Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BaseLogData ¶
type BaseLogData struct {
Timestamp string `json:"timestamp"`
Session string `json:"session"`
Type string `json:"type"`
SourceIP string `json:"src_ip"`
DestPort uint16 `json:"dst_port"`
Tags map[string][]string `json:"matches"`
InlineTags []string `json:"inline_matches"`
Additional map[string]string `json:"embedded"`
}
BaseLogData is used as the base packet log and contains common data, such as the timestamp
func (*BaseLogData) Init ¶
func (l *BaseLogData) Init(ev loggable.Loggable)
Init takes the common BaseEvent attributes to setup the BaseLogData struct
type HTTPEventLog ¶
type HTTPEventLog struct {
HTTP HTTPLogData `json:"http"`
IP IPLogData `json:"ip"`
BaseLogData
}
HTTPEventLog is the event log struct for reassembled HTTP packets
func (HTTPEventLog) String ¶
func (eventLog HTTPEventLog) String() (string, error)
type HTTPLogData ¶
type HTTPLogData struct {
Verb string `json:"verb"`
Proto string `json:"proto"`
RequestURI string `json:"uri"`
SourcePort uint16 `json:"src_port"`
DestHost string `json:"dst_host"`
UserAgent string `json:"user_agent"`
Headers map[string]string `json:"headers"`
HeadersKeys []string `json:"headers_keys"`
HeadersValues []string `json:"headers_values"`
Errors []string `json:"errors"`
Body Payload `json:"body"`
IsTLS bool `json:"is_tls"`
}
HTTPLogData is the struct describing the logged data for reassembled HTTP packets
type ICMPv4EventLog ¶
type ICMPv4EventLog struct {
ICMPv4 ICMPv4LogData `json:"icmpv4"`
IP IPv4LogData `json:"ip"`
BaseLogData
}
ICMPv4EventLog is the event log struct for ICMPv4 packets
func (ICMPv4EventLog) String ¶
func (eventLog ICMPv4EventLog) String() (string, error)
type ICMPv4LogData ¶
type ICMPv4LogData struct {
TypeCode layers.ICMPv4TypeCode `json:"type_code"`
Type uint8 `json:"type"`
Code uint8 `json:"code"`
TypeCodeName string `json:"type_code_name"`
Checksum uint16 `json:"checksum"`
ID uint16 `json:"id"`
Seq uint16 `json:"seq"`
Payload Payload `json:"payload"`
}
ICMPv4LogData is the struct describing the logged data for ICMPv4 packets
type ICMPv6EventLog ¶
type ICMPv6EventLog struct {
ICMPv6 ICMPv6LogData `json:"icmpv6"`
IP IPv6LogData `json:"ip"`
BaseLogData
}
ICMPv6EventLog is the event log struct for ICMPv6 packets
func (ICMPv6EventLog) String ¶
func (eventLog ICMPv6EventLog) String() (string, error)
type ICMPv6LogData ¶
type ICMPv6LogData struct {
TypeCode layers.ICMPv6TypeCode `json:"type_code"`
Type uint8 `json:"type"`
Code uint8 `json:"code"`
TypeCodeName string `json:"type_code_name"`
Checksum uint16 `json:"checksum"`
Payload Payload `json:"payload"`
}
ICMPv6LogData is the struct describing the logged data for ICMPv6 packets
type IPLogData ¶
type IPLogData interface{}
IPLogData is the interface used by packet structs supporting an IP layer
type IPv4LogData ¶
type IPv4LogData struct {
Version uint8 `json:"version"`
IHL uint8 `json:"ihl"`
TOS uint8 `json:"tos"`
Length uint16 `json:"length"`
ID uint16 `json:"id"`
Fragbits string `json:"fragbits"`
FragOffset uint16 `json:"frag_offset"`
TTL uint8 `json:"ttl"`
Protocol layers.IPProtocol `json:"protocol"`
IPLogData `json:"-"`
}
IPv4LogData is the struct describing the logged data for IPv4 header
func NewIPv4LogData ¶
func NewIPv4LogData(ipv4Layer helpers.IPv4Layer) IPv4LogData
NewIPv4LogData is used to create a new IPv4LogData struct
type IPv6LogData ¶
type IPv6LogData struct {
Version uint8 `json:"version"`
Length uint16 `json:"length"`
NextHeader layers.IPProtocol `json:"next_header"`
NextHeaderName string `json:"next_header_name"`
TrafficClass uint8 `json:"traffic_class"`
FlowLabel uint32 `json:"flow_label"`
HopLimit uint8 `json:"hop_limit"`
IPLogData `json:"-"`
}
IPv6LogData is the struct describing the logged data for IPv6 header
func NewIPv6LogData ¶
func NewIPv6LogData(ipv6Layer helpers.IPv6Layer) IPv6LogData
NewIPv6LogData is used to create a new IPv6LogData struct
type Payload ¶
type Payload struct {
Content string `json:"content"`
Base64 string `json:"base64"`
Truncated bool `json:"truncated"`
}
Payload is the struct describing the logged data packets' payload when supported
func NewPayloadLogData ¶
NewPayloadLogData is used to create a new Payload struct
type TCPEventLog ¶
type TCPEventLog struct {
TCP TCPLogData `json:"tcp"`
IP IPLogData `json:"ip"`
BaseLogData
}
TCPEventLog is the event log struct for TCP packets
func (TCPEventLog) String ¶
func (eventLog TCPEventLog) String() (string, error)
type TCPLogData ¶
type TCPLogData struct {
Window uint16 `json:"window"`
Seq uint32 `json:"seq"`
Ack uint32 `json:"ack"`
DataOffset uint8 `json:"data_offset"`
Flags string `json:"flags"`
Urgent uint16 `json:"urgent"`
Payload Payload `json:"payload"`
}
TCPLogData is the struct describing the logged data for TCP packets
type UDPEventLog ¶
type UDPEventLog struct {
UDP UDPLogData `json:"udp"`
IP IPLogData `json:"ip"`
BaseLogData
}
UDPEventLog is the event log struct for UDP packets
func (UDPEventLog) String ¶
func (eventLog UDPEventLog) String() (string, error)
type UDPLogData ¶
type UDPLogData struct {
Payload Payload `json:"payload"`
Length uint16 `json:"length"`
Checksum uint16 `json:"checksum"`
}
UDPLogData is the struct describing the logged data for UDP packets
Source Files