events

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 26, 2025 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Cloud

type Cloud struct {
	Account struct {
		Type   string `json:"type,omitempty"`
		TypeID int    `json:"type_id,omitempty"`
		UID    string `json:"uid"`
	} `json:"account"`
	CloudPartition string `json:"cloud_partition,omitempty"`
	Provider       string `json:"provider"`
	Region         string `json:"region"`
}

type FindingInfo

type FindingInfo struct {
	Analytic *struct {
		Type   string `json:"type"`
		TypeID int    `json:"type_id"`
		UID    string `json:"uid"`
	} `json:"analytic,omitempty"`
	CreatedTime     int64    `json:"created_time"`
	CreatedTimeDt   string   `json:"created_time_dt"`
	Desc            string   `json:"desc"`
	FirstSeenTime   int64    `json:"first_seen_time"`
	FirstSeenTimeDt string   `json:"first_seen_time_dt"`
	LastSeenTime    int64    `json:"last_seen_time"`
	LastSeenTimeDt  string   `json:"last_seen_time_dt"`
	ModifiedTime    int64    `json:"modified_time"`
	ModifiedTimeDt  string   `json:"modified_time_dt"`
	Product         *Product `json:"product,omitempty"`
	Title           string   `json:"title"`
	Types           []string `json:"types"`
	UID             string   `json:"uid"`
	UIDalt          string   `json:"uid_alt,omitempty"`
}

type Metadata

type Metadata struct {
	Product  MetadataProduct `json:"product"`
	Profiles []string        `json:"profiles"`
	UID      string          `json:"uid"`
	Version  string          `json:"version"`
}

type MetadataProduct

type MetadataProduct struct {
	Feature *struct {
		Name string `json:"name"`
	} `json:"feature,omitempty"`
	Name       string `json:"name"`
	UID        string `json:"uid"`
	VendorName string `json:"vendor_name"`
}

type OCSFCompliance

type OCSFCompliance struct {
	Assessments []struct {
		Desc          string `json:"desc"`
		MeetsCriteria bool   `json:"meets_criteria"`
		Name          string `json:"name"`
	} `json:"assessments,omitempty"`
	Control           string   `json:"control,omitempty"`
	ControlParameters []any    `json:"control_parameters,omitempty"`
	Requirements      []string `json:"requirements,omitempty"`
	Standards         []string `json:"standards,omitempty"`
	Status            string   `json:"status,omitempty"`
	StatusID          int      `json:"status_id,omitempty"`
}

type OCSFResource

type OCSFResource struct {
	CloudPartition string         `json:"cloud_partition,omitempty"`
	Data           map[string]any `json:"data,omitempty"`
	Name           string         `json:"name,omitempty"`
	Owner          *ResourceOwner `json:"owner,omitempty"`
	Region         string         `json:"region"`
	Tags           []ResourceTag  `json:"tags,omitempty"`
	Type           string         `json:"type"`
	UID            string         `json:"uid"`
}

type Product

type Product struct {
	Feature *struct {
		Name string `json:"name"`
	} `json:"feature,omitempty"`
	Name       string `json:"name,omitempty"`
	UID        string `json:"uid,omitempty"`
	VendorName string `json:"vendor_name,omitempty"`
}

type Remediation

type Remediation struct {
	Desc       string   `json:"desc,omitempty"`
	References []string `json:"references,omitempty"`
}

type ResourceOwner

type ResourceOwner struct {
	Account struct {
		Type   string `json:"type,omitempty"`
		TypeID int    `json:"type_id,omitempty"`
		UID    string `json:"uid"`
	} `json:"account,omitempty"`
}

type ResourceTag

type ResourceTag struct {
	Name  string `json:"name"`
	Value string `json:"value"`
}

type SecurityHubEvent

type SecurityHubEvent interface {
	GetEventID() string
	GetDetailType() string
}

type SecurityHubEventInput

type SecurityHubEventInput struct {
	EventID    string
	DetailType string
	Detail     json.RawMessage
}

SecurityHubEventInput is a runtime-agnostic representation of a Security Hub event

type SecurityHubV2Finding

type SecurityHubV2Finding struct {
	ActivityID   int             `json:"activity_id"`
	ActivityName string          `json:"activity_name"`
	CategoryName string          `json:"category_name"`
	CategoryUID  int             `json:"category_uid"`
	ClassName    string          `json:"class_name"`
	ClassUID     int             `json:"class_uid"`
	Cloud        Cloud           `json:"cloud"`
	Compliance   *OCSFCompliance `json:"compliance,omitempty"`
	FindingInfo  FindingInfo     `json:"finding_info"`
	Metadata     Metadata        `json:"metadata"`
	Remediation  *Remediation    `json:"remediation,omitempty"`
	Resources    []OCSFResource  `json:"resources"`
	Severity     string          `json:"severity"`
	SeverityID   int             `json:"severity_id"`
	Status       string          `json:"status"`
	StatusID     int             `json:"status_id"`
	Time         int64           `json:"time"`
	TimeDt       string          `json:"time_dt"`
	TypeName     string          `json:"type_name"`
	TypeUID      int             `json:"type_uid"`
}

func NewSecurityHubFinding

func NewSecurityHubFinding(raw json.RawMessage) (*SecurityHubV2Finding, error)

func (*SecurityHubV2Finding) BuildConsoleUrl

func (shf *SecurityHubV2Finding) BuildConsoleUrl(consoleURL, accessPortalURL, accessRoleName, shRegion string) string

func (*SecurityHubV2Finding) GetFindingCategory

func (shf *SecurityHubV2Finding) GetFindingCategory() string

func (*SecurityHubV2Finding) GetSeverityEmoji

func (shf *SecurityHubV2Finding) GetSeverityEmoji() string

func (*SecurityHubV2Finding) IsAlertable

func (shf *SecurityHubV2Finding) IsAlertable() bool

func (*SecurityHubV2Finding) SlackMessage

func (shf *SecurityHubV2Finding) SlackMessage(consoleURL, accessPortalURL, accessRoleName, shRegion string) (slack.MsgOption, slack.MsgOption)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL