elastic

package
v0.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2026 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ResourceTypeIndex               = "elastic.index"
	ResourceTypeDocument            = "elastic.document"
	ResourceTypeKibanaRule          = "elastic.kibana.rule"
	ResourceTypeKibanaSpace         = "elastic.kibana.space"
	ResourceTypeKibanaAlertSeverity = "elastic.kibana.alert.severity"
	ResourceTypeKibanaAlertStatus   = "elastic.kibana.alert.status"
	ResourceTypeCase                = "elastic.case"
	ResourceTypeCaseStatus          = "elastic.case.status"
	ResourceTypeCaseSeverity        = "elastic.case.severity"
	ResourceTypeCaseVersion         = "elastic.case.version"
)
View Source 
const KibanaConnectorName = "SuperPlane Alert"

KibanaConnectorName is the display name used for all Kibana webhook connectors created by SuperPlane. Used by triggers to locate the shared connector.

View Source 
const SigningHeaderName = "X-Superplane-Secret"

SigningHeaderName is the HTTP header Kibana will include on every webhook delivery to prove the request originates from the configured connector.

Variables

This section is empty.

Functions

This section is empty.

Types

type CaseResponse 

type CaseResponse struct {
	ID          string   `json:"id"`
	Title       string   `json:"title"`
	Description string   `json:"description"`
	Status      string   `json:"status"`
	Severity    string   `json:"severity"`
	Tags        []string `json:"tags"`
	Version     string   `json:"version"`
	CreatedAt   string   `json:"created_at"`
	UpdatedAt   string   `json:"updated_at"`
}

CaseResponse is the relevant subset of a Kibana case.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(httpCtx core.HTTPContext, ctx core.IntegrationContext) (*Client, error)

func (*Client) CreateCase 

func (c *Client) CreateCase(title, description, severity, owner string, tags []string) (*CaseResponse, error)

CreateCase creates a new case in Kibana. connector is always set to none. owner must be one of: "cases", "securitySolution", "observability".

func (*Client) CreateKibanaCaseQueryRule 

func (c *Client) CreateKibanaCaseQueryRule(connectorID, routeKey string) (*KibanaRule, error)

CreateKibanaCaseQueryRule creates a Kibana Elasticsearch query rule that signals SuperPlane whenever cases are updated in the current 1-minute window.

func (*Client) CreateKibanaConnector 

func (c *Client) CreateKibanaConnector(name, webhookURL, secret string) (*KibanaConnectorResponse, error)

CreateKibanaConnector creates a Kibana Webhook connector that POSTs to webhookURL and includes the signing secret as the X-Superplane-Secret header.

func (*Client) CreateKibanaQueryRule 

func (c *Client) CreateKibanaQueryRule(index, connectorID, routeKey string) (*KibanaRuleResponse, error)

CreateKibanaQueryRule creates a Kibana Elasticsearch query rule that fires connectorID whenever new documents appear in index within a 1-minute window.

func (*Client) DeleteKibanaConnector 

func (c *Client) DeleteKibanaConnector(connectorID string) error

DeleteKibanaConnector removes a Kibana connector by ID. A 404 response is treated as success: the connector is already gone.

func (*Client) DeleteKibanaRule 

func (c *Client) DeleteKibanaRule(ruleID string) error

DeleteKibanaRule removes a Kibana alerting rule by ID. A 404 response is treated as success: the rule is already gone.

func (*Client) EnsureKibanaRuleHasConnector 

func (c *Client) EnsureKibanaRuleHasConnector(ruleID, connectorID string) error

func (*Client) FindKibanaWebhookConnector 

func (c *Client) FindKibanaWebhookConnector(webhookURL string) (*KibanaConnectorResponse, error)

func (*Client) GetCase 

func (c *Client) GetCase(caseID string) (*CaseResponse, error)

GetCase retrieves a Kibana case by ID.

func (*Client) GetDocument 

func (c *Client) GetDocument(index, documentID string) (*GetDocumentResponse, error)

GetDocument retrieves a document by index and document ID.

func (*Client) GetKibanaRule 

func (c *Client) GetKibanaRule(ruleID string) (*KibanaRuleDetails, error)

func (*Client) GetKibanaRuleDefaultActionGroupID 

func (c *Client) GetKibanaRuleDefaultActionGroupID(ruleTypeID string) (string, error)

func (*Client) IndexDocument 

func (c *Client) IndexDocument(index, documentID string, doc map[string]any) (*IndexDocumentResponse, error)

