Documentation
¶
Overview ¶
Package alert provides the definition of an Alert and an alert Retriever.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Alert ¶
type Alert struct {
Priority Priority
Rule string
OutputFields map[string]string
Hostname string
Source string
}
Alert is a Falco alert.
type Priority ¶
type Priority string
Priority is priority associated with an alert.
const ( // PriorityEmergency defines the emergency priority value. PriorityEmergency Priority = "emergency" // PriorityAlert defines the alert priority value. PriorityAlert Priority = "alert" // PriorityCritical defines the critical priority value. PriorityCritical Priority = "critical" // PriorityError defines the error priority value. PriorityError Priority = "error" // PriorityWarning defines the warning priority value. PriorityWarning Priority = "warning" // PriorityNotice defines the notice priority value. PriorityNotice Priority = "notice" // PriorityInformational defines the informational priority value. PriorityInformational Priority = "informational" // PriorityDebug defines the debug priority value. PriorityDebug Priority = "debug" )
type Retriever ¶
type Retriever interface {
// AlertStream returns a channel that can be used to consume a stream of Falco alerts. The returned channel is
// closed if the provided context is canceled.
AlertStream(ctx context.Context) (<-chan *Alert, error)
}
Retriever allows to retrieve a stream of Falco alerts.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
retriever
|
|
|
httpretriever
Package httpretriever provides an implementation of alert.Retriever leveraging the HTTP Falco Outputs API.
|
Package httpretriever provides an implementation of alert.Retriever leveraging the HTTP Falco Outputs API. |
Click to show internal directories.
Click to hide internal directories.