCode) String() string
type ScanImageRequest ¶
type ScanImageRequest struct { Registry string `protobuf:"bytes,1,opt,name=Registry" json:"Registry,omitempty"` Username string `protobuf:"bytes,2,opt,name=Username" json:"Username,omitempty"` Password string `protobuf:"bytes,3,opt,name=Password" json:"Password,omitempty"` Repository string `protobuf:"bytes,4,opt,name=Repository" json:"Repository,omitempty"` Tag string `protobuf:"bytes,5,opt,name=Tag" json:"Tag,omitempty"` Proxy string `protobuf:"bytes,6,opt,name=Proxy" json:"Proxy,omitempty"` ScanLayers bool `protobuf:"varint,7,opt,name=ScanLayers" json:"ScanLayers,omitempty"` ScanSecrets bool `protobuf:"varint,8,opt,name=ScanSecrets" json:"ScanSecrets,omitempty"` BaseImage string `protobuf:"bytes,9,opt,name=BaseImage" json:"BaseImage,omitempty"` }
func (*ScanImageRequest) Descriptor ¶
func (*ScanImageRequest) Descriptor() ([]byte, []int)
func (*ScanImageRequest) GetBaseImage ¶
func (m *ScanImageRequest) GetBaseImage() string
func (*ScanImageRequest) GetPassword ¶
func (m *ScanImageRequest) GetPassword() string
func (*ScanImageRequest) GetProxy ¶
func (m *ScanImageRequest) GetProxy() string
func (*ScanImageRequest) GetRegistry ¶
func (m *ScanImageRequest) GetRegistry() string
func (*ScanImageRequest) GetRepository ¶
func (m *ScanImageRequest) GetRepository() string
func (*ScanImageRequest) GetScanLayers ¶
func (m *ScanImageRequest) GetScanLayers() bool
func (*ScanImageRequest) GetScanSecrets ¶
func (m *ScanImageRequest) GetScanSecrets() bool
func (*ScanImageRequest) GetTag ¶
func (m *ScanImageRequest) GetTag() string
func (*ScanImageRequest) GetUsername ¶
func (m *ScanImageRequest) GetUsername() string
func (*ScanImageRequest) ProtoMessage ¶
func (*ScanImageRequest) ProtoMessage()
func (*ScanImageRequest) Reset ¶
func (m *ScanImageRequest) Reset()
func (*ScanImageRequest) String ¶
func (m *ScanImageRequest) String() string
type ScanLayerResult ¶
type ScanLayerResult struct { Digest string `protobuf:"bytes,1,opt,name=Digest" json:"Digest,omitempty"` Vuls []*ScanVulnerability `protobuf:"bytes,2,rep,name=Vuls" json:"Vuls,omitempty"` Cmds string `protobuf:"bytes,3,opt,name=Cmds" json:"Cmds,omitempty"` Size int64 `protobuf:"varint,4,opt,name=Size" json:"Size,omitempty"` Secrets *ScanSecretResult `protobuf:"bytes,5,opt,name=Secrets" json:"Secrets,omitempty"` }
func (*ScanLayerResult) Descriptor ¶
func (*ScanLayerResult) Descriptor() ([]byte, []int)
func (*ScanLayerResult) GetCmds ¶
func (m *ScanLayerResult) GetCmds() string
func (*ScanLayerResult) GetDigest ¶
func (m *ScanLayerResult) GetDigest() string
func (*ScanLayerResult) GetSecrets ¶
func (m *ScanLayerResult) GetSecrets() *ScanSecretResult
func (*ScanLayerResult) GetSize ¶
func (m *ScanLayerResult) GetSize() int64
func (*ScanLayerResult) GetVuls ¶
func (m *ScanLayerResult) GetVuls() []*ScanVulnerability
func (*ScanLayerResult) ProtoMessage ¶
func (*ScanLayerResult) ProtoMessage()
func (*ScanLayerResult) Reset ¶
func (m *ScanLayerResult) Reset()
func (*ScanLayerResult) String ¶
func (m *ScanLayerResult) String() string
type ScanModule ¶
