event

package
v1.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 7, 2025 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Copyright © 2022 Hengqi Chen

Copyright 2022 CFC4N <cfc4n.cs@gmail.com>. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source 
const (
	Ssl3RandomSize     = 32
	MasterSecretMaxLen = 48
	EvpMaxMdSize       = 64
)
View Source 
const (
	GnutlsMasterSize  = 48
	GnutlsRandomSize  = 32
	GnutlsMaxHashSize = 64
)
View Source 
const (
	GotlsRandomSize    = 32
	MasterSecretKeyLen = 32
)
View Source 
const (
	//dispatch_command_return
	DispatchCommandV57Failed       = -2
	DispatchCommandNotCaptured     = -1
	DispatchCommandSuccess         = 0
	DispatchCommandCloseConnection = 1
	DispatchCommandWouldblock      = 2
)
View Source 
const (
	Ssl2Version   = 0x0002
	Ssl3Version   = 0x0300
	Tls1Version   = 0x0301
	Tls11Version  = 0x0302
	Tls12Version  = 0x0303
	Tls13Version  = 0x0304
	Dtls1Version  = 0xFEFF
	Dtls12Version = 0xFEFD
)
View Source 
const (
	TaskCommLen = 16
	CmdlineLen  = 256
)
View Source 
const (
	COLORRESET  = "\033[0m"
	COLORRED    = "\033[31m"
	COLORGREEN  = "\033[32m"
	COLORYELLOW = "\033[33m"
	COLORBLUE   = "\033[34m"
	COLORPURPLE = "\033[35m"
	COLORCYAN   = "\033[36m"
	COLORWHITE  = "\033[37m"
)
View Source 
const ChunkSize = 16
View Source 
const ChunkSizeHalf = ChunkSize / 2
View Source 
const MaxDataSize = 1024 * 16 // fix: https://github.com/gojue/ecapture/issues/740
View Source 
const MaxDataSizeBash = 256
View Source 
const MaxDataSizeZsh = 256
View Source 
const MysqldMaxDataSize = 256

u64 pid; u64 timestamp; char Query[MAX_DATA_SIZE]; u64 Alllen; u64 Len; char Comm[TASK_COMM_LEN];

View Source 
const PostgresMaxDataSize = 256

u64 pid; u64 timestamp; char Query[MAX_DATA_SIZE]; char Comm[TASK_COMM_LEN];

View Source 
const SocketLifecycleUUIDPrefix = "sock:"

Variables

This section is empty.

Functions

func CToGoString 

func CToGoString(c []byte) string

func DecodeKtime 

func DecodeKtime(ktime int64, monotonic bool) (time.Time, error)

Types

type AttachType 

type AttachType int64
const (
	ProbeEntry AttachType = iota
	ProbeRet
)

type Base added in v1.4.0 

type Base struct {
	Timestamp int64  `json:"timestamp"`
	UUID      string `json:"uuid"`
	SrcIP     string `json:"src_ip"`
	SrcPort   uint32 `json:"src_port"`
	DstIP     string `json:"dst_ip"`
	DstPort   uint32 `json:"dst_port"`
	PID       int64  `json:"pid"`
	PName     string `json:"pname"`
	Type      uint32 `json:"type"` // 事件类型
	Length    uint32 `json:"length"`
}

type BashEvent 

type BashEvent struct {
	BashType    uint32                 `json:"bash_type"`
	Pid         uint32                 `json:"pid"`
	Uid         uint32                 `json:"uid"`
	Line        [MaxDataSizeBash]uint8 `json:"line"`
	ReturnValue uint32                 `json:"ret_val"`
	Comm        [16]byte               `json:"Comm"`

	AllLines string
	// contains filtered or unexported fields
}

func (*BashEvent) Base added in v1.4.0 

func (be *BashEvent) Base() Base

func (*BashEvent) Clone 

func (be *BashEvent) Clone() IEventStruct

func (*BashEvent) Decode 

func (be *BashEvent) Decode(payload []byte) (err error)

func (*BashEvent) EventType 

func (be *BashEvent) EventType() Type

func (*BashEvent) GetUUID 

func (be *BashEvent) GetUUID() string

func (*BashEvent) Payload 

func (be *BashEvent) Payload() []byte

func (*BashEvent) PayloadLen 

func (be *BashEvent) PayloadLen() int

func (*BashEvent) String 

func (be *BashEvent) String() string

func (*BashEvent) StringHex 

func (be *BashEvent) StringHex() string

func (*BashEvent) ToProtobufEvent added in v1.4.3 

func (be *BashEvent) ToProtobufEvent() *pb.Event

type CollectorWriter added in v1.4.1 

type CollectorWriter struct {
	// contains filtered or unexported fields
}

CollectorWriter is a custom writer that uses zerolog for event logging.

func NewCollectorWriter added in v1.4.1 

func NewCollectorWriter(logger *zerolog.Logger) CollectorWriter

func (CollectorWriter) Write added in v1.4.1 

func (e CollectorWriter) Write(p []byte) (n int, err error)

type ConnDataEvent 

type ConnDataEvent struct {
	Tuple string `json:"tuple"`
	// contains filtered or unexported fields
}

func (*ConnDataEvent) Base added in v1.4.0 

func (ce *ConnDataEvent) Base() Base

func (*ConnDataEvent) Clone 

func (ce *ConnDataEvent) Clone() IEventStruct

func (*ConnDataEvent) Decode 

func (ce *ConnDataEvent) Decode(payload []byte) (err error)

func (*ConnDataEvent) EventType 

func (ce *ConnDataEvent) EventType() Type

func (*ConnDataEvent) GetUUID 

func (ce *ConnDataEvent) GetUUID() string

func (*ConnDataEvent) Payload 

func (ce *ConnDataEvent) Payload() []byte

func (*ConnDataEvent) PayloadLen 

func (ce *ConnDataEvent) PayloadLen() int

func (*ConnDataEvent) String 

func (ce *ConnDataEvent) String() string

func (*ConnDataEvent) StringHex 

func (ce *ConnDataEvent) StringHex() string

func (*ConnDataEvent) ToProtobufEvent added in v1.4.3 

func (ce *ConnDataEvent) ToProtobufEvent() *pb.Event

type GnutlsDataEvent 

type GnutlsDataEvent struct {
	DataType  int64             `json:"dataType"`
	Timestamp uint64            `json:"timestamp"`
	Pid       uint32            `json:"pid"`
	Tid       uint32            `json:"tid"`
	Data      [MaxDataSize]byte `json:"data"`
	DataLen   int32             `json:"data_len"`
	Comm      [16]byte          `json:"Comm"`
	// contains filtered or unexported fields
}

func (*GnutlsDataEvent) Base added in v1.4.0 

func (ge *GnutlsDataEvent) Base() Base

func (*GnutlsDataEvent) Clone 

func (ge *GnutlsDataEvent) Clone() IEventStruct

func (*GnutlsDataEvent) Decode 

func (ge *GnutlsDataEvent) Decode(payload []byte) (err error)

func (*GnutlsDataEvent) EventType 

func (ge *GnutlsDataEvent) EventType() Type

func (*GnutlsDataEvent) GetUUID 

func (ge *GnutlsDataEvent) GetUUID() string

func (*GnutlsDataEvent) Payload 

func (ge *GnutlsDataEvent) Payload() []byte

func (*GnutlsDataEvent) PayloadLen 

func (ge *GnutlsDataEvent) PayloadLen() int

func (*GnutlsDataEvent) String 

func (ge *GnutlsDataEvent) String() string

func (*GnutlsDataEvent) StringHex 

func (ge *GnutlsDataEvent) StringHex() string

func (*GnutlsDataEvent) ToProtobufEvent added in v1.4.3 

func (ge *GnutlsDataEvent) ToProtobufEvent() *pb.Event

type GoTLSEvent 

type GoTLSEvent struct {
	Data []byte `json:"data"`
	// contains filtered or unexported fields
}

