Documentation
¶
Index ¶
- Variables
- type ThreatLog
- func (*ThreatLog) Descriptor() ([]byte, []int)deprecated
- func (x *ThreatLog) GetAlertSeverity() ThreatLog_Severity
- func (x *ThreatLog) GetAlertTime() *timestamppb.Timestamp
- func (x *ThreatLog) GetApplication() string
- func (x *ThreatLog) GetCategory() string
- func (x *ThreatLog) GetCves() []string
- func (x *ThreatLog) GetDestinationIpAddress() string
- func (x *ThreatLog) GetDestinationPort() int32
- func (x *ThreatLog) GetDetails() string
- func (x *ThreatLog) GetDirection() ThreatLog_Direction
- func (x *ThreatLog) GetIpProtocol() string
- func (x *ThreatLog) GetName() string
- func (x *ThreatLog) GetNetwork() string
- func (x *ThreatLog) GetRepeatCount() string
- func (x *ThreatLog) GetSessionId() string
- func (x *ThreatLog) GetSourceIpAddress() string
- func (x *ThreatLog) GetSourcePort() int32
- func (x *ThreatLog) GetThreatId() string
- func (x *ThreatLog) GetType() string
- func (x *ThreatLog) GetUriOrFilename() string
- func (*ThreatLog) ProtoMessage()
- func (x *ThreatLog) ProtoReflect() protoreflect.Message
- func (x *ThreatLog) Reset()
- func (x *ThreatLog) String() string
- type ThreatLog_Direction
- func (ThreatLog_Direction) Descriptor() protoreflect.EnumDescriptor
- func (x ThreatLog_Direction) Enum() *ThreatLog_Direction
- func (ThreatLog_Direction) EnumDescriptor() ([]byte, []int)deprecated
- func (x ThreatLog_Direction) Number() protoreflect.EnumNumber
- func (x ThreatLog_Direction) String() string
- func (ThreatLog_Direction) Type() protoreflect.EnumType
- type ThreatLog_Severity
- func (ThreatLog_Severity) Descriptor() protoreflect.EnumDescriptor
- func (x ThreatLog_Severity) Enum() *ThreatLog_Severity
- func (ThreatLog_Severity) EnumDescriptor() ([]byte, []int)deprecated
- func (x ThreatLog_Severity) Number() protoreflect.EnumNumber
- func (x ThreatLog_Severity) String() string
- func (ThreatLog_Severity) Type() protoreflect.EnumType
- type TrafficLog
- func (*TrafficLog) Descriptor() ([]byte, []int)deprecated
- func (x *TrafficLog) GetApplication() string
- func (x *TrafficLog) GetDestinationIpAddress() string
- func (x *TrafficLog) GetDestinationPort() int32
- func (x *TrafficLog) GetElapsedTime() *durationpb.Duration
- func (x *TrafficLog) GetIpProtocol() string
- func (x *TrafficLog) GetNetwork() string
- func (x *TrafficLog) GetRepeatCount() string
- func (x *TrafficLog) GetSessionId() string
- func (x *TrafficLog) GetSourceIpAddress() string
- func (x *TrafficLog) GetSourcePort() int32
- func (x *TrafficLog) GetStartTime() *timestamppb.Timestamp
- func (x *TrafficLog) GetTotalBytes() int64
- func (x *TrafficLog) GetTotalPackets() int64
- func (*TrafficLog) ProtoMessage()
- func (x *TrafficLog) ProtoReflect() protoreflect.Message
- func (x *TrafficLog) Reset()
- func (x *TrafficLog) String() string
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ThreatLog_Severity_name = map[int32]string{ 0: "SEVERITY_UNSPECIFIED", 2: "LOW", 3: "MEDIUM", 4: "HIGH", 5: "CRITICAL", 6: "INFORMATIONAL", } ThreatLog_Severity_value = map[string]int32{ "SEVERITY_UNSPECIFIED": 0, "LOW": 2, "MEDIUM": 3, "HIGH": 4, "CRITICAL": 5, "INFORMATIONAL": 6, } )
Enum value maps for ThreatLog_Severity.