type ScanModule struct { Name string `protobuf:"bytes,1,opt,name=Name" json:"Name,omitempty"` Version string `protobuf:"bytes,2,opt,name=Version" json:"Version,omitempty"` Source string `protobuf:"bytes,3,opt,name=Source" json:"Source,omitempty"` Vuls []*ScanModuleVul `protobuf:"bytes,4,rep,name=Vuls" json:"Vuls,omitempty"` CPEs []string `protobuf:"bytes,5,rep,name=CPEs" json:"CPEs,omitempty"` }
func (*ScanModule) Descriptor ¶
func (*ScanModule) Descriptor() ([]byte, []int)
func (*ScanModule) GetCPEs ¶
func (m *ScanModule) GetCPEs() []string
func (*ScanModule) GetName ¶
func (m *ScanModule) GetName() string
func (*ScanModule) GetSource ¶
func (m *ScanModule) GetSource() string
func (*ScanModule) GetVersion ¶
func (m *ScanModule) GetVersion() string
func (*ScanModule) GetVuls ¶
func (m *ScanModule) GetVuls() []*ScanModuleVul
func (*ScanModule) ProtoMessage ¶
func (*ScanModule) ProtoMessage()
func (*ScanModule) Reset ¶
func (m *ScanModule) Reset()
func (*ScanModule) String ¶
func (m *ScanModule) String() string
type ScanModuleVul ¶
type ScanModuleVul struct { Name string `protobuf:"bytes,1,opt,name=Name" json:"Name,omitempty"` Status ScanVulStatus `protobuf:"varint,2,opt,name=Status,enum=share.ScanVulStatus" json:"Status,omitempty"` }
func (*ScanModuleVul) Descriptor ¶
func (*ScanModuleVul) Descriptor() ([]byte, []int)
func (*ScanModuleVul) GetName ¶
func (m *ScanModuleVul) GetName() string
func (*ScanModuleVul) GetStatus ¶
func (m *ScanModuleVul) GetStatus() ScanVulStatus
func (*ScanModuleVul) ProtoMessage ¶
func (*ScanModuleVul) ProtoMessage()
func (*ScanModuleVul) Reset ¶
func (m *ScanModuleVul) Reset()
func (*ScanModuleVul) String ¶
func (m *ScanModuleVul) String() string
type ScanObjectType ¶
type ScanObjectType int32
const ( ScanObjectType_CONTAINER ScanObjectType = 0 ScanObjectType_HOST ScanObjectType = 1 ScanObjectType_IMAGE ScanObjectType = 2 ScanObjectType_PLATFORM ScanObjectType = 3 ScanObjectType_SERVERLESS ScanObjectType = 4 )
func (ScanObjectType) EnumDescriptor ¶
func (ScanObjectType) EnumDescriptor() ([]byte, []int)
func (ScanObjectType) String ¶
func (x ScanObjectType) String() string
type ScanProvider ¶
type ScanProvider int32
const ( ScanProvider_Neuvector ScanProvider = 0 ScanProvider_JFrogXray ScanProvider = 1 )
func (ScanProvider) EnumDescriptor ¶
func (ScanProvider) EnumDescriptor() ([]byte, []int)
func (ScanProvider) String ¶
func (x ScanProvider) String() string
type ScanResult ¶
type ScanResult struct { Version string `protobuf:"bytes,1,opt,name=Version" json:"Version,omitempty"` Error ScanErrorCode `protobuf:"varint,2,opt,name=Error,enum=share.ScanErrorCode" json:"Error,omitempty"` Namespace string `protobuf:"bytes,3,opt,name=Namespace" json:"Namespace,omitempty"` Vuls []*ScanVulnerability `protobuf:"bytes,4,rep,name=Vuls" json:"Vuls,omitempty"` ContainerID string `protobuf:"bytes,5,opt,name=ContainerID" json:"ContainerID,omitempty"` HostID string `protobuf:"bytes,6,opt,name=HostID" json:"HostID,omitempty"` Registry string `protobuf:"bytes,7,opt,name=Registry" json:"Registry,omitempty"` Repository string `protobuf:"bytes,8,opt,name=Repository" json:"Repository,omitempty"` Tag string `protobuf:"bytes,9,opt,name=Tag" json:"Tag,omitempty"` Digest string `protobuf:"bytes,10,opt,name=Digest" json:"Digest,omitempty"` ImageID string `protobuf:"bytes,11,opt,name=ImageID" json:"ImageID,omitempty"` Layers []*ScanLayerResult `protobuf:"bytes,12,rep,name=Layers" json:"Layers,omitempty"` Envs []string `protobuf:"bytes,13,rep,name=Envs" json:"Envs,omitempty"` Labels map[string]string `` /* 133-byte string literal not displayed */ Platform string `protobuf:"bytes,15,opt,name=Platform" json:"Platform,omitempty"` PlatformVersion string `protobuf:"bytes,16,opt,name=PlatformVersion" json:"PlatformVersion,omitempty"` Author string `protobuf:"bytes,17,opt,name=Author" json:"Author,omitempty"` CVEDBCreateTime string `protobuf:"bytes,18,opt,name=CVEDBCreateTime" json:"CVEDBCreateTime,omitempty"` Modules []*ScanModule `protobuf:"bytes,19,rep,name=Modules" json:"Modules,omitempty"` Secrets *ScanSecretResult `protobuf:"bytes,20,opt,name=Secrets" json:"Secrets,omitempty"` Cmds []string `protobuf:"bytes,21,rep,name=Cmds" json:"Cmds,omitempty"` SetIdPerms []*ScanSetIdPermLog `protobuf:"bytes,22,rep,name=SetIdPerms" json:"SetIdPerms,omitempty"` Provider ScanProvider `protobuf:"varint,23,opt,name=Provider,enum=share.ScanProvider" json:"Provider,omitempty"` Size int64 `protobuf:"varint,24,opt,name=Size" json:"Size,omitempty"` }
func (*ScanResult) Descriptor ¶
func (*ScanResult) Descriptor() ([]byte, []int)
func (*ScanResult) GetAuthor ¶
func (m *ScanResult) GetAuthor() string
func (*ScanResult) GetCVEDBCreateTime ¶
func (m *ScanResult) GetCVEDBCreateTime() string
func (*ScanResult) GetCmds ¶
func (m *ScanResult) GetCmds() []string
func (*ScanResult) GetContainerID ¶
func (m *ScanResult) GetContainerID() string
func (*ScanResult) GetDigest ¶
func (m *ScanResult) GetDigest() string
func (*ScanResult) GetEnvs ¶
func (m *ScanResult) GetEnvs() []string
func (*ScanResult) GetError ¶
func (m *ScanResult) GetError() ScanErrorCode
func (*ScanResult) GetHostID ¶
func (m *ScanResult) GetHostID() string
func (*ScanResult) GetImageID ¶
func (m *ScanResult) GetImageID() string
func (*ScanResult) GetLabels ¶
func (m *ScanResult) GetLabels() map[string]string
func (*ScanResult) GetLayers ¶
func (m *ScanResult) GetLayers() []*ScanLayerResult
func (*ScanResult) GetModules ¶
func (m *ScanResult) GetModules() []*ScanModule
func (*ScanResult) GetNamespace ¶
func (m *ScanResult) GetNamespace() string
func (*ScanResult) GetPlatform ¶
func (m *ScanResult) GetPlatform() string
func (*ScanResult) GetPlatformVersion ¶
func (m *ScanResult) GetPlatformVersion() string
func (*ScanResult) GetProvider ¶
func (m *ScanResult) GetProvider() ScanProvider
func (*ScanResult) GetRegistry ¶
func (m *ScanResult) GetRegistry() string
func (*ScanResult) GetRepository ¶
func (m *ScanResult) GetRepository() string
func (*ScanResult) GetSecrets ¶
func (m *ScanResult) GetSecrets() *ScanSecretResult
func (*ScanResult) GetSetIdPerms ¶
func (m *ScanResult) GetSetIdPerms() []*ScanSetIdPermLog
func (*ScanResult) GetSize ¶
func (m *ScanResult) GetSize() int64
func (*ScanResult) GetTag ¶
func (m *ScanResult) GetTag() string
func (*ScanResult) GetVersion ¶
func (m *ScanResult) GetVersion() string
func (*ScanResult) GetVuls ¶
func (m *ScanResult) GetVuls() []*ScanVulnerability
func (*ScanResult) ProtoMessage ¶
func (*ScanResult) ProtoMessage()
func (*ScanResult) Reset ¶
func (m *ScanResult) Reset()
