config

package
v1.0.0-beta Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 14, 2018 License: GPL-3.0 Imports: 11 Imported by: 36

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ExactVersion = "undefined"

ExactVersion is filled at compile time with the git version of RITA ExactVersion is filled by "git describe --always --long --dirty --tags"

View Source 
var Version = "undefined"

Version is filled at compile time with the git version of RITA Version is filled by "git describe --abbrev=0 --tags"

Functions

This section is empty.

Types

type BeaconStaticCfg added in v1.0.0 

type BeaconStaticCfg struct {
	DefaultConnectionThresh int `yaml:"DefaultConnectionThresh"`
}

BeaconStaticCfg is used to control the beaconing analysis module

type BeaconTableCfg added in v1.0.0 

type BeaconTableCfg struct {
	BeaconTable string `yaml:"BeaconTable"`
}

BeaconTableCfg is used to control the beaconing analysis module

type BlacklistedStaticCfg added in v1.0.0 

type BlacklistedStaticCfg struct {
	UseIPms            bool                  `yaml:"myIP.ms"`
	UseDNSBH           bool                  `yaml:"MalwareDomains.com"`
	UseMDL             bool                  `yaml:"MalwareDomainList.com"`
	SafeBrowsing       SafeBrowsingStaticCfg `yaml:"SafeBrowsing"`
	IPBlacklists       []string              `yaml:"CustomIPBlacklists"`
	HostnameBlacklists []string              `yaml:"CustomHostnameBlacklists"`
	URLBlacklists      []string              `yaml:"CustomURLBlacklists"`
}

BlacklistedStaticCfg is used to control the blacklisted analysis module

type BlacklistedTableCfg added in v1.0.0 

type BlacklistedTableCfg struct {
	BlacklistDatabase string `yaml:"Database"`
	SourceIPsTable    string `yaml:"SourceIPsTable"`
	DestIPsTable      string `yaml:"DestIPsTable"`
	HostnamesTable    string `yaml:"HostnamesTable"`
	UrlsTable         string `yaml:"UrlsTable"`
}

BlacklistedTableCfg is used to control the blacklisted analysis module

type BroStaticCfg added in v1.0.0 

type BroStaticCfg struct {
	ImportDirectory string `yaml:"ImportDirectory"`
	DBRoot          string `yaml:"DBRoot"`
	MetaDB          string `yaml:"MetaDB"`
	ImportBuffer    int    `yaml:"ImportBuffer"`
}

BroStaticCfg controls the file parser

type Config added in v1.0.0 

type Config struct {
	R RunningCfg
	S StaticCfg
	T TableCfg
}

Config holds the configuration for the running system

func GetConfig 

func GetConfig(userConfig string, tableConfig string) (*Config, error)

GetConfig retrieves a configuration in order of precedence

type CrossrefStaticCfg added in v1.0.0 

type CrossrefStaticCfg struct {
	BeaconThreshold float64 `yaml:"BeaconThreshold"`
}

CrossrefStaticCfg is used to control the crossref analysis module

type CrossrefTableCfg added in v1.0.0 

type CrossrefTableCfg struct {
	SourceTable string `yaml:"SourceTable"`
	DestTable   string `yaml:"DestinationTable"`
}

CrossrefTableCfg is used to control the crossref analysis module

type DNSTableCfg added in v1.0.0 

type DNSTableCfg struct {
	ExplodedDNSTable string `yaml:"ExplodedDnsTable"`
	HostnamesTable   string `yaml:"HostnamesTable"`
}

DNSTableCfg is used to control the dns analysis module

type LogStaticCfg added in v1.0.0 

type LogStaticCfg struct {
	LogLevel    int    `yaml:"LogLevel"`
	RitaLogPath string `yaml:"RitaLogPath"`
	LogToFile   bool   `yaml:"LogToFile"`
	LogToDB     bool   `yaml:"LogToDB"`
}

LogStaticCfg contains the configuration for logging

type LogTableCfg added in v1.0.0 

type LogTableCfg struct {
	RitaLogTable string `yaml:"RitaLogTable"`
}

LogTableCfg contains the configuration for logging

type MetaTableCfg added in v1.0.0 

type MetaTableCfg struct {
	FilesTable     string `yaml:"FilesTable"`
	DatabasesTable string `yaml:"DatabasesTable"`
}