View Source
var ( ThreatLog_Direction_name = map[int32]string{ 0: "DIRECTION_UNDEFINED", 1: "CLIENT_TO_SERVER", 2: "SERVER_TO_CLIENT", } ThreatLog_Direction_value = map[string]int32{ "DIRECTION_UNDEFINED": 0, "CLIENT_TO_SERVER": 1, "SERVER_TO_CLIENT": 2, } )
Enum value maps for ThreatLog_Direction.
View Source
var File_google_cloud_ids_logging_v1_logging_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type ThreatLog ¶
type ThreatLog struct {
// Name of the threat, e,g. "Suspicious HTTP Evasion"
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Unique ID of the threat.
ThreatId string `protobuf:"bytes,13,opt,name=threat_id,json=threatId,proto3" json:"threat_id,omitempty"`
// The time of the alert.
AlertTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=alert_time,json=alertTime,proto3" json:"alert_time,omitempty"`
// Severity of threat.
AlertSeverity ThreatLog_Severity `` /* 154-byte string literal not displayed */
// The type of the threat, e.g. "Spyware".
Type string `protobuf:"bytes,4,opt,name=type,proto3" json:"type,omitempty"`
// Category (sub-type) of the threat, e.g. "code-execution".
Category string `protobuf:"bytes,18,opt,name=category,proto3" json:"category,omitempty"`
// The source IP Address of the packet, e.g. "35.191.8.79"
SourceIpAddress string `protobuf:"bytes,5,opt,name=source_ip_address,json=sourceIpAddress,proto3" json:"source_ip_address,omitempty"`
// The source port of the packet, e.g. 8080
SourcePort int32 `protobuf:"varint,6,opt,name=source_port,json=sourcePort,proto3" json:"source_port,omitempty"`
// The destination IP Address of the packet, e.g. "192.168.100.2"
DestinationIpAddress string `protobuf:"bytes,7,opt,name=destination_ip_address,json=destinationIpAddress,proto3" json:"destination_ip_address,omitempty"`
// The destination port of the packet, e.g. 100
DestinationPort int32 `protobuf:"varint,8,opt,name=destination_port,json=destinationPort,proto3" json:"destination_port,omitempty"`
// The IP protocol of the packet, e.g. "TCP".
IpProtocol string `protobuf:"bytes,9,opt,name=ip_protocol,json=ipProtocol,proto3" json:"ip_protocol,omitempty"`
// The direction of the packet - an optional field.
Direction ThreatLog_Direction `` /* 126-byte string literal not displayed */
// ID of the Layer 4 session of the threat.
SessionId string `protobuf:"bytes,14,opt,name=session_id,json=sessionId,proto3" json:"session_id,omitempty"`
// Number of sessions with same source IP, destination IP, application, and
// type seen within 5 seconds.
RepeatCount string `protobuf:"bytes,15,opt,name=repeat_count,json=repeatCount,proto3" json:"repeat_count,omitempty"`
// Application associated with the session.
Application string `protobuf:"bytes,16,opt,name=application,proto3" json:"application,omitempty"`
// Variable field. URI or filename of the relevant threat, if applicable.
UriOrFilename string `protobuf:"bytes,17,opt,name=uri_or_filename,json=uriOrFilename,proto3" json:"uri_or_filename,omitempty"`
// CVE IDs of the threat.
Cves []string `protobuf:"bytes,20,rep,name=cves,proto3" json:"cves,omitempty"`
// Details of the threat reported by the IDS VM
Details string `protobuf:"bytes,11,opt,name=details,proto3" json:"details,omitempty"`
// The network associated with the IDS Endpoint.
Network string `protobuf:"bytes,12,opt,name=network,proto3" json:"network,omitempty"`
// contains filtered or unexported fields
}
A threat detected by Cloud IDS.
func (*ThreatLog) Descriptor
deprecated
func (*ThreatLog) GetAlertSeverity ¶
func (x *ThreatLog) GetAlertSeverity() ThreatLog_Severity
func (*ThreatLog) GetAlertTime ¶
func (x *ThreatLog) GetAlertTime() *timestamppb.Timestamp
func (*ThreatLog) GetApplication ¶
func (*ThreatLog) GetCategory ¶
func (*ThreatLog) GetDestinationIpAddress ¶
func (*ThreatLog) GetDestinationPort ¶
func (*ThreatLog) GetDetails ¶
func (*ThreatLog) GetDirection ¶
func (x *ThreatLog) GetDirection() ThreatLog_Direction
func (*ThreatLog) GetIpProtocol ¶
func (*ThreatLog) GetNetwork ¶
func (*ThreatLog) GetRepeatCount ¶
func (*ThreatLog) GetSessionId ¶
func (*ThreatLog) GetSourceIpAddress ¶
func (*ThreatLog) GetSourcePort ¶
func (*ThreatLog) GetThreatId ¶
func (*ThreatLog) GetUriOrFilename ¶
func (*ThreatLog) ProtoMessage ¶
func (*ThreatLog) ProtoMessage()
func (*ThreatLog) ProtoReflect ¶
func (x *ThreatLog) ProtoReflect() protoreflect.Message
type ThreatLog_Direction ¶
type ThreatLog_Direction int32
const ( // Default value - permitted since Direction is optional. ThreatLog_DIRECTION_UNDEFINED ThreatLog_Direction = 0 // Ingress traffic. ThreatLog_CLIENT_TO_SERVER ThreatLog_Direction = 1 // Egress traffic. ThreatLog_SERVER_TO_CLIENT ThreatLog_Direction = 2 )
func (ThreatLog_Direction) Descriptor ¶
func (ThreatLog_Direction) Descriptor() protoreflect.EnumDescriptor
func (ThreatLog_Direction) Enum ¶
func (x ThreatLog_Direction) Enum() *ThreatLog_Direction
func (ThreatLog_Direction) EnumDescriptor
deprecated
func (ThreatLog_Direction) EnumDescriptor() ([]byte, []int)
Deprecated: Use ThreatLog_Direction.Descriptor instead.
func (ThreatLog_Direction) Number ¶
func (x ThreatLog_Direction) Number() protoreflect.EnumNumber
func (ThreatLog_Direction) String ¶
func (x ThreatLog_Direction) String() string
func (ThreatLog_Direction) Type ¶
func (ThreatLog_Direction) Type() protoreflect.EnumType
type ThreatLog_Severity ¶
type ThreatLog_Severity int32
Describes the type of severity of the threat.
const ( // Default value - should never be used. ThreatLog_SEVERITY_UNSPECIFIED ThreatLog_Severity = 0 ThreatLog_LOW ThreatLog_Severity = 2 ThreatLog_MEDIUM ThreatLog_Severity = 3 ThreatLog_HIGH ThreatLog_Severity = 4 ThreatLog_CRITICAL ThreatLog_Severity = 5 ThreatLog_INFORMATIONAL ThreatLog_Severity = 6 )
func (ThreatLog_Severity) Descriptor ¶
func (ThreatLog_Severity) Descriptor() protoreflect.EnumDescriptor
func (ThreatLog_Severity) Enum ¶
func (x ThreatLog_Severity) Enum() *ThreatLog_Severity
func (ThreatLog_Severity) EnumDescriptor
deprecated
func (ThreatLog_Severity) EnumDescriptor() ([]byte, []int)
Deprecated: Use ThreatLog_Severity.Descriptor instead.
func (ThreatLog_Severity) Number ¶
func (x ThreatLog_Severity) Number() protoreflect.EnumNumber
func (ThreatLog_Severity) String ¶
func (x ThreatLog_Severity) String() string
func (ThreatLog_Severity) Type ¶
func (ThreatLog_Severity) Type() protoreflect.EnumType
type TrafficLog ¶
type TrafficLog struct {
// Time of session start.
StartTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=start_time,json=startTime,proto3" json:"start_time,omitempty"`
// Elapsed time of the session.
ElapsedTime *durationpb.Duration `protobuf:"bytes,2,opt,name=elapsed_time,json=elapsedTime,proto3" json:"elapsed_time,omitempty"`
// The network associated with the IDS Endpoint.