func (*GoTLSEvent) Base added in v1.4.0 

func (ge *GoTLSEvent) Base() Base

func (*GoTLSEvent) Clone 

func (ge *GoTLSEvent) Clone() IEventStruct

func (*GoTLSEvent) Decode 

func (ge *GoTLSEvent) Decode(payload []byte) error

func (*GoTLSEvent) EventType 

func (ge *GoTLSEvent) EventType() Type

func (*GoTLSEvent) GetUUID 

func (ge *GoTLSEvent) GetUUID() string

func (*GoTLSEvent) Payload 

func (ge *GoTLSEvent) Payload() []byte

func (*GoTLSEvent) PayloadLen 

func (ge *GoTLSEvent) PayloadLen() int

func (*GoTLSEvent) String 

func (ge *GoTLSEvent) String() string

func (*GoTLSEvent) StringHex 

func (ge *GoTLSEvent) StringHex() string

func (*GoTLSEvent) ToProtobufEvent added in v1.4.3 

func (ge *GoTLSEvent) ToProtobufEvent() *pb.Event

type IEventStruct 

type IEventStruct interface {
	Decode(payload []byte) (err error)
	Payload() []byte
	PayloadLen() int
	String() string
	StringHex() string
	Clone() IEventStruct
	EventType() Type
	GetUUID() string
	Base() Base
	ToProtobufEvent() *pb.Event
}

type MasterSecretBSSLEvent 

type MasterSecretBSSLEvent struct {
	Version int32 `json:"version"` // TLS Version

	// TLS 1.2 or older
	ClientRandom [Ssl3RandomSize]byte     `json:"clientRandom"` // Client Random
	Secret       [MasterSecretMaxLen]byte `json:"secret"`       // secret Key

	// TLS 1.3
	HashLen               uint32             `json:"hashLen"`               // hashLen
	EarlyTrafficSecret    [EvpMaxMdSize]byte `json:"earlyTrafficSecret"`    // CLIENT_EARLY_TRAFFIC_SECRET
	ClientHandshakeSecret [EvpMaxMdSize]byte `json:"clientHandshakeSecret"` // CLIENT_HANDSHAKE_TRAFFIC_SECRET
	ServerHandshakeSecret [EvpMaxMdSize]byte `json:"serverHandshakeSecret"` // SERVER_HANDSHAKE_TRAFFIC_SECRET
	ClientTrafficSecret0  [EvpMaxMdSize]byte `json:"clientTrafficSecret0"`  // SSL_HANDSHAKE_CLIENT_TRAFFIC_SECRET_0_
	ServerTrafficSecret0  [EvpMaxMdSize]byte `json:"serverTrafficSecret0"`  // SERVER_TRAFFIC_SECRET_0
	ExporterSecret        [EvpMaxMdSize]byte `json:"exporterSecret"`        // EXPORTER_SECRET
	// contains filtered or unexported fields
}

MasterSecretBSSLEvent for BoringSSL TLS 1.3

func (*MasterSecretBSSLEvent) Base added in v1.4.0 

func (msbe *MasterSecretBSSLEvent) Base() Base

func (*MasterSecretBSSLEvent) Clone 

func (msbe *MasterSecretBSSLEvent) Clone() IEventStruct

func (*MasterSecretBSSLEvent) Decode 

func (msbe *MasterSecretBSSLEvent) Decode(payload []byte) (err error)

func (*MasterSecretBSSLEvent) EventType 

func (msbe *MasterSecretBSSLEvent) EventType() Type

func (*MasterSecretBSSLEvent) GetUUID 

func (msbe *MasterSecretBSSLEvent) GetUUID() string

func (*MasterSecretBSSLEvent) Payload 

func (msbe *MasterSecretBSSLEvent) Payload() []byte

func (*MasterSecretBSSLEvent) PayloadLen 

func (msbe *MasterSecretBSSLEvent) PayloadLen() int

func (*MasterSecretBSSLEvent) String 

func (msbe *MasterSecretBSSLEvent) String() string

func (*MasterSecretBSSLEvent) StringHex 

func (msbe *MasterSecretBSSLEvent) StringHex() string

func (*MasterSecretBSSLEvent) ToProtobufEvent added in v1.4.3 

func (msbe *MasterSecretBSSLEvent) ToProtobufEvent() *pb.Event

type MasterSecretEvent 

type MasterSecretEvent struct {
	Version int32 `json:"version"` // TLS Version

	// TLS 1.2 or older
	ClientRandom [Ssl3RandomSize]byte     `json:"clientRandom"` // Client Random
	MasterKey    [MasterSecretMaxLen]byte `json:"masterKey"`    // Master Key

