plugins

package
v1.0.47 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 25, 2025 License: MIT Imports: 33 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Engine_Input_FullMethodName  = "/plugins.Engine/Input"
	Engine_Notify_FullMethodName = "/plugins.Engine/Notify"
)
View Source 
const (
	Output_EventOutput_FullMethodName = "/plugins.Output/EventOutput"
	Output_AlertOutput_FullMethodName = "/plugins.Output/AlertOutput"
)
View Source 
const (
	Analysis_Analyze_FullMethodName = "/plugins.Analysis/Analyze"
)
View Source 
const (
	Correlation_Correlate_FullMethodName = "/plugins.Correlation/Correlate"
)
View Source 
const (
	Integration_ProcessLog_FullMethodName = "/plugins.Integration/ProcessLog"
)
View Source 
const (
	Notification_Notify_FullMethodName = "/plugins.Notification/Notify"
)
View Source 
const NullValue_NULL_VALUE = structpb.NullValue_NULL_VALUE
View Source 
const (
	Parsing_ParseLog_FullMethodName = "/plugins.Parsing/ParseLog"
)
View Source 
const WorkDir string = "/workdir"

Variables

View Source 
var Analysis_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "plugins.Analysis",
	HandlerType: (*AnalysisServer)(nil),
	Methods:     []grpc.MethodDesc{},
	Streams: []grpc.StreamDesc{
		{
			StreamName:    "Analyze",
			Handler:       _Analysis_Analyze_Handler,
			ServerStreams: true,
		},
	},
	Metadata: "plugins.proto",
}

Analysis_ServiceDesc is the grpc.ServiceDesc for Analysis service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var Correlation_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "plugins.Correlation",
	HandlerType: (*CorrelationServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "Correlate",
			Handler:    _Correlation_Correlate_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "plugins.proto",
}

Correlation_ServiceDesc is the grpc.ServiceDesc for Correlation service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var Engine_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "plugins.Engine",
	HandlerType: (*EngineServer)(nil),
	Methods:     []grpc.MethodDesc{},
	Streams: []grpc.StreamDesc{
		{
			StreamName:    "Input",
			Handler:       _Engine_Input_Handler,
			ServerStreams: true,
			ClientStreams: true,
		},
		{
			StreamName:    "Notify",
			Handler:       _Engine_Notify_Handler,
			ServerStreams: true,
			ClientStreams: true,
		},
	},
	Metadata: "plugins.proto",
}

Engine_ServiceDesc is the grpc.ServiceDesc for Engine service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var File_plugins_proto protoreflect.FileDescriptor
View Source 
var Integration_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "plugins.Integration",
	HandlerType: (*IntegrationServer)(nil),
	Methods:     []grpc.MethodDesc{},
	Streams: []grpc.StreamDesc{
		{
			StreamName:    "ProcessLog",
			Handler:       _Integration_ProcessLog_Handler,
			ServerStreams: true,
			ClientStreams: true,
		},
	},
	Metadata: "plugins.proto",
}

Integration_ServiceDesc is the grpc.ServiceDesc for Integration service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var Notification_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "plugins.Notification",
	HandlerType: (*NotificationServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "Notify",
			Handler:    _Notification_Notify_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "plugins.proto",
}

Notification_ServiceDesc is the grpc.ServiceDesc for Notification service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var NullValue_name = structpb.NullValue_name
View Source 
var NullValue_value = structpb.NullValue_value
View Source 
var Output_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "plugins.Output",
	HandlerType: (*OutputServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "EventOutput",
			Handler:    _Output_EventOutput_Handler,
		},
		{
			MethodName: "AlertOutput",
			Handler:    _Output_AlertOutput_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "plugins.proto",
}

Output_ServiceDesc is the grpc.ServiceDesc for Output service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var Parsing_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "plugins.Parsing",
	HandlerType: (*ParsingServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "ParseLog",
			Handler:    _Parsing_ParseLog_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "plugins.proto",
}

Parsing_ServiceDesc is the grpc.ServiceDesc for Parsing service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions

func AcquireLock added in v1.0.22 

func AcquireLock() (bool, error)

AcquireLock tries to acquire the lock file to prevent race conditions when loading or modifying configurations. It returns true if the lock was acquired successfully, false otherwise.

func EnqueueLog added in v1.0.2 

func EnqueueLog(log *Log) error

EnqueueLog sends a log to the local logs queue. Parameters:

  • log: The log to enqueue

func EnqueueNotification added in v1.0.0 

func EnqueueNotification[T any](topic Topic, message T) error

EnqueueNotification sends a notification message to a specified topic. It marshals the NotificationMessage into JSON format and sends it to the notification channel.

Parameters:

  • topic: The topic to which the notification message will be sent.
  • message: The notification message to be sent. Must be a JSON serializable object.

Returns:

  • error: Returns an error if the message marshaling fails, otherwise returns nil.

func Evaluate added in v1.0.42 

func Evaluate(data *string, expression string, envOption ...cel.EnvOption) (bool, error)

Evaluate evaluates a CEL expression against the given data and returns the boolean result if successful. Returns true/false or an error in case of failure during evaluation or invalid output type.

func GetOrderedSockets added in v1.0.33 

func GetOrderedSockets(t SocketType) []string

func GetParsingSockets added in v1.0.33 

func GetParsingSockets() map[string]string

func GetPluginName added in v1.0.33 

func GetPluginName(fullPath string, sep string) string

func PluginCfg added in v1.0.0 

func PluginCfg(pluginName string, wait bool) gjson.Result

PluginCfg retrieves the configuration for a specified plugin by name and unmarshal it into the provided type. The function returns a pointer to the configuration of the specified type and a pointer to an error if any error occurs.

Parameters: 

pluginName: The name of the plugin whose configuration is to be retrieved.
wait: A boolean value that determines whether the function should wait for the configuration to be available.

Returns: 

gjson.Result: An object containing the configuration of the specified plugin.

func RandomDuration added in v1.0.23 

func RandomDuration(min, max int) time.Duration

RandomDuration returns a random time.Duration between min and max seconds. It panics if max <= 0.

func RegisterAnalysisServer added in v0.2.5 

func RegisterAnalysisServer(s grpc.ServiceRegistrar, srv AnalysisServer)

func RegisterCorrelationServer added in v0.2.5 

func RegisterCorrelationServer(s grpc.ServiceRegistrar, srv CorrelationServer)

func RegisterEngineServer added in v0.2.5 

func RegisterEngineServer(s grpc.ServiceRegistrar, srv EngineServer)

func RegisterIntegrationServer added in v0.2.3 

func RegisterIntegrationServer(s grpc.ServiceRegistrar, srv IntegrationServer)

func RegisterNotificationServer added in v0.2.5 

func RegisterNotificationServer(s grpc.ServiceRegistrar, srv NotificationServer)

func RegisterOutputServer added in v1.0.0 

func RegisterOutputServer(s grpc.ServiceRegistrar, srv OutputServer)

func RegisterParsingServer added in v0.2.5 

func RegisterParsingServer(s grpc.ServiceRegistrar, srv ParsingServer)

func ReleaseLock added in v1.0.22 

func ReleaseLock() error

ReleaseLock releases the lock file.

func SendLogsFromChannel added in v1.0.2 

func SendLogsFromChannel()

SendLogsFromChannel listens to the logsChannel and sends logs to the engine server via gRPC. It logs an error if the connection to the engine server fails, if sending a notification fails, or if receiving an acknowledgment fails. It runs indefinitely and should be run as a goroutine.

func SendNotificationsFromChannel added in v1.0.0 

func SendNotificationsFromChannel()

SendNotificationsFromChannel listens to the notificationsChannel and sends notifications to the engine server via gRPC. It logs an error if the connection to the engine server fails, if sending a notification fails, or if receiving an acknowledgment fails. It runs indefinitely and should be run as a goroutine.

Types

type Ack 

type Ack struct {
	LastId string `protobuf:"bytes,1,opt,name=lastId,proto3" json:"lastId,omitempty"`
	// contains filtered or unexported fields
}

func (*Ack) Descriptor deprecated 

func (*Ack) Descriptor() ([]byte, []int)

Deprecated: Use Ack.ProtoReflect.Descriptor instead.

func (*Ack) GetLastId 

func (x *Ack) GetLastId() string

func (*Ack) ProtoMessage 

func (*Ack) ProtoMessage()

func (*Ack) ProtoReflect 

func (x *Ack) ProtoReflect() protoreflect.Message

func (*Ack) Reset 

func (x *Ack) Reset()

func (*Ack) String 

func (x *Ack) String() string

type Add added in v1.0.0 

type Add struct {
	Function string                     `protobuf:"bytes,1,opt,name=function,proto3" json:"function,omitempty"`
	Params   map[string]*structpb.Value `` /* 139-byte string literal not displayed */
	Where    string                     `protobuf:"bytes,3,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Add) Descriptor deprecated added in v1.0.0 

func (*Add) Descriptor() ([]byte, []int)

Deprecated: Use Add.ProtoReflect.Descriptor instead.

func (*Add) GetFunction added in v1.0.0 

func (x *Add) GetFunction() string

func (*Add) GetParams added in v1.0.0 

func (x *Add) GetParams() map[string]*structpb.Value

func (*Add) GetWhere added in v1.0.0 

func (x *Add) GetWhere() string

func (*Add) ProtoMessage added in v1.0.0 

func (*Add) ProtoMessage()

func (*Add) ProtoReflect added in v1.0.0 

func (x *Add) ProtoReflect() protoreflect.Message

func (*Add) Reset added in v1.0.0 

func (x *Add) Reset()

func (*Add) String added in v1.0.0 

func (x *Add) String() string

type Alert 

type Alert struct {
	Id            string   `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Timestamp     string   `protobuf:"bytes,2,opt,name=timestamp,json=@timestamp,proto3" json:"timestamp,omitempty"`
	LastUpdate    string   `protobuf:"bytes,3,opt,name=lastUpdate,proto3" json:"lastUpdate,omitempty"`
	Name          string   `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"`
	TenantId      string   `protobuf:"bytes,5,opt,name=tenantId,proto3" json:"tenantId,omitempty"`
	TenantName    string   `protobuf:"bytes,6,opt,name=tenantName,proto3" json:"tenantName,omitempty"`
	DataSource    string   `protobuf:"bytes,7,opt,name=dataSource,proto3" json:"dataSource,omitempty"`
	DataType      string   `protobuf:"bytes,8,opt,name=dataType,proto3" json:"dataType,omitempty"`
	Category      string   `protobuf:"bytes,9,opt,name=category,proto3" json:"category,omitempty"`
	Technique     string   `protobuf:"bytes,10,opt,name=technique,proto3" json:"technique,omitempty"`
	Description   string   `protobuf:"bytes,11,opt,name=description,proto3" json:"description,omitempty"`
	References    []string `protobuf:"bytes,12,rep,name=references,proto3" json:"references,omitempty"`
	Impact        *Impact  `protobuf:"bytes,13,opt,name=impact,proto3" json:"impact,omitempty"`
	ImpactScore   uint32   `protobuf:"varint,14,opt,name=impactScore,proto3" json:"impactScore,omitempty"`
	Severity      string   `protobuf:"bytes,15,opt,name=severity,proto3" json:"severity,omitempty"`
	Adversary     *Side    `protobuf:"bytes,16,opt,name=adversary,proto3" json:"adversary,omitempty"`
	Target        *Side    `protobuf:"bytes,17,opt,name=target,proto3" json:"target,omitempty"`
	Events        []*Event `protobuf:"bytes,18,rep,name=events,proto3" json:"events,omitempty"`
	DeduplicateBy []string `protobuf:"bytes,19,rep,name=deduplicateBy,proto3" json:"deduplicateBy,omitempty"`
	Errors        []string `protobuf:"bytes,20,rep,name=errors,proto3" json:"errors,omitempty"`
	// contains filtered or unexported fields
}

func (*Alert) Descriptor deprecated 

func (*Alert) Descriptor() ([]byte, []int)

