Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ArkSIASMGetSession ¶
type ArkSIASMGetSession struct {
SessionID string `json:"session_id" mapstructure:"session_id" flag:"session-id" desc:"Session identifier to get" validate:"required"`
}
ArkSIASMGetSession represents the request to get a session by ID.
type ArkSIASMGetSessionActivities ¶
type ArkSIASMGetSessionActivities struct {
SessionID string `` /* 134-byte string literal not displayed */
}
ArkSIASMGetSessionActivities represents the request to get a session activities by ID.
type ArkSMSession ¶
type ArkSMSession struct {
TenantID string `json:"tenant_id,omitempty" mapstructure:"tenant_id,omitempty" desc:"Tenant id of the session"`
SessionID string `json:"session_id" mapstructure:"session_id" desc:"Session id"`
SessionStatus ArkSMSessionStatus `json:"session_status,omitempty" mapstructure:"session_status,omitempty" desc:"Status of the session"`
SessionDuration string `json:"session_duration,omitempty" mapstructure:"session_duration,omitempty" desc:"Duration of the session in seconds"`
EndReason string `json:"end_reason,omitempty" mapstructure:"end_reason,omitempty" desc:"End reason for the session"`
ErrorCode string `json:"error_code,omitempty" mapstructure:"error_code,omitempty" desc:"Error code for the session"`
ApplicationCode string `` /* 223-byte string literal not displayed */
AccessMethod string `` /* 135-byte string literal not displayed */
StartTime string `json:"start_time,omitempty" mapstructure:"start_time,omitempty" desc:"Start time of the session"`
EndTime string `json:"end_time,omitempty" mapstructure:"end_time,omitempty" desc:"End time of the session"`
User string `json:"user,omitempty" mapstructure:"user,omitempty" desc:"Username of the session"`
Source string `json:"source,omitempty" mapstructure:"source,omitempty" desc:"Source of the session (Usually IP)"`
Target string `json:"target,omitempty" mapstructure:"target,omitempty" desc:"Target of the session (Usually IP/DNS)"`
TargetUsername string `json:"target_username,omitempty" mapstructure:"target_username,omitempty" desc:"Target username of the session"`
Protocol string `` /* 144-byte string literal not displayed */
Platform string `json:"platform,omitempty" mapstructure:"platform,omitempty" desc:"Connection platform of the session"`
CustomData map[string]interface{} `json:"custom_data,omitempty" mapstructure:"custom_data,omitempty" desc:"Custom data of the session"`
IsRecording bool `json:"is_recording,omitempty" mapstructure:"is_recording,omitempty" desc:"Whether the session is recorded or not"`
}
ArkSMSession represents a session.
type ArkSMSessionActivities ¶
type ArkSMSessionActivities struct {
Activities []ArkSMSessionActivity `json:"activities" mapstructure:"activities" desc:"List of the session activities"`
FilteredCount int `json:"filtered_count" mapstructure:"filtered_count" desc:"How many session activities were filtered"`
ReturnedCount int `json:"returned_count" mapstructure:"returned_count" desc:"How many session activities were returned"`
}
ArkSMSessionActivities holds a list of session activities and related counts.
type ArkSMSessionActivitiesFilter ¶
type ArkSMSessionActivitiesFilter struct {
SessionID string `json:"session_id" mapstructure:"session_id" flag:"session-id" desc:"Session identifier to get" validate:"required"`
CommandContains string `json:"command_contains" mapstructure:"command_contains" flag:"command-contains" desc:"String which the command contains"`
}
ArkSMSessionActivitiesFilter represents a filter for session activities based on session ID and command content.
type ArkSMSessionActivity ¶
type ArkSMSessionActivity struct {
UUID string `json:"uuid" mapstructure:"uuid" desc:"ID of the audit"`
TenantID string `json:"tenant_id" mapstructure:"tenant_id" desc:"Tenant id of the audit"`
Timestamp string `json:"timestamp" mapstructure:"timestamp" desc:"Time of the audit"`
Username string `json:"username" mapstructure:"username" desc:"Username of the audit"`
ApplicationCode string `` /* 201-byte string literal not displayed */
Action string `json:"action" mapstructure:"action" desc:"Action performed for the audit"`
UserID string `json:"user_id" mapstructure:"user_id" desc:"Id of the user who performed the audit"`
Source string `json:"source" mapstructure:"source" desc:"Source of the audit"`
ActionType string `json:"action_type" mapstructure:"action_type" desc:"Type of action for the audit"`
AuditCode string `json:"audit_code,omitempty" mapstructure:"audit_code,omitempty" desc:"Audit code of the audit"`
Command string `json:"command,omitempty" mapstructure:"command,omitempty" desc:"Command performed as part of the audit"`
Target string `json:"target,omitempty" mapstructure:"target,omitempty" desc:"Target of the audit"`
ServiceName string `json:"service_name,omitempty" mapstructure:"service_name,omitempty" desc:"Service name of the audit"`
SessionID string `json:"session_id,omitempty" mapstructure:"session_id,omitempty" desc:"Session id of the audit if related to a session"`
Message string `json:"message,omitempty" mapstructure:"message,omitempty" desc:"Message of the audit"`
}
ArkSMSessionActivity represents a single session audit activity.
type ArkSMSessionStatus ¶
type ArkSMSessionStatus string
ArkSMSessionStatus represents the status of a session.
const ( Active ArkSMSessionStatus = "Active" Ended ArkSMSessionStatus = "Ended" Failed ArkSMSessionStatus = "Failed" )
Possible session statuses.
type ArkSMSessions ¶
type ArkSMSessions struct {
Sessions []ArkSMSession `json:"sessions" mapstructure:"sessions" desc:"List of the sessions"`
FilteredCount int `json:"filtered_count" mapstructure:"filtered_count" desc:"How many sessions were filtered"`
ReturnedCount int `json:"returned_count" mapstructure:"returned_count" desc:"How many sessions were returned"`
}
ArkSMSessions represents a list of sessions with counts.
type ArkSMSessionsFilter ¶
type ArkSMSessionsFilter struct {
// Search is a free text query to search sessions by.
// Examples:
// - 'duration LE 01:00:00'
// - 'startTime GE 2023-11-18T06:53:30Z'
// - 'status IN Failed,Ended AND endReason STARTSWITH Err008'
// - 'command STARTSWITH ls'
// - 'protocol IN SSH,RDP'
Search string `` /* 223-byte string literal not displayed */
}
ArkSMSessionsFilter represents a filter for querying sessions using a search expression.
type ArkSMSessionsStats ¶
type ArkSMSessionsStats struct {
SessionsCount int `json:"sessions_count" mapstructure:"sessions_count" desc:"Sessions count in the last 30 days"`
SessionsCountPerApplicationCode map[string]int `` /* 136-byte string literal not displayed */
SessionsCountPerPlatform map[string]int `json:"sessions_count_per_platform" mapstructure:"sessions_count_per_platform" desc:"Sessions count per platform"`
SessionsCountPerStatus map[ArkSMSessionStatus]int `json:"sessions_count_per_status" mapstructure:"sessions_count_per_status" desc:"Sessions count per status"`
SessionsCountPerProtocol map[string]int `json:"sessions_count_per_protocol" mapstructure:"sessions_count_per_protocol" desc:"Sessions count per protocol"`
SessionsFailureCount int `json:"sessions_failure_count" mapstructure:"sessions_failure_count" desc:"Sessions count with failures"`
}
ArkSMSessionsStats represents statistics about sessions over the last 30 days.
Source Files
Click to show internal directories.
Click to hide internal directories.