MetaTableCfg contains the meta db collection names

type MongoDBRunningCfg added in v1.0.0 

type MongoDBRunningCfg struct {
	AuthMechanismParsed mgosec.AuthMechanism
	TLS                 struct {
		TLSConfig *tls.Config
	}
}

MongoDBRunningCfg holds parsed information for connecting to MongoDB

type MongoDBStaticCfg added in v1.0.0 

type MongoDBStaticCfg struct {
	ConnectionString string        `yaml:"ConnectionString"`
	AuthMechanism    string        `yaml:"AuthenticationMechanism"`
	SocketTimeout    time.Duration `yaml:"SocketTimeout"`
	TLS              TLSStaticCfg  `yaml:"TLS"`
}

MongoDBStaticCfg contains the means for connecting to MongoDB

type RunningCfg added in v1.0.0 

type RunningCfg struct {
	MongoDB MongoDBRunningCfg
	Version semver.Version
}

RunningCfg holds configuration options that are parsed at run time

type SafeBrowsingStaticCfg added in v1.0.0 

type SafeBrowsingStaticCfg struct {
	APIKey   string `yaml:"APIKey"`
	Database string `yaml:"Database"`
}

SafeBrowsingStaticCfg contains the details for contacting Google's safebrowsing api

type ScanningStaticCfg added in v1.0.0 

type ScanningStaticCfg struct {
	ScanThreshold int `yaml:"ScanThreshold"`
}

ScanningStaticCfg is used to control the scanning analysis module

type ScanningTableCfg added in v1.0.0 

type ScanningTableCfg struct {
	ScanTable string `yaml:"ScanTable"`
}

ScanningTableCfg is used to control the scanning analysis module

type StaticCfg added in v1.0.0 

type StaticCfg struct {
	MongoDB      MongoDBStaticCfg     `yaml:"MongoDB"`
	Log          LogStaticCfg         `yaml:"LogConfig"`
	Blacklisted  BlacklistedStaticCfg `yaml:"BlackListed"`
	Crossref     CrossrefStaticCfg    `yaml:"Crossref"`
	Scanning     ScanningStaticCfg    `yaml:"Scanning"`
	Beacon       BeaconStaticCfg      `yaml:"Beacon"`
	Bro          BroStaticCfg         `yaml:"Bro"`
	Version      string
	ExactVersion string
}

StaticCfg is the container for other static config sections

type StructureTableCfg added in v1.0.0 

type StructureTableCfg struct {
	ConnTable       string `yaml:"ConnectionTable"`
	HTTPTable       string `yaml:"HttpTable"`
	DNSTable        string `yaml:"DnsTable"`
	UniqueConnTable string `yaml:"UniqueConnectionTable"`
	HostTable       string `yaml:"HostTable"`
	IPv4Table       string `yaml:"IPv4Table"`
	IPv6Table       string `yaml:"IPv6Table"`
}

StructureTableCfg contains the names of the base level collections

type TLSStaticCfg added in v1.0.0 

type TLSStaticCfg struct {
	Enabled           bool   `yaml:"Enable"`
	VerifyCertificate bool   `yaml:"VerifyCertificate"`
	CAFile            string `yaml:"CAFile"`
}

TLSStaticCfg contains the means for connecting to MongoDB over TLS

type TableCfg added in v1.0.0 

type TableCfg struct {
	Log         LogTableCfg         `yaml:"LogConfig"`
	Blacklisted BlacklistedTableCfg `yaml:"BlackListed"`
	DNS         DNSTableCfg         `yaml:"Dns"`
	Crossref    CrossrefTableCfg    `yaml:"Crossref"`
	Scanning    ScanningTableCfg    `yaml:"Scanning"`
	Structure   StructureTableCfg   `yaml:"Structure"`
	Beacon      BeaconTableCfg      `yaml:"Beacon"`
	Urls        UrlsTableCfg        `yaml:"Urls"`
	UserAgent   UserAgentTableCfg   `yaml:"UserAgent"`
	Meta        MetaTableCfg        `yaml:"MetaTables"`
}

TableCfg is the container for other table config sections

type UrlsTableCfg added in v1.0.0 

type UrlsTableCfg struct {
	UrlsTable string `yaml:"UrlsTable"`
}

UrlsTableCfg is used to control the urls analysis module

type UserAgentTableCfg added in v1.0.0 

type UserAgentTableCfg struct {
	UserAgentTable string `yaml:"UserAgentTable"`
}

UserAgentTableCfg is used to control the urls analysis module

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.