IndexDocument writes doc to the given index. If documentID is non-empty the document is written at that ID (PUT, enabling idempotent writes); otherwise Elasticsearch generates an ID (POST).

func (*Client) ListCases 

func (c *Client) ListCases() ([]CaseResponse, error)

ListCases returns all cases sorted by updatedAt descending.

func (*Client) ListCasesUpdatedSince 

func (c *Client) ListCasesUpdatedSince(since string, statuses, severities, tags []string) ([]CaseResponse, error)

ListCasesUpdatedSince returns cases sorted by updatedAt descending, filtered to those updated strictly after the given ISO timestamp. Stops fetching pages once it encounters a case updated before or at the checkpoint.

func (*Client) ListDocuments 

func (c *Client) ListDocuments(index string) ([]SearchHit, error)

ListDocuments returns up to 100 documents from an index for use in resource pickers.

func (*Client) ListIndices 

func (c *Client) ListIndices() ([]IndexInfo, error)

ListIndices returns all user-facing indices from the cluster, excluding dot-prefixed system indices (e.g. .kibana, .security-*).

func (*Client) ListKibanaConnectors 

func (c *Client) ListKibanaConnectors() ([]KibanaConnectorResponse, error)

func (*Client) ListKibanaRules 

func (c *Client) ListKibanaRules() ([]KibanaRule, error)

ListKibanaRules returns all alerting rules from Kibana, paginating as needed.

func (*Client) ListKibanaSpaces 

func (c *Client) ListKibanaSpaces() ([]KibanaSpace, error)

ListKibanaSpaces returns all spaces from Kibana.

func (*Client) RemoveKibanaRuleConnector 

func (c *Client) RemoveKibanaRuleConnector(ruleID, connectorID string) error

func (*Client) SearchDocumentsAfter 

func (c *Client) SearchDocumentsAfter(index, afterTimestamp string, size int) ([]SearchHit, error)

SearchDocumentsAfter queries an index for documents where @timestamp is strictly greater than afterTimestamp, sorted ascending.

func (*Client) UpdateCase 

func (c *Client) UpdateCase(caseID, version string, updates map[string]any) (*CaseResponse, error)

UpdateCase applies a partial update to an existing Kibana case. updates is a map of fields to change; id and version are always included. version is required by Kibana for optimistic concurrency.

func (*Client) UpdateDocument 

func (c *Client) UpdateDocument(index, documentID string, fields map[string]any) (*IndexDocumentResponse, error)

UpdateDocument applies a partial update to an existing document. Uses POST /{index}/_update/{id} with body {"doc": fields}. Reuses IndexDocumentResponse since the response shape is identical.

func (*Client) ValidateCredentials 

func (c *Client) ValidateCredentials() error

ValidateCredentials checks that the configured URL and credentials are valid by performing a GET / against the cluster info endpoint.

func (*Client) ValidateKibana 

func (c *Client) ValidateKibana() error

ValidateKibana checks that the Kibana URL is reachable and that the credentials have permission to manage connectors (required for webhook setup).

type Configuration 

type Configuration struct {
	URL       string `json:"url"`
	KibanaURL string `json:"kibanaUrl"`
	AuthType  string `json:"authType"`
	APIKey    string `json:"apiKey"`
	Username  string `json:"username"`
	Password  string `json:"password"`
}

type CreateCase 

type CreateCase struct{}

func (*CreateCase) Actions 

func (c *CreateCase) Actions() []core.Action

func (*CreateCase) Cancel 

func (c *CreateCase) Cancel(_ core.ExecutionContext) error

func (*CreateCase) Cleanup 

func (c *CreateCase) Cleanup(_ core.SetupContext) error

func (*CreateCase) Color 

func (c *CreateCase) Color() string

func (*CreateCase) Configuration 

func (c *CreateCase) Configuration() []configuration.Field

func (*CreateCase) Description 

func (c *CreateCase) Description() string

func (*CreateCase) Documentation 

func (c *CreateCase) Documentation() string

func (*CreateCase) ExampleOutput 

func (c *CreateCase) ExampleOutput() map[string]any

func (*CreateCase) Execute 

func (c *CreateCase) Execute(ctx core.ExecutionContext) error

func (*CreateCase) HandleAction 

func (c *CreateCase) HandleAction(_ core.ActionContext) error

func (*CreateCase) HandleWebhook 

func (c *CreateCase) HandleWebhook(_ core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*CreateCase) Icon 

