Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var Decoder = &decoder.AbstractDecoder{ Type: types.Type_NC_Service, Name: "Service", Description: "A network service", PostInit: func(d *decoder.AbstractDecoder) error { var err error serviceLog, _, err = logging.InitZapLogger( decoderconfig.Instance.Out, "service", decoderconfig.Instance.Debug, ) if err != nil { return err } serviceLogSugared = serviceLog.Sugar() return initServiceProbes() }, DeInit: func(e *decoder.AbstractDecoder) error { // flush writer var err error for _, item := range Store.Items { item.Lock() if len(item.applications) > 0 { item.Service.Applications = make([]string, 0, len(item.applications)) for app := range item.applications { item.Service.Applications = append(item.Service.Applications, app) } } err = e.Writer.Write(item.Service) if err != nil { serviceLog.Error("failed to flush service audit record", zap.Error(err)) } item.Unlock() atomic.AddInt64(&e.NumRecordsWritten, 1) } return serviceLog.Sync() }, }
Decoder for protocol analysis and writing audit records to disk.
View Source
var Store = &atomicServiceMap{ Items: make(map[string]*service), }
Store ServiceStore holds all tcp service banners.
Functions ¶
func AddApplications ¶ added in v0.7.5
AddApplications adds DPI-detected application protocols to a service. This function is thread-safe and can be called from packet decoders.
func MatchServiceProbes ¶
MatchServiceProbes will check the service banner against the probes.
func NewService ¶
NewService creates a new network service.
func ResetStore ¶ added in v0.7.5
func ResetStore()
ResetStore clears all services from memory This should be called when resetting state between processing different files
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.