Deprecated: Use Alert.ProtoReflect.Descriptor instead.

func (*Alert) GetAdversary 

func (x *Alert) GetAdversary() *Side

func (*Alert) GetCategory 

func (x *Alert) GetCategory() string

func (*Alert) GetDataSource 

func (x *Alert) GetDataSource() string

func (*Alert) GetDataType 

func (x *Alert) GetDataType() string

func (*Alert) GetDeduplicateBy added in v1.0.13 

func (x *Alert) GetDeduplicateBy() []string

func (*Alert) GetDescription 

func (x *Alert) GetDescription() string

func (*Alert) GetErrors added in v1.0.41 

func (x *Alert) GetErrors() []string

func (*Alert) GetEvents 

func (x *Alert) GetEvents() []*Event

func (*Alert) GetId 

func (x *Alert) GetId() string

func (*Alert) GetImpact 

func (x *Alert) GetImpact() *Impact

func (*Alert) GetImpactScore 

func (x *Alert) GetImpactScore() uint32

func (*Alert) GetLastUpdate 

func (x *Alert) GetLastUpdate() string

func (*Alert) GetName 

func (x *Alert) GetName() string

func (*Alert) GetReferences 

func (x *Alert) GetReferences() []string

func (*Alert) GetSeverity 

func (x *Alert) GetSeverity() string

func (*Alert) GetTarget 

func (x *Alert) GetTarget() *Side

func (*Alert) GetTechnique 

func (x *Alert) GetTechnique() string

func (*Alert) GetTenantId 

func (x *Alert) GetTenantId() string

func (*Alert) GetTenantName 

func (x *Alert) GetTenantName() string

func (*Alert) GetTimestamp 

func (x *Alert) GetTimestamp() string

func (*Alert) ProtoMessage 

func (*Alert) ProtoMessage()

func (*Alert) ProtoReflect 

func (x *Alert) ProtoReflect() protoreflect.Message

func (*Alert) Reset 

func (x *Alert) Reset()

func (*Alert) String 

func (x *Alert) String() string

type AnalysisClient added in v0.2.5 

type AnalysisClient interface {
	Analyze(ctx context.Context, in *Event, opts ...grpc.CallOption) (grpc.ServerStreamingClient[Alert], error)
}

AnalysisClient is the client API for Analysis service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewAnalysisClient added in v0.2.5 

func NewAnalysisClient(cc grpc.ClientConnInterface) AnalysisClient

type AnalysisServer added in v0.2.5 

type AnalysisServer interface {
	Analyze(*Event, grpc.ServerStreamingServer[Alert]) error
	// contains filtered or unexported methods
}

AnalysisServer is the server API for Analysis service. All implementations must embed UnimplementedAnalysisServer for forward compatibility.

type Analysis_AnalyzeClient added in v1.0.0 

type Analysis_AnalyzeClient = grpc.ServerStreamingClient[Alert]

This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.

type Analysis_AnalyzeServer added in v1.0.0 

type Analysis_AnalyzeServer = grpc.ServerStreamingServer[Alert]

This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.

type Asset added in v1.0.0 

type Asset struct {
	Name            string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	Hostnames       []string `protobuf:"bytes,2,rep,name=hostnames,proto3" json:"hostnames,omitempty"`
	Ips             []string `protobuf:"bytes,3,rep,name=ips,proto3" json:"ips,omitempty"`
	Confidentiality uint32   `protobuf:"varint,4,opt,name=confidentiality,proto3" json:"confidentiality,omitempty"`
	Availability    uint32   `protobuf:"varint,5,opt,name=availability,proto3" json:"availability,omitempty"`
	Integrity       uint32   `protobuf:"varint,6,opt,name=integrity,proto3" json:"integrity,omitempty"`
	// contains filtered or unexported fields
}

func (*Asset) Descriptor deprecated added in v1.0.0 

func (*Asset) Descriptor() ([]byte, []int)

Deprecated: Use Asset.ProtoReflect.Descriptor instead.

func (*Asset) GetAvailability added in v1.0.0 

func (x *Asset) GetAvailability() uint32

func (*Asset) GetConfidentiality added in v1.0.0 

func (x *Asset) GetConfidentiality() uint32

func (*Asset) GetHostnames added in v1.0.0 

func (x *Asset) GetHostnames() []string

func (*Asset) GetIntegrity added in v1.0.0 

func (x *Asset) GetIntegrity() uint32

func (*Asset) GetIps added in v1.0.0 

func (x *Asset) GetIps() []string

func (*Asset) GetName added in v1.0.0 

func (x *Asset) GetName() string

func (*Asset) ProtoMessage added in v1.0.0 

func (*Asset) ProtoMessage()

func (*Asset) ProtoReflect added in v1.0.0 

func (x *Asset) ProtoReflect() protoreflect.Message

func (*Asset) Reset added in v1.0.0 

func (x *Asset) Reset()

func (*Asset) String added in v1.0.0 

func (x *Asset) String() string

type Cast added in v1.0.0 

type Cast struct {
	To     string   `protobuf:"bytes,1,opt,name=to,proto3" json:"to,omitempty"`
	Fields []string `protobuf:"bytes,2,rep,name=fields,proto3" json:"fields,omitempty"`
	Where  string   `protobuf:"bytes,3,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Cast) Descriptor deprecated added in v1.0.0 

func (*Cast) Descriptor() ([]byte, []int)

Deprecated: Use Cast.ProtoReflect.Descriptor instead.

func (*Cast) GetFields added in v1.0.0 

func (x *Cast) GetFields() []string

func (*Cast) GetTo added in v1.0.0 

func (x *Cast) GetTo() string

func (*Cast) GetWhere added in v1.0.0 

func (x *Cast) GetWhere() string

func (*Cast) ProtoMessage added in v1.0.0 

func (*Cast) ProtoMessage()

func (*Cast) ProtoReflect added in v1.0.0 

func (x *Cast) ProtoReflect() protoreflect.Message

func (*Cast) Reset added in v1.0.0 

func (x *Cast) Reset()

func (*Cast) String added in v1.0.0 

func (x *Cast) String() string

type ComplianceValues added in v1.0.46 

type ComplianceValues struct {
	Values []string `protobuf:"bytes,1,rep,name=values,proto3" json:"values,omitempty"`
	// contains filtered or unexported fields
}

func (*ComplianceValues) Descriptor deprecated added in v1.0.46 

func (*ComplianceValues) Descriptor() ([]byte, []int)

Deprecated: Use ComplianceValues.ProtoReflect.Descriptor instead.

func (*ComplianceValues) GetValues added in v1.0.46 

func (x *ComplianceValues) GetValues() []string

func (*ComplianceValues) ProtoMessage added in v1.0.46 

func (*ComplianceValues) ProtoMessage()

func (*ComplianceValues) ProtoReflect added in v1.0.46 

func (x *ComplianceValues) ProtoReflect() protoreflect.Message

func (*ComplianceValues) Reset added in v1.0.46 

func (x *ComplianceValues) Reset()

func (*ComplianceValues) String added in v1.0.46 

func (x *ComplianceValues) String() string

type Config added in v1.0.0 

type Config struct {
	Pipeline      []*Pipeline                `protobuf:"bytes,1,rep,name=pipeline,proto3" json:"pipeline,omitempty"`
	DisabledRules []uint64                   `protobuf:"varint,2,rep,packed,name=disabledRules,proto3" json:"disabledRules,omitempty"`
	Tenants       []*Tenant                  `protobuf:"bytes,3,rep,name=tenants,proto3" json:"tenants,omitempty"`
	Patterns      map[string]string          `` /* 143-byte string literal not displayed */
	Plugins       map[string]*structpb.Value `` /* 141-byte string literal not displayed */
	Env           *Env                       `protobuf:"bytes,6,opt,name=env,proto3" json:"env,omitempty"`
	// contains filtered or unexported fields
}

func GetCfg added in v1.0.0 

func GetCfg() *Config

GetCfg initializes the configuration if it hasn't been initialized yet, and starts a goroutine to periodically update the configuration every 60 seconds. It waits for the initial configuration to be set before returning it. The function returns a pointer to the Config struct.

func (*Config) Descriptor deprecated added in v1.0.0 

func (*Config) Descriptor() ([]byte, []int)

Deprecated: Use Config.ProtoReflect.Descriptor instead.

func (*Config) GetDisabledRules added in v1.0.0 

func (x *Config) GetDisabledRules() []uint64

func (*Config) GetEnv added in v1.0.0 

func (x *Config) GetEnv() *Env

func (*Config) GetPatterns added in v1.0.0 

func (x *Config) GetPatterns() map[string]string

func (*Config) GetPipeline added in v1.0.0 

func (x *Config) GetPipeline() []*Pipeline

func (*Config) GetPlugins added in v1.0.0 

func (x *Config) GetPlugins() map[string]*structpb.Value

func (*Config) GetTenants added in v1.0.0 

func (x *Config) GetTenants() []*Tenant

func (*Config) ProtoMessage added in v1.0.0 

func (*Config) ProtoMessage()

func (*Config) ProtoReflect added in v1.0.0 

func (x *Config) ProtoReflect() protoreflect.Message

func (*Config) Reset added in v1.0.0 

func (x *Config) Reset()

func (*Config) String added in v1.0.0 

func (x *Config) String() string

type CorrelationClient added in v0.2.5 

type CorrelationClient interface {
	Correlate(ctx context.Context, in *Alert, opts ...grpc.CallOption) (*emptypb.Empty, error)
}

CorrelationClient is the client API for Correlation service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewCorrelationClient added in v0.2.5 

func NewCorrelationClient(cc grpc.ClientConnInterface) CorrelationClient

type CorrelationServer added in v0.2.5 

type CorrelationServer interface {
	Correlate(context.Context, *Alert) (*emptypb.Empty, error)
	// contains filtered or unexported methods
}