func (c *CreateCase) Icon() string

func (*CreateCase) Label 

func (c *CreateCase) Label() string

func (*CreateCase) Name 

func (c *CreateCase) Name() string

func (*CreateCase) OutputChannels 

func (c *CreateCase) OutputChannels(_ any) []core.OutputChannel

func (*CreateCase) ProcessQueueItem 

func (c *CreateCase) ProcessQueueItem(ctx core.ProcessQueueContext) (*uuid.UUID, error)

func (*CreateCase) Setup 

func (c *CreateCase) Setup(ctx core.SetupContext) error

type CreateCaseConfiguration 

type CreateCaseConfiguration struct {
	Title       string   `json:"title" mapstructure:"title"`
	Description string   `json:"description" mapstructure:"description"`
	Severity    string   `json:"severity" mapstructure:"severity"`
	Owner       string   `json:"owner" mapstructure:"owner"`
	Tags        []string `json:"tags" mapstructure:"tags"`
}

type Elastic 

type Elastic struct{}

func (*Elastic) Actions 

func (e *Elastic) Actions() []core.Action

func (*Elastic) Cleanup 

func (e *Elastic) Cleanup(_ core.IntegrationCleanupContext) error

func (*Elastic) Components 

func (e *Elastic) Components() []core.Component

func (*Elastic) Configuration 

func (e *Elastic) Configuration() []configuration.Field

func (*Elastic) Description 

func (e *Elastic) Description() string

func (*Elastic) HandleAction 

func (e *Elastic) HandleAction(_ core.IntegrationActionContext) error

func (*Elastic) HandleRequest 

func (e *Elastic) HandleRequest(_ core.HTTPRequestContext)

func (*Elastic) Icon 

func (e *Elastic) Icon() string

func (*Elastic) Instructions 

func (e *Elastic) Instructions() string

func (*Elastic) Label 

func (e *Elastic) Label() string

func (*Elastic) ListResources 

func (e *Elastic) ListResources(resourceType string, ctx core.ListResourcesContext) ([]core.IntegrationResource, error)

func (*Elastic) Name 

func (e *Elastic) Name() string

func (*Elastic) Sync 

func (e *Elastic) Sync(ctx core.SyncContext) error

func (*Elastic) Triggers 

func (e *Elastic) Triggers() []core.Trigger

type ElasticWebhookHandler 

type ElasticWebhookHandler struct{}

ElasticWebhookHandler automatically creates and tears down Kibana Webhook connectors when the OnAlertFires trigger is set up or removed.

func (*ElasticWebhookHandler) Cleanup 

func (h *ElasticWebhookHandler) Cleanup(ctx core.WebhookHandlerContext) error

func (*ElasticWebhookHandler) CompareConfig 

func (h *ElasticWebhookHandler) CompareConfig(a, b any) (bool, error)

func (*ElasticWebhookHandler) Merge 

func (h *ElasticWebhookHandler) Merge(current, requested any) (any, bool, error)

func (*ElasticWebhookHandler) Setup 

func (h *ElasticWebhookHandler) Setup(ctx core.WebhookHandlerContext) (any, error)

type GetCase 

type GetCase struct{}

func (*GetCase) Actions 

func (c *GetCase) Actions() []core.Action

func (*GetCase) Cancel 

func (c *GetCase) Cancel(_ core.ExecutionContext) error

func (*GetCase) Cleanup 

func (c *GetCase) Cleanup(_ core.SetupContext) error

func (*GetCase) Color 

func (c *GetCase) Color() string

func (*GetCase) Configuration 

func (c *GetCase) Configuration() []configuration.Field

func (*GetCase) Description 

func (c *GetCase) Description() string

func (*GetCase) Documentation 

func (c *GetCase) Documentation() string

func (*GetCase) ExampleOutput 

func (c *GetCase) ExampleOutput() map[string]any

func (*GetCase) Execute 

func (c *GetCase) Execute(ctx core.ExecutionContext) error

func (*GetCase) HandleAction 

func (c *GetCase) HandleAction(_ core.ActionContext) error

func (*GetCase) HandleWebhook 

func (c *GetCase) HandleWebhook(_ core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*GetCase) Icon 

