Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SchemaJson ¶
type SchemaJson struct {
// Description of the rule and its purpose
Description string `json:"description" yaml:"description" mapstructure:"description"`
// List of edge cases to test the rule
Edges []SchemaJsonEdgesElem `json:"edges" yaml:"edges" mapstructure:"edges"`
// Author of the rule
RuleAuthor string `json:"rule_author,omitempty" yaml:"ruleAuthor,omitempty" mapstructure:"ruleAuthor,omitempty"`
// Unique identifier for the Wazuh rule
RuleId string `json:"rule_id" yaml:"ruleId" mapstructure:"ruleId"`
// Human-readable name of the rule
RuleName string `json:"rule_name" yaml:"ruleName" mapstructure:"ruleName"`
}
Schema for defining Wazuh rule test cases using edge cases with executable commands
func (*SchemaJson) UnmarshalJSON ¶
func (j *SchemaJson) UnmarshalJSON(value []byte) error
UnmarshalJSON implements json.Unmarshaler.
type SchemaJsonEdgesElem ¶
type SchemaJsonEdgesElem struct {
// Command to execute to trigger the rule
Command SchemaJsonEdgesElemCommand `json:"command" yaml:"command" mapstructure:"command"`
// Description of the edge case and expected behavior
Description string `json:"description" yaml:"description" mapstructure:"description"`
// Expected outcome when the command is executed (e.g., rule triggered or not)
ExpectedOutcome string `json:"expected_outcome" yaml:"expected_outcome" mapstructure:"expected_outcome"`
// Title of the edge case
Title string `json:"title" yaml:"title" mapstructure:"title"`
}
func (*SchemaJsonEdgesElem) UnmarshalJSON ¶
func (j *SchemaJsonEdgesElem) UnmarshalJSON(value []byte) error
UnmarshalJSON implements json.Unmarshaler.
type SchemaJsonEdgesElemCommand ¶
type SchemaJsonEdgesElemCommand struct {
// Type of command
Type SchemaJsonEdgesElemCommandType `json:"type" yaml:"type" mapstructure:"type"`
// The command to execute
Value string `json:"value" yaml:"value" mapstructure:"value"`
}
Command to execute to trigger the rule
func (*SchemaJsonEdgesElemCommand) UnmarshalJSON ¶
func (j *SchemaJsonEdgesElemCommand) UnmarshalJSON(value []byte) error
UnmarshalJSON implements json.Unmarshaler.
type SchemaJsonEdgesElemCommandType ¶
type SchemaJsonEdgesElemCommandType string
const SchemaJsonEdgesElemCommandTypeBash SchemaJsonEdgesElemCommandType = "bash"
const SchemaJsonEdgesElemCommandTypePowershell SchemaJsonEdgesElemCommandType = "powershell"
func (*SchemaJsonEdgesElemCommandType) UnmarshalJSON ¶
func (j *SchemaJsonEdgesElemCommandType) UnmarshalJSON(value []byte) error
UnmarshalJSON implements json.Unmarshaler.
Source Files
Click to show internal directories.
Click to hide internal directories.