CorrelationServer is the server API for Correlation service. All implementations must embed UnimplementedCorrelationServer for forward compatibility.

type Csv added in v1.0.0 

type Csv struct {
	Source    string   `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"`
	Separator string   `protobuf:"bytes,2,opt,name=separator,proto3" json:"separator,omitempty"`
	Headers   []string `protobuf:"bytes,3,rep,name=headers,proto3" json:"headers,omitempty"`
	Where     string   `protobuf:"bytes,4,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Csv) Descriptor deprecated added in v1.0.0 

func (*Csv) Descriptor() ([]byte, []int)

Deprecated: Use Csv.ProtoReflect.Descriptor instead.

func (*Csv) GetHeaders added in v1.0.0 

func (x *Csv) GetHeaders() []string

func (*Csv) GetSeparator added in v1.0.0 

func (x *Csv) GetSeparator() string

func (*Csv) GetSource added in v1.0.0 

func (x *Csv) GetSource() string

func (*Csv) GetWhere added in v1.0.0 

func (x *Csv) GetWhere() string

func (*Csv) ProtoMessage added in v1.0.0 

func (*Csv) ProtoMessage()

func (*Csv) ProtoReflect added in v1.0.0 

func (x *Csv) ProtoReflect() protoreflect.Message

func (*Csv) Reset added in v1.0.0 

func (x *Csv) Reset()

func (*Csv) String added in v1.0.0 

func (x *Csv) String() string

type DataProcessingMessage added in v1.0.0 

type DataProcessingMessage struct {
	Error      *catcher.SdkError `json:"error,omitempty"`
	DataType   string            `json:"dataType"`
	DataSource string            `json:"dataSource"`
}

DataProcessingMessage represent the details of a success or failure during the processing of a log. Used as a message body for notifications.

type Delete added in v1.0.0 

type Delete struct {
	Fields []string `protobuf:"bytes,1,rep,name=fields,proto3" json:"fields,omitempty"`
	Where  string   `protobuf:"bytes,2,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Delete) Descriptor deprecated added in v1.0.0 

func (*Delete) Descriptor() ([]byte, []int)

Deprecated: Use Delete.ProtoReflect.Descriptor instead.

func (*Delete) GetFields added in v1.0.0 

func (x *Delete) GetFields() []string

func (*Delete) GetWhere added in v1.0.0 

func (x *Delete) GetWhere() string

func (*Delete) ProtoMessage added in v1.0.0 

func (*Delete) ProtoMessage()

func (*Delete) ProtoReflect added in v1.0.0 

func (x *Delete) ProtoReflect() protoreflect.Message

func (*Delete) Reset added in v1.0.0 

func (x *Delete) Reset()

func (*Delete) String added in v1.0.0 

func (x *Delete) String() string

type DiskInfo added in v1.0.36 

type DiskInfo struct {
	Name        string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	TotalSpace  uint64 `protobuf:"varint,2,opt,name=totalSpace,proto3" json:"totalSpace,omitempty"`
	UsedPercent uint32 `protobuf:"varint,3,opt,name=usedPercent,proto3" json:"usedPercent,omitempty"`
	// contains filtered or unexported fields
}

func (*DiskInfo) Descriptor deprecated added in v1.0.36 

func (*DiskInfo) Descriptor() ([]byte, []int)

Deprecated: Use DiskInfo.ProtoReflect.Descriptor instead.

func (*DiskInfo) GetName added in v1.0.36 

func (x *DiskInfo) GetName() string

func (*DiskInfo) GetTotalSpace added in v1.0.36 

func (x *DiskInfo) GetTotalSpace() uint64

func (*DiskInfo) GetUsedPercent added in v1.0.36 

func (x *DiskInfo) GetUsedPercent() uint32

func (*DiskInfo) ProtoMessage added in v1.0.36 

func (*DiskInfo) ProtoMessage()

func (*DiskInfo) ProtoReflect added in v1.0.36 

func (x *DiskInfo) ProtoReflect() protoreflect.Message

func (*DiskInfo) Reset added in v1.0.36 

func (x *DiskInfo) Reset()

func (*DiskInfo) String added in v1.0.36 

func (x *DiskInfo) String() string

type Draft added in v1.0.0 

type Draft struct {
	Log      string   `protobuf:"bytes,1,opt,name=log,proto3" json:"log,omitempty"`
	Logs     []string `protobuf:"bytes,2,rep,name=logs,proto3" json:"logs,omitempty"`
	Step     uint32   `protobuf:"varint,3,opt,name=step,proto3" json:"step,omitempty"`
	Pipeline uint32   `protobuf:"varint,4,opt,name=pipeline,proto3" json:"pipeline,omitempty"`
	Errors   []string `protobuf:"bytes,5,rep,name=errors,proto3" json:"errors,omitempty"`
	// contains filtered or unexported fields
}

func (*Draft) Descriptor deprecated added in v1.0.0 

func (*Draft) Descriptor() ([]byte, []int)

Deprecated: Use Draft.ProtoReflect.Descriptor instead.

func (*Draft) GetErrors added in v1.0.41 

func (x *Draft) GetErrors() []string

func (*Draft) GetLog added in v1.0.0 

func (x *Draft) GetLog() string

func (*Draft) GetLogs added in v1.0.0 

func (x *Draft) GetLogs() []string

func (*Draft) GetPipeline added in v1.0.36 

func (x *Draft) GetPipeline() uint32

func (*Draft) GetStep added in v1.0.0 

func (x *Draft) GetStep() uint32

func (*Draft) ProtoMessage added in v1.0.0 

func (*Draft) ProtoMessage()

func (*Draft) ProtoReflect added in v1.0.0 

func (x *Draft) ProtoReflect() protoreflect.Message

func (*Draft) Reset added in v1.0.0 

func (x *Draft) Reset()

func (*Draft) String added in v1.0.0 

func (x *Draft) String() string

type Drop added in v1.0.0 

type Drop struct {
	Where string `protobuf:"bytes,1,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Drop) Descriptor deprecated added in v1.0.0 

func (*Drop) Descriptor() ([]byte, []int)

Deprecated: Use Drop.ProtoReflect.Descriptor instead.

func (*Drop) GetWhere added in v1.0.0 

func (x *Drop) GetWhere() string

func (*Drop) ProtoMessage added in v1.0.0 

func (*Drop) ProtoMessage()

func (*Drop) ProtoReflect added in v1.0.0 

func (x *Drop) ProtoReflect() protoreflect.Message

func (*Drop) Reset added in v1.0.0 

func (x *Drop) Reset()

func (*Drop) String added in v1.0.0 

func (x *Drop) String() string

type Dynamic added in v1.0.0 

type Dynamic struct {
	Plugin string                     `protobuf:"bytes,1,opt,name=plugin,proto3" json:"plugin,omitempty"`
	Params map[string]*structpb.Value `` /* 139-byte string literal not displayed */
	Where  string                     `protobuf:"bytes,3,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Dynamic) Descriptor deprecated added in v1.0.0 

func (*Dynamic) Descriptor() ([]byte, []int)

Deprecated: Use Dynamic.ProtoReflect.Descriptor instead.

func (*Dynamic) GetParams added in v1.0.0 

func (x *Dynamic) GetParams() map[string]*structpb.Value

func (*Dynamic) GetPlugin added in v1.0.0 

func (x *Dynamic) GetPlugin() string

func (*Dynamic) GetWhere added in v1.0.0 

func (x *Dynamic) GetWhere() string

func (*Dynamic) ProtoMessage added in v1.0.0 

func (*Dynamic) ProtoMessage()

func (*Dynamic) ProtoReflect added in v1.0.0 

func (x *Dynamic) ProtoReflect() protoreflect.Message

func (*Dynamic) Reset added in v1.0.0 

func (x *Dynamic) Reset()

func (*Dynamic) String added in v1.0.0 

func (x *Dynamic) String() string

type Empty 

type Empty = emptypb.Empty

type EngineClient added in v0.2.5 

type EngineClient interface {
	Input(ctx context.Context, opts ...grpc.CallOption) (grpc.BidiStreamingClient[Log, Ack], error)
	Notify(ctx context.Context, opts ...grpc.CallOption) (grpc.BidiStreamingClient[Message, Ack], error)
}

EngineClient is the client API for Engine service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewEngineClient added in v0.2.5 

func NewEngineClient(cc grpc.ClientConnInterface) EngineClient

type EngineServer added in v0.2.5 

type EngineServer interface {
	Input(grpc.BidiStreamingServer[Log, Ack]) error
	Notify(grpc.BidiStreamingServer[Message, Ack]) error
	// contains filtered or unexported methods
}

EngineServer is the server API for Engine service. All implementations must embed UnimplementedEngineServer for forward compatibility.

type Engine_InputClient added in v0.2.5 

type Engine_InputClient = grpc.BidiStreamingClient[Log, Ack]

This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.

type Engine_InputServer added in v0.2.5 

type Engine_InputServer = grpc.BidiStreamingServer[Log, Ack]

This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.

type Engine_NotifyClient added in v0.2.5 

type Engine_NotifyClient = grpc.BidiStreamingClient[Message, Ack]

This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.

type Engine_NotifyServer added in v0.2.5 

type Engine_NotifyServer = grpc.BidiStreamingServer[Message, Ack]

This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.

type Env added in v1.0.0 

type Env struct {
	NodeName   string   `protobuf:"bytes,1,opt,name=nodeName,proto3" json:"nodeName,omitempty"`
	NodeGroups []string `protobuf:"bytes,2,rep,name=nodeGroups,proto3" json:"nodeGroups,omitempty"`
	LogLevel   uint32   `protobuf:"varint,4,opt,name=logLevel,proto3" json:"logLevel,omitempty"`
	Mode       string   `protobuf:"bytes,5,opt,name=mode,proto3" json:"mode,omitempty"`
	// contains filtered or unexported fields
}

func (*Env) Descriptor deprecated added in v1.0.0 

func (*Env) Descriptor() ([]byte, []int)

Deprecated: Use Env.ProtoReflect.Descriptor instead.

