Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CommonAttributes ¶
type FileMod ¶
type FileMod struct { Common CommonAttributes Action FileModActionType FilePath string FileName string FileMd5 string }
func GenerateFileMod ¶
func (*FileMod) MachineName ¶
func (*FileMod) SetTimestamp ¶
type FileModActionType ¶
type FileModActionType uint8
const ( FileOpen FileModActionType = iota FileRead FileWrite FileTruncate FileClose FileRename FileDelete )
type NetConn ¶
type NetConn struct { Common CommonAttributes LocalAddress string LocalPort uint16 RemoteAddress string RemotePort uint16 DomainName string ProtocolType Protocol Direction NetConnDirection }
func GenerateNetConn ¶
func (*NetConn) MachineName ¶
func (*NetConn) SetTimestamp ¶
type NetConnDirection ¶
type NetConnDirection uint8
const ( NetConnDirOutgoing NetConnDirection = iota NetConnDirIncoming )
type ProcessEnd ¶
type ProcessEnd struct {
Common CommonAttributes
}
func GenerateProcessEnd ¶
func GenerateProcessEnd(pid uint32, userName string) *ProcessEnd
func (*ProcessEnd) Format ¶
func (p *ProcessEnd) Format() string
func (*ProcessEnd) MachineName ¶
func (p *ProcessEnd) MachineName() string
func (*ProcessEnd) ProcessId ¶
func (p *ProcessEnd) ProcessId() uint32
func (*ProcessEnd) SetTimestamp ¶
func (p *ProcessEnd) SetTimestamp(ts time.Time)
func (*ProcessEnd) Timestamp ¶
func (p *ProcessEnd) Timestamp() time.Time
func (*ProcessEnd) Type ¶
func (p *ProcessEnd) Type() string
func (*ProcessEnd) UserName ¶
func (p *ProcessEnd) UserName() string
type ProcessExec ¶
type ProcessExec struct { Common CommonAttributes NewProcessName string NewProcessPath string NewCommandLine []string }
func GenerateProcessExec ¶
func GenerateProcessExec(pid uint32, userName string) *ProcessExec
func (*ProcessExec) Format ¶
func (p *ProcessExec) Format() string
func (*ProcessExec) MachineName ¶
func (p *ProcessExec) MachineName() string
func (*ProcessExec) ProcessId ¶
func (p *ProcessExec) ProcessId() uint32
func (*ProcessExec) SetTimestamp ¶
func (p *ProcessExec) SetTimestamp(ts time.Time)
func (*ProcessExec) Timestamp ¶
func (p *ProcessExec) Timestamp() time.Time
func (*ProcessExec) Type ¶
func (p *ProcessExec) Type() string
func (*ProcessExec) UserName ¶
func (p *ProcessExec) UserName() string
type ProcessFork ¶
type ProcessFork struct { Common CommonAttributes ParentProcessId uint32 ProcessName string ProcessPath string CommandLine []string }
func GenerateProcessFork ¶
func GenerateProcessFork(pid uint32, ppid uint32, userName string) *ProcessFork
func (*ProcessFork) Format ¶
func (p *ProcessFork) Format() string
func (*ProcessFork) MachineName ¶
func (p *ProcessFork) MachineName() string
func (*ProcessFork) ProcessId ¶
func (p *ProcessFork) ProcessId() uint32
func (*ProcessFork) SetTimestamp ¶
func (p *ProcessFork) SetTimestamp(ts time.Time)
func (*ProcessFork) Timestamp ¶
func (p *ProcessFork) Timestamp() time.Time
func (*ProcessFork) Type ¶
func (p *ProcessFork) Type() string
func (*ProcessFork) UserName ¶
func (p *ProcessFork) UserName() string
Click to show internal directories.
Click to hide internal directories.