monitoring

package
v0.0.0-...-d1533f9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 28, 2025 License: MIT Imports: 16 Imported by: 0

Documentation

Overview

pkg/monitoring/continuous.go

pkg/monitoring/storage.go

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Alert 

type Alert struct {
	ID          string                 `json:"id"`
	Type        string                 `json:"type"`
	Severity    string                 `json:"severity"`
	Title       string                 `json:"title"`
	Description string                 `json:"description"`
	Source      string                 `json:"source"`
	Target      string                 `json:"target"`
	Timestamp   time.Time              `json:"timestamp"`
	Data        map[string]interface{} `json:"data"`
}

Alert represents a monitoring alert

type AlertChannel 

type AlertChannel interface {
	SendAlert(alert *Alert) error
	GetType() string
}

AlertChannel represents a channel for sending alerts

type AlertDeduplicator 

type AlertDeduplicator struct {
	// contains filtered or unexported fields
}

func NewAlertDeduplicator 

func NewAlertDeduplicator() *AlertDeduplicator

func (*AlertDeduplicator) IsDuplicate 

func (ad *AlertDeduplicator) IsDuplicate(alert *Alert) bool

type AlertManager 

type AlertManager struct {
	// contains filtered or unexported fields
}

AlertManager manages alerts for detected changes

func NewAlertManager 

func NewAlertManager(channels []AlertChannel) *AlertManager

func (*AlertManager) SendAlert 

func (am *AlertManager) SendAlert(alert *Alert) error

type CTStream 

type CTStream struct {
	Name      string
	URL       string
	WSConn    *websocket.Conn
	Connected bool
	// contains filtered or unexported fields
}

CTStream represents a certificate transparency log stream

type Certificate 

type Certificate struct {
	Domain       string                 `json:"domain"`
	SubjectCN    string                 `json:"subject_cn"`
	SANs         []string               `json:"sans"`
	Issuer       string                 `json:"issuer"`
	NotBefore    time.Time              `json:"not_before"`
	NotAfter     time.Time              `json:"not_after"`
	SerialNumber string                 `json:"serial_number"`
	Fingerprint  string                 `json:"fingerprint"`
	Source       string                 `json:"source"`
	SeenAt       time.Time              `json:"seen_at"`
	RawCert      []byte                 `json:"-"`
	Metadata     map[string]interface{} `json:"metadata"`
}

Certificate represents a certificate from CT logs

type CertificateTransparencyMonitor 

type CertificateTransparencyMonitor struct {
	// contains filtered or unexported fields
}

CertificateTransparencyMonitor monitors CT logs for new certificates

func NewCertificateTransparencyMonitor 

func NewCertificateTransparencyMonitor() *CertificateTransparencyMonitor

func (*CertificateTransparencyMonitor) AddDomain 

func (ctm *CertificateTransparencyMonitor) AddDomain(domain string, includeSubdomains bool)

func (*CertificateTransparencyMonitor) Start 

func (ctm *CertificateTransparencyMonitor) Start(ctx context.Context)

type ChangeDetector 

type ChangeDetector struct {
	// contains filtered or unexported fields
}

ChangeDetector detects changes in monitored assets

func NewChangeDetector 

func NewChangeDetector() *ChangeDetector

type ContinuousMonitor 

type ContinuousMonitor struct {
	// contains filtered or unexported fields
}

ContinuousMonitor provides 24/7 monitoring capabilities

func NewContinuousMonitor 

func NewContinuousMonitor(config MonitorConfig) (*ContinuousMonitor, error)

NewContinuousMonitor creates a new continuous monitor

func (*ContinuousMonitor) StartMonitoring 

func (cm *ContinuousMonitor) StartMonitoring(ctx context.Context, targets []MonitorTarget) error

StartMonitoring starts continuous monitoring for targets

type DNSChange 

type DNSChange struct {
	Domain     string                 `json:"domain"`
	ChangeType string                 `json:"change_type"`
	RecordType string                 `json:"record_type"`
	OldRecords []string               `json:"old_records"`
	NewRecords []string               `json:"new_records"`
	DetectedAt time.Time              `json:"detected_at"`
	Metadata   map[string]interface{} `json:"metadata"`
}

DNSChange represents a change in DNS records

type DNSMonitor 

type DNSMonitor struct {
	// contains filtered or unexported fields
}

DNSMonitor monitors DNS records for changes

func NewDNSMonitor 

func NewDNSMonitor(resolvers []string) *DNSMonitor

func (*DNSMonitor) AddDomain 

func (dm *DNSMonitor) AddDomain(domain string)

func (*DNSMonitor) Start 

func (dm *DNSMonitor) Start(ctx context.Context)

type DNSRecordSet 

type DNSRecordSet struct {
	Domain       string              `json:"domain"`
	Records      map[string][]string `json:"records"`
	LastChecked  time.Time           `json:"last_checked"`
	LastModified time.Time           `json:"last_modified"`
	Hash         string              `json:"hash"`
}

DNSRecordSet represents DNS records for a domain

type DetectedSecret 

type DetectedSecret struct {
	Type     string  `json:"type"`
	File     string  `json:"file"`
	Line     int     `json:"line"`
	Match    string  `json:"match"`
	Entropy  float64 `json:"entropy"`
	Severity string  `json:"severity"`
}

DetectedSecret represents a detected secret in code

type DomainWatch 

type DomainWatch struct {
	Domain            string    `json:"domain"`
	IncludeSubdomains bool      `json:"include_subdomains"`
	AddedAt           time.Time `json:"added_at"`
	LastSeen          time.Time `json:"last_seen"`
	Certificates      []string  `json:"certificates"`
}