func (*ScanResult) String ¶
func (m *ScanResult) String() string
type ScanRunningRequest ¶
type ScanRunningRequest struct { Type ScanObjectType `protobuf:"varint,1,opt,name=Type,enum=share.ScanObjectType" json:"Type,omitempty"` ID string `protobuf:"bytes,2,opt,name=ID" json:"ID,omitempty"` AgentID string `protobuf:"bytes,3,opt,name=AgentID" json:"AgentID,omitempty"` AgentRPCEndPoint string `protobuf:"bytes,4,opt,name=AgentRPCEndPoint" json:"AgentRPCEndPoint,omitempty"` }
func (*ScanRunningRequest) Descriptor ¶
func (*ScanRunningRequest) Descriptor() ([]byte, []int)
func (*ScanRunningRequest) GetAgentID ¶
func (m *ScanRunningRequest) GetAgentID() string
func (*ScanRunningRequest) GetAgentRPCEndPoint ¶
func (m *ScanRunningRequest) GetAgentRPCEndPoint() string
func (*ScanRunningRequest) GetID ¶
func (m *ScanRunningRequest) GetID() string
func (*ScanRunningRequest) GetType ¶
func (m *ScanRunningRequest) GetType() ScanObjectType
func (*ScanRunningRequest) ProtoMessage ¶
func (*ScanRunningRequest) ProtoMessage()
func (*ScanRunningRequest) Reset ¶
func (m *ScanRunningRequest) Reset()
func (*ScanRunningRequest) String ¶
func (m *ScanRunningRequest) String() string
type ScanSecretLog ¶
type ScanSecretLog struct { Type string `protobuf:"bytes,1,opt,name=Type" json:"Type,omitempty"` Text string `protobuf:"bytes,2,opt,name=Text" json:"Text,omitempty"` File string `protobuf:"bytes,3,opt,name=File" json:"File,omitempty"` RuleDesc string `protobuf:"bytes,4,opt,name=RuleDesc" json:"RuleDesc,omitempty"` Suggestion string `protobuf:"bytes,5,opt,name=Suggestion" json:"Suggestion,omitempty"` }
func (*ScanSecretLog) Descriptor ¶
func (*ScanSecretLog) Descriptor() ([]byte, []int)
func (*ScanSecretLog) GetFile ¶
func (m *ScanSecretLog) GetFile() string
func (*ScanSecretLog) GetRuleDesc ¶
func (m *ScanSecretLog) GetRuleDesc() string
func (*ScanSecretLog) GetSuggestion ¶
func (m *ScanSecretLog) GetSuggestion() string
func (*ScanSecretLog) GetText ¶
func (m *ScanSecretLog) GetText() string
func (*ScanSecretLog) GetType ¶
func (m *ScanSecretLog) GetType() string
func (*ScanSecretLog) ProtoMessage ¶
func (*ScanSecretLog) ProtoMessage()
func (*ScanSecretLog) Reset ¶
func (m *ScanSecretLog) Reset()
func (*ScanSecretLog) String ¶
func (m *ScanSecretLog) String() string
type ScanSecretResult ¶
type ScanSecretResult struct { Error ScanErrorCode `protobuf:"varint,1,opt,name=Error,enum=share.ScanErrorCode" json:"Error,omitempty"` Logs []*ScanSecretLog `protobuf:"bytes,2,rep,name=Logs" json:"Logs,omitempty"` }
func (*ScanSecretResult) Descriptor ¶
func (*ScanSecretResult) Descriptor() ([]byte, []int)
func (*ScanSecretResult) GetError ¶
func (m *ScanSecretResult) GetError() ScanErrorCode
func (*ScanSecretResult) GetLogs ¶
func (m *ScanSecretResult) GetLogs() []*ScanSecretLog
func (*ScanSecretResult) ProtoMessage ¶
func (*ScanSecretResult) ProtoMessage()
func (*ScanSecretResult) Reset ¶
func (m *ScanSecretResult) Reset()
func (*ScanSecretResult) String ¶
func (m *ScanSecretResult) String() string
type ScanSetIdPermLog ¶
type ScanSetIdPermLog struct { Type string `protobuf:"bytes,1,opt,name=Type" json:"Type,omitempty"` File string `protobuf:"bytes,2,opt,name=File" json:"File,omitempty"` Evidence string `protobuf:"bytes,3,opt,name=Evidence" json:"Evidence,omitempty"` }
