config

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 27, 2021 License: Apache-2.0 Imports: 43 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APIConfig 

type APIConfig struct {
	// Transport specifies the underlying transport protocol for the API HTTP server.
	Transport string `json:"api.transport" yaml:"api.transport"`
	// Timeout determines the timeout for the API server responses
	Timeout time.Duration `json:"api.timeout" yaml:"api.timeout"`
}

APIConfig contains API specific config options.

type Config 

type Config struct {
	// Kstream stores different configuration options for fine tuning kstream consumer/controller settings.
	Kstream KstreamConfig `json:"kstream" yaml:"kstream"`
	// Filament contains filament settings
	Filament FilamentConfig `json:"filament" yaml:"filament"`
	// PE contains the settings that influences the behaviour of the PE (Portable Executable) reader.
	PE pe.Config `json:"pe" yaml:"pe"`
	// Output stores the currently active output config
	Output outputs.Config
	// InitHandleSnapshot indicates whether initial handle snapshot is built
	InitHandleSnapshot bool `json:"init-handle-snapshot" yaml:"init-handle-snapshot"`
	DebugPrivilege     bool `json:"debug-privilege" yaml:"debug-privilege"`
	KcapFile           string

	// API stores global HTTP API preferences
	API APIConfig `json:"api" yaml:"api"`
	// Yara contains configuration that influences the behaviour of the Yara engine
	Yara yara.Config `json:"yara" yaml:"yara"`
	// Aggregator stores event aggregator configuration
	Aggregator aggregator.Config `json:"aggregator" yaml:"aggregator"`
	// Log contains log-specific configuration options
	Log log.Config `json:"logging" yaml:"logging"`

	// Transformers stores transformer configurations
	Transformers []transformers.Config
	// Alertsenders stores alert sender configurations
	Alertsenders []alertsender.Config
	// contains filtered or unexported fields
}

Config stores configuration options for fine tuning the behaviour of Fibratus.

func NewWithOpts 

func NewWithOpts(options ...Option) *Config

NewWithOpts builds a new configuration store from a variety of sources such as configuration files, environment variables or command line flags.

func (*Config) File 

func (c *Config) File() string

File returns the config file path.

func (Config) GetConfigFile 

func (c Config) GetConfigFile() string

GetConfigFile gets the path of the configuration file from Viper value.

func (*Config) Init 

func (c *Config) Init() error

Init setups the configuration state from Viper.

func (*Config) MustViperize 

func (c *Config) MustViperize(cmd *cobra.Command)

MustViperize adds the flag set to the Cobra command and binds them within the Viper flags.

func (*Config) Print 

func (c *Config) Print() string

Print returns the string with all the config options pretty-printed.

func (*Config) TryLoadFile 

func (c *Config) TryLoadFile(file string) error

TryLoadFile attempts to load the configuration file from specified path on the file system.

func (*Config) Validate 

func (c *Config) Validate() error

Validate ensures that all configuration options provided by user have the expected values. It returns a list of validation errors prefixed with the offending configuration property/flag.

type FilamentConfig 

type FilamentConfig struct {
	Name        string
	Path        string
	FlushPeriod time.Duration
}

FilamentConfig stores config parameters for tweaking the behaviour of the filament engine.

type KstreamConfig 

type KstreamConfig struct {
	// EnableThreadKevents indicates if thread kernel events are collected by the ETW provider.
	EnableThreadKevents bool `json:"enable-thread" yaml:"enable-thread"`
	// EnableRegistryKevents indicates if registry kernel events are collected by the ETW provider.
	EnableRegistryKevents bool `json:"enable-registry" yaml:"enable-registry"`
	// EnableNetKevents determines whether network (TCP/UDP) events are collected by the ETW provider.
	EnableNetKevents bool `json:"enable-net" yaml:"enable-net"`
	// EnableFileIOKevents indicates if file I/O kernel events are collected by the ETW provider.
	EnableFileIOKevents bool `json:"enable-fileio" yaml:"enable-fileio"`
	// EnableImageKevents indicates if image kernel events are collected by the ETW provider.
	EnableImageKevents bool `json:"enable-image" yaml:"enable-image"`
	// EnableHandleKevents indicates whether handle creation/disposal events are enabled.
	EnableHandleKevents bool `json:"enable-handle" yaml:"enable-handle"`
	// BufferSize represents the amount of memory allocated for each event tracing session buffer, in kilobytes.
	// The buffer size affects the rate at which buffers fill and must be flushed (small buffer size requires
	// less memory but it increases the rate at which buffers must be flushed).
	BufferSize uint32 `json:"buffer-size" yaml:"buffer-size"`
	// MinBuffers determines the minimum number of buffers allocated for the event tracing session's buffer pool.
	MinBuffers uint32 `json:"min-buffers" yaml:"min-buffers"`
	// MaxBuffers is the maximum number of buffers allocated for the event tracing session's buffer pool.
	MaxBuffers uint32 `json:"max-buffers" yaml:"max-buffers"`
	// FlushTimer specifies how often the trace buffers are forcibly flushed.
	FlushTimer time.Duration `json:"flush-interval" yaml:"flush-interval"`
	// BlacklistKevents are kernel event names that will be dropped from the kernel event stream.
	BlacklistKevents []string `json:"blacklist.events" yaml:"blacklist.events"`
	// BlacklistImages are process image names that will be rejected if they generate a kernel event.
	BlacklistImages []string `json:"blacklist.images" yaml:"blacklist.images"`
}

KstreamConfig stores different configuration options for fine tuning kstream consumer/controller settings.

type Option 

type Option func(*Options)

Option is the type alias for the config option.

func WithCapture 

func WithCapture() Option

WithCapture determines the capture command is executed.

func WithList 

func WithList() Option

WithList determines the list command is executed.

func WithReplay 

func WithReplay() Option

WithReplay determines the replay command is executed.

func WithRun 

func WithRun() Option

WithRun determines the main command is executed.

func WithStats 

func WithStats() Option

WithStats determines the stats command is executed.

type Options 

type Options struct {
	// contains filtered or unexported fields
}

Options determines which config flags are toggled depending on the command type.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.