func (*Env) GetLogLevel added in v1.0.0 

func (x *Env) GetLogLevel() uint32

func (*Env) GetMode added in v1.0.0 

func (x *Env) GetMode() string

func (*Env) GetNodeGroups added in v1.0.0 

func (x *Env) GetNodeGroups() []string

func (*Env) GetNodeName added in v1.0.0 

func (x *Env) GetNodeName() string

func (*Env) ProtoMessage added in v1.0.0 

func (*Env) ProtoMessage()

func (*Env) ProtoReflect added in v1.0.0 

func (x *Env) ProtoReflect() protoreflect.Message

func (*Env) Reset added in v1.0.0 

func (x *Env) Reset()

func (*Env) String added in v1.0.0 

func (x *Env) String() string

type Event 

type Event struct {
	Id               string                       `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Timestamp        string                       `protobuf:"bytes,2,opt,name=timestamp,json=@timestamp,proto3" json:"timestamp,omitempty"`
	DeviceTime       string                       `protobuf:"bytes,3,opt,name=deviceTime,proto3" json:"deviceTime,omitempty"`
	DataType         string                       `protobuf:"bytes,4,opt,name=dataType,proto3" json:"dataType,omitempty"`
	DataSource       string                       `protobuf:"bytes,5,opt,name=dataSource,proto3" json:"dataSource,omitempty"`
	TenantId         string                       `protobuf:"bytes,6,opt,name=tenantId,proto3" json:"tenantId,omitempty"`
	TenantName       string                       `protobuf:"bytes,7,opt,name=tenantName,proto3" json:"tenantName,omitempty"`
	Raw              string                       `protobuf:"bytes,8,opt,name=raw,proto3" json:"raw,omitempty"`
	Log              map[string]*structpb.Value   `` /* 133-byte string literal not displayed */
	Target           *Side                        `protobuf:"bytes,10,opt,name=target,proto3" json:"target,omitempty"`
	Origin           *Side                        `protobuf:"bytes,11,opt,name=origin,proto3" json:"origin,omitempty"`
	Protocol         string                       `protobuf:"bytes,12,opt,name=protocol,proto3" json:"protocol,omitempty"`
	ConnectionStatus string                       `protobuf:"bytes,13,opt,name=connectionStatus,proto3" json:"connectionStatus,omitempty"`
	StatusCode       uint32                       `protobuf:"varint,14,opt,name=statusCode,proto3" json:"statusCode,omitempty"`
	ActionResult     string                       `protobuf:"bytes,15,opt,name=actionResult,proto3" json:"actionResult,omitempty"`
	Action           string                       `protobuf:"bytes,16,opt,name=action,proto3" json:"action,omitempty"`
	Severity         string                       `protobuf:"bytes,17,opt,name=severity,proto3" json:"severity,omitempty"`
	Errors           []string                     `protobuf:"bytes,18,rep,name=errors,proto3" json:"errors,omitempty"`
	Compliance       map[string]*ComplianceValues `` /* 148-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*Event) Descriptor deprecated 

func (*Event) Descriptor() ([]byte, []int)

Deprecated: Use Event.ProtoReflect.Descriptor instead.

func (*Event) GetAction added in v0.7.3 

func (x *Event) GetAction() string

func (*Event) GetActionResult added in v0.4.6 

func (x *Event) GetActionResult() string

func (*Event) GetCompliance added in v1.0.46 

func (x *Event) GetCompliance() map[string]*ComplianceValues

func (*Event) GetConnectionStatus 

func (x *Event) GetConnectionStatus() string

func (*Event) GetDataSource 

func (x *Event) GetDataSource() string

func (*Event) GetDataType 

func (x *Event) GetDataType() string

func (*Event) GetDeviceTime 

func (x *Event) GetDeviceTime() string

func (*Event) GetErrors added in v1.0.41 

func (x *Event) GetErrors() []string

func (*Event) GetId 

func (x *Event) GetId() string

func (*Event) GetLog 

func (x *Event) GetLog() map[string]*structpb.Value

func (*Event) GetOrigin added in v1.0.0 

func (x *Event) GetOrigin() *Side

func (*Event) GetProtocol 

func (x *Event) GetProtocol() string

func (*Event) GetRaw 

func (x *Event) GetRaw() string

func (*Event) GetSeverity added in v1.0.0 

func (x *Event) GetSeverity() string

func (*Event) GetStatusCode 

func (x *Event) GetStatusCode() uint32

func (*Event) GetTarget added in v1.0.0 

func (x *Event) GetTarget() *Side

func (*Event) GetTenantId 

func (x *Event) GetTenantId() string

func (*Event) GetTenantName 

func (x *Event) GetTenantName() string

func (*Event) GetTimestamp 

func (x *Event) GetTimestamp() string

func (*Event) ProtoMessage 

func (*Event) ProtoMessage()

func (*Event) ProtoReflect 

func (x *Event) ProtoReflect() protoreflect.Message

func (*Event) Reset 

func (x *Event) Reset()

func (*Event) String 

func (x *Event) String() string

type Expand added in v1.0.0 

type Expand struct {
	Source string `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"`
	To     string `protobuf:"bytes,2,opt,name=to,proto3" json:"to,omitempty"`
	Where  string `protobuf:"bytes,3,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Expand) Descriptor deprecated added in v1.0.0 

func (*Expand) Descriptor() ([]byte, []int)

Deprecated: Use Expand.ProtoReflect.Descriptor instead.

func (*Expand) GetSource added in v1.0.0 

func (x *Expand) GetSource() string

func (*Expand) GetTo added in v1.0.0 

func (x *Expand) GetTo() string

func (*Expand) GetWhere added in v1.0.0 

func (x *Expand) GetWhere() string

func (*Expand) ProtoMessage added in v1.0.0 

func (*Expand) ProtoMessage()

func (*Expand) ProtoReflect added in v1.0.0 

func (x *Expand) ProtoReflect() protoreflect.Message

func (*Expand) Reset added in v1.0.0 

func (x *Expand) Reset()

func (*Expand) String added in v1.0.0 

func (x *Expand) String() string

type Geolocation 

type Geolocation struct {
	Country     string  `protobuf:"bytes,1,opt,name=country,proto3" json:"country,omitempty"`
	City        string  `protobuf:"bytes,2,opt,name=city,proto3" json:"city,omitempty"`
	Latitude    float64 `protobuf:"fixed64,3,opt,name=latitude,proto3" json:"latitude,omitempty"`
	Longitude   float64 `protobuf:"fixed64,4,opt,name=longitude,proto3" json:"longitude,omitempty"`
	Asn         uint64  `protobuf:"varint,5,opt,name=asn,proto3" json:"asn,omitempty"`
	Aso         string  `protobuf:"bytes,6,opt,name=aso,proto3" json:"aso,omitempty"`
	CountryCode string  `protobuf:"bytes,7,opt,name=countryCode,proto3" json:"countryCode,omitempty"`
	Accuracy    uint32  `protobuf:"varint,8,opt,name=accuracy,proto3" json:"accuracy,omitempty"`
	// contains filtered or unexported fields
}

func (*Geolocation) Descriptor deprecated 

func (*Geolocation) Descriptor() ([]byte, []int)

Deprecated: Use Geolocation.ProtoReflect.Descriptor instead.

func (*Geolocation) GetAccuracy added in v0.4.1 

func (x *Geolocation) GetAccuracy() uint32

func (*Geolocation) GetAsn 

func (x *Geolocation) GetAsn() uint64

func (*Geolocation) GetAso 

func (x *Geolocation) GetAso() string

func (*Geolocation) GetCity 

func (x *Geolocation) GetCity() string

func (*Geolocation) GetCountry 

func (x *Geolocation) GetCountry() string

func (*Geolocation) GetCountryCode added in v0.4.1 

func (x *Geolocation) GetCountryCode() string

func (*Geolocation) GetLatitude 

func (x *Geolocation) GetLatitude() float64

func (*Geolocation) GetLongitude 

func (x *Geolocation) GetLongitude() float64

func (*Geolocation) ProtoMessage 

func (*Geolocation) ProtoMessage()

func (*Geolocation) ProtoReflect 

func (x *Geolocation) ProtoReflect() protoreflect.Message

func (*Geolocation) Reset 

func (x *Geolocation) Reset()

func (*Geolocation) String 

func (x *Geolocation) String() string

type Grok added in v1.0.0 

type Grok struct {
	Patterns []*Pattern `protobuf:"bytes,1,rep,name=patterns,proto3" json:"patterns,omitempty"`
	Source   string     `protobuf:"bytes,2,opt,name=source,proto3" json:"source,omitempty"`
	Where    string     `protobuf:"bytes,3,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Grok) Descriptor deprecated added in v1.0.0 

func (*Grok) Descriptor() ([]byte, []int)

Deprecated: Use Grok.ProtoReflect.Descriptor instead.

func (*Grok) GetPatterns added in v1.0.0 

func (x *Grok) GetPatterns() []*Pattern

func (*Grok) GetSource added in v1.0.0 

func (x *Grok) GetSource() string

func (*Grok) GetWhere added in v1.0.0 

func (x *Grok) GetWhere() string

func (*Grok) ProtoMessage added in v1.0.0 

func (*Grok) ProtoMessage()

func (*Grok) ProtoReflect added in v1.0.0 

func (x *Grok) ProtoReflect() protoreflect.Message

func (*Grok) Reset added in v1.0.0 

func (x *Grok) Reset()

func (*Grok) String added in v1.0.0 

func (x *Grok) String() string

type Impact 

type Impact struct {
	Confidentiality uint32 `protobuf:"varint,1,opt,name=confidentiality,proto3" json:"confidentiality,omitempty"`
	Integrity       uint32 `protobuf:"varint,2,opt,name=integrity,proto3" json:"integrity,omitempty"`
	Availability    uint32 `protobuf:"varint,3,opt,name=availability,proto3" json:"availability,omitempty"`
	// contains filtered or unexported fields
}

func (*Impact) Descriptor deprecated 

func (*Impact) Descriptor() ([]byte, []int)

Deprecated: Use Impact.ProtoReflect.Descriptor instead.

func (*Impact) GetAvailability 

func (x *Impact) GetAvailability() uint32

func (*Impact) GetConfidentiality 

func (x *Impact) GetConfidentiality() uint32

func (*Impact) GetIntegrity 

func (x *Impact) GetIntegrity() uint32

func (*Impact) ProtoMessage 

func (*Impact) ProtoMessage()

func (*Impact) ProtoReflect 

func (x *Impact) ProtoReflect() protoreflect.Message

func (*Impact) Reset 

func (x *Impact) Reset()

func (*Impact) String 

func (x *Impact) String() string

type IntegrationClient added in v0.2.3 

type IntegrationClient interface {
	ProcessLog(ctx context.Context, opts ...grpc.CallOption) (grpc.BidiStreamingClient[Log, Ack], error)
}

IntegrationClient is the client API for Integration service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewIntegrationClient added in v0.2.3 

func NewIntegrationClient(cc grpc.ClientConnInterface) IntegrationClient

type IntegrationServer added in v0.2.3 

type IntegrationServer interface {
	ProcessLog(grpc.BidiStreamingServer[Log, Ack]) error
	// contains filtered or unexported methods
}

IntegrationServer is the server API for Integration service. All implementations must embed UnimplementedIntegrationServer for forward compatibility.

type Integration_ProcessLogClient added in v0.2.3 

type Integration_ProcessLogClient = grpc.BidiStreamingClient[Log, Ack]

This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.

type Integration_ProcessLogServer added in v0.2.3 

type Integration_ProcessLogServer = grpc.BidiStreamingServer[Log, Ack]

This type alias is provided for backwards compatibility with existing code that references the prior non-generic stream type by name.

type Json added in v1.0.0 

type Json struct {
	Source string `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"`
	Where  string `protobuf:"bytes,2,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Json) Descriptor deprecated added in v1.0.0 

func (*Json) Descriptor() ([]byte, []int)