func (*ScanSetIdPermLog) Descriptor ¶
func (*ScanSetIdPermLog) Descriptor() ([]byte, []int)
func (*ScanSetIdPermLog) GetEvidence ¶
func (m *ScanSetIdPermLog) GetEvidence() string
func (*ScanSetIdPermLog) GetFile ¶
func (m *ScanSetIdPermLog) GetFile() string
func (*ScanSetIdPermLog) GetType ¶
func (m *ScanSetIdPermLog) GetType() string
func (*ScanSetIdPermLog) ProtoMessage ¶
func (*ScanSetIdPermLog) ProtoMessage()
func (*ScanSetIdPermLog) Reset ¶
func (m *ScanSetIdPermLog) Reset()
func (*ScanSetIdPermLog) String ¶
func (m *ScanSetIdPermLog) String() string
type ScanVulStatus ¶
type ScanVulStatus int32
const ( ScanVulStatus_Unpatched ScanVulStatus = 0 ScanVulStatus_FixExists ScanVulStatus = 1 ScanVulStatus_WillNotFix ScanVulStatus = 2 ScanVulStatus_Unaffected ScanVulStatus = 3 )
func (ScanVulStatus) EnumDescriptor ¶
func (ScanVulStatus) EnumDescriptor() ([]byte, []int)
func (ScanVulStatus) String ¶
func (x ScanVulStatus) String() string
type ScanVulnerability ¶
type ScanVulnerability struct { Name string `protobuf:"bytes,1,opt,name=Name" json:"Name,omitempty"` Score float32 `protobuf:"fixed32,2,opt,name=Score" json:"Score,omitempty"` Severity string `protobuf:"bytes,3,opt,name=Severity" json:"Severity,omitempty"` Description string `protobuf:"bytes,4,opt,name=Description" json:"Description,omitempty"` PackageName string `protobuf:"bytes,5,opt,name=PackageName" json:"PackageName,omitempty"` PackageVersion string `protobuf:"bytes,6,opt,name=PackageVersion" json:"PackageVersion,omitempty"` FixedVersion string `protobuf:"bytes,7,opt,name=FixedVersion" json:"FixedVersion,omitempty"` Link string `protobuf:"bytes,8,opt,name=Link" json:"Link,omitempty"` Vectors string `protobuf:"bytes,9,opt,name=Vectors" json:"Vectors,omitempty"` ScoreV3 float32 `protobuf:"fixed32,10,opt,name=ScoreV3" json:"ScoreV3,omitempty"` VectorsV3 string `protobuf:"bytes,11,opt,name=VectorsV3" json:"VectorsV3,omitempty"` PublishedDate string `protobuf:"bytes,12,opt,name=PublishedDate" json:"PublishedDate,omitempty"` LastModifiedDate string `protobuf:"bytes,13,opt,name=LastModifiedDate" json:"LastModifiedDate,omitempty"` CPEs []string `protobuf:"bytes,14,rep,name=CPEs" json:"CPEs,omitempty"` CVEs []string `protobuf:"bytes,15,rep,name=CVEs" json:"CVEs,omitempty"` FeedRating string `protobuf:"bytes,16,opt,name=FeedRating" json:"FeedRating,omitempty"` InBase bool `protobuf:"varint,17,opt,name=InBase" json:"InBase,omitempty"` }
func (*ScanVulnerability) Descriptor ¶
func (*ScanVulnerability) Descriptor() ([]byte, []int)
func (*ScanVulnerability) GetCPEs ¶
func (m *ScanVulnerability) GetCPEs() []string
func (*ScanVulnerability) GetCVEs ¶
func (m *ScanVulnerability) GetCVEs() []string
func (*ScanVulnerability) GetDescription ¶
func (m *ScanVulnerability) GetDescription() string
func (*ScanVulnerability) GetFeedRating ¶
func (m *ScanVulnerability) GetFeedRating() string
func (*ScanVulnerability) GetFixedVersion ¶
func (m *ScanVulnerability) GetFixedVersion() string
func (*ScanVulnerability) GetInBase ¶
func (m *ScanVulnerability) GetInBase() bool
func (*ScanVulnerability) GetLastModifiedDate ¶
func (m *ScanVulnerability) GetLastModifiedDate() string
