Documentation
¶
Overview ¶
File: event.go
File: host.go
File: scan_source.go
File: vulnerability.go
Index ¶
- Constants
- func IsValidEntityType(entityType string) bool
- func IsValidEventType(eventType string) bool
- func IsValidSeverity(severity string) bool
- type Agent
- type BaseMetricV2
- type BaseMetricV3
- type CPE
- type CVEData
- type CVEDataMeta
- type CVEItem
- type CVSSV2
- type CVSSV3
- type Configurations
- type CpeMatch
- type Description
- type Event
- type Host
- type HostPort
- type HostVulnerability
- type HostWithSources
- type Impact
- type JSONB
- type Node
- type Note
- type Port
- type PortWithSource
- type ProblemType
- type ProblemTypeData
- type Reference
- type RiskScore
- type ScanHistoryEntry
- type ScanSource
- type Service
- type SourceAttribution
- type SourceCoverageStats
- type User
- type Vulnerability
- type VulnerabilitySourceInfo
- type VulnerabilityWithSource
Constants ¶
View Source
const ( SeverityInfo = "info" SeverityWarning = "warning" SeverityError = "error" SeverityCritical = "critical" )
EventSeverity constants for event severity levels
View Source
const ( EventTypeScanStarted = "scan_started" EventTypeScanCompleted = "scan_completed" EventTypeScanFailed = "scan_failed" EventTypeScanPaused = "scan_paused" EventTypeScanResumed = "scan_resumed" EventTypeHostDiscovered = "host_discovered" EventTypePortsDiscovered = "ports_discovered" EventTypeVulnerabilitiesFound = "vulnerabilities_found" EventTypeHostCreated = "host_created" EventTypeHostUpdated = "host_updated" EventTypeHostDeleted = "host_deleted" EventTypeVulnerabilityCreated = "vulnerability_created" EventTypeVulnerabilityUpdated = "vulnerability_updated" )
EventType constants for common event types
View Source
const ( EntityTypeScan = "scan" EntityTypeHost = "host" EntityTypeVulnerability = "vulnerability" EntityTypePort = "port" EntityTypeService = "service" )
EntityType constants for event entity types
Variables ¶
This section is empty.
Functions ¶
func IsValidEntityType ¶ added in v0.0.12
IsValidEntityType checks if an entity type is valid
func IsValidEventType ¶ added in v0.0.12
IsValidEventType checks if an event type is valid
func IsValidSeverity ¶ added in v0.0.12
IsValidSeverity checks if a severity level is valid
Types ¶
type BaseMetricV2 ¶
type BaseMetricV2 struct {
ID uint `gorm:"primaryKey"`
CVSSV2 sirius.CVSSV2 `json:"cvssV2" gorm:"embedded"`
Severity string `json:"severity"`
ExploitabilityScore float64 `json:"exploitabilityScore"`
ImpactScore float64 `json:"impactScore"`
AcInsufInfo bool `json:"acInsufInfo"`
ObtainAllPrivilege bool `json:"obtainAllPrivilege"`
ObtainUserPrivilege bool `json:"obtainUserPrivilege"`
ObtainOtherPrivilege bool `json:"obtainOtherPrivilege"`
UserInteractionRequired bool `json:"userInteractionRequired"`
}
type BaseMetricV3 ¶
type CVEDataMeta ¶
type CVEItem ¶
type CVEItem struct {
gorm.Model
CVEDataType string
CVEDataFormat string
DataVersion string
DataMeta CVEDataMeta
ProblemType ProblemType
References []*Reference `gorm:"foreignKey:CVEItemID"`
Descriptions []*Description `gorm:"foreignKey:CVEItemID"`
Configurations Configurations
Impact Impact
PublishedDate string
LastModifiedDate string
CVEDataID uint
}
type CVSSV2 ¶
type CVSSV2 struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AccessVector string `json:"accessVector"`
