nodes

package
v0.4.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 30, 2025 License: MIT Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// ActiveNodes to represent active nodes
	ActiveNodes = "active"
	// InactiveNodes to represent inactive nodes
	InactiveNodes = "inactive"
	// AllNodes to represent all nodes
	AllNodes = "all"
	// EnvSelector to represent environment selector
	EnvironmentSelector = "environment"
	// PlatformSelector to represent platform selector
	PlatformSelector = "platform"
)

Variables

This section is empty.

Functions

func ActiveTimeCutoff added in v0.4.7 

func ActiveTimeCutoff(hours int64) time.Time

ActiveTimeCutoff returns the cutoff time for active nodes based on the specified number of hours

func ApplyNodeTarget added in v0.4.7 

func ApplyNodeTarget(query *gorm.DB, target string, hours int64) *gorm.DB

ApplyNodeTarget adds the appropriate query constraints for the target node status (active, inactive, all) to the provided gorm query. Default is all nodes.

func IsActive 

func IsActive(n OsqueryNode, inactive int64) bool

IsActive determines if a node is active based on when it was last seen. The inactive parameter specifies the number of hours a node can be without checking in before it's considered inactive. This number is expected positive. Returns true if the node has checked in within the specified timeframe.

Types

type ArchiveOsqueryNode 

type ArchiveOsqueryNode struct {
	gorm.Model
	NodeKey         string `gorm:"index"`
	UUID            string `gorm:"index"`
	Trigger         string
	Platform        string
	PlatformVersion string
	OsqueryVersion  string
	Hostname        string
	Localname       string
	IPAddress       string
	Username        string
	OsqueryUser     string
	Environment     string
	CPU             string
	Memory          string
	HardwareSerial  string
	ConfigHash      string
	DaemonHash      string
	BytesReceived   int
	RawEnrollment   string
	LastSeen        time.Time
	UserID          uint
	EnvironmentID   uint
	ExtraData       string
}

ArchiveOsqueryNode as abstraction of an archived node

type NodeCache added in v0.4.7 

type NodeCache struct {
	// contains filtered or unexported fields
}

NodeCache provides cached access to OsqueryNode objects

func NewNodeCache added in v0.4.7 

func NewNodeCache(nodes *NodeManager) *NodeCache

NewNodeCache creates a new node cache

func (*NodeCache) Close added in v0.4.7 

func (nc *NodeCache) Close()

Close stops the cleanup goroutine and releases resources

func (*NodeCache) GetByKey added in v0.4.7 

func (nc *NodeCache) GetByKey(ctx context.Context, nodeKey string) (OsqueryNode, error)

GetByKey retrieves a node by node_key, using cache when available

func (*NodeCache) InvalidateAll added in v0.4.7 

func (nc *NodeCache) InvalidateAll(ctx context.Context)

InvalidateAll clears the entire cache

func (*NodeCache) InvalidateNode added in v0.4.7 

func (nc *NodeCache) InvalidateNode(ctx context.Context, nodeKey string)

InvalidateNode removes a specific node from the cache

func (*NodeCache) UpdateNodeInCache added in v0.4.7 

func (nc *NodeCache) UpdateNodeInCache(ctx context.Context, node OsqueryNode)

UpdateNodeInCache updates a node in the cache

type NodeManager 

type NodeManager struct {
	DB    *gorm.DB
	Cache *NodeCache
}

NodeManager to handle all nodes of the system

func CreateNodes 

func CreateNodes(backend *gorm.DB) *NodeManager

CreateNodes to initialize the nodes struct and its tables

func (*NodeManager) Archive 

func (n *NodeManager) Archive(uuid, trigger string) error

Archive to archive osquery node by UUID

func (*NodeManager) ArchiveDeleteByUUID 

func (n *NodeManager) ArchiveDeleteByUUID(uuid string) error

ArchiveDeleteByUUID to archive and delete an existing node record by UUID

func (*NodeManager) CheckByHost 

func (n *NodeManager) CheckByHost(host string) bool

CheckByHost to check if node exists by Hostname

func (*NodeManager) CheckByUUID 

func (n *NodeManager) CheckByUUID(uuid string) bool

CheckByUUID to check if node exists by UUID UUID is expected uppercase

func (*NodeManager) CheckByUUIDEnv 

func (n *NodeManager) CheckByUUIDEnv(uuid, environment string) bool

CheckByUUIDEnv to check if node exists by UUID in a specific environment UUID is expected uppercase

func (*NodeManager) Create 

func (n *NodeManager) Create(node *OsqueryNode) error

Create to insert new osquery node generating new node_key

func (*NodeManager) GetAllPlatforms 

func (n *NodeManager) GetAllPlatforms() ([]string, error)

GetAllPlatforms to get all different platform with nodes in them

func (*NodeManager) GetByEnv 

func (n *NodeManager) GetByEnv(env, target string, hours int64) ([]OsqueryNode, error)

GetByEnv to retrieve target nodes by environment

func (*NodeManager) GetByIdentifier 

func (n *NodeManager) GetByIdentifier(identifier string) (OsqueryNode, error)