func (*ScanVulnerability) GetLink ¶
func (m *ScanVulnerability) GetLink() string
func (*ScanVulnerability) GetName ¶
func (m *ScanVulnerability) GetName() string
func (*ScanVulnerability) GetPackageName ¶
func (m *ScanVulnerability) GetPackageName() string
func (*ScanVulnerability) GetPackageVersion ¶
func (m *ScanVulnerability) GetPackageVersion() string
func (*ScanVulnerability) GetPublishedDate ¶
func (m *ScanVulnerability) GetPublishedDate() string
func (*ScanVulnerability) GetScore ¶
func (m *ScanVulnerability) GetScore() float32
func (*ScanVulnerability) GetScoreV3 ¶
func (m *ScanVulnerability) GetScoreV3() float32
func (*ScanVulnerability) GetSeverity ¶
func (m *ScanVulnerability) GetSeverity() string
func (*ScanVulnerability) GetVectors ¶
func (m *ScanVulnerability) GetVectors() string
func (*ScanVulnerability) GetVectorsV3 ¶
func (m *ScanVulnerability) GetVectorsV3() string
func (*ScanVulnerability) ProtoMessage ¶
func (*ScanVulnerability) ProtoMessage()
func (*ScanVulnerability) Reset ¶
func (m *ScanVulnerability) Reset()
func (*ScanVulnerability) String ¶
func (m *ScanVulnerability) String() string
type ScannerDeregisterData ¶
type ScannerDeregisterData struct {
ID string `protobuf:"bytes,1,opt,name=ID" json:"ID,omitempty"`
}
func (*ScannerDeregisterData) Descriptor ¶
func (*ScannerDeregisterData) Descriptor() ([]byte, []int)
func (*ScannerDeregisterData) GetID ¶
func (m *ScannerDeregisterData) GetID() string
func (*ScannerDeregisterData) ProtoMessage ¶
func (*ScannerDeregisterData) ProtoMessage()
func (*ScannerDeregisterData) Reset ¶
func (m *ScannerDeregisterData) Reset()
func (*ScannerDeregisterData) String ¶
func (m *ScannerDeregisterData) String() string
type ScannerRegisterData ¶
type ScannerRegisterData struct { CVEDBVersion string `protobuf:"bytes,1,opt,name=CVEDBVersion" json:"CVEDBVersion,omitempty"` CVEDBCreateTime string `protobuf:"bytes,2,opt,name=CVEDBCreateTime" json:"CVEDBCreateTime,omitempty"` CVEDB map[string]*ScanVulnerability `` /* 130-byte string literal not displayed */ RPCServer string `protobuf:"bytes,4,opt,name=RPCServer" json:"RPCServer,omitempty"` RPCServerPort uint32 `protobuf:"varint,5,opt,name=RPCServerPort" json:"RPCServerPort,omitempty"` ID string `protobuf:"bytes,6,opt,name=ID" json:"ID,omitempty"` }
func (*ScannerRegisterData) Descriptor ¶
func (*ScannerRegisterData) Descriptor() ([]byte, []int)
func (*ScannerRegisterData) GetCVEDB ¶
func (m *ScannerRegisterData) GetCVEDB() map[string]*ScanVulnerability
func (*ScannerRegisterData) GetCVEDBCreateTime ¶
func (m *ScannerRegisterData) GetCVEDBCreateTime() string
func (*ScannerRegisterData) GetCVEDBVersion ¶
func (m *ScannerRegisterData) GetCVEDBVersion() string
func (*ScannerRegisterData) GetID ¶
func (m *ScannerRegisterData) GetID() string
func (*ScannerRegisterData) GetRPCServer ¶
func (m *ScannerRegisterData) GetRPCServer() string
func (*ScannerRegisterData) GetRPCServerPort ¶
func (m *ScannerRegisterData) GetRPCServerPort() uint32
func (*ScannerRegisterData) ProtoMessage ¶
func (*ScannerRegisterData) ProtoMessage()
func (*ScannerRegisterData) Reset ¶
func (m *ScannerRegisterData) Reset()
func (*ScannerRegisterData) String ¶