func (c *GetCase) Icon() string

func (*GetCase) Label 

func (c *GetCase) Label() string

func (*GetCase) Name 

func (c *GetCase) Name() string

func (*GetCase) OutputChannels 

func (c *GetCase) OutputChannels(_ any) []core.OutputChannel

func (*GetCase) ProcessQueueItem 

func (c *GetCase) ProcessQueueItem(ctx core.ProcessQueueContext) (*uuid.UUID, error)

func (*GetCase) Setup 

func (c *GetCase) Setup(ctx core.SetupContext) error

type GetCaseConfiguration 

type GetCaseConfiguration struct {
	CaseID string `json:"caseId" mapstructure:"caseId"`
}

type GetCaseNodeMetadata 

type GetCaseNodeMetadata struct {
	CaseName string `json:"caseName,omitempty" mapstructure:"caseName"`
}

type GetDocument 

type GetDocument struct{}

func (*GetDocument) Actions 

func (c *GetDocument) Actions() []core.Action

func (*GetDocument) Cancel 

func (c *GetDocument) Cancel(_ core.ExecutionContext) error

func (*GetDocument) Cleanup 

func (c *GetDocument) Cleanup(_ core.SetupContext) error

func (*GetDocument) Color 

func (c *GetDocument) Color() string

func (*GetDocument) Configuration 

func (c *GetDocument) Configuration() []configuration.Field

func (*GetDocument) Description 

func (c *GetDocument) Description() string

func (*GetDocument) Documentation 

func (c *GetDocument) Documentation() string

func (*GetDocument) ExampleOutput 

func (c *GetDocument) ExampleOutput() map[string]any

func (*GetDocument) Execute 

func (c *GetDocument) Execute(ctx core.ExecutionContext) error

func (*GetDocument) HandleAction 

func (c *GetDocument) HandleAction(_ core.ActionContext) error

func (*GetDocument) HandleWebhook 

func (c *GetDocument) HandleWebhook(_ core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*GetDocument) Icon 

func (c *GetDocument) Icon() string

func (*GetDocument) Label 

func (c *GetDocument) Label() string

func (*GetDocument) Name 

func (c *GetDocument) Name() string

func (*GetDocument) OutputChannels 

func (c *GetDocument) OutputChannels(_ any) []core.OutputChannel

func (*GetDocument) ProcessQueueItem 

func (c *GetDocument) ProcessQueueItem(ctx core.ProcessQueueContext) (*uuid.UUID, error)

func (*GetDocument) Setup 

func (c *GetDocument) Setup(ctx core.SetupContext) error

type GetDocumentConfiguration 

type GetDocumentConfiguration struct {
	Index    string `json:"index" mapstructure:"index"`
	Document string `json:"document" mapstructure:"document"`
}

type GetDocumentResponse 

type GetDocumentResponse struct {
	ID      string         `json:"_id"`
	Index   string         `json:"_index"`
	Version int            `json:"_version"`
	Found   bool           `json:"found"`
	Source  map[string]any `json:"_source"`
}

GetDocumentResponse is returned by GET /{index}/_doc/{id}.

type GetDocumentSetupMetadata 

type GetDocumentSetupMetadata struct {
	Index    string `json:"index" mapstructure:"index"`
	Document string `json:"document" mapstructure:"document"`
}

type IndexDocument 

type IndexDocument struct{}

func (*IndexDocument) Actions 

func (c *IndexDocument) Actions() []core.Action

func (*IndexDocument) Cancel 

func (c *IndexDocument) Cancel(_ core.ExecutionContext) error

func (*IndexDocument) Cleanup 

func (c *IndexDocument) Cleanup(_ core.SetupContext) error

func (*IndexDocument) Color 

func (c *IndexDocument) Color() string

func (*IndexDocument) Configuration 

func (c *IndexDocument) Configuration() []configuration.Field

func (*IndexDocument) Description 

func (c *IndexDocument) Description() string

func (*IndexDocument) Documentation 

func (c *IndexDocument) Documentation() string

func (*IndexDocument) ExampleOutput 

func (c *IndexDocument) ExampleOutput() map[string]any

func (*IndexDocument) Execute 

func (c *IndexDocument) Execute(ctx core.ExecutionContext) error

func (*IndexDocument) HandleAction 

func (c *IndexDocument) HandleAction(_ core.ActionContext) error

func (*IndexDocument) HandleWebhook 

func (c *IndexDocument) HandleWebhook(_ core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*IndexDocument) Icon 