Deprecated: Use Json.ProtoReflect.Descriptor instead.

func (*Json) GetSource added in v1.0.0 

func (x *Json) GetSource() string

func (*Json) GetWhere added in v1.0.0 

func (x *Json) GetWhere() string

func (*Json) ProtoMessage added in v1.0.0 

func (*Json) ProtoMessage()

func (*Json) ProtoReflect added in v1.0.0 

func (x *Json) ProtoReflect() protoreflect.Message

func (*Json) Reset added in v1.0.0 

func (x *Json) Reset()

func (*Json) String added in v1.0.0 

func (x *Json) String() string

type Kv added in v1.0.0 

type Kv struct {
	FieldSplit string `protobuf:"bytes,1,opt,name=fieldSplit,proto3" json:"fieldSplit,omitempty"`
	ValueSplit string `protobuf:"bytes,2,opt,name=valueSplit,proto3" json:"valueSplit,omitempty"`
	Source     string `protobuf:"bytes,3,opt,name=source,proto3" json:"source,omitempty"`
	Where      string `protobuf:"bytes,4,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Kv) Descriptor deprecated added in v1.0.0 

func (*Kv) Descriptor() ([]byte, []int)

Deprecated: Use Kv.ProtoReflect.Descriptor instead.

func (*Kv) GetFieldSplit added in v1.0.0 

func (x *Kv) GetFieldSplit() string

func (*Kv) GetSource added in v1.0.0 

func (x *Kv) GetSource() string

func (*Kv) GetValueSplit added in v1.0.0 

func (x *Kv) GetValueSplit() string

func (*Kv) GetWhere added in v1.0.0 

func (x *Kv) GetWhere() string

func (*Kv) ProtoMessage added in v1.0.0 

func (*Kv) ProtoMessage()

func (*Kv) ProtoReflect added in v1.0.0 

func (x *Kv) ProtoReflect() protoreflect.Message

func (*Kv) Reset added in v1.0.0 

func (x *Kv) Reset()

func (*Kv) String added in v1.0.0 

func (x *Kv) String() string

type ListValue 

type ListValue = structpb.ListValue

type Log 

type Log struct {
	Id         string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	DataType   string `protobuf:"bytes,2,opt,name=dataType,proto3" json:"dataType,omitempty"`
	DataSource string `protobuf:"bytes,3,opt,name=dataSource,proto3" json:"dataSource,omitempty"`
	Timestamp  string `protobuf:"bytes,4,opt,name=timestamp,json=@timestamp,proto3" json:"timestamp,omitempty"`
	TenantId   string `protobuf:"bytes,5,opt,name=tenantId,proto3" json:"tenantId,omitempty"`
	Raw        string `protobuf:"bytes,6,opt,name=raw,proto3" json:"raw,omitempty"`
	// contains filtered or unexported fields
}

func (*Log) Descriptor deprecated 

func (*Log) Descriptor() ([]byte, []int)

Deprecated: Use Log.ProtoReflect.Descriptor instead.

func (*Log) GetDataSource 

func (x *Log) GetDataSource() string

func (*Log) GetDataType 

func (x *Log) GetDataType() string

func (*Log) GetId 

func (x *Log) GetId() string

func (*Log) GetRaw 

func (x *Log) GetRaw() string

func (*Log) GetTenantId 

func (x *Log) GetTenantId() string

func (*Log) GetTimestamp 

func (x *Log) GetTimestamp() string

func (*Log) ProtoMessage 

func (*Log) ProtoMessage()

func (*Log) ProtoReflect 

func (x *Log) ProtoReflect() protoreflect.Message

func (*Log) Reset 

func (x *Log) Reset()

func (*Log) String 

func (x *Log) String() string

type Message 

type Message struct {
	Id        string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	Timestamp string `protobuf:"bytes,2,opt,name=timestamp,json=@timestamp,proto3" json:"timestamp,omitempty"`
	Topic     string `protobuf:"bytes,3,opt,name=topic,proto3" json:"topic,omitempty"`
	Message   string `protobuf:"bytes,4,opt,name=message,proto3" json:"message,omitempty"`
	// contains filtered or unexported fields
}

func (*Message) Descriptor deprecated 

func (*Message) Descriptor() ([]byte, []int)

Deprecated: Use Message.ProtoReflect.Descriptor instead.

func (*Message) GetId 

func (x *Message) GetId() string

func (*Message) GetMessage 

func (x *Message) GetMessage() string

func (*Message) GetTimestamp 

func (x *Message) GetTimestamp() string

func (*Message) GetTopic 

func (x *Message) GetTopic() string

func (*Message) ProtoMessage 

func (*Message) ProtoMessage()

func (*Message) ProtoReflect 

func (x *Message) ProtoReflect() protoreflect.Message

func (*Message) Reset 

func (x *Message) Reset()

func (*Message) String 

func (x *Message) String() string

type NotificationClient added in v0.2.5 

type NotificationClient interface {
	Notify(ctx context.Context, in *Message, opts ...grpc.CallOption) (*emptypb.Empty, error)
}

NotificationClient is the client API for Notification service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewNotificationClient added in v0.2.5 

func NewNotificationClient(cc grpc.ClientConnInterface) NotificationClient

type NotificationServer added in v0.2.5 

type NotificationServer interface {
	Notify(context.Context, *Message) (*emptypb.Empty, error)
	// contains filtered or unexported methods
}

NotificationServer is the server API for Notification service. All implementations must embed UnimplementedNotificationServer for forward compatibility.

type NullValue 

type NullValue = structpb.NullValue

type OutputClient added in v1.0.0 

type OutputClient interface {
	EventOutput(ctx context.Context, in *Event, opts ...grpc.CallOption) (*emptypb.Empty, error)
	AlertOutput(ctx context.Context, in *Alert, opts ...grpc.CallOption) (*emptypb.Empty, error)
}

OutputClient is the client API for Output service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewOutputClient added in v1.0.0 

func NewOutputClient(cc grpc.ClientConnInterface) OutputClient

type OutputServer added in v1.0.0 

type OutputServer interface {
	EventOutput(context.Context, *Event) (*emptypb.Empty, error)
	AlertOutput(context.Context, *Alert) (*emptypb.Empty, error)
	// contains filtered or unexported methods
}

OutputServer is the server API for Output service. All implementations must embed UnimplementedOutputServer for forward compatibility.

type ParsingClient added in v0.2.5 

type ParsingClient interface {
	ParseLog(ctx context.Context, in *Transform, opts ...grpc.CallOption) (*Draft, error)
}

ParsingClient is the client API for Parsing service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewParsingClient added in v0.2.5 

func NewParsingClient(cc grpc.ClientConnInterface) ParsingClient

type ParsingServer added in v0.2.5 

type ParsingServer interface {
	ParseLog(context.Context, *Transform) (*Draft, error)
	// contains filtered or unexported methods
}

ParsingServer is the server API for Parsing service. All implementations must embed UnimplementedParsingServer for forward compatibility.

type Pattern added in v1.0.0 

type Pattern struct {
	FieldName string `protobuf:"bytes,1,opt,name=fieldName,proto3" json:"fieldName,omitempty"`
	Pattern   string `protobuf:"bytes,2,opt,name=pattern,proto3" json:"pattern,omitempty"`
	// contains filtered or unexported fields
}

func (*Pattern) Descriptor deprecated added in v1.0.0 

func (*Pattern) Descriptor() ([]byte, []int)

Deprecated: Use Pattern.ProtoReflect.Descriptor instead.

func (*Pattern) GetFieldName added in v1.0.0 

func (x *Pattern) GetFieldName() string

func (*Pattern) GetPattern added in v1.0.0 

func (x *Pattern) GetPattern() string

func (*Pattern) ProtoMessage added in v1.0.0 

func (*Pattern) ProtoMessage()

func (*Pattern) ProtoReflect added in v1.0.0 

func (x *Pattern) ProtoReflect() protoreflect.Message

func (*Pattern) Reset added in v1.0.0 

func (x *Pattern) Reset()

func (*Pattern) String added in v1.0.0 

func (x *Pattern) String() string

type Pipeline added in v1.0.0 

type Pipeline struct {
	DataTypes []string `protobuf:"bytes,1,rep,name=dataTypes,proto3" json:"dataTypes,omitempty"`
	Steps     []*Step  `protobuf:"bytes,2,rep,name=steps,proto3" json:"steps,omitempty"`
	// contains filtered or unexported fields
}

func (*Pipeline) Descriptor deprecated added in v1.0.0 

func (*Pipeline) Descriptor() ([]byte, []int)

Deprecated: Use Pipeline.ProtoReflect.Descriptor instead.

func (*Pipeline) GetDataTypes added in v1.0.0 

func (x *Pipeline) GetDataTypes() []string

func (*Pipeline) GetSteps added in v1.0.0 

func (x *Pipeline) GetSteps() []*Step

func (*Pipeline) ProtoMessage added in v1.0.0 

func (*Pipeline) ProtoMessage()

func (*Pipeline) ProtoReflect added in v1.0.0 

func (x *Pipeline) ProtoReflect() protoreflect.Message

func (*Pipeline) Reset added in v1.0.0 

func (x *Pipeline) Reset()

func (*Pipeline) String added in v1.0.0 

func (x *Pipeline) String() string

type Reformat added in v1.0.0 

type Reformat struct {
	Fields     []string `protobuf:"bytes,1,rep,name=fields,proto3" json:"fields,omitempty"`
	Function   string   `protobuf:"bytes,2,opt,name=function,proto3" json:"function,omitempty"`
	FromFormat string   `protobuf:"bytes,3,opt,name=fromFormat,proto3" json:"fromFormat,omitempty"`
	ToFormat   string   `protobuf:"bytes,4,opt,name=toFormat,proto3" json:"toFormat,omitempty"`
	Where      string   `protobuf:"bytes,5,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Reformat) Descriptor deprecated added in v1.0.0 

func (*Reformat) Descriptor() ([]byte, []int)

Deprecated: Use Reformat.ProtoReflect.Descriptor instead.

func (*Reformat) GetFields added in v1.0.0 

func (x *Reformat) GetFields() []string

func (*Reformat) GetFromFormat added in v1.0.0 

func (x *Reformat) GetFromFormat() string

func (*Reformat) GetFunction added in v1.0.0 

func (x *Reformat) GetFunction() string

func (*Reformat) GetToFormat added in v1.0.0 

func (x *Reformat) GetToFormat() string

func (*Reformat) GetWhere added in v1.0.0 

func (x *Reformat) GetWhere() string

func (*Reformat) ProtoMessage added in v1.0.0 

func (*Reformat) ProtoMessage()

func (*Reformat) ProtoReflect added in v1.0.0 

func (x *Reformat) ProtoReflect() protoreflect.Message

func (*Reformat) Reset added in v1.0.0 

func (x *Reformat) Reset()

func (*Reformat) String added in v1.0.0 

func (x *Reformat) String() string

type Rename added in v1.0.0 

type Rename struct {
	To    string   `protobuf:"bytes,1,opt,name=to,proto3" json:"to,omitempty"`
	From  []string `protobuf:"bytes,2,rep,name=from,proto3" json:"from,omitempty"`
	Where string   `protobuf:"bytes,3,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Rename) Descriptor deprecated added in v1.0.0 

func (*Rename) Descriptor() ([]byte, []int)