AccessComplexity string `json:"accessComplexity"`
Authentication string `json:"authentication"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
Exploitability string `json:"exploitability"`
RemediationLevel string `json:"remediationLevel"`
ReportConfidence string `json:"reportConfidence"`
TemporalScore float64 `json:"temporalScore"`
CollateralDamagePotential string `json:"collateralDamagePotential"`
TargetDistribution string `json:"targetDistribution"`
ConfidentialityRequirement string `json:"confidentialityRequirement"`
IntegrityRequirement string `json:"integrityRequirement"`
AvailabilityRequirement string `json:"availabilityRequirement"`
EnvironmentalScore float64 `json:"environmentalScore"`
}
type CVSSV3 ¶
type CVSSV3 struct {
Version string `json:"version"`
VectorString string `json:"vectorString"`
AttackVector string `json:"attackVector"`
AttackComplexity string `json:"attackComplexity"`
PrivilegesRequired string `json:"privilegesRequired"`
UserInteraction string `json:"userInteraction"`
Scope string `json:"scope"`
ConfidentialityImpact string `json:"confidentialityImpact"`
IntegrityImpact string `json:"integrityImpact"`
AvailabilityImpact string `json:"availabilityImpact"`
BaseScore float64 `json:"baseScore"`
BaseSeverity string `json:"baseSeverity"`
ExploitCodeMaturity string `json:"exploitCodeMaturity"`
RemediationLevel string `json:"remediationLevel"`
ReportConfidence string `json:"reportConfidence"`
TemporalScore float64 `json:"temporalScore"`
TemporalSeverity string `json:"temporalSeverity"`
ConfidentialityRequirement string `json:"confidentialityRequirement"`
IntegrityRequirement string `json:"integrityRequirement"`
AvailabilityRequirement string `json:"availabilityRequirement"`
ModifiedAttackVector string `json:"modifiedAttackVector"`
ModifiedAttackComplexity string `json:"modifiedAttackComplexity"`
ModifiedPrivilegesRequired string `json:"modifiedPrivilegesRequired"`
ModifiedUserInteraction string `json:"modifiedUserInteraction"`
ModifiedScope string `json:"modifiedScope"`
ModifiedConfidentialityImpact string `json:"modifiedConfidentialityImpact"`
ModifiedIntegrityImpact string `json:"modifiedIntegrityImpact"`
ModifiedAvailabilityImpact string `json:"modifiedAvailabilityImpact"`
EnvironmentalScore float64 `json:"environmentalScore"`
EnvironmentalSeverity string `json:"environmentalSeverity"`
}
type Configurations ¶
type Description ¶
type Event ¶ added in v0.0.12
type Event struct {
ID uint64 `gorm:"primaryKey;autoIncrement" json:"id"`
EventID string `gorm:"uniqueIndex;not null;size:255" json:"event_id"`
Timestamp time.Time `gorm:"not null;default:NOW();index:idx_events_timestamp,sort:desc" json:"timestamp"`
Service string `gorm:"not null;size:100;index:idx_events_service" json:"service"`
Subcomponent string `gorm:"size:100" json:"subcomponent,omitempty"`
EventType string `gorm:"not null;size:50;index:idx_events_type" json:"event_type"`
Severity string `gorm:"not null;size:20;index:idx_events_severity" json:"severity"`
Title string `gorm:"not null;size:255" json:"title"`
Description string `gorm:"type:text" json:"description,omitempty"`
Metadata JSONB `gorm:"type:jsonb" json:"metadata,omitempty"`
EntityType string `gorm:"size:50;index:idx_events_entity,priority:1" json:"entity_type,omitempty"`
EntityID string `gorm:"size:255;index:idx_events_entity,priority:2" json:"entity_id,omitempty"`