func (c *IndexDocument) Icon() string

func (*IndexDocument) Label 

func (c *IndexDocument) Label() string

func (*IndexDocument) Name 

func (c *IndexDocument) Name() string

func (*IndexDocument) OutputChannels 

func (c *IndexDocument) OutputChannels(_ any) []core.OutputChannel

func (*IndexDocument) ProcessQueueItem 

func (c *IndexDocument) ProcessQueueItem(ctx core.ProcessQueueContext) (*uuid.UUID, error)

func (*IndexDocument) Setup 

func (c *IndexDocument) Setup(ctx core.SetupContext) error

type IndexDocumentConfiguration 

type IndexDocumentConfiguration struct {
	Index      string         `json:"index" mapstructure:"index"`
	Document   map[string]any `json:"document" mapstructure:"document"`
	DocumentID string         `json:"documentId" mapstructure:"documentId"`
}

type IndexDocumentResponse 

type IndexDocumentResponse struct {
	ID      string `json:"_id"`
	Index   string `json:"_index"`
	Result  string `json:"result"`
	Version int    `json:"_version"`
	Shards  struct {
		Successful int `json:"successful"`
		Failed     int `json:"failed"`
	} `json:"_shards"`
}

IndexDocumentResponse represents the Elasticsearch index/create response.

type IndexDocumentSetupMetadata 

type IndexDocumentSetupMetadata struct {
	Index string `json:"index" mapstructure:"index"`
}

type IndexInfo 

type IndexInfo struct {
	Index string `json:"index"`
}

IndexInfo holds the minimal fields returned by GET /_cat/indices.

type KibanaAPIError 

type KibanaAPIError struct {
	StatusCode int
	Body       string
}

KibanaAPIError is returned by execKibanaRequest for non-2xx responses so callers can check the status code (e.g. treat 404 as a no-op on delete).

func (*KibanaAPIError) Error 

func (e *KibanaAPIError) Error() string

type KibanaConnectorResponse 

type KibanaConnectorResponse struct {
	ID                string `json:"id"`
	Name              string `json:"name"`
	ConnectorTypeID   string `json:"connector_type_id"`
	ReferencedByCount int    `json:"referenced_by_count"`
	Config            struct {
		URL     string            `json:"url"`
		Method  string            `json:"method"`
		Headers map[string]string `json:"headers"`
	} `json:"config"`
}

KibanaConnectorResponse is the relevant subset of the Kibana connector API response.

type KibanaRule 

type KibanaRule struct {
	ID   string `json:"id"`
	Name string `json:"name"`
}

KibanaRule is the relevant subset of a Kibana alerting rule.

type KibanaRuleAction 

type KibanaRuleAction struct {
	ID                      string                     `json:"id"`
	Group                   string                     `json:"group"`
	Params                  map[string]any             `json:"params"`
	Frequency               *KibanaRuleActionFrequency `json:"frequency,omitempty"`
	UseAlertDataForTemplate bool                       `json:"use_alert_data_for_template,omitempty"`
	UUID                    string                     `json:"uuid,omitempty"`
	AlertsFilter            map[string]any             `json:"alerts_filter,omitempty"`
}

type KibanaRuleActionFrequency 

type KibanaRuleActionFrequency struct {
	NotifyWhen string  `json:"notify_when,omitempty"`
	Summary    bool    `json:"summary"`
	Throttle   *string `json:"throttle"`
}

type KibanaRuleAlertDelay 

type KibanaRuleAlertDelay struct {
	Active int `json:"active"`
}

type KibanaRuleDetails 

type KibanaRuleDetails struct {
	ID         string                `json:"id"`
	Name       string                `json:"name"`
	Consumer   string                `json:"consumer"`
	Params     map[string]any        `json:"params"`
	RuleTypeID string                `json:"rule_type_id"`
	Schedule   KibanaRuleSchedule    `json:"schedule"`
	Tags       []string              `json:"tags"`
	Actions    []KibanaRuleAction    `json:"actions"`
	AlertDelay *KibanaRuleAlertDelay `json:"alert_delay,omitempty"`
}

type KibanaRuleFlapping 

type KibanaRuleFlapping struct {
	LookBackWindow        int `json:"look_back_window"`
	StatusChangeThreshold int `json:"status_change_threshold"`
}

type KibanaRuleResponse 

type KibanaRuleResponse struct {
	ID   string `json:"id"`
	Name string `json:"name"`
}