Deprecated: Use Rename.ProtoReflect.Descriptor instead.

func (*Rename) GetFrom added in v1.0.0 

func (x *Rename) GetFrom() []string

func (*Rename) GetTo added in v1.0.0 

func (x *Rename) GetTo() string

func (*Rename) GetWhere added in v1.0.0 

func (x *Rename) GetWhere() string

func (*Rename) ProtoMessage added in v1.0.0 

func (*Rename) ProtoMessage()

func (*Rename) ProtoReflect added in v1.0.0 

func (x *Rename) ProtoReflect() protoreflect.Message

func (*Rename) Reset added in v1.0.0 

func (x *Rename) Reset()

func (*Rename) String added in v1.0.0 

func (x *Rename) String() string

type Side 

type Side struct {

	// Network traffic attributes
	BytesSent        float64 `protobuf:"fixed64,1,opt,name=bytesSent,proto3" json:"bytesSent,omitempty"`
	BytesReceived    float64 `protobuf:"fixed64,2,opt,name=bytesReceived,proto3" json:"bytesReceived,omitempty"`
	PackagesSent     uint64  `protobuf:"varint,3,opt,name=packagesSent,proto3" json:"packagesSent,omitempty"`
	PackagesReceived uint64  `protobuf:"varint,4,opt,name=packagesReceived,proto3" json:"packagesReceived,omitempty"`
	// Network identification attributes
	Ip          string       `protobuf:"bytes,5,opt,name=ip,proto3" json:"ip,omitempty"`
	Host        string       `protobuf:"bytes,6,opt,name=host,proto3" json:"host,omitempty"`
	User        string       `protobuf:"bytes,7,opt,name=user,proto3" json:"user,omitempty"`
	Group       string       `protobuf:"bytes,8,opt,name=group,proto3" json:"group,omitempty"`
	Port        uint32       `protobuf:"varint,9,opt,name=port,proto3" json:"port,omitempty"`
	Domain      string       `protobuf:"bytes,10,opt,name=domain,proto3" json:"domain,omitempty"`
	Mac         string       `protobuf:"bytes,11,opt,name=mac,proto3" json:"mac,omitempty"`
	Geolocation *Geolocation `protobuf:"bytes,12,opt,name=geolocation,proto3" json:"geolocation,omitempty"`
	Url         string       `protobuf:"bytes,13,opt,name=url,proto3" json:"url,omitempty"`
	Cidr        string       `protobuf:"bytes,14,opt,name=cidr,proto3" json:"cidr,omitempty"`
	// Certificate and fingerprint attributes
	CertificateFingerprint string `protobuf:"bytes,15,opt,name=certificateFingerprint,proto3" json:"certificateFingerprint,omitempty"`
	Ja3Fingerprint         string `protobuf:"bytes,16,opt,name=ja3Fingerprint,proto3" json:"ja3Fingerprint,omitempty"`
	JarmFingerprint        string `protobuf:"bytes,17,opt,name=jarmFingerprint,proto3" json:"jarmFingerprint,omitempty"`
	SshBanner              string `protobuf:"bytes,18,opt,name=sshBanner,proto3" json:"sshBanner,omitempty"`
	SshFingerprint         string `protobuf:"bytes,19,opt,name=sshFingerprint,proto3" json:"sshFingerprint,omitempty"`
	// Web attributes
	Cookie   string `protobuf:"bytes,20,opt,name=cookie,proto3" json:"cookie,omitempty"`
	JabberId string `protobuf:"bytes,21,opt,name=jabberId,proto3" json:"jabberId,omitempty"`
	// Email attributes
	Email            string `protobuf:"bytes,22,opt,name=email,proto3" json:"email,omitempty"`
	Dkim             string `protobuf:"bytes,23,opt,name=dkim,proto3" json:"dkim,omitempty"`
	DkimSignature    string `protobuf:"bytes,24,opt,name=dkimSignature,proto3" json:"dkimSignature,omitempty"`
	EmailAddress     string `protobuf:"bytes,25,opt,name=emailAddress,proto3" json:"emailAddress,omitempty"`
	EmailBody        string `protobuf:"bytes,26,opt,name=emailBody,proto3" json:"emailBody,omitempty"`
	EmailDisplayName string `protobuf:"bytes,27,opt,name=emailDisplayName,proto3" json:"emailDisplayName,omitempty"`
	EmailSubject     string `protobuf:"bytes,28,opt,name=emailSubject,proto3" json:"emailSubject,omitempty"`
	EmailThreadIndex string `protobuf:"bytes,29,opt,name=emailThreadIndex,proto3" json:"emailThreadIndex,omitempty"`
	EmailXMailer     string `protobuf:"bytes,30,opt,name=emailXMailer,proto3" json:"emailXMailer,omitempty"`
	// WHOIS attributes
	WhoisRegistrant string `protobuf:"bytes,31,opt,name=whoisRegistrant,proto3" json:"whoisRegistrant,omitempty"`
	WhoisRegistrar  string `protobuf:"bytes,32,opt,name=whoisRegistrar,proto3" json:"whoisRegistrar,omitempty"`
	// Process-related attributes
	Process                   string `protobuf:"bytes,33,opt,name=process,proto3" json:"process,omitempty"`
	ProcessState              string `protobuf:"bytes,34,opt,name=processState,proto3" json:"processState,omitempty"`
	Command                   string `protobuf:"bytes,35,opt,name=command,proto3" json:"command,omitempty"`
	WindowsScheduledTask      string `protobuf:"bytes,36,opt,name=windowsScheduledTask,proto3" json:"windowsScheduledTask,omitempty"`
	WindowsServiceDisplayName string `protobuf:"bytes,37,opt,name=windowsServiceDisplayName,proto3" json:"windowsServiceDisplayName,omitempty"`
	WindowsServiceName        string `protobuf:"bytes,38,opt,name=windowsServiceName,proto3" json:"windowsServiceName,omitempty"`
	// File-related attributes
	File        string `protobuf:"bytes,39,opt,name=file,proto3" json:"file,omitempty"`
	Path        string `protobuf:"bytes,40,opt,name=path,proto3" json:"path,omitempty"`
	Filename    string `protobuf:"bytes,41,opt,name=filename,proto3" json:"filename,omitempty"`
	SizeInBytes string `protobuf:"bytes,42,opt,name=sizeInBytes,proto3" json:"sizeInBytes,omitempty"`
	MimeType    string `protobuf:"bytes,43,opt,name=mimeType,proto3" json:"mimeType,omitempty"`
	// Hash-related attributes
	Hash         string `protobuf:"bytes,44,opt,name=hash,proto3" json:"hash,omitempty"`
	Authentihash string `protobuf:"bytes,45,opt,name=authentihash,proto3" json:"authentihash,omitempty"`
	Cdhash       string `protobuf:"bytes,46,opt,name=cdhash,proto3" json:"cdhash,omitempty"`
	Md5          string `protobuf:"bytes,47,opt,name=md5,proto3" json:"md5,omitempty"`
	Sha1         string `protobuf:"bytes,48,opt,name=sha1,proto3" json:"sha1,omitempty"`
	Sha224       string `protobuf:"bytes,49,opt,name=sha224,proto3" json:"sha224,omitempty"`
	Sha256       string `protobuf:"bytes,50,opt,name=sha256,proto3" json:"sha256,omitempty"`
	Sha384       string `protobuf:"bytes,51,opt,name=sha384,proto3" json:"sha384,omitempty"`
	Sha3224      string `protobuf:"bytes,52,opt,name=sha3224,proto3" json:"sha3224,omitempty"`
	Sha3256      string `protobuf:"bytes,53,opt,name=sha3256,proto3" json:"sha3256,omitempty"`
	Sha3384      string `protobuf:"bytes,54,opt,name=sha3384,proto3" json:"sha3384,omitempty"`
	Sha3512      string `protobuf:"bytes,55,opt,name=sha3512,proto3" json:"sha3512,omitempty"`
	Sha512       string `protobuf:"bytes,56,opt,name=sha512,proto3" json:"sha512,omitempty"`
	Sha512224    string `protobuf:"bytes,57,opt,name=sha512224,proto3" json:"sha512224,omitempty"`
	Sha512256    string `protobuf:"bytes,58,opt,name=sha512256,proto3" json:"sha512256,omitempty"`
	Hex          string `protobuf:"bytes,59,opt,name=hex,proto3" json:"hex,omitempty"`
	Base64       string `protobuf:"bytes,60,opt,name=base64,proto3" json:"base64,omitempty"`
	// System-related attributes
	OperatingSystem string `protobuf:"bytes,61,opt,name=operatingSystem,proto3" json:"operatingSystem,omitempty"`
	ChromeExtension string `protobuf:"bytes,62,opt,name=chromeExtension,proto3" json:"chromeExtension,omitempty"`
	MobileAppId     string `protobuf:"bytes,63,opt,name=mobileAppId,proto3" json:"mobileAppId,omitempty"`
	// Vulnerability-related attributes
	Cpe string `protobuf:"bytes,64,opt,name=cpe,proto3" json:"cpe,omitempty"`
	Cve string `protobuf:"bytes,65,opt,name=cve,proto3" json:"cve,omitempty"`
	// Malware-related attributes
	Malware       string `protobuf:"bytes,66,opt,name=malware,proto3" json:"malware,omitempty"`
	MalwareFamily string `protobuf:"bytes,67,opt,name=malwareFamily,proto3" json:"malwareFamily,omitempty"`
	MalwareType   string `protobuf:"bytes,68,opt,name=malwareType,proto3" json:"malwareType,omitempty"`
	// Key-related attributes
	PgpPrivateKey string `protobuf:"bytes,69,opt,name=pgpPrivateKey,proto3" json:"pgpPrivateKey,omitempty"`
	PgpPublicKey  string `protobuf:"bytes,70,opt,name=pgpPublicKey,proto3" json:"pgpPublicKey,omitempty"`
	// Resources attributes
	Connections    uint64      `protobuf:"varint,71,opt,name=connections,proto3" json:"connections,omitempty"`
	UsedCpuPercent uint32      `protobuf:"varint,72,opt,name=usedCpuPercent,proto3" json:"usedCpuPercent,omitempty"`
	UsedMemPercent uint32      `protobuf:"varint,73,opt,name=usedMemPercent,proto3" json:"usedMemPercent,omitempty"`
	TotalCpuUnits  uint32      `protobuf:"varint,74,opt,name=totalCpuUnits,proto3" json:"totalCpuUnits,omitempty"`
	TotalMem       uint64      `protobuf:"varint,75,opt,name=totalMem,proto3" json:"totalMem,omitempty"`
	Disks          []*DiskInfo `protobuf:"bytes,76,rep,name=disks,proto3" json:"disks,omitempty"`
	// contains filtered or unexported fields
}

func (*Side) Descriptor deprecated 

func (*Side) Descriptor() ([]byte, []int)