DomainWatch represents a domain being monitored

type GitChange 

type GitChange struct {
	Repository string                 `json:"repository"`
	CommitHash string                 `json:"commit_hash"`
	Author     string                 `json:"author"`
	Message    string                 `json:"message"`
	Files      []string               `json:"files"`
	Secrets    []DetectedSecret       `json:"secrets,omitempty"`
	DetectedAt time.Time              `json:"detected_at"`
	Metadata   map[string]interface{} `json:"metadata"`
}

GitChange represents a change in a Git repository

type GitMonitor 

type GitMonitor struct {
	// contains filtered or unexported fields
}

GitMonitor monitors Git repositories for security-relevant changes

func NewGitMonitor 

func NewGitMonitor() *GitMonitor

func (*GitMonitor) AddRepository 

func (gm *GitMonitor) AddRepository(repo GitRepo)

func (*GitMonitor) Start 

func (gm *GitMonitor) Start(ctx context.Context)

type GitRepo 

type GitRepo struct {
	URL        string    `json:"url"`
	Branch     string    `json:"branch"`
	Paths      []string  `json:"paths"`
	LastCommit string    `json:"last_commit"`
	CheckedAt  time.Time `json:"checked_at"`
}

GitRepo represents a Git repository to monitor

type InMemoryStorage 

type InMemoryStorage struct {
	// contains filtered or unexported fields
}

InMemoryStorage is a simple in-memory storage implementation

func (*InMemoryStorage) GetHistoricalData 

func (s *InMemoryStorage) GetHistoricalData(target string, dataType string, since time.Time) ([]interface{}, error)

func (*InMemoryStorage) GetLastSeen 

func (s *InMemoryStorage) GetLastSeen(domain string) (time.Time, error)

func (*InMemoryStorage) StoreCertificate 

func (s *InMemoryStorage) StoreCertificate(cert *Certificate) error

func (*InMemoryStorage) StoreGitChange 

func (s *InMemoryStorage) StoreGitChange(change *GitChange) error

func (*InMemoryStorage) StoreIPRecord 

func (s *InMemoryStorage) StoreIPRecord(record *DNSRecordSet) error

type MonitorConfig 

type MonitorConfig struct {
	CTLogs          []string
	DNSResolvers    []string
	GitRepositories []GitRepo
	CheckInterval   time.Duration
	AlertChannels   []AlertChannel
	StorageBackend  string
	WebhookURL      string
}

MonitorConfig holds monitoring configuration

type MonitorTarget 

type MonitorTarget struct {
	Type    string                 `json:"type"` // domain, ip, repository
	Value   string                 `json:"value"`
	Options map[string]interface{} `json:"options"`
}

MonitorTarget represents a target to monitor

type MonitoringStorage 

type MonitoringStorage interface {
	StoreCertificate(cert *Certificate) error
	StoreIPRecord(record *DNSRecordSet) error
	StoreGitChange(change *GitChange) error
	GetLastSeen(domain string) (time.Time, error)
	GetHistoricalData(target string, dataType string, since time.Time) ([]interface{}, error)
}

MonitoringStorage interface for storing monitoring data

type RateLimiter 

type RateLimiter struct {
	// contains filtered or unexported fields
}

func NewRateLimiter 

func NewRateLimiter() *RateLimiter

func (*RateLimiter) Allow 

func (rl *RateLimiter) Allow(alertType string) bool

type SQLiteStorage 

type SQLiteStorage struct {
	// contains filtered or unexported fields
}

SQLiteStorage implements MonitoringStorage using SQLite3

func NewSQLiteStorage 

func NewSQLiteStorage(dsn string) (*SQLiteStorage, error)

NewSQLiteStorage creates a new SQLite storage backend for monitoring

func (*SQLiteStorage) Close 

func (s *SQLiteStorage) Close() error

Close closes the database connection

func (*SQLiteStorage) GetHistoricalData 

func (s *SQLiteStorage) GetHistoricalData(target string, dataType string, since time.Time) ([]interface{}, error)

GetHistoricalData retrieves historical monitoring data

func (*SQLiteStorage) GetLastSeen 

func (s *SQLiteStorage) GetLastSeen(domain string) (time.Time, error)

GetLastSeen gets the last time a domain was seen in CT logs

func (*SQLiteStorage) StoreAlert 

func (s *SQLiteStorage) StoreAlert(alert *Alert) error

StoreAlert stores a monitoring alert

func (*SQLiteStorage) StoreCertificate 

func (s *SQLiteStorage) StoreCertificate(cert *Certificate) error

StoreCertificate stores a certificate from CT logs

func (*SQLiteStorage) StoreDNSChange 

func (s *SQLiteStorage) StoreDNSChange(change *DNSChange) error

StoreDNSChange stores a DNS change event

func (*SQLiteStorage) StoreGitChange 

func (s *SQLiteStorage) StoreGitChange(change *GitChange) error

StoreGitChange stores a git repository change

func (*SQLiteStorage) StoreIPRecord 

func (s *SQLiteStorage) StoreIPRecord(record *DNSRecordSet) error

StoreIPRecord stores DNS record information

type SecretPattern 

type SecretPattern struct {
	Name     string
	Pattern  string
	Entropy  float64
	Severity string
}

type SecretScanner 

type SecretScanner struct {
	// contains filtered or unexported fields
}

func NewSecretScanner 

func NewSecretScanner() *SecretScanner

type WebhookAlertChannel 

type WebhookAlertChannel struct {
	URL        string
	HTTPClient *http.Client
}

func (*WebhookAlertChannel) GetType 

func (w *WebhookAlertChannel) GetType() string

func (*WebhookAlertChannel) SendAlert 

func (w *WebhookAlertChannel) SendAlert(alert *Alert) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.