CreatedAt time.Time `gorm:"not null;default:NOW()" json:"created_at"`
}
Event represents a security or system event stored in PostgreSQL
type Host ¶
type Host struct {
gorm.Model
HID string
OS string
OSVersion string
IP string `gorm:"uniqueIndex"`
Hostname string
// REMOVED: Ports []Port `gorm:"many2many:host_ports"` - circular reference eliminated
Services []Service
// REMOVED: Vulnerabilities []Vulnerability `gorm:"many2many:host_vulnerabilities"` - circular reference eliminated
HostVulnerabilities []HostVulnerability `gorm:"foreignKey:HostID"`
HostPorts []HostPort `gorm:"foreignKey:HostID"`
CPEs []CPE
Users []User
Notes []Note
AgentID uint
// SBOM and Fingerprinting JSONB fields (Migration 004) - Fixed with custom JSONB type
SoftwareInventory JSONB `gorm:"type:jsonb;column:software_inventory;default:'{}'" json:"software_inventory,omitempty"`
SystemFingerprint JSONB `gorm:"type:jsonb;column:system_fingerprint;default:'{}'" json:"system_fingerprint,omitempty"`
AgentMetadata JSONB `gorm:"type:jsonb;column:agent_metadata;default:'{}'" json:"agent_metadata,omitempty"`
}
type HostPort ¶ added in v0.0.4
type HostPort struct {
HostID uint `json:"host_id" gorm:"primaryKey"`
PortID uint `json:"port_id" gorm:"primaryKey"`
Source string `json:"source"` // "nmap", "agent", "manual", "rustscan"
SourceVersion string `json:"source_version"` // Scanner version/build
FirstSeen time.Time `json:"first_seen"` // When first detected
LastSeen time.Time `json:"last_seen"` // When last confirmed
Status string `json:"status" gorm:"default:active"` // "active", "resolved", "false_positive"
Notes string `json:"notes,omitempty"` // Additional context
}
Enhanced HostPort junction table with source attribution
type HostVulnerability ¶
type HostVulnerability struct {
HostID uint `json:"host_id" gorm:"primaryKey"`
VulnerabilityID uint `json:"vulnerability_id" gorm:"primaryKey"` // Foreign Key to Vulnerability from models/vulnerability
Source string `json:"source" gorm:"primaryKey"` // "nmap", "agent", "manual", "rustscan"
SourceVersion string `json:"source_version"` // Scanner version/build
FirstSeen time.Time `json:"first_seen"` // When first detected
LastSeen time.Time `json:"last_seen"` // When last confirmed
Status string `json:"status" gorm:"default:active"` // "active", "resolved", "false_positive"
Confidence float64 `json:"confidence" gorm:"default:1.0"` // 0.0-1.0 confidence score
Port *int `json:"port,omitempty"` // Specific port if applicable
ServiceInfo string `json:"service_info,omitempty"` // Service details
Notes string `json:"notes,omitempty"` // Additional context
}
Enhanced HostVulnerability junction table with source attribution
type HostWithSources ¶ added in v0.0.6
type HostWithSources struct {
Host
VulnerabilitySources []VulnerabilityWithSource `json:"vulnerability_sources"`
PortSources []PortWithSource `json:"port_sources"`
Sources []string `json:"sources"` // List of all sources that scanned this host
}
HostWithSources represents a host with source-attributed data
type Impact ¶
type Impact struct {
gorm.Model
BaseMetricV2 BaseMetricV2 `gorm:"embedded"`
CVEItemID uint
}
type JSONB ¶ added in v0.0.6
type JSONB map[string]interface{}
JSONB represents a JSONB field that can properly scan from PostgreSQL
type Port ¶
type Port struct {
gorm.Model
Number int `gorm:"not null"` // Port number (22, 80, 443, etc.)
