Documentation ¶
Index ¶
- Variables
- func Main(urlStr string, showData bool, showAll bool, limit int, processes int, ...) error
- type Adapter
- type DataStoreAdapter
- type ElasticsearchAdapter
- func (a ElasticsearchAdapter) FetchTableData(table table, limit int) (*tableData, error)
- func (a ElasticsearchAdapter) FetchTables() ([]table, error)
- func (a *ElasticsearchAdapter) Init(urlStr string) error
- func (a *ElasticsearchAdapter) RowName() string
- func (a *ElasticsearchAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
- func (a *ElasticsearchAdapter) TableName() string
- type FileAdapter
- type Formatter
- type JSONFormatter
- type LocalFileAdapter
- func (a LocalFileAdapter) FetchFiles() ([]string, error)
- func (a LocalFileAdapter) FindFileMatches(filename string, matchFinder *MatchFinder) error
- func (a *LocalFileAdapter) Init(url string) error
- func (a *LocalFileAdapter) ObjectName() string
- func (a *LocalFileAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
- type MatchConfig
- type MatchFinder
- type MatchLine
- type MongodbAdapter
- func (a MongodbAdapter) FetchTableData(table table, limit int) (*tableData, error)
- func (a MongodbAdapter) FetchTables() ([]table, error)
- func (a *MongodbAdapter) Init(urlStr string) error
- func (a *MongodbAdapter) RowName() string
- func (a *MongodbAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
- func (a *MongodbAdapter) TableName() string
- type RedisAdapter
- func (a RedisAdapter) FetchTableData(table table, limit int) (*tableData, error)
- func (a RedisAdapter) FetchTables() ([]table, error)
- func (a *RedisAdapter) Init(urlStr string) error
- func (a *RedisAdapter) RowName() string
- func (a *RedisAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
- func (a *RedisAdapter) TableName() string
- type S3Adapter
- type ScanOpts
- type SqlAdapter
- func (a SqlAdapter) FetchTableData(table table, limit int) (*tableData, error)
- func (a SqlAdapter) FetchTables() ([]table, error)
- func (a *SqlAdapter) Init(url string) error
- func (a *SqlAdapter) RowName() string
- func (a *SqlAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
- func (a *SqlAdapter) TableName() string
- type TextFormatter
Constants ¶
This section is empty.
Variables ¶
View Source
var Formatters = map[string]Formatter{ "text": TextFormatter{}, "ndjson": JSONFormatter{}, }
Formatters holds available formatters
Functions ¶
Types ¶
type DataStoreAdapter ¶
type ElasticsearchAdapter ¶
type ElasticsearchAdapter struct { DB *elasticsearch.Client // contains filtered or unexported fields }
func (ElasticsearchAdapter) FetchTableData ¶
func (a ElasticsearchAdapter) FetchTableData(table table, limit int) (*tableData, error)
func (ElasticsearchAdapter) FetchTables ¶
func (a ElasticsearchAdapter) FetchTables() ([]table, error)
func (*ElasticsearchAdapter) Init ¶
func (a *ElasticsearchAdapter) Init(urlStr string) error
func (*ElasticsearchAdapter) RowName ¶
func (a *ElasticsearchAdapter) RowName() string
func (*ElasticsearchAdapter) Scan ¶
func (a *ElasticsearchAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
func (*ElasticsearchAdapter) TableName ¶
func (a *ElasticsearchAdapter) TableName() string
type FileAdapter ¶
type Formatter ¶
type Formatter interface { // PrintMatch formats and prints the match to `writer`. PrintMatch(writer io.Writer, match matchInfo) error }
Format defines the interface used to deliver results to the end user.
type JSONFormatter ¶
type JSONFormatter struct{}
JSONFormatter prints the result as a JSON object.
func (JSONFormatter) PrintMatch ¶
func (f JSONFormatter) PrintMatch(writer io.Writer, match matchInfo) error
type LocalFileAdapter ¶
type LocalFileAdapter struct {
// contains filtered or unexported fields
}
func (LocalFileAdapter) FetchFiles ¶
func (a LocalFileAdapter) FetchFiles() ([]string, error)
func (LocalFileAdapter) FindFileMatches ¶
func (a LocalFileAdapter) FindFileMatches(filename string, matchFinder *MatchFinder) error
TODO read metadata for certain file types
func (*LocalFileAdapter) Init ¶
func (a *LocalFileAdapter) Init(url string) error
func (*LocalFileAdapter) ObjectName ¶
func (a *LocalFileAdapter) ObjectName() string
func (*LocalFileAdapter) Scan ¶
func (a *LocalFileAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
type MatchConfig ¶
type MatchConfig struct { RegexRules []regexRule NameRules []nameRule MultiNameRules []multiNameRule TokenRules []tokenRule MinCount int }
func NewMatchConfig ¶
func NewMatchConfig() MatchConfig
type MatchFinder ¶
type MatchFinder struct { MatchedValues [][]MatchLine TokenValues [][]MatchLine Count int // contains filtered or unexported fields }
func NewMatchFinder ¶
func NewMatchFinder(matchConfig *MatchConfig) MatchFinder
func (*MatchFinder) CheckMatches ¶
func (a *MatchFinder) CheckMatches(colIdentifier string, onlyValues bool) []ruleMatch
func (*MatchFinder) CheckTableData ¶
func (a *MatchFinder) CheckTableData(table table, tableData *tableData) []ruleMatch
func (*MatchFinder) Clear ¶
func (a *MatchFinder) Clear()
func (*MatchFinder) Scan ¶
func (a *MatchFinder) Scan(v string, index int)
fast check for matches extract values and index in a later step if needed (if --show-data is passed)
func (*MatchFinder) ScanValues ¶
func (a *MatchFinder) ScanValues(values []string)
type MongodbAdapter ¶
func (MongodbAdapter) FetchTableData ¶
func (a MongodbAdapter) FetchTableData(table table, limit int) (*tableData, error)
func (MongodbAdapter) FetchTables ¶
func (a MongodbAdapter) FetchTables() ([]table, error)
func (*MongodbAdapter) Init ¶
func (a *MongodbAdapter) Init(urlStr string) error
func (*MongodbAdapter) RowName ¶
func (a *MongodbAdapter) RowName() string
func (*MongodbAdapter) Scan ¶
func (a *MongodbAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
func (*MongodbAdapter) TableName ¶
func (a *MongodbAdapter) TableName() string
type RedisAdapter ¶
type RedisAdapter struct {
DB *redis.Client
}
func (RedisAdapter) FetchTableData ¶
func (a RedisAdapter) FetchTableData(table table, limit int) (*tableData, error)
func (RedisAdapter) FetchTables ¶
func (a RedisAdapter) FetchTables() ([]table, error)
func (*RedisAdapter) Init ¶
func (a *RedisAdapter) Init(urlStr string) error
func (*RedisAdapter) RowName ¶
func (a *RedisAdapter) RowName() string
func (*RedisAdapter) Scan ¶
func (a *RedisAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
func (*RedisAdapter) TableName ¶
func (a *RedisAdapter) TableName() string
type S3Adapter ¶
type S3Adapter struct {
// contains filtered or unexported fields
}
func (S3Adapter) FetchFiles ¶
func (S3Adapter) FindFileMatches ¶
func (a S3Adapter) FindFileMatches(filename string, matchFinder *MatchFinder) error
func (*S3Adapter) ObjectName ¶
type SqlAdapter ¶
func (SqlAdapter) FetchTableData ¶
func (a SqlAdapter) FetchTableData(table table, limit int) (*tableData, error)
func (SqlAdapter) FetchTables ¶
func (a SqlAdapter) FetchTables() ([]table, error)
func (*SqlAdapter) Init ¶
func (a *SqlAdapter) Init(url string) error
func (*SqlAdapter) RowName ¶
func (a *SqlAdapter) RowName() string
func (*SqlAdapter) Scan ¶
func (a *SqlAdapter) Scan(scanOpts ScanOpts) ([]ruleMatch, error)
func (*SqlAdapter) TableName ¶
func (a *SqlAdapter) TableName() string
type TextFormatter ¶
type TextFormatter struct{}
TextFormatter prints the result as human readable text.
func (TextFormatter) PrintMatch ¶
func (f TextFormatter) PrintMatch(writer io.Writer, match matchInfo) error
Click to show internal directories.
Click to hide internal directories.