Deprecated: Use Side.ProtoReflect.Descriptor instead.

func (*Side) GetAuthentihash added in v1.0.36 

func (x *Side) GetAuthentihash() string

func (*Side) GetBase64 added in v1.0.36 

func (x *Side) GetBase64() string

func (*Side) GetBytesReceived 

func (x *Side) GetBytesReceived() float64

func (*Side) GetBytesSent 

func (x *Side) GetBytesSent() float64

func (*Side) GetCdhash added in v1.0.36 

func (x *Side) GetCdhash() string

func (*Side) GetCertificateFingerprint added in v1.0.36 

func (x *Side) GetCertificateFingerprint() string

func (*Side) GetChromeExtension added in v1.0.36 

func (x *Side) GetChromeExtension() string

func (*Side) GetCidr added in v1.0.36 

func (x *Side) GetCidr() string

func (*Side) GetCommand 

func (x *Side) GetCommand() string

func (*Side) GetConnections 

func (x *Side) GetConnections() uint64

func (*Side) GetCookie added in v1.0.36 

func (x *Side) GetCookie() string

func (*Side) GetCpe added in v1.0.36 

func (x *Side) GetCpe() string

func (*Side) GetCve added in v1.0.36 

func (x *Side) GetCve() string

func (*Side) GetDisks added in v1.0.36 

func (x *Side) GetDisks() []*DiskInfo

func (*Side) GetDkim added in v1.0.36 

func (x *Side) GetDkim() string

func (*Side) GetDkimSignature added in v1.0.36 

func (x *Side) GetDkimSignature() string

func (*Side) GetDomain 

func (x *Side) GetDomain() string

func (*Side) GetEmail 

func (x *Side) GetEmail() string

func (*Side) GetEmailAddress added in v1.0.36 

func (x *Side) GetEmailAddress() string

func (*Side) GetEmailBody added in v1.0.36 

func (x *Side) GetEmailBody() string

func (*Side) GetEmailDisplayName added in v1.0.36 

func (x *Side) GetEmailDisplayName() string

func (*Side) GetEmailSubject added in v1.0.36 

func (x *Side) GetEmailSubject() string

func (*Side) GetEmailThreadIndex added in v1.0.36 

func (x *Side) GetEmailThreadIndex() string

func (*Side) GetEmailXMailer added in v1.0.36 

func (x *Side) GetEmailXMailer() string

func (*Side) GetFile 

func (x *Side) GetFile() string

func (*Side) GetFilename added in v1.0.36 

func (x *Side) GetFilename() string

func (*Side) GetGeolocation added in v0.4.7 

func (x *Side) GetGeolocation() *Geolocation

func (*Side) GetGroup 

func (x *Side) GetGroup() string

func (*Side) GetHash added in v1.0.0 

func (x *Side) GetHash() string

func (*Side) GetHex added in v1.0.36 

func (x *Side) GetHex() string

func (*Side) GetHost 

func (x *Side) GetHost() string

func (*Side) GetIp 

func (x *Side) GetIp() string

func (*Side) GetJa3Fingerprint added in v1.0.36 

func (x *Side) GetJa3Fingerprint() string

func (*Side) GetJabberId added in v1.0.36 

func (x *Side) GetJabberId() string

func (*Side) GetJarmFingerprint added in v1.0.36 

func (x *Side) GetJarmFingerprint() string

func (*Side) GetMac 

func (x *Side) GetMac() string

func (*Side) GetMalware added in v1.0.36 

func (x *Side) GetMalware() string

func (*Side) GetMalwareFamily added in v1.0.36 

func (x *Side) GetMalwareFamily() string

func (*Side) GetMalwareType added in v1.0.36 

func (x *Side) GetMalwareType() string

func (*Side) GetMd5 

func (x *Side) GetMd5() string

func (*Side) GetMimeType added in v1.0.36 

func (x *Side) GetMimeType() string

func (*Side) GetMobileAppId added in v1.0.36 

func (x *Side) GetMobileAppId() string

func (*Side) GetOperatingSystem added in v1.0.36 

func (x *Side) GetOperatingSystem() string

func (*Side) GetPackagesReceived 

func (x *Side) GetPackagesReceived() uint64

func (*Side) GetPackagesSent 

func (x *Side) GetPackagesSent() uint64

func (*Side) GetPath 

func (x *Side) GetPath() string

func (*Side) GetPgpPrivateKey added in v1.0.36 

func (x *Side) GetPgpPrivateKey() string

func (*Side) GetPgpPublicKey added in v1.0.36 

func (x *Side) GetPgpPublicKey() string

func (*Side) GetPort 

func (x *Side) GetPort() uint32

func (*Side) GetProcess 

func (x *Side) GetProcess() string

func (*Side) GetProcessState added in v1.0.36 

func (x *Side) GetProcessState() string

func (*Side) GetSha1 

func (x *Side) GetSha1() string

func (*Side) GetSha224 added in v1.0.36 

func (x *Side) GetSha224() string

func (*Side) GetSha256 

func (x *Side) GetSha256() string

func (*Side) GetSha3224 added in v1.0.36 

func (x *Side) GetSha3224() string

func (*Side) GetSha3256 added in v1.0.36 

func (x *Side) GetSha3256() string

func (*Side) GetSha3384 added in v1.0.36 

func (x *Side) GetSha3384() string

func (*Side) GetSha3512 added in v1.0.36 

func (x *Side) GetSha3512() string

func (*Side) GetSha384 added in v1.0.36 

func (x *Side) GetSha384() string

func (*Side) GetSha512 added in v1.0.36 

func (x *Side) GetSha512() string

func (*Side) GetSha512224 added in v1.0.36 

func (x *Side) GetSha512224() string

func (*Side) GetSha512256 added in v1.0.36 

func (x *Side) GetSha512256() string

func (*Side) GetSizeInBytes added in v1.0.36 

func (x *Side) GetSizeInBytes() string

func (*Side) GetSshBanner added in v1.0.36 

func (x *Side) GetSshBanner() string

func (*Side) GetSshFingerprint added in v1.0.36 

func (x *Side) GetSshFingerprint() string

func (*Side) GetTotalCpuUnits added in v1.0.0 

func (x *Side) GetTotalCpuUnits() uint32

func (*Side) GetTotalMem added in v1.0.0 

func (x *Side) GetTotalMem() uint64

func (*Side) GetUrl 

func (x *Side) GetUrl() string

func (*Side) GetUsedCpuPercent 

func (x *Side) GetUsedCpuPercent() uint32

func (*Side) GetUsedMemPercent 

func (x *Side) GetUsedMemPercent() uint32

func (*Side) GetUser 

func (x *Side) GetUser() string

func (*Side) GetWhoisRegistrant added in v1.0.36 

func (x *Side) GetWhoisRegistrant() string

func (*Side) GetWhoisRegistrar added in v1.0.36 

func (x *Side) GetWhoisRegistrar() string

func (*Side) GetWindowsScheduledTask added in v1.0.36 

func (x *Side) GetWindowsScheduledTask() string

func (*Side) GetWindowsServiceDisplayName added in v1.0.36 

func (x *Side) GetWindowsServiceDisplayName() string

func (*Side) GetWindowsServiceName added in v1.0.36 

func (x *Side) GetWindowsServiceName() string

func (*Side) ProtoMessage 

func (*Side) ProtoMessage()

func (*Side) ProtoReflect 

func (x *Side) ProtoReflect() protoreflect.Message

func (*Side) Reset 

func (x *Side) Reset()

func (*Side) String 

func (x *Side) String() string

type SocketType added in v1.0.36 

type SocketType string
const (
	NotificationSocket SocketType = "notification"
	AnalysisSocket     SocketType = "analysis"
	CorrelationSocket  SocketType = "correlation"
)

func (*SocketType) String added in v1.0.36 

func (t *SocketType) String() string

type Step added in v1.0.0 

type Step struct {
	Kv       *Kv       `protobuf:"bytes,1,opt,name=kv,proto3" json:"kv,omitempty"`
	Grok     *Grok     `protobuf:"bytes,2,opt,name=grok,proto3" json:"grok,omitempty"`
	Trim     *Trim     `protobuf:"bytes,3,opt,name=trim,proto3" json:"trim,omitempty"`
	Json     *Json     `protobuf:"bytes,4,opt,name=json,proto3" json:"json,omitempty"`
	Csv      *Csv      `protobuf:"bytes,5,opt,name=csv,proto3" json:"csv,omitempty"`
	Rename   *Rename   `protobuf:"bytes,6,opt,name=rename,proto3" json:"rename,omitempty"`
	Cast     *Cast     `protobuf:"bytes,7,opt,name=cast,proto3" json:"cast,omitempty"`
	Reformat *Reformat `protobuf:"bytes,8,opt,name=reformat,proto3" json:"reformat,omitempty"`
	Delete   *Delete   `protobuf:"bytes,9,opt,name=delete,proto3" json:"delete,omitempty"`
	Drop     *Drop     `protobuf:"bytes,10,opt,name=drop,proto3" json:"drop,omitempty"`
	Add      *Add      `protobuf:"bytes,11,opt,name=add,proto3" json:"add,omitempty"`
	Dynamic  *Dynamic  `protobuf:"bytes,12,opt,name=dynamic,proto3" json:"dynamic,omitempty"`
	Expand   *Expand   `protobuf:"bytes,13,opt,name=expand,proto3" json:"expand,omitempty"`
	// contains filtered or unexported fields
}

func (*Step) Descriptor deprecated added in v1.0.0 

func (*Step) Descriptor() ([]byte, []int)

Deprecated: Use Step.ProtoReflect.Descriptor instead.

