config

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 20, 2018 License: GPL-3.0 Imports: 11 Imported by: 36

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ExactVersion = "undefined"

ExactVersion is filled at compile time with the git version of RITA ExactVersion is filled by "git describe --always --long --dirty --tags"

View Source 
var Version = "undefined"

Version is filled at compile time with the git version of RITA Version is filled by "git describe --abbrev=0 --tags"

Functions

This section is empty.

Types

type BeaconStaticCfg added in v1.0.0 

type BeaconStaticCfg struct {
	DefaultConnectionThresh int `yaml:"DefaultConnectionThresh"`
}

BeaconStaticCfg is used to control the beaconing analysis module

type BeaconTableCfg added in v1.0.0 

type BeaconTableCfg struct {
	BeaconTable string
}

BeaconTableCfg is used to control the beaconing analysis module

type BlacklistedStaticCfg added in v1.0.0 

type BlacklistedStaticCfg struct {
	UseIPms            bool                  `yaml:"myIP.ms"`
	UseDNSBH           bool                  `yaml:"MalwareDomains.com"`
	UseMDL             bool                  `yaml:"MalwareDomainList.com"`
	SafeBrowsing       SafeBrowsingStaticCfg `yaml:"SafeBrowsing"`
	IPBlacklists       []string              `yaml:"CustomIPBlacklists"`
	HostnameBlacklists []string              `yaml:"CustomHostnameBlacklists"`
	URLBlacklists      []string              `yaml:"CustomURLBlacklists"`
}

BlacklistedStaticCfg is used to control the blacklisted analysis module

type BlacklistedTableCfg added in v1.0.0 

type BlacklistedTableCfg struct {
	BlacklistDatabase string
	SourceIPsTable    string
	DestIPsTable      string
	HostnamesTable    string
	UrlsTable         string
}

BlacklistedTableCfg is used to control the blacklisted analysis module

type BroStaticCfg added in v1.0.0 

type BroStaticCfg struct {
	ImportDirectory string `yaml:"ImportDirectory"`
	DBRoot          string `yaml:"DBRoot"`
	MetaDB          string `yaml:"MetaDB"`
	ImportBuffer    int    `yaml:"ImportBuffer"`
}

BroStaticCfg controls the file parser

type Config added in v1.0.0 

type Config struct {
	R RunningCfg
	S StaticCfg
	T TableCfg
}

Config holds the configuration for the running system

func GetConfig 

func GetConfig(userConfig string) (*Config, error)

GetConfig retrieves a configuration in order of precedence

type CrossrefStaticCfg added in v1.0.0 

type CrossrefStaticCfg struct {
	BeaconThreshold float64 `yaml:"BeaconThreshold"`
}

CrossrefStaticCfg is used to control the crossref analysis module

type CrossrefTableCfg added in v1.0.0 

type CrossrefTableCfg struct {
	SourceTable string
	DestTable   string
}

CrossrefTableCfg is used to control the crossref analysis module

type DNSTableCfg added in v1.0.0 

type DNSTableCfg struct {
	ExplodedDNSTable string
	HostnamesTable   string
}

DNSTableCfg is used to control the dns analysis module

type LogStaticCfg added in v1.0.0 

type LogStaticCfg struct {
	LogLevel    int    `yaml:"LogLevel"`
	RitaLogPath string `yaml:"RitaLogPath"`
	LogToFile   bool   `yaml:"LogToFile"`
	LogToDB     bool   `yaml:"LogToDB"`
}

LogStaticCfg contains the configuration for logging

type LogTableCfg added in v1.0.0 

type LogTableCfg struct {
	RitaLogTable string
}

LogTableCfg contains the configuration for logging

type MetaTableCfg added in v1.0.0 

type MetaTableCfg struct {
	FilesTable     string
	DatabasesTable string
}

MetaTableCfg contains the meta db collection names

type MongoDBRunningCfg added in v1.0.0 

type MongoDBRunningCfg struct {
	AuthMechanismParsed mgosec.AuthMechanism
	TLS                 struct {
		TLSConfig *tls.Config
	}
}

MongoDBRunningCfg holds parsed information for connecting to MongoDB

type MongoDBStaticCfg added in v1.0.0 

type MongoDBStaticCfg struct {
	ConnectionString string        `yaml:"ConnectionString"`
	AuthMechanism    string        `yaml:"AuthenticationMechanism"`
	SocketTimeout    time.Duration `yaml:"SocketTimeout"`
	TLS              TLSStaticCfg  `yaml:"TLS"`
}

MongoDBStaticCfg contains the means for connecting to MongoDB

type RunningCfg added in v1.0.0 

type RunningCfg struct {
	MongoDB MongoDBRunningCfg
	Version semver.Version
}

RunningCfg holds configuration options that are parsed at run time

type SafeBrowsingStaticCfg added in v1.0.0 

type SafeBrowsingStaticCfg struct {
	APIKey   string `yaml:"APIKey"`
	Database string `yaml:"Database"`
}

SafeBrowsingStaticCfg contains the details for contacting Google's safebrowsing api

type ScanningStaticCfg added in v1.0.0 

type ScanningStaticCfg struct {
	ScanThreshold int `yaml:"ScanThreshold"`
}

ScanningStaticCfg is used to control the scanning analysis module

type ScanningTableCfg added in v1.0.0 

type ScanningTableCfg struct {
	ScanTable string
}

ScanningTableCfg is used to control the scanning analysis module

type StaticCfg added in v1.0.0 

type StaticCfg struct {
	MongoDB      MongoDBStaticCfg     `yaml:"MongoDB"`
	Log          LogStaticCfg         `yaml:"LogConfig"`
	Blacklisted  BlacklistedStaticCfg `yaml:"BlackListed"`
	Crossref     CrossrefStaticCfg    `yaml:"Crossref"`
	Scanning     ScanningStaticCfg    `yaml:"Scanning"`
	Beacon       BeaconStaticCfg      `yaml:"Beacon"`
	Bro          BroStaticCfg         `yaml:"Bro"`
	Version      string
	ExactVersion string
}

StaticCfg is the container for other static config sections

type StructureTableCfg added in v1.0.0 

type StructureTableCfg struct {
	ConnTable       string
	HTTPTable       string
	DNSTable        string
	UniqueConnTable string
	HostTable       string
	IPv4Table       string
	IPv6Table       string
}

StructureTableCfg contains the names of the base level collections

type TLSStaticCfg added in v1.0.0 

type TLSStaticCfg struct {
	Enabled           bool   `yaml:"Enable"`
	VerifyCertificate bool   `yaml:"VerifyCertificate"`
	CAFile            string `yaml:"CAFile"`
}

TLSStaticCfg contains the means for connecting to MongoDB over TLS

type TableCfg added in v1.0.0 

type TableCfg struct {
	Log         LogTableCfg
	Blacklisted BlacklistedTableCfg
	DNS         DNSTableCfg
	Crossref    CrossrefTableCfg
	Scanning    ScanningTableCfg
	Structure   StructureTableCfg
	Beacon      BeaconTableCfg
	Urls        UrlsTableCfg
	UserAgent   UserAgentTableCfg
	Meta        MetaTableCfg
}

TableCfg is the container for other table config sections

type UrlsTableCfg added in v1.0.0 

type UrlsTableCfg struct {
	UrlsTable string
}

UrlsTableCfg is used to control the urls analysis module

type UserAgentTableCfg added in v1.0.0 

type UserAgentTableCfg struct {
	UserAgentTable string
}

UserAgentTableCfg is used to control the urls analysis module

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.