Protocol string `gorm:"not null"`
State string
// REMOVED: Hosts []Host `gorm:"many2many:host_ports"` - circular reference eliminated
HostPorts []HostPort `gorm:"foreignKey:PortID"`
}
type PortWithSource ¶ added in v0.0.6
type PortWithSource struct {
Port
SourceAttribution
}
PortWithSource represents a port with its source attribution
type ProblemType ¶
type ProblemType struct {
gorm.Model
ProblemTypeData []*ProblemTypeData `gorm:"foreignKey:ProblemTypeID"`
CVEItemID uint
}
type ProblemTypeData ¶
type ProblemTypeData struct {
gorm.Model
ProblemTypeID uint
Descriptions []*Description `gorm:"foreignKey:ProblemTypeDataID"`
}
type RiskScore ¶
type RiskScore struct {
CVSSV3ID uint
CVSSV3 BaseMetricV3 `gorm:"embedded;embeddedPrefix:cvssv3_"`
CVSSV2ID uint
CVSSV2 BaseMetricV2 `gorm:"embedded;embeddedPrefix:cvssv2_"`
}
type ScanHistoryEntry ¶ added in v0.0.6
type ScanHistoryEntry struct {
gorm.Model // Provides ID, CreatedAt, UpdatedAt, DeletedAt
HostID uint `json:"host_id"`
Source string `json:"source"`
SourceVersion string `json:"source_version"`
ScanTime time.Time `json:"scan_time"`
FindingsCount int `json:"findings_count"`
ScanConfig string `json:"scan_config,omitempty"`
Notes string `json:"notes,omitempty"`
}
ScanHistory represents the timeline of scans for a host
type ScanSource ¶ added in v0.0.6
type ScanSource struct {
Name string `json:"name"` // "nmap", "agent", "rustscan", "manual"
Version string `json:"version"` // Tool version
Config string `json:"config"` // Scan configuration used
}
ScanSource represents the metadata about a scan source
type SourceAttribution ¶ added in v0.0.6
type SourceAttribution struct {
Source string `json:"source"`
SourceVersion string `json:"source_version"`
FirstSeen time.Time `json:"first_seen"`
LastSeen time.Time `json:"last_seen"`
Status string `json:"status"`
Confidence float64 `json:"confidence"`
Notes string `json:"notes,omitempty"`
}
SourceAttribution contains source and temporal information for any finding
type SourceCoverageStats ¶ added in v0.0.6
type SourceCoverageStats struct {
Source string `json:"source"`
HostsScanned int `json:"hosts_scanned"`
VulnsFound int `json:"vulnerabilities_found"`
PortsDiscovered int `json:"ports_discovered"`
LastScanTime time.Time `json:"last_scan_time"`
AverageConfidence float64 `json:"average_confidence"`
}
SourceCoverage represents statistics about source coverage
type Vulnerability ¶
type Vulnerability struct {
gorm.Model
VID string `gorm:"column:v_id"`
// Description []Description `gorm:"foreignKey:VulnerabilityID"`
Description string
Title string
// REMOVED: Hosts []Host `gorm:"many2many:host_vulnerabilities"` - circular reference eliminated
HostVulnerabilities []HostVulnerability `gorm:"foreignKey:VulnerabilityID"`
RiskScore float64
}
func (*Vulnerability) String ¶ added in v0.0.12
func (v *Vulnerability) String() string
String returns a safe string representation without circular references Uses pointer receiver to work with GORM-loaded entities
type VulnerabilitySourceInfo ¶ added in v0.0.6
type VulnerabilitySourceInfo struct {
Source string `json:"source"`
SourceVersion string `json:"source_version"`
AffectedHosts int `json:"affected_hosts"`
FirstDetected time.Time `json:"first_detected"`
LastConfirmed time.Time `json:"last_confirmed"`
AverageConfidence float64 `json:"average_confidence"`
TotalReports int `json:"total_reports"`
}
VulnerabilitySourceInfo represents information about sources that reported a vulnerability
type VulnerabilityWithSource ¶ added in v0.0.6
type VulnerabilityWithSource struct {
Vulnerability
SourceAttribution
Port *int `json:"port,omitempty"`
ServiceInfo string `json:"service_info,omitempty"`
}
VulnerabilityWithSource represents a vulnerability with its source attribution
Source Files
Click to show internal directories.
Click to hide internal directories.