	// TLS 1.3
	CipherId               uint32             `json:"cipherId"`               // Cipher ID
	EarlyTrafficSecret     [EvpMaxMdSize]byte `json:"earlyTrafficSecret"`     // CLIENT_EARLY_TRAFFIC_SECRET
	HandshakeSecret        [EvpMaxMdSize]byte `json:"handshakeSecret"`        // Handshake Secret
	HandshakeTrafficHash   [EvpMaxMdSize]byte `json:"handshakeTrafficHash"`   // Handshake Traffic Hash
	ClientAppTrafficSecret [EvpMaxMdSize]byte `json:"clientAppTrafficSecret"` // Client App Traffic Secret
	ServerAppTrafficSecret [EvpMaxMdSize]byte `json:"serverAppTrafficSecret"` // Server App Traffic Secret
	ExporterMasterSecret   [EvpMaxMdSize]byte `json:"exporterMasterSecret"`   // Exporter Master Secret
	// contains filtered or unexported fields
}
	u8 client_random[SSL3_RANDOM_SIZE];
    u8 master_key[MASTER_SECRET_MAX_LEN];

func (*MasterSecretEvent) Base added in v1.4.0 

func (mse *MasterSecretEvent) Base() Base

func (*MasterSecretEvent) Clone 

func (mse *MasterSecretEvent) Clone() IEventStruct

func (*MasterSecretEvent) Decode 

func (mse *MasterSecretEvent) Decode(payload []byte) (err error)

func (*MasterSecretEvent) EventType 

func (mse *MasterSecretEvent) EventType() Type

func (*MasterSecretEvent) GetUUID 

func (mse *MasterSecretEvent) GetUUID() string

func (*MasterSecretEvent) Payload 

func (mse *MasterSecretEvent) Payload() []byte

func (*MasterSecretEvent) PayloadLen 

func (mse *MasterSecretEvent) PayloadLen() int

func (*MasterSecretEvent) String 

func (mse *MasterSecretEvent) String() string

func (*MasterSecretEvent) StringHex 

func (mse *MasterSecretEvent) StringHex() string

func (*MasterSecretEvent) ToProtobufEvent added in v1.4.3 

func (mse *MasterSecretEvent) ToProtobufEvent() *pb.Event

type MasterSecretGnutlsEvent added in v0.8.10 

type MasterSecretGnutlsEvent struct {
	Version                  int32                   `json:"version"`
	ClientRandom             [GnutlsRandomSize]byte  `json:"clientRandom"`
	MasterSecret             [GnutlsMasterSize]byte  `json:"masterSecret"`
	CipherId                 int32                   `json:"cipherId"` // PRF MAC
	ClientEarlyTrafficSecret [GnutlsMaxHashSize]byte `json:"clientEarlyTrafficSecret"`
	ClientHandshakeSecret    [GnutlsMaxHashSize]byte `json:"clientHandshakeSecret"`
	ServerHandshakeSecret    [GnutlsMaxHashSize]byte `json:"serverHandshakeSecret"`
	ClientTrafficSecret      [GnutlsMaxHashSize]byte `json:"clientTrafficSecret"`
	ServerTrafficSecret      [GnutlsMaxHashSize]byte `json:"serverTrafficSecret"`
	ExporterMasterSecret     [GnutlsMaxHashSize]byte `json:"exporterMasterSecret"`
	// contains filtered or unexported fields
}

mastersecret_gnutls_events

func (*MasterSecretGnutlsEvent) Base added in v1.4.0 

func (mse *MasterSecretGnutlsEvent) Base() Base

func (*MasterSecretGnutlsEvent) Clone added in v0.8.10 

func (mse *MasterSecretGnutlsEvent) Clone() IEventStruct

func (*MasterSecretGnutlsEvent) Decode added in v0.8.10 

func (mse *MasterSecretGnutlsEvent) Decode(payload []byte) (err error)