KibanaRuleResponse is the relevant subset of the Kibana alerting rule API response.

type KibanaRuleSchedule 

type KibanaRuleSchedule struct {
	Interval string `json:"interval"`
}

type KibanaRuleType 

type KibanaRuleType struct {
	ID                   string `json:"id"`
	DefaultActionGroupID string `json:"default_action_group_id"`
}

type KibanaSpace 

type KibanaSpace struct {
	ID   string `json:"id"`
	Name string `json:"name"`
}

KibanaSpace is the relevant subset of a Kibana space.

type OnAlertFires 

type OnAlertFires struct{}

func (*OnAlertFires) Actions 

func (t *OnAlertFires) Actions() []core.Action

func (*OnAlertFires) Cleanup 

func (t *OnAlertFires) Cleanup(_ core.TriggerContext) error

func (*OnAlertFires) Color 

func (t *OnAlertFires) Color() string

func (*OnAlertFires) Configuration 

func (t *OnAlertFires) Configuration() []configuration.Field

func (*OnAlertFires) Description 

func (t *OnAlertFires) Description() string

func (*OnAlertFires) Documentation 

func (t *OnAlertFires) Documentation() string

func (*OnAlertFires) ExampleData 

func (t *OnAlertFires) ExampleData() map[string]any

func (*OnAlertFires) HandleAction 

func (t *OnAlertFires) HandleAction(_ core.TriggerActionContext) (map[string]any, error)

func (*OnAlertFires) HandleWebhook 

func (t *OnAlertFires) HandleWebhook(ctx core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*OnAlertFires) Icon 

func (t *OnAlertFires) Icon() string

func (*OnAlertFires) Label 

func (t *OnAlertFires) Label() string

func (*OnAlertFires) Name 

func (t *OnAlertFires) Name() string

func (*OnAlertFires) Setup 

func (t *OnAlertFires) Setup(ctx core.TriggerContext) error

type OnAlertFiresConfiguration 

type OnAlertFiresConfiguration struct {
	Rule       string                    `json:"rule" mapstructure:"rule"`
	Spaces     []string                  `json:"spaces" mapstructure:"spaces"`
	Tags       []configuration.Predicate `json:"tags" mapstructure:"tags"`
	Severities []string                  `json:"severities" mapstructure:"severities"`
	Statuses   []string                  `json:"statuses" mapstructure:"statuses"`
}

type OnAlertFiresMetadata 

type OnAlertFiresMetadata struct {
	RuleID   string   `json:"ruleId" mapstructure:"ruleId"`
	RuleName string   `json:"ruleName" mapstructure:"ruleName"`
	Spaces   []string `json:"spaces" mapstructure:"spaces"`
}

type OnCaseStatusChange 

type OnCaseStatusChange struct{}

func (*OnCaseStatusChange) Actions 

func (t *OnCaseStatusChange) Actions() []core.Action

func (*OnCaseStatusChange) Cleanup 

func (t *OnCaseStatusChange) Cleanup(ctx core.TriggerContext) error

func (*OnCaseStatusChange) Color 

func (t *OnCaseStatusChange) Color() string

func (*OnCaseStatusChange) Configuration 

func (t *OnCaseStatusChange) Configuration() []configuration.Field

func (*OnCaseStatusChange) Description 

func (t *OnCaseStatusChange) Description() string

func (*OnCaseStatusChange) Documentation 

func (t *OnCaseStatusChange) Documentation() string

func (*OnCaseStatusChange) ExampleData 

func (t *OnCaseStatusChange) ExampleData() map[string]any

func (*OnCaseStatusChange) HandleAction 

func (t *OnCaseStatusChange) HandleAction(ctx core.TriggerActionContext) (map[string]any, error)

func (*OnCaseStatusChange) HandleWebhook 

func (t *OnCaseStatusChange) HandleWebhook(ctx core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*OnCaseStatusChange) Icon 

