audit_log

package
v0.3.0-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 28, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const AuditLogTableIdentifier string = "gcp_audit_log"

Variables

This section is empty.

Functions

This section is empty.

Types

type AuditLog 

type AuditLog struct {
	// embed required enrichment fields
	schema.CommonFields

	// Mandatory fields
	Timestamp    time.Time `json:"timestamp"`
	LogName      string    `json:"log_name"`
	InsertId     string    `json:"insert_id"`
	Severity     string    `json:"severity"`
	Trace        string    `json:"trace"`
	TraceSampled bool      `json:"trace_sampled"`
	SpanId       string    `json:"span_id"`

	// Optional fields
	ServiceName           *string                      `json:"service_name,omitempty"`
	MethodName            *string                      `json:"method_name,omitempty"`
	ResourceName          *string                      `json:"resource_name,omitempty"`
	ResourceLocation      *AuditLogResourceLocation    `json:"resource_location,omitempty"`
	AuthenticationInfo    *AuditLogAuthenticationInfo  `json:"authentication_info,omitempty"`
	Status                *AuditLogStatus              `json:"status,omitempty"`
	Resource              *AuditLogResource            `json:"resource,omitempty"`
	Operation             *AuditLogOperation           `json:"operation,omitempty"`
	RequestMetadata       *AuditLogRequestMetadata     `json:"request_metadata,omitempty"`
	HttpRequest           *AuditLogHttpRequest         `json:"http_request,omitempty"`
	SourceLocation        *AuditLogSourceLocation      `json:"source_location,omitempty"`
	Labels                *map[string]string           `json:"labels,omitempty" parquet:"type=JSON"`
	NumResponseItems      *int64                       `json:"num_response_items,omitempty"`
	AuthorizationInfo     []*AuditLogAuthorizationInfo `json:"authorization_info,omitempty" parquet:"type=JSON"`
	PolicyViolationInfo   *audit.PolicyViolationInfo   `json:"policy_violation_info,omitempty" parquet:"type=JSON"` // nested map/[]struct
	ResourceOriginalState interface{}                  `json:"resource_original_state,omitempty" parquet:"type=JSON"`
	Request               map[string]interface{}       `json:"request,omitempty" parquet:"type=JSON"`
	Response              map[string]interface{}       `json:"response,omitempty" parquet:"type=JSON"`
	Metadata              map[string]interface{}       `json:"metadata,omitempty" parquet:"type=JSON"`
	ServiceData           *map[string]interface{}      `json:"service_data,omitempty" parquet:"type=JSON"`
}

AuditLog represents an enriched row ready for parquet writing

func NewAuditLog 

func NewAuditLog() *AuditLog

func (*AuditLog) GetColumnDescriptions 

func (a *AuditLog) GetColumnDescriptions() map[string]string

type AuditLogAuthenticationInfo 

type AuditLogAuthenticationInfo struct {
	PrincipalEmail               string            `json:"principal_email"`
	PrincipalSubject             string            `json:"principal_subject"`
	AuthoritySelector            string            `json:"authority_selector"`
	ServiceAccountKeyName        string            `json:"service_account_key_name"`
	ThirdPartyPrincipal          map[string]string `json:"third_party_principal,omitempty" parquet:"type=JSON"`
	ServiceAccountDelegationInfo []string          `json:"service_account_delegation_info,omitempty" parquet:"type=JSON"`
}

type AuditLogAuthorizationInfo 

type AuditLogAuthorizationInfo struct {
	Resource   string `json:"resource"`
	Permission string `json:"permission"`
	Granted    bool   `json:"granted"`
}

type AuditLogHttpRequest 

type AuditLogHttpRequest struct {
	Method                         string              `json:"method"`
	Url                            string              `json:"url"`
	RequestSize                    int64               `json:"request_size"`
	RequestHeaders                 map[string][]string `json:"request_headers" parquet:"type=JSON"`
	Status                         int                 `json:"status"`
	ResponseSize                   int64               `json:"response_size"`
	LocalIp                        string              `json:"local_ip"`
	RemoteIp                       string              `json:"remote_ip"`
	Latency                        string              `json:"latency"`
	CacheHit                       bool                `json:"cache_hit"`
	CacheLookup                    bool                `json:"cache_lookup"`
	CacheValidatedWithOriginServer bool                `json:"cache_validated_with_origin_server"`
	CacheFillBytes                 int64               `json:"cache_fill_bytes"`
	UserAgent                      *string             `json:"user_agent,omitempty"`
}

type AuditLogMapper 

type AuditLogMapper struct {
}

func (*AuditLogMapper) Identifier 

func (m *AuditLogMapper) Identifier() string

func (*AuditLogMapper) Map 

func (m *AuditLogMapper) Map(_ context.Context, a any, _ ...table.MapOption[*AuditLog]) (*AuditLog, error)

type AuditLogOperation 

type AuditLogOperation struct {
	Id       string `json:"id"`
	Producer string `json:"producer"`
	First    bool   `json:"first"`
	Last     bool   `json:"last"`
}

type AuditLogRequestMetadata 

type AuditLogRequestMetadata struct {
	CallerIp                string                                        `json:"caller_ip"`
	CallerSuppliedUserAgent string                                        `json:"caller_supplied_user_agent"`
	CallerNetwork           string                                        `json:"caller_network"`
	RequestAttributes       *map[string]interface{}                       `json:"request_attributes,omitempty" parquet:"type=JSON"`
	DestinationAttributes   *AuditLogRequestMetadataDestinationAttributes `json:"destination_attributes,omitempty"`
}

type AuditLogRequestMetadataDestinationAttributes 

type AuditLogRequestMetadataDestinationAttributes struct {
	Ip         string            `json:"ip"`
	Port       int64             `json:"port"`
	Principal  string            `json:"principal"`
	RegionCode string            `json:"region_code"`
	Labels     map[string]string `json:"labels" parquet:"type=JSON"`
}

type AuditLogResource 

type AuditLogResource struct {
	Type   string            `json:"type"`
	Labels map[string]string `json:"labels" parquet:"type=JSON"`
}

type AuditLogResourceLocation 

type AuditLogResourceLocation struct {
	CurrentLocations  []string `json:"current_locations" parquet:"type=JSON"`
	OriginalLocations []string `json:"original_locations" parquet:"type=JSON"`
}

type AuditLogSourceLocation 

type AuditLogSourceLocation struct {
	File     string `json:"file"`
	Line     int64  `json:"line"`
	Function string `json:"function"`
}

type AuditLogStatus 

type AuditLogStatus struct {
	Code    int32  `json:"code"`
	Message string `json:"message"`
}

type AuditLogTable 

type AuditLogTable struct {
}

func (*AuditLogTable) EnrichRow 

func (c *AuditLogTable) EnrichRow(row *AuditLog, sourceEnrichmentFields schema.SourceEnrichment) (*AuditLog, error)

func (*AuditLogTable) GetDescription 

func (c *AuditLogTable) GetDescription() string

func (*AuditLogTable) GetSourceMetadata 

func (c *AuditLogTable) GetSourceMetadata() []*table.SourceMetadata[*AuditLog]

func (*AuditLogTable) Identifier 

func (c *AuditLogTable) Identifier() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.