Documentation
¶
Overview ¶
Package sans provides a compliance plugin for SANS security controls.
Index ¶
- type Plugin
- func (sp *Plugin) Description() string
- func (sp *Plugin) GetControlByID(id string) (*compliance.Control, error)
- func (sp *Plugin) GetControls() []compliance.Control
- func (sp *Plugin) Name() string
- func (sp *Plugin) RunChecks(device *common.CommonDevice) ([]compliance.Finding, []string, error)
- func (sp *Plugin) ValidateConfiguration() error
- func (sp *Plugin) Version() string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Plugin ¶
type Plugin struct {
// contains filtered or unexported fields
}
Plugin implements the compliance.Plugin interface for SANS plugin.
func (*Plugin) Description ¶
Description returns the plugin description.
func (*Plugin) GetControlByID ¶
func (sp *Plugin) GetControlByID(id string) (*compliance.Control, error)
GetControlByID returns a specific control by ID.
func (*Plugin) GetControls ¶
func (sp *Plugin) GetControls() []compliance.Control
GetControls returns all SANS controls. The returned slice is a deep copy to prevent callers from mutating the plugin's internal state, including nested reference types (References, Tags, Metadata).
func (*Plugin) RunChecks ¶
func (sp *Plugin) RunChecks( device *common.CommonDevice, ) ([]compliance.Finding, []string, error)
RunChecks performs SANS compliance checks against the device configuration in a single traversal. Returns (findings, evaluated, err). Each check is invoked exactly once — its result determines both whether a finding is emitted and whether the control ID is appended to evaluated.
err is currently always nil; reserved for future unrecoverable conditions.
func (*Plugin) ValidateConfiguration ¶
ValidateConfiguration validates the plugin configuration.
Source Files