func (t *OnCaseStatusChange) Icon() string

func (*OnCaseStatusChange) Label 

func (t *OnCaseStatusChange) Label() string

func (*OnCaseStatusChange) Name 

func (t *OnCaseStatusChange) Name() string

func (*OnCaseStatusChange) Setup 

func (t *OnCaseStatusChange) Setup(ctx core.TriggerContext) error

type OnCaseStatusChangeConfiguration 

type OnCaseStatusChangeConfiguration struct {
	Cases      []string                  `json:"cases" mapstructure:"cases"`
	Statuses   []string                  `json:"statuses" mapstructure:"statuses"`
	Severities []string                  `json:"severities" mapstructure:"severities"`
	Tags       []configuration.Predicate `json:"tags" mapstructure:"tags"`
}

type OnCaseStatusChangeMetadata 

type OnCaseStatusChangeMetadata struct {
	LastPollTime string            `json:"lastPollTime,omitempty" mapstructure:"lastPollTime"`
	CaseNames    map[string]string `json:"caseNames,omitempty" mapstructure:"caseNames"`
	CaseStatuses map[string]string `json:"caseStatuses,omitempty" mapstructure:"caseStatuses"`
	RouteKey     string            `json:"routeKey,omitempty" mapstructure:"routeKey"`
	RuleID       string            `json:"ruleId,omitempty" mapstructure:"ruleId"`
}

type OnDocumentIndexed 

type OnDocumentIndexed struct{}

func (*OnDocumentIndexed) Actions 

func (t *OnDocumentIndexed) Actions() []core.Action

func (*OnDocumentIndexed) Cleanup 

func (t *OnDocumentIndexed) Cleanup(ctx core.TriggerContext) error

func (*OnDocumentIndexed) Color 

func (t *OnDocumentIndexed) Color() string

func (*OnDocumentIndexed) Configuration 

func (t *OnDocumentIndexed) Configuration() []configuration.Field

func (*OnDocumentIndexed) Description 

func (t *OnDocumentIndexed) Description() string

func (*OnDocumentIndexed) Documentation 

func (t *OnDocumentIndexed) Documentation() string

func (*OnDocumentIndexed) ExampleData 

func (t *OnDocumentIndexed) ExampleData() map[string]any

func (*OnDocumentIndexed) HandleAction 

func (t *OnDocumentIndexed) HandleAction(ctx core.TriggerActionContext) (map[string]any, error)

func (*OnDocumentIndexed) HandleWebhook 

func (t *OnDocumentIndexed) HandleWebhook(ctx core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*OnDocumentIndexed) Icon 

func (t *OnDocumentIndexed) Icon() string

func (*OnDocumentIndexed) Label 

func (t *OnDocumentIndexed) Label() string

func (*OnDocumentIndexed) Name 

func (t *OnDocumentIndexed) Name() string

func (*OnDocumentIndexed) Setup 

func (t *OnDocumentIndexed) Setup(ctx core.TriggerContext) error

type OnDocumentIndexedConfiguration 

type OnDocumentIndexedConfiguration struct {
	Index string `json:"index" mapstructure:"index"`
}

type OnDocumentIndexedMetadata 

type OnDocumentIndexedMetadata struct {
	LastTimestamp string `json:"lastTimestamp,omitempty" mapstructure:"lastTimestamp"`
	RouteKey      string `json:"routeKey,omitempty" mapstructure:"routeKey"`
	RuleID        string `json:"ruleId,omitempty" mapstructure:"ruleId"`
	Index         string `json:"index,omitempty" mapstructure:"index"`
}

type SearchHit 

type SearchHit struct {
	ID     string         `json:"_id"`
	Index  string         `json:"_index"`
	Source map[string]any `json:"_source"`
}

SearchHit represents a single document result from an Elasticsearch search.

func (*SearchHit) TimestampValue 

func (h *SearchHit) TimestampValue() string

TimestampValue extracts the @timestamp value from the source as a string. Returns "" if the field is absent or not a string.