func (*Step) GetAdd added in v1.0.0 

func (x *Step) GetAdd() *Add

func (*Step) GetCast added in v1.0.0 

func (x *Step) GetCast() *Cast

func (*Step) GetCsv added in v1.0.0 

func (x *Step) GetCsv() *Csv

func (*Step) GetDelete added in v1.0.0 

func (x *Step) GetDelete() *Delete

func (*Step) GetDrop added in v1.0.0 

func (x *Step) GetDrop() *Drop

func (*Step) GetDynamic added in v1.0.0 

func (x *Step) GetDynamic() *Dynamic

func (*Step) GetExpand added in v1.0.0 

func (x *Step) GetExpand() *Expand

func (*Step) GetGrok added in v1.0.0 

func (x *Step) GetGrok() *Grok

func (*Step) GetJson added in v1.0.0 

func (x *Step) GetJson() *Json

func (*Step) GetKv added in v1.0.0 

func (x *Step) GetKv() *Kv

func (*Step) GetReformat added in v1.0.0 

func (x *Step) GetReformat() *Reformat

func (*Step) GetRename added in v1.0.0 

func (x *Step) GetRename() *Rename

func (*Step) GetTrim added in v1.0.0 

func (x *Step) GetTrim() *Trim

func (*Step) ProtoMessage added in v1.0.0 

func (*Step) ProtoMessage()

func (*Step) ProtoReflect added in v1.0.0 

func (x *Step) ProtoReflect() protoreflect.Message

func (*Step) Reset added in v1.0.0 

func (x *Step) Reset()

func (*Step) String added in v1.0.0 

func (x *Step) String() string

type Struct 

type Struct = structpb.Struct

type Tenant added in v1.0.0 

type Tenant struct {
	Name          string   `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	Id            string   `protobuf:"bytes,2,opt,name=id,proto3" json:"id,omitempty"`
	Assets        []*Asset `protobuf:"bytes,3,rep,name=assets,proto3" json:"assets,omitempty"`
	DisabledRules []uint64 `protobuf:"varint,4,rep,packed,name=disabledRules,proto3" json:"disabledRules,omitempty"`
	// contains filtered or unexported fields
}

func (*Tenant) Descriptor deprecated added in v1.0.0 

func (*Tenant) Descriptor() ([]byte, []int)

Deprecated: Use Tenant.ProtoReflect.Descriptor instead.

func (*Tenant) GetAssets added in v1.0.0 

func (x *Tenant) GetAssets() []*Asset

func (*Tenant) GetDisabledRules added in v1.0.0 

func (x *Tenant) GetDisabledRules() []uint64

func (*Tenant) GetId added in v1.0.0 

func (x *Tenant) GetId() string

func (*Tenant) GetName added in v1.0.0 

func (x *Tenant) GetName() string

func (*Tenant) ProtoMessage added in v1.0.0 

func (*Tenant) ProtoMessage()

func (*Tenant) ProtoReflect added in v1.0.0 

func (x *Tenant) ProtoReflect() protoreflect.Message

func (*Tenant) Reset added in v1.0.0 

func (x *Tenant) Reset()

func (*Tenant) String added in v1.0.0 

func (x *Tenant) String() string

type Topic added in v1.0.0 

type Topic string
const (
	TopicEnqueueSuccess     Topic = "enqueue_success"     // represents the topic name for enqueue success notifications.
	TopicIntegrationFailure Topic = "integration_failure" // represents the topic name for integration failure notifications.
	TopicParsingFailure     Topic = "parsing_failure"     // represents the topic name for parsing failure notifications.
	TopicAnalysisFailure    Topic = "analysis_failure"    // represents the topic name for analysis failure notifications.
	TopicCorrelationFailure Topic = "correlation_failure" // represents the topic name for correlation failure notifications.
)

type Transform added in v1.0.0 

type Transform struct {
	Draft *Draft `protobuf:"bytes,1,opt,name=draft,proto3" json:"draft,omitempty"`
	Step  *Step  `protobuf:"bytes,2,opt,name=step,proto3" json:"step,omitempty"`
	// contains filtered or unexported fields
}

func (*Transform) Descriptor deprecated added in v1.0.0 

func (*Transform) Descriptor() ([]byte, []int)

Deprecated: Use Transform.ProtoReflect.Descriptor instead.

func (*Transform) GetDraft added in v1.0.0 

func (x *Transform) GetDraft() *Draft

func (*Transform) GetStep added in v1.0.0 

func (x *Transform) GetStep() *Step

func (*Transform) ProtoMessage added in v1.0.0 

func (*Transform) ProtoMessage()

func (*Transform) ProtoReflect added in v1.0.0 

func (x *Transform) ProtoReflect() protoreflect.Message

func (*Transform) Reset added in v1.0.0 

func (x *Transform) Reset()

func (*Transform) String added in v1.0.0 

func (x *Transform) String() string

type Trim added in v1.0.0 

type Trim struct {
	Function  string   `protobuf:"bytes,1,opt,name=function,proto3" json:"function,omitempty"`
	Substring string   `protobuf:"bytes,2,opt,name=substring,proto3" json:"substring,omitempty"`
	Fields    []string `protobuf:"bytes,3,rep,name=fields,proto3" json:"fields,omitempty"`
	Where     string   `protobuf:"bytes,4,opt,name=where,proto3" json:"where,omitempty"`
	// contains filtered or unexported fields
}

func (*Trim) Descriptor deprecated added in v1.0.0 

func (*Trim) Descriptor() ([]byte, []int)

Deprecated: Use Trim.ProtoReflect.Descriptor instead.

func (*Trim) GetFields added in v1.0.0 

func (x *Trim) GetFields() []string

func (*Trim) GetFunction added in v1.0.0 

func (x *Trim) GetFunction() string

func (*Trim) GetSubstring added in v1.0.0 

func (x *Trim) GetSubstring() string

func (*Trim) GetWhere added in v1.0.0 

func (x *Trim) GetWhere() string

func (*Trim) ProtoMessage added in v1.0.0 

func (*Trim) ProtoMessage()

func (*Trim) ProtoReflect added in v1.0.0 

func (x *Trim) ProtoReflect() protoreflect.Message

func (*Trim) Reset added in v1.0.0 

func (x *Trim) Reset()

func (*Trim) String added in v1.0.0 

func (x *Trim) String() string

type UnimplementedAnalysisServer added in v0.2.5 

type UnimplementedAnalysisServer struct{}

UnimplementedAnalysisServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedAnalysisServer) Analyze added in v0.2.5 

func (UnimplementedAnalysisServer) Analyze(*Event, grpc.ServerStreamingServer[Alert]) error

type UnimplementedCorrelationServer added in v0.2.5 

type UnimplementedCorrelationServer struct{}

UnimplementedCorrelationServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedCorrelationServer) Correlate added in v0.2.5 

func (UnimplementedCorrelationServer) Correlate(context.Context, *Alert) (*emptypb.Empty, error)

type UnimplementedEngineServer added in v0.2.5 

type UnimplementedEngineServer struct{}

UnimplementedEngineServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedEngineServer) Input added in v0.2.5 

func (UnimplementedEngineServer) Input(grpc.BidiStreamingServer[Log, Ack]) error

func (UnimplementedEngineServer) Notify added in v0.2.5 

func (UnimplementedEngineServer) Notify(grpc.BidiStreamingServer[Message, Ack]) error

type UnimplementedIntegrationServer added in v0.2.3 

type UnimplementedIntegrationServer struct{}

UnimplementedIntegrationServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedIntegrationServer) ProcessLog added in v0.2.3 

func (UnimplementedIntegrationServer) ProcessLog(grpc.BidiStreamingServer[Log, Ack]) error

type UnimplementedNotificationServer added in v0.2.5 

type UnimplementedNotificationServer struct{}

UnimplementedNotificationServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedNotificationServer) Notify added in v0.2.5 

func (UnimplementedNotificationServer) Notify(context.Context, *Message) (*emptypb.Empty, error)

type UnimplementedOutputServer added in v1.0.0 

type UnimplementedOutputServer struct{}

UnimplementedOutputServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedOutputServer) AlertOutput added in v1.0.0 

func (UnimplementedOutputServer) AlertOutput(context.Context, *Alert) (*emptypb.Empty, error)

func (UnimplementedOutputServer) EventOutput added in v1.0.0 

func (UnimplementedOutputServer) EventOutput(context.Context, *Event) (*emptypb.Empty, error)

type UnimplementedParsingServer added in v0.2.5 

type UnimplementedParsingServer struct{}

UnimplementedParsingServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedParsingServer) ParseLog added in v0.2.5 

func (UnimplementedParsingServer) ParseLog(context.Context, *Transform) (*Draft, error)

type UnsafeAnalysisServer added in v0.2.5 

type UnsafeAnalysisServer interface {
	// contains filtered or unexported methods
}

UnsafeAnalysisServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to AnalysisServer will result in compilation errors.

type UnsafeCorrelationServer added in v0.2.5 

type UnsafeCorrelationServer interface {
	// contains filtered or unexported methods
}

UnsafeCorrelationServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to CorrelationServer will result in compilation errors.

type UnsafeEngineServer added in v0.2.5 

type UnsafeEngineServer interface {
	// contains filtered or unexported methods
}

UnsafeEngineServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to EngineServer will result in compilation errors.

type UnsafeIntegrationServer added in v0.2.3 

type UnsafeIntegrationServer interface {
	// contains filtered or unexported methods
}

UnsafeIntegrationServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to IntegrationServer will result in compilation errors.

type UnsafeNotificationServer added in v0.2.5 

type UnsafeNotificationServer interface {
	// contains filtered or unexported methods
}

UnsafeNotificationServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to NotificationServer will result in compilation errors.

type UnsafeOutputServer added in v1.0.0 

type UnsafeOutputServer interface {
	// contains filtered or unexported methods
}

UnsafeOutputServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to OutputServer will result in compilation errors.

type UnsafeParsingServer added in v0.2.5 

type UnsafeParsingServer interface {
	// contains filtered or unexported methods
}

UnsafeParsingServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to ParsingServer will result in compilation errors.

type Value 

type Value = structpb.Value

type Value_BoolValue 

type Value_BoolValue = structpb.Value_BoolValue

type Value_ListValue 

type Value_ListValue = structpb.Value_ListValue

type Value_NullValue 

type Value_NullValue = structpb.Value_NullValue

type Value_NumberValue 

type Value_NumberValue = structpb.Value_NumberValue

type Value_StringValue 

type Value_StringValue = structpb.Value_StringValue

type Value_StructValue 

type Value_StructValue = structpb.Value_StructValue

type Variable added in v1.0.0 

type Variable struct {
	Get    string `protobuf:"bytes,1,opt,name=get,proto3" json:"get,omitempty"`
	As     string `protobuf:"bytes,2,opt,name=as,proto3" json:"as,omitempty"`
	OfType string `protobuf:"bytes,3,opt,name=ofType,proto3" json:"ofType,omitempty"`
	// contains filtered or unexported fields
}

func (*Variable) Descriptor deprecated added in v1.0.0 

func (*Variable) Descriptor() ([]byte, []int)

Deprecated: Use Variable.ProtoReflect.Descriptor instead.

func (*Variable) GetAs added in v1.0.0 

func (x *Variable) GetAs() string

func (*Variable) GetGet added in v1.0.0 

func (x *Variable) GetGet() string

func (*Variable) GetOfType added in v1.0.0 

func (x *Variable) GetOfType() string

func (*Variable) ProtoMessage added in v1.0.0 

func (*Variable) ProtoMessage()

func (*Variable) ProtoReflect added in v1.0.0 

func (x *Variable) ProtoReflect() protoreflect.Message

func (*Variable) Reset added in v1.0.0 

func (x *Variable) Reset()

func (*Variable) String added in v1.0.0 

func (x *Variable) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.