func (m *ScannerRegisterData) String() string
type ScannerServiceClient ¶
type ScannerServiceClient interface { ScanRunning(ctx context.Context, in *ScanRunningRequest, opts ...grpc.CallOption) (*ScanResult, error) ScanImageData(ctx context.Context, in *ScanData, opts ...grpc.CallOption) (*ScanResult, error) ScanImage(ctx context.Context, in *ScanImageRequest, opts ...grpc.CallOption) (*ScanResult, error) ScanAppPackage(ctx context.Context, in *ScanAppRequest, opts ...grpc.CallOption) (*ScanResult, error) Ping(ctx context.Context, in *RPCVoid, opts ...grpc.CallOption) (*RPCVoid, error) ScanAwsLambda(ctx context.Context, in *ScanAwsLambdaRequest, opts ...grpc.CallOption) (*ScanResult, error) }
func NewScannerServiceClient ¶
func NewScannerServiceClient(cc *grpc.ClientConn) ScannerServiceClient
type ScannerServiceServer ¶
type ScannerServiceServer interface { ScanRunning(context.Context, *ScanRunningRequest) (*ScanResult, error) ScanImageData(context.Context, *ScanData) (*ScanResult, error) ScanImage(context.Context, *ScanImageRequest) (*ScanResult, error) ScanAppPackage(context.Context, *ScanAppRequest) (*ScanResult, error) Ping(context.Context, *RPCVoid) (*RPCVoid, error) ScanAwsLambda(context.Context, *ScanAwsLambdaRequest) (*ScanResult, error) }
type SecretLog ¶
type SecretLog struct { Text string `json:"secret"` // detected secret or signature Line string `json:"line"` // full line in the content File string `json:"path"` // file path RuleDesc string `json:"rule_desc"` // rule description }
SecretLog provides the found secret raw data
type SnifferCmd ¶
type SnifferCmd int32
const ( SnifferCmd_StartSniffer SnifferCmd = 0 SnifferCmd_StopSniffer SnifferCmd = 1 SnifferCmd_RemoveSniffer SnifferCmd = 2 )
func (SnifferCmd) EnumDescriptor ¶
func (SnifferCmd) EnumDescriptor() ([]byte, []int)
func (SnifferCmd) String ¶
func (x SnifferCmd) String() string
type SnifferStatus ¶
type SnifferStatus int32
const ( SnifferStatus_Failed SnifferStatus = 0 SnifferStatus_Running SnifferStatus = 1 SnifferStatus_Stopped SnifferStatus = 2 )
func (SnifferStatus) EnumDescriptor ¶
func (SnifferStatus) EnumDescriptor() ([]byte, []int)
func (SnifferStatus) String ¶
func (x SnifferStatus) String() string
type StoreWatcherAction ¶
type StoreWatcherAction int32
const ( StoreWatcherAction_PauseWatcher StoreWatcherAction = 0 StoreWatcherAction_ResumeWatcher StoreWatcherAction = 1 )
func (StoreWatcherAction) EnumDescriptor ¶
func (StoreWatcherAction) EnumDescriptor() ([]byte, []int)
func (StoreWatcherAction) String ¶
func (x StoreWatcherAction) String() string
type TLogAudit ¶
type TLogAudit uint
const ( CLUSAuditComplianceContainerBenchViolation TLogAudit = iota CLUSAuditComplianceHostBenchViolation CLUSAuditAdmCtrlK8sReqAllowed // for admission control CLUSAuditAdmCtrlK8sReqViolation // for admission control CLUSAuditAdmCtrlK8sReqDenied // for admission control CLUSAuditComplianceHostCustomCheckViolation CLUSAuditComplianceContainerCustomCheckViolation CLUSAuditAwsLambdaScanWarning CLUSAuditAwsLambdaScanNormal CLUSAuditComplianceImageBenchViolation CLUSAuditComplianceContainerFileBenchViolation )
type TLogEvent ¶
type TLogEvent uint
This value is stored in the cluster, so should not change the order