func (*MasterSecretGnutlsEvent) EventType added in v0.8.10 

func (mse *MasterSecretGnutlsEvent) EventType() Type

func (*MasterSecretGnutlsEvent) GetUUID added in v0.8.10 

func (mse *MasterSecretGnutlsEvent) GetUUID() string

func (*MasterSecretGnutlsEvent) Payload added in v0.8.10 

func (mse *MasterSecretGnutlsEvent) Payload() []byte

func (*MasterSecretGnutlsEvent) PayloadLen added in v0.8.10 

func (mse *MasterSecretGnutlsEvent) PayloadLen() int

func (*MasterSecretGnutlsEvent) String added in v0.8.10 

func (mse *MasterSecretGnutlsEvent) String() string

func (*MasterSecretGnutlsEvent) StringHex added in v0.8.10 

func (mse *MasterSecretGnutlsEvent) StringHex() string

func (*MasterSecretGnutlsEvent) ToProtobufEvent added in v1.4.3 

func (mse *MasterSecretGnutlsEvent) ToProtobufEvent() *pb.Event

type MasterSecretGotlsEvent 

type MasterSecretGotlsEvent struct {
	Label           [MasterSecretKeyLen]byte `json:"label"` // label name
	LabelLen        uint8                    `json:"labelLen"`
	ClientRandom    [EvpMaxMdSize]byte       `json:"clientRandom"` // Client Random
	ClientRandomLen uint8                    `json:"clientRandomLen"`
	MasterSecret    [EvpMaxMdSize]byte       `json:"masterSecret"` // Master Secret
	MasterSecretLen uint8                    `json:"masterSecretLen"`
	// contains filtered or unexported fields
}

func (*MasterSecretGotlsEvent) Base added in v1.4.0 

func (mge *MasterSecretGotlsEvent) Base() Base

func (*MasterSecretGotlsEvent) Clone 

func (mge *MasterSecretGotlsEvent) Clone() IEventStruct

func (*MasterSecretGotlsEvent) Decode 

func (mge *MasterSecretGotlsEvent) Decode(payload []byte) (err error)

func (*MasterSecretGotlsEvent) EventType 

func (mge *MasterSecretGotlsEvent) EventType() Type

func (*MasterSecretGotlsEvent) GetUUID 

func (mge *MasterSecretGotlsEvent) GetUUID() string

func (*MasterSecretGotlsEvent) Payload 

func (mge *MasterSecretGotlsEvent) Payload() []byte

func (*MasterSecretGotlsEvent) PayloadLen 

func (mge *MasterSecretGotlsEvent) PayloadLen() int

func (*MasterSecretGotlsEvent) String 

func (mge *MasterSecretGotlsEvent) String() string

func (*MasterSecretGotlsEvent) StringHex 

func (mge *MasterSecretGotlsEvent) StringHex() string

func (*MasterSecretGotlsEvent) ToProtobufEvent added in v1.4.3 

func (mge *MasterSecretGotlsEvent) ToProtobufEvent() *pb.Event

type MysqldEvent 

type MysqldEvent struct {
	Pid       uint64                   `json:"pid"`
	Timestamp uint64                   `json:"timestamp"`
	Query     [MysqldMaxDataSize]uint8 `json:"Query"`
	Alllen    uint64                   `json:"Alllen"`
	Len       uint64                   `json:"Len"`
	Comm      [16]uint8                `json:"Comm"`
	Retval    dispatchCommandReturn    `json:"retval"`
	// contains filtered or unexported fields
}

func (*MysqldEvent) Base added in v1.4.0 

func (me *MysqldEvent) Base() Base

func (*MysqldEvent) Clone 

func (me *MysqldEvent) Clone() IEventStruct

func (*MysqldEvent) Decode 

func (me *MysqldEvent) Decode(payload []byte) (err error)

