siem

package

v1.5.0 Latest Latest Go to latest Published: Apr 2, 2026 License: MIT Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/GrayCodeAI/tokman

Links

Open Source Insights

Documentation ¶

Index ¶

type AuditEvent
type AuditLogger
- func NewAuditLogger() *AuditLogger
type OCSFEvent
type SIEMIntegration
- func NewSIEMIntegration() *SIEMIntegration

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuditEvent ¶

type AuditEvent struct {
	Timestamp time.Time `json:"timestamp"`
	Action    string    `json:"action"`
	Actor     string    `json:"actor"`
	Resource  string    `json:"resource"`
	Outcome   string    `json:"outcome"`
	Details   string    `json:"details,omitempty"`
}

type AuditLogger ¶

type AuditLogger struct {
	// contains filtered or unexported fields
}

func NewAuditLogger ¶

func NewAuditLogger() *AuditLogger

func (*AuditLogger) ExportJSON ¶

func (l *AuditLogger) ExportJSON() ([]byte, error)

func (*AuditLogger) GetEvents ¶

func (l *AuditLogger) GetEvents() []AuditEvent

func (*AuditLogger) Log ¶

func (l *AuditLogger) Log(action, actor, resource, outcome, details string)

func (*AuditLogger) Search ¶

func (l *AuditLogger) Search(action string) []AuditEvent

type OCSFEvent ¶

type OCSFEvent struct {
	Time         int64                  `json:"time"`
	EventCode    int                    `json:"event_code"`
	EventName    string                 `json:"event_name"`
	Severity     string                 `json:"severity"`
	SeverityID   int                    `json:"severity_id"`
	CategoryName string                 `json:"category_name"`
	CategoryUID  int                    `json:"category_uid"`
	ClassName    string                 `json:"class_name"`
	ClassUID     int                    `json:"class_uid"`
	Message      string                 `json:"message"`
	Status       string                 `json:"status"`
	StatusID     int                    `json:"status_id"`
	UnmappedData map[string]interface{} `json:"unmapped"`
}

type SIEMIntegration ¶

type SIEMIntegration struct {
	// contains filtered or unexported fields
}

func NewSIEMIntegration ¶

func NewSIEMIntegration() *SIEMIntegration

func (*SIEMIntegration) Configure ¶

func (s *SIEMIntegration) Configure(syslogEndpoint, webhookURL string)

func (*SIEMIntegration) ExportJSON ¶

func (s *SIEMIntegration) ExportJSON() ([]byte, error)

func (*SIEMIntegration) ExportSyslog ¶

func (s *SIEMIntegration) ExportSyslog() string

func (*SIEMIntegration) ExportWebhook ¶

func (s *SIEMIntegration) ExportWebhook() []map[string]interface{}

func (*SIEMIntegration) RecordEvent ¶

func (s *SIEMIntegration) RecordEvent(event OCSFEvent)

func (*SIEMIntegration) ToOCSF ¶

func (s *SIEMIntegration) ToOCSF(eventType string, message string, severity int) OCSFEvent

Source Files ¶

View all Source files

siem.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL