gravwell

module
v3.8.31 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 3, 2024 License: BSD-2-Clause

README

Go Reference

Gravwell Open-Source Code

This repository contains open-sourced libraries and commands developed by Gravwell.

There are a selection of Gravwell-specific libraries and tools:

  • ingest/ contains the ingest library, which is used to connect to a Gravwell indexer and upload data.
  • ingesters/ contains the source code for Gravwell ingesters.
  • generators/ is a collection of tools that generate artificial data for testing Gravwell or any other log analytics system.
  • manager/ provides a very simple init command which we use in Docker containers.
  • chancacher/ implements a caching library we use for ingesters.

There are also a few libraries which may be of use outside Gravwell-specific applications:

  • filewatch/ is a library that can monitor files on the filesystem for changes; we use this in the FileFollow ingester.
  • timegrinder/ is a timestamp extraction library we use to extract timestamps from arbitrary data
  • ipexist/ contains a library for efficiently storing and checking for the existence of an IPv4 set with high density sets.
  • winevent/ is a library which can interact with the Windows Event subsystem to extract XML rendered events.

Directories

Path Synopsis
Package chancacher implements a pipeline of channels (in->out) that provides internal buffering (via a simple buffered channel), and caching data to disk.
 Package chancacher implements a pipeline of channels (in->out) that provides internal buffering (via a simple buffered channel), and caching data to disk.
Package client wraps the Gravwell REST API.
 Package client wraps the Gravwell REST API.
objlog
types
types/kits
Package kits provides tools for interacting with kit archives directly.
 Package kits provides tools for interacting with kit archives directly.
websocketRouter
Package filewatch implements advanced utilities for tracking file changes within directories.
 Package filewatch implements advanced utilities for tracking file changes within directories.
tools/stateImportExport
generators
base
************************************************************************
 ************************************************************************
gravwellGenerator
ipgen
windowsEventGenerator
attach
config
Package config provides a common base for Gravwell ingester config files.
 Package config provides a common base for Gravwell ingester config files.
config/validate
entry
log
log/rotate
processors
Package processors implements preprocessors for ingesters.
 Package processors implements preprocessors for ingesters.
processors/plugin
processors/tags
processors/test_data/plugins
ingesters
AzureEventHubs
GooglePubSubIngester
HttpIngester
IPMIIngester
KinesisIngester
MSGraphIngester
O365Ingester
PacketFleet
Shodan
SimpleRelay
args
base
canbus
collectd
diskmonitor
fileFollow
hackernews_ingester
kafka_consumer
massFile
multiFile
netflow
networkLog
pcapFileIngester
reddit_ingester
regexFile
reimport
s3Ingester
session
singleFile
snmp
sqsIngester
utils
utils/caps
version
winevents
xlsxIngester
textinput
Package timegrinder is a package for locating and parsing timestamps within arbitrary data.
 Package timegrinder is a package for locating and parsing timestamps within arbitrary data.
cmd
************************************************************************
 ************************************************************************
tools
export
plugintest
timetester
wineventlog
Package wineventlog provides access to the Windows Event Log API used in all versions of Windows since Vista (i.e.
 Package wineventlog provides access to the Windows Event Log API used in all versions of Windows since Vista (i.e.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.