func (*MysqldEvent) EventType 

func (me *MysqldEvent) EventType() Type

func (*MysqldEvent) GetUUID 

func (me *MysqldEvent) GetUUID() string

func (*MysqldEvent) Payload 

func (me *MysqldEvent) Payload() []byte

func (*MysqldEvent) PayloadLen 

func (me *MysqldEvent) PayloadLen() int

func (*MysqldEvent) String 

func (me *MysqldEvent) String() string

func (*MysqldEvent) StringHex 

func (me *MysqldEvent) StringHex() string

func (*MysqldEvent) ToProtobufEvent added in v1.4.3 

func (me *MysqldEvent) ToProtobufEvent() *pb.Event

type NsprDataEvent 

type NsprDataEvent struct {
	DataType  int64             `json:"dataType"`
	Timestamp uint64            `json:"timestamp"`
	Pid       uint32            `json:"pid"`
	Tid       uint32            `json:"tid"`
	Data      [MaxDataSize]byte `json:"data"`
	DataLen   int32             `json:"dataLen"`
	Comm      [16]byte          `json:"Comm"`
	// contains filtered or unexported fields
}

func (*NsprDataEvent) Base added in v1.4.0 

func (ne *NsprDataEvent) Base() Base

func (*NsprDataEvent) Clone 

func (ne *NsprDataEvent) Clone() IEventStruct

func (*NsprDataEvent) Decode 

func (ne *NsprDataEvent) Decode(payload []byte) (err error)

func (*NsprDataEvent) EventType 

func (ne *NsprDataEvent) EventType() Type

func (*NsprDataEvent) GetUUID 

func (ne *NsprDataEvent) GetUUID() string

func (*NsprDataEvent) Payload 

func (ne *NsprDataEvent) Payload() []byte

func (*NsprDataEvent) PayloadLen 

func (ne *NsprDataEvent) PayloadLen() int

func (*NsprDataEvent) String 

func (ne *NsprDataEvent) String() string

func (*NsprDataEvent) StringHex 

func (ne *NsprDataEvent) StringHex() string

func (*NsprDataEvent) ToProtobufEvent added in v1.4.3 

func (ne *NsprDataEvent) ToProtobufEvent() *pb.Event

type PostgresEvent 

type PostgresEvent struct {
	Pid       uint64                     `json:"pid"`
	Timestamp uint64                     `json:"timestamp"`
	Query     [PostgresMaxDataSize]uint8 `json:"Query"`
	Comm      [16]uint8                  `json:"Comm"`
	// contains filtered or unexported fields
}

func (*PostgresEvent) Base added in v1.4.0 

func (pe *PostgresEvent) Base() Base

func (*PostgresEvent) Clone 

func (pe *PostgresEvent) Clone() IEventStruct

func (*PostgresEvent) Decode 

func (pe *PostgresEvent) Decode(payload []byte) (err error)

func (*PostgresEvent) EventType 

func (pe *PostgresEvent) EventType() Type

func (*PostgresEvent) GetUUID 

func (pe *PostgresEvent) GetUUID() string

func (*PostgresEvent) Payload 

func (pe *PostgresEvent) Payload() []byte

func (*PostgresEvent) PayloadLen 

func (pe *PostgresEvent) PayloadLen() int

func (*PostgresEvent) String 

func (pe *PostgresEvent) String() string

func (*PostgresEvent) StringHex 

func (pe *PostgresEvent) StringHex() string

func (*PostgresEvent) ToProtobufEvent added in v1.4.3 

func (pe *PostgresEvent) ToProtobufEvent() *pb.Event

type SSLDataEvent 

type SSLDataEvent struct {
	DataType  int64             `json:"dataType"`
	Timestamp uint64            `json:"timestamp"`
	Pid       uint32            `json:"pid"`
	Tid       uint32            `json:"tid"`
	Data      [MaxDataSize]byte `json:"data"`
	DataLen   int32             `json:"dataLen"`
	Comm      [16]byte          `json:"Comm"`
	Fd        uint32            `json:"fd"`
	Version   int32             `json:"version"`
	Tuple     string
	BioType   uint32
	Sock      uint64
	// contains filtered or unexported fields
}

func (*SSLDataEvent) Base added in v1.4.0 

func (se *SSLDataEvent) Base() Base

func (*SSLDataEvent) BaseInfo added in v1.1.0 

func (se *SSLDataEvent) BaseInfo() string

func (*SSLDataEvent) Clone 

func (se *SSLDataEvent) Clone() IEventStruct

func (*SSLDataEvent) Decode 

func (se *SSLDataEvent) Decode(payload []byte) (err error)

