Documentation ¶
Index ¶
Constants ¶
const ( // FlowReject indicates that a flow was rejected FlowReject = "reject" // FlowAccept logs that a flow is accepted FlowAccept = "accept" // MissingToken indicates that the token was missing MissingToken = "missingtoken" // InvalidToken indicates that the token was invalid InvalidToken = "token" // InvalidFormat indicates that the packet metadata were not correct InvalidFormat = "format" // InvalidHeader indicates that the TCP header was not there. InvalidHeader = "header" // InvalidPayload indicates that the TCP payload was not there or bad. InvalidPayload = "payload" // InvalidContext indicates that there was no context in the metadata InvalidContext = "context" // InvalidConnection indicates that there was no connection found InvalidConnection = "connection" // InvalidState indicates that a packet was received without proper state information InvalidState = "state" // InvalidNonse indicates that the nonse check failed InvalidNonse = "nonse" // PolicyDrop indicates that the flow is rejected because of the policy decision PolicyDrop = "policy" // APIPolicyDrop indicates that the request was dropped because of failed API validation. APIPolicyDrop = "api" // UnableToDial indicates that the proxy cannot dial out the connection UnableToDial = "dial" // CompressedTagMismatch indicates that the compressed tag version is dissimilar CompressedTagMismatch = "compressedtagmismatch" // EncryptionMismatch indicates that the policy encryption varies between client and server enforcer EncryptionMismatch = "encryptionmismatch" // DatapathVersionMismatch indicates that the datapath version is dissimilar DatapathVersionMismatch = "datapathversionmismatch" )
Flow event description
const ( // ContainerStart indicates a container start event ContainerStart = "start" // ContainerStop indicates a container stop event ContainerStop = "stop" // ContainerCreate indicates a container create event ContainerCreate = "create" // ContainerDelete indicates a container delete event ContainerDelete = "delete" // ContainerUpdate indicates a container policy update event ContainerUpdate = "update" // ContainerFailed indicates an event that a container was stopped because of policy issues ContainerFailed = "forcestop" // ContainerIgnored indicates that the container will be ignored by Trireme ContainerIgnored = "ignore" // ContainerDeleteUnknown indicates that policy for an unknown container was deleted ContainerDeleteUnknown = "unknowncontainer" )
Container event description
const ( // PolicyValid Normal flow accept PolicyValid = "V" // DefaultEndPoint provides a string for unknown container sources DefaultEndPoint = "default" // SomeClaimsSource provides a string for some claims flow source. SomeClaimsSource = "some-claims" )
Variables ¶
This section is empty.
Functions ¶
func StatsFlowHash ¶
func StatsFlowHash(r *FlowRecord) string
StatsFlowHash is a hash function to hash flows
func StatsUserHash ¶
func StatsUserHash(r *UserRecord) error
StatsUserHash is a hash function to hash user records
Types ¶
type ContainerRecord ¶
type ContainerRecord struct { ContextID string IPAddress policy.ExtendedMap Tags *policy.TagStore Event string }
ContainerRecord is a statistics record for a container
type DefaultCollector ¶
type DefaultCollector struct{}
DefaultCollector implements a default collector infrastructure to syslog
func (*DefaultCollector) CollectContainerEvent ¶
func (d *DefaultCollector) CollectContainerEvent(record *ContainerRecord)
CollectContainerEvent is part of the EventCollector interface.
func (*DefaultCollector) CollectFlowEvent ¶
func (d *DefaultCollector) CollectFlowEvent(record *FlowRecord)
CollectFlowEvent is part of the EventCollector interface.
func (*DefaultCollector) CollectUserEvent ¶
func (d *DefaultCollector) CollectUserEvent(record *UserRecord)
CollectUserEvent is part of the EventCollector interface.
type EndPoint ¶ added in v1.0.24
type EndPoint struct { ID string IP string URI string HTTPMethod string UserID string Type EndPointType Port uint16 }
EndPoint is a structure that holds all the endpoint information
type EndPointType ¶ added in v1.0.24
type EndPointType byte
EndPointType is the type of an endpoint (PU or an external IP address )
const ( // EndPointTypeExternalIP indicates that the endpoint is an external IP address EndPointTypeExternalIP EndPointType = iota // EnpointTypePU indicates that the endpoint is a PU. EnpointTypePU // EndpointTypeClaims indicates that the endpoint is of type claims. EndpointTypeClaims )
func (*EndPointType) String ¶ added in v1.0.24
func (e *EndPointType) String() string
type EventCollector ¶
type EventCollector interface { // CollectFlowEvent collect a flow event. CollectFlowEvent(record *FlowRecord) // CollectContainerEvent collects a container events CollectContainerEvent(record *ContainerRecord) // CollectUserEvent collects a user event CollectUserEvent(record *UserRecord) }
EventCollector is the interface for collecting events.
func NewDefaultCollector ¶
func NewDefaultCollector() EventCollector
NewDefaultCollector returns a default implementation of an EventCollector
type FlowRecord ¶
type FlowRecord struct { ContextID string Source *EndPoint Destination *EndPoint Tags *policy.TagStore DropReason string PolicyID string ObservedPolicyID string ServiceType policy.ServiceType ServiceID string Count int Action policy.ActionType ObservedAction policy.ActionType L4Protocol uint8 }
FlowRecord describes a flow record for statistis
func (*FlowRecord) String ¶ added in v1.0.24
func (f *FlowRecord) String() string
type UserRecord ¶
UserRecord reports a new user access. These will be reported periodically.
Directories ¶
Path | Synopsis |
---|---|
Package mockcollector is a generated GoMock package.
|
Package mockcollector is a generated GoMock package. |