Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
Server ServerConfig `yaml:"server"`
SOC SOCConfig `yaml:"soc"`
RBAC RBACConfig `yaml:"rbac"`
Webhooks []WebhookConfig `yaml:"webhooks"`
ThreatIntel ThreatIntelConfig `yaml:"threat_intel"`
Sovereign SovereignConfig `yaml:"sovereign"`
P2P P2PConfig `yaml:"p2p"`
Logging LoggingConfig `yaml:"logging"`
}
Config is the root configuration loaded from syntrex.yaml (§19.3, §21).
func (*Config) IsAirGapped ¶
IsAirGapped returns whether the deployment is fully air-gapped.
func (*Config) IsSovereign ¶
IsSovereign returns whether sovereign mode is active.
type FeedConfig ¶
type FeedConfig struct {
Name string `yaml:"name"`
URL string `yaml:"url"`
Format string `yaml:"format"` // stix, csv, json
Enabled bool `yaml:"enabled"`
}
FeedConfig is a single threat intel feed.
type KeyEntry ¶
type KeyEntry struct {
Key string `yaml:"key"`
Role string `yaml:"role"`
Name string `yaml:"name"`
}
KeyEntry is a pre-configured API key.
type LoggingConfig ¶
type LoggingConfig struct {
Level string `yaml:"level"` // debug, info, warn, error
Format string `yaml:"format"` // json, text
AccessLog bool `yaml:"access_log"`
AuditLog bool `yaml:"audit_log"`
OutputFile string `yaml:"output_file"`
}
LoggingConfig defines structured logging settings.
type P2PConfig ¶
type P2PConfig struct {
Enabled bool `yaml:"enabled"`
ListenAddr string `yaml:"listen_addr"`
Peers []PeerConfig `yaml:"peers"`
}
P2PConfig defines SOC mesh sync settings (§14).
type PeerConfig ¶
type PeerConfig struct {
ID string `yaml:"id"`
Name string `yaml:"name"`
Endpoint string `yaml:"endpoint"`
Trust string `yaml:"trust"` // full, partial, readonly
}
PeerConfig is a pre-configured P2P peer.
type RBACConfig ¶
RBACConfig defines API key authentication (§17).
type SOCConfig ¶
type SOCConfig struct {
DataDir string `yaml:"data_dir"`
MaxEventsPerHour int `yaml:"max_events_per_hour"`
ClusterEnabled bool `yaml:"cluster_enabled"`
ClusterEps float64 `yaml:"cluster_eps"`
ClusterMinPts int `yaml:"cluster_min_pts"`
KillChainEnabled bool `yaml:"kill_chain_enabled"`
SSEBufferSize int `yaml:"sse_buffer_size"`
}
SOCConfig defines SOC pipeline settings (§7).
type ServerConfig ¶
type ServerConfig struct {
Port int `yaml:"port"`
ReadTimeout time.Duration `yaml:"read_timeout"`
WriteTimeout time.Duration `yaml:"write_timeout"`
RateLimitPerMin int `yaml:"rate_limit_per_min"`
CORSAllowOrigins []string `yaml:"cors_allow_origins"`
}
ServerConfig defines HTTP server settings.
type SovereignConfig ¶
type SovereignConfig struct {
Enabled bool `yaml:"enabled"`
Mode string `yaml:"mode"` // airgap, restricted, open
DisableExternalAPI bool `yaml:"disable_external_api"`
DisableTelemetry bool `yaml:"disable_telemetry"`
LocalModelsOnly bool `yaml:"local_models_only"`
DataRetentionDays int `yaml:"data_retention_days"`
EncryptAtRest bool `yaml:"encrypt_at_rest"`
AuditAllRequests bool `yaml:"audit_all_requests"`
MaxPeers int `yaml:"max_peers"`
}
SovereignConfig implements §21 — air-gapped deployment mode.
type ThreatIntelConfig ¶
type ThreatIntelConfig struct {
Enabled bool `yaml:"enabled"`
RefreshInterval time.Duration `yaml:"refresh_interval"`
Feeds []FeedConfig `yaml:"feeds"`
}
ThreatIntelConfig defines IOC feed sources (§6).
Source Files
Click to show internal directories.
Click to hide internal directories.