Network string `protobuf:"bytes,3,opt,name=network,proto3" json:"network,omitempty"`
// The source IP Address of the packet, e.g. "35.191.8.79"
SourceIpAddress string `protobuf:"bytes,4,opt,name=source_ip_address,json=sourceIpAddress,proto3" json:"source_ip_address,omitempty"`
// The source port of the packet, e.g. 8080
SourcePort int32 `protobuf:"varint,5,opt,name=source_port,json=sourcePort,proto3" json:"source_port,omitempty"`
// The destination IP Address of the packet, e.g. "192.168.100.2"
DestinationIpAddress string `protobuf:"bytes,6,opt,name=destination_ip_address,json=destinationIpAddress,proto3" json:"destination_ip_address,omitempty"`
// The destination port of the packet, e.g. 100
DestinationPort int32 `protobuf:"varint,7,opt,name=destination_port,json=destinationPort,proto3" json:"destination_port,omitempty"`
// The IP protocol of the packet, e.g. "TCP".
IpProtocol string `protobuf:"bytes,8,opt,name=ip_protocol,json=ipProtocol,proto3" json:"ip_protocol,omitempty"`
// Application associated with the session.
Application string `protobuf:"bytes,9,opt,name=application,proto3" json:"application,omitempty"`
// The direction of the packet.
SessionId string `protobuf:"bytes,12,opt,name=session_id,json=sessionId,proto3" json:"session_id,omitempty"`
// Number of sessions with same source IP, destination IP, application, and
// type seen within 5 seconds.
RepeatCount string `protobuf:"bytes,13,opt,name=repeat_count,json=repeatCount,proto3" json:"repeat_count,omitempty"`
// Total number of bytes transferred in the session.
TotalBytes int64 `protobuf:"varint,14,opt,name=total_bytes,json=totalBytes,proto3" json:"total_bytes,omitempty"`
// Total number of packets transferred in the session.
TotalPackets int64 `protobuf:"varint,15,opt,name=total_packets,json=totalPackets,proto3" json:"total_packets,omitempty"`
// contains filtered or unexported fields
}
Traffic detected by Cloud IDS. Fields taken from: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/traffic-log-fields.html.
func (*TrafficLog) Descriptor
deprecated
func (*TrafficLog) Descriptor() ([]byte, []int)
Deprecated: Use TrafficLog.ProtoReflect.Descriptor instead.
func (*TrafficLog) GetApplication ¶
func (x *TrafficLog) GetApplication() string
func (*TrafficLog) GetDestinationIpAddress ¶
func (x *TrafficLog) GetDestinationIpAddress() string
func (*TrafficLog) GetDestinationPort ¶
func (x *TrafficLog) GetDestinationPort() int32
func (*TrafficLog) GetElapsedTime ¶
func (x *TrafficLog) GetElapsedTime() *durationpb.Duration
func (*TrafficLog) GetIpProtocol ¶
func (x *TrafficLog) GetIpProtocol() string
func (*TrafficLog) GetNetwork ¶
func (x *TrafficLog) GetNetwork() string
func (*TrafficLog) GetRepeatCount ¶
func (x *TrafficLog) GetRepeatCount() string
func (*TrafficLog) GetSessionId ¶
func (x *TrafficLog) GetSessionId() string
func (*TrafficLog) GetSourceIpAddress ¶
func (x *TrafficLog) GetSourceIpAddress() string
func (*TrafficLog) GetSourcePort ¶
func (x *TrafficLog) GetSourcePort() int32
func (*TrafficLog) GetStartTime ¶
func (x *TrafficLog) GetStartTime() *timestamppb.Timestamp
func (*TrafficLog) GetTotalBytes ¶
func (x *TrafficLog) GetTotalBytes() int64
func (*TrafficLog) GetTotalPackets ¶
func (x *TrafficLog) GetTotalPackets() int64
func (*TrafficLog) ProtoMessage ¶
func (*TrafficLog) ProtoMessage()
func (*TrafficLog) ProtoReflect ¶
func (x *TrafficLog) ProtoReflect() protoreflect.Message
func (*TrafficLog) Reset ¶
func (x *TrafficLog) Reset()
func (*TrafficLog) String ¶
func (x *TrafficLog) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.