const ( CLUSEvWorkloadStart TLogEvent = iota CLUSEvWorkloadStop CLUSEvWorkloadRemove CLUSEvWorkloadSecured CLUSEvWorkloadUnsecured_UNUSED CLUSEvAgentStart CLUSEvAgentStop CLUSEvAgentJoin CLUSEvAgentDisconnect CLUSEvAgentConnect CLUSEvAgentKicked CLUSEvControllerStart CLUSEvControllerStop CLUSEvControllerJoin CLUSEvControllerDisconnect CLUSEvControllerConnect CLUSEvAuthLogin CLUSEvAuthLogout CLUSEvAuthTimeout CLUSEvAuthLoginFailed CLUSEvRESTWrite CLUSEvRESTRead CLUSEvScannerJoin CLUSEvScannerUpdate CLUSEvScannerLeave CLUSEvScanFail CLUSEvScanSucceed CLUSEvBenchDockerFail CLUSEvBenchKubeFail CLUSEvLicenseUpdate CLUSEvLicenseExpire CLUSEvLicenseRemove CLUSEvLicenseEnforcerLimitReached CLUSEvHostPrivilEscalate_UNUSED CLUSEvHostSuspiciousProcess_UNUSED CLUSEvContainerPrivilEscalate_UNUSED CLUSEvContainerSuspiciousProcess_UNUSED CLUSEvWorkloadQuarantined CLUSEvWorkloadUnquarantined CLUSEvAuthAccessDenied CLUSEvAdmCtrlK8sConfigured // for admission control CLUSEvAdmCtrlK8sConfigFailed // for admission control CLUSEvInitCfgMapDone // for initial Config CLUSEvInitCfgMapError // for initial Config CLUSEvCrdImported // for crd Config import CLUSEvCrdRemoved // for crd Config remove due to k8s miss CLUSEvCrdErrDetected // for remove error crd CLUSEvFedPromote // for multi-clusters CLUSEvFedDemote // for multi-clusters CLUSEvFedJoin // for multi-clusters CLUSEvFedLeave // for multi-clusters CLUSEvFedKick // for multi-clusters CLUSEvFedPolicySync // for multi-clusters CLUSEvImport CLUSEvImportFail CLUSEvExport CLUSEvExportFail CLUSEvControllerLeadLost CLUSEvControllerLeadElect CLUSEvCloudScanRet CLUSEvCloudScanAlert CLUSEvCloudScanFail CLUSEvGroupAutoRemove CLUSEvLicenseStatusInvalid CLUSEvLicenseStatusRevoked CLUSEvLicenseValidationError CLUSEvLicenseUsageReportError CLUSEvLicenseUsageServerError CLUSEvAuthLoginBlocked // temporarily block user login (too many consecutive login failures) CLUSEvAuthLoginUnblocked // unblock user login CLUSEvAuthUserPwdResetByAdmin // user password reset not by the owner user CLUSEvMemoryPressureAgent CLUSEvMemoryPressureController )
type TLogIncident ¶
type TLogIncident uint
const ( CLUSIncidHostPrivilEscalate TLogIncident = iota CLUSIncidHostSuspiciousProcess CLUSIncidContainerPrivilEscalate CLUSIncidContainerSuspiciousProcess CLUSIncidHostFileAccessViolation CLUSIncidHostPackageUpdated CLUSIncidContainerFileAccessViolation CLUSIncidContainerPackageUpdated CLUSIncidHostTunnel CLUSIncidContainerTunnel CLUSIncidHostProcessViolation CLUSIncidContainerProcessViolation )
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
oidc
Package oidc implements OpenID Connect client logic for the golang.org/x/oauth2 package.
|
Package oidc implements OpenID Connect client logic for the golang.org/x/oauth2 package. |
The fanotify package provides a simple fanotify api
|
The fanotify package provides a simple fanotify api |
sysinfo
Package sysinfo is a pure Go library providing Linux OS / kernel / hardware system information.
|
Package sysinfo is a pure Go library providing Linux OS / kernel / hardware system information. |
sysinfo/cpuid
Package cpuid gives Go programs access to CPUID opcode.
|
Package cpuid gives Go programs access to CPUID opcode. |