func (*SSLDataEvent) EventType 

func (se *SSLDataEvent) EventType() Type

func (*SSLDataEvent) GetUUID 

func (se *SSLDataEvent) GetUUID() string

func (*SSLDataEvent) Payload 

func (se *SSLDataEvent) Payload() []byte

func (*SSLDataEvent) PayloadLen 

func (se *SSLDataEvent) PayloadLen() int

func (*SSLDataEvent) String 

func (se *SSLDataEvent) String() string

func (*SSLDataEvent) StringHex 

func (se *SSLDataEvent) StringHex() string

func (*SSLDataEvent) ToProtobufEvent added in v1.4.3 

func (se *SSLDataEvent) ToProtobufEvent() *pb.Event

type TcSkbEvent 

type TcSkbEvent struct {
	Ts      uint64            `json:"ts"`
	Pid     uint32            `json:"pid"`
	Comm    [TaskCommLen]byte `json:"Comm"`
	Cmdline [CmdlineLen]byte  `json:"Cmdline"`
	Len     uint32            `json:"len"`
	Ifindex uint32            `json:"ifindex"`
	// contains filtered or unexported fields
}

func (*TcSkbEvent) Base added in v1.4.0 

func (te *TcSkbEvent) Base() Base

func (*TcSkbEvent) Clone 

func (te *TcSkbEvent) Clone() IEventStruct

func (*TcSkbEvent) Decode 

func (te *TcSkbEvent) Decode(payload []byte) (err error)

func (*TcSkbEvent) EventType 

func (te *TcSkbEvent) EventType() Type

func (*TcSkbEvent) GetUUID 

func (te *TcSkbEvent) GetUUID() string

func (*TcSkbEvent) Payload 

func (te *TcSkbEvent) Payload() []byte

func (*TcSkbEvent) PayloadLen 

func (te *TcSkbEvent) PayloadLen() int

func (*TcSkbEvent) String 

func (te *TcSkbEvent) String() string

func (*TcSkbEvent) StringHex 

func (te *TcSkbEvent) StringHex() string

func (*TcSkbEvent) ToProtobufEvent added in v1.4.3 

func (te *TcSkbEvent) ToProtobufEvent() *pb.Event

type TlsVersion 

type TlsVersion struct {
	Version int32
}

func (TlsVersion) String 

func (t TlsVersion) String() string

type Type added in v1.4.0 

type Type uint8
const (
	// TypeOutput upload to server or write to logfile.
	TypeOutput Type = iota

	// TypeModuleData set as module cache data
	TypeModuleData

	// TypeEventProcessor display by event_processor.
	TypeEventProcessor
)

type ZshEvent added in v0.9.0 

type ZshEvent struct {
	ZshType uint32                `json:"zsh_type"`
	Pid     uint32                `json:"pid"`
	Uid     uint32                `json:"uid"`
	Comm    [16]byte              `json:"Comm"`
	Line    [MaxDataSizeZsh]uint8 `json:"line"`
	// contains filtered or unexported fields
}

func (*ZshEvent) Base added in v1.4.0 

func (pe *ZshEvent) Base() Base

func (*ZshEvent) Clone added in v0.9.0 

func (be *ZshEvent) Clone() IEventStruct

func (*ZshEvent) Decode added in v0.9.0 

func (be *ZshEvent) Decode(payload []byte) (err error)

func (*ZshEvent) EventType added in v0.9.0 

func (be *ZshEvent) EventType() Type

func (*ZshEvent) GetUUID added in v0.9.0 

func (be *ZshEvent) GetUUID() string

func (*ZshEvent) Payload added in v0.9.0 

func (be *ZshEvent) Payload() []byte

func (*ZshEvent) PayloadLen added in v0.9.0 

func (be *ZshEvent) PayloadLen() int

func (*ZshEvent) String added in v0.9.0 

func (be *ZshEvent) String() string

func (*ZshEvent) StringHex added in v0.9.0 

func (be *ZshEvent) StringHex() string

func (*ZshEvent) ToProtobufEvent added in v1.4.3 

func (be *ZshEvent) ToProtobufEvent() *pb.Event

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.