type UpdateCase 

type UpdateCase struct{}

func (*UpdateCase) Actions 

func (c *UpdateCase) Actions() []core.Action

func (*UpdateCase) Cancel 

func (c *UpdateCase) Cancel(_ core.ExecutionContext) error

func (*UpdateCase) Cleanup 

func (c *UpdateCase) Cleanup(_ core.SetupContext) error

func (*UpdateCase) Color 

func (c *UpdateCase) Color() string

func (*UpdateCase) Configuration 

func (c *UpdateCase) Configuration() []configuration.Field

func (*UpdateCase) Description 

func (c *UpdateCase) Description() string

func (*UpdateCase) Documentation 

func (c *UpdateCase) Documentation() string

func (*UpdateCase) ExampleOutput 

func (c *UpdateCase) ExampleOutput() map[string]any

func (*UpdateCase) Execute 

func (c *UpdateCase) Execute(ctx core.ExecutionContext) error

func (*UpdateCase) HandleAction 

func (c *UpdateCase) HandleAction(_ core.ActionContext) error

func (*UpdateCase) HandleWebhook 

func (c *UpdateCase) HandleWebhook(_ core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*UpdateCase) Icon 

func (c *UpdateCase) Icon() string

func (*UpdateCase) Label 

func (c *UpdateCase) Label() string

func (*UpdateCase) Name 

func (c *UpdateCase) Name() string

func (*UpdateCase) OutputChannels 

func (c *UpdateCase) OutputChannels(_ any) []core.OutputChannel

func (*UpdateCase) ProcessQueueItem 

func (c *UpdateCase) ProcessQueueItem(ctx core.ProcessQueueContext) (*uuid.UUID, error)

func (*UpdateCase) Setup 

func (c *UpdateCase) Setup(ctx core.SetupContext) error

type UpdateCaseConfiguration 

type UpdateCaseConfiguration struct {
	CaseID      string   `json:"case" mapstructure:"case"`
	Title       string   `json:"title" mapstructure:"title"`
	Description string   `json:"description" mapstructure:"description"`
	Status      string   `json:"status" mapstructure:"status"`
	Severity    string   `json:"severity" mapstructure:"severity"`
	Tags        []string `json:"tags" mapstructure:"tags"`
}

type UpdateCaseNodeMetadata 

type UpdateCaseNodeMetadata struct {
	CaseName string `json:"caseName,omitempty" mapstructure:"caseName"`
}

type UpdateDocument 

type UpdateDocument struct{}

func (*UpdateDocument) Actions 

func (c *UpdateDocument) Actions() []core.Action

func (*UpdateDocument) Cancel 

func (c *UpdateDocument) Cancel(_ core.ExecutionContext) error

func (*UpdateDocument) Cleanup 

func (c *UpdateDocument) Cleanup(_ core.SetupContext) error

func (*UpdateDocument) Color 

func (c *UpdateDocument) Color() string

func (*UpdateDocument) Configuration 

func (c *UpdateDocument) Configuration() []configuration.Field

func (*UpdateDocument) Description 

func (c *UpdateDocument) Description() string

func (*UpdateDocument) Documentation 

func (c *UpdateDocument) Documentation() string

func (*UpdateDocument) ExampleOutput 

func (c *UpdateDocument) ExampleOutput() map[string]any

func (*UpdateDocument) Execute 

func (c *UpdateDocument) Execute(ctx core.ExecutionContext) error

func (*UpdateDocument) HandleAction 

func (c *UpdateDocument) HandleAction(_ core.ActionContext) error

func (*UpdateDocument) HandleWebhook 

func (c *UpdateDocument) HandleWebhook(_ core.WebhookRequestContext) (int, *core.WebhookResponseBody, error)

func (*UpdateDocument) Icon 

func (c *UpdateDocument) Icon() string

func (*UpdateDocument) Label 

func (c *UpdateDocument) Label() string

func (*UpdateDocument) Name 

func (c *UpdateDocument) Name() string

func (*UpdateDocument) OutputChannels 

func (c *UpdateDocument) OutputChannels(_ any) []core.OutputChannel

func (*UpdateDocument) ProcessQueueItem 

func (c *UpdateDocument) ProcessQueueItem(ctx core.ProcessQueueContext) (*uuid.UUID, error)

func (*UpdateDocument) Setup 

func (c *UpdateDocument) Setup(ctx core.SetupContext) error

type UpdateDocumentConfiguration 

type UpdateDocumentConfiguration struct {
	Index    string         `json:"index" mapstructure:"index"`
	Document string         `json:"document" mapstructure:"document"`
	Fields   map[string]any `json:"fields" mapstructure:"fields"`
}

type UpdateDocumentSetupMetadata 

type UpdateDocumentSetupMetadata struct {
	Index    string `json:"index" mapstructure:"index"`
	Document string `json:"document" mapstructure:"document"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.