GetByIdentifier to retrieve full node object from DB, by uuid or hostname or localname UUID is expected uppercase

func (*NodeManager) GetByIdentifierEnv added in v0.4.7 

func (n *NodeManager) GetByIdentifierEnv(identifier string, envid uint) (OsqueryNode, error)

GetByIdentifierEnv to retrieve full node object from DB, by uuid or hostname or localname UUID is expected uppercase

func (*NodeManager) GetByKey 

func (n *NodeManager) GetByKey(nodekey string) (OsqueryNode, error)

GetByKey to retrieve full node object from DB or cache, by node_key node_key is expected lowercase

func (*NodeManager) GetByPlatform 

func (n *NodeManager) GetByPlatform(envID uint, platform, target string, hours int64) ([]OsqueryNode, error)

GetByPlatform to retrieve target nodes by platform

func (*NodeManager) GetBySelector 

func (n *NodeManager) GetBySelector(stype, selector, target string, hours int64) ([]OsqueryNode, error)

GetBySelector to retrieve target nodes by selector

func (*NodeManager) GetByUUID 

func (n *NodeManager) GetByUUID(uuid string) (OsqueryNode, error)

GetByUUID to retrieve full node object from DB, by uuid UUID is expected uppercase

func (*NodeManager) GetByUUIDEnv 

func (n *NodeManager) GetByUUIDEnv(uuid string, envid uint) (OsqueryNode, error)

GetByUUIDEnv to retrieve full node object from DB, by uuid and environment ID UUID is expected uppercase

func (*NodeManager) GetEnvIDPlatforms added in v0.4.7 

func (n *NodeManager) GetEnvIDPlatforms(envID uint) ([]string, error)

GetEnvIDPlatforms to get the platforms with nodes in them by environment

func (*NodeManager) GetEnvPlatforms 

func (n *NodeManager) GetEnvPlatforms(environment string) ([]string, error)

GetEnvPlatforms to get the platforms with nodes in them by environment

func (*NodeManager) GetStatsByEnv 

func (n *NodeManager) GetStatsByEnv(environment string, hours int64) (StatsData, error)

GetStatsByEnv to populate table stats about nodes by environment

func (*NodeManager) Gets 

func (n *NodeManager) Gets(target string, hours int64) ([]OsqueryNode, error)

Gets to retrieve all/active/inactive nodes

func (*NodeManager) IncreaseBytes 

func (n *NodeManager) IncreaseBytes(node OsqueryNode, incBytes int) error

IncreaseBytes to update received bytes per node

func (*NodeManager) MetadataRefresh 

func (n *NodeManager) MetadataRefresh(node OsqueryNode, updates map[string]interface{}) error

MetadataRefresh to perform all needed update operations per node to keep metadata refreshed

func (*NodeManager) NewHistoryEntry 

func (n *NodeManager) NewHistoryEntry(entry interface{}) error

NewHistoryEntry to insert new entry for the history of Hostnames

func (*NodeManager) RefreshLastSeenBatch added in v0.4.4 

func (n *NodeManager) RefreshLastSeenBatch(nodeID []uint) error

func (*NodeManager) UpdateByUUID 

func (n *NodeManager) UpdateByUUID(data OsqueryNode, uuid string) error

UpdateByUUID to update an existing node record by UUID

func (*NodeManager) UpdateIP added in v0.4.4 

func (n *NodeManager) UpdateIP(nodeID uint, ip string) error

func (*NodeManager) UpdateMetadataByUUID 

func (n *NodeManager) UpdateMetadataByUUID(uuid string, metadata NodeMetadata) error

UpdateMetadataByUUID to update node metadata by UUID

type NodeMetadata 

type NodeMetadata struct {
	IPAddress       string
	Username        string
	OsqueryUser     string
	Hostname        string
	Localname       string
	ConfigHash      string
	DaemonHash      string
	OsqueryVersion  string
	Platform        string
	PlatformVersion string
	BytesReceived   int
}

NodeMetadata to hold metadata for a node

type OsqueryNode 

type OsqueryNode struct {
	gorm.Model
	NodeKey         string `gorm:"index"`
	UUID            string `gorm:"index"`
	Platform        string
	PlatformVersion string
	OsqueryVersion  string
	Hostname        string
	Localname       string
	IPAddress       string
	Username        string
	OsqueryUser     string
	Environment     string
	CPU             string
	Memory          string
	HardwareSerial  string
	DaemonHash      string
	ConfigHash      string
	BytesReceived   int
	RawEnrollment   string
	LastSeen        time.Time
	UserID          uint
	EnvironmentID   uint
	ExtraData       string
}

OsqueryNode as abstraction of a node

type StatsData 

type StatsData struct {
	Total    int64 `json:"total"`
	Active   int64 `json:"active"`
	Inactive int64 `json:"inactive"`
}

StatsData to display node stats

func GetStats added in v0.4.7 

func GetStats(db *gorm.DB, column, value string, hours int64) (StatsData, error)

GetStats retrieves node statistics (total, active, inactive) for the given filter condition

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.