logcompiler

package

v0.2.1 Latest Latest Go to latest Published: Oct 22, 2020 License: AGPL-3.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/D4-project/analyzer-d4-log

Links

Open Source Insights

Documentation ¶

Index ¶

type Compiler
type CompilerStruct
- func (s *CompilerStruct) Set(wg *sync.WaitGroup, rconn0 *redis.Conn, rconn1 *redis.Conn, reader io.Reader, ...)
- func (s *CompilerStruct) SetReader(reader io.Reader)
type GrokedSSHD
type MISP_auth_failure_sshd_username
type SSHDCompiler

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Compiler ¶

type Compiler interface {
	Set(*sync.WaitGroup, *redis.Conn, *redis.Conn, io.Reader, int, *sync.WaitGroup, *chan error, time.Duration)
	SetReader(io.Reader)
	Pull(chan error)
	Flush() error
	MISPexport() error
}

Compiler provides the interface for a Compiler It should provide:

Set to assign a redis connection to it
Parse to parse a line of log
Flush recomputes statistics and recompile output

type CompilerStruct ¶

type CompilerStruct struct {
	// contains filtered or unexported fields
}

CompilerStruct will implements Compiler, and should be embedded in each type implementing compiler

func (*CompilerStruct) Set ¶

func (s *CompilerStruct) Set(wg *sync.WaitGroup, rconn0 *redis.Conn, rconn1 *redis.Conn, reader io.Reader, ct int, compilegr *sync.WaitGroup, c *chan error, retry time.Duration)

Set set the redis connections to this compiler

func (*CompilerStruct) SetReader ¶

func (s *CompilerStruct) SetReader(reader io.Reader)

SetReader Changes compiler's input

type GrokedSSHD ¶

type GrokedSSHD struct {
	SSHMessage      string `json:"ssh_message"`
	SyslogPid       string `json:"syslog_pid"`
	SyslogHostname  string `json:"syslog_hostname"`
	SyslogTimestamp string `json:"syslog_timestamp"`
	SshdClientIP    string `json:"sshd_client_ip"`
	SyslogProgram   string `json:"syslog_program"`
	SshdInvalidUser string `json:"sshd_invalid_user"`
}

GrokedSSHD map JSON fields to Go struct

type MISP_auth_failure_sshd_username ¶

type MISP_auth_failure_sshd_username struct {
	Name        string `json:"name"`
	Mtype       string `json:"type"`
	Username    string `json:"username,omitempty"`
	Destination string `json:"ip-dst,omitempty"`
	Source      string `json:"ip-src,omitempty"`
	Total       string `json:"total"`
}

type SSHDCompiler ¶

type SSHDCompiler struct {
	CompilerStruct
}

SSHDCompiler Holds a struct that corresponds to a sshd groked line and the redis connections

func (*SSHDCompiler) Flush ¶

func (s *SSHDCompiler) Flush() error

Flush recomputes statistics and recompile HTML output TODO : review after refacto

func (*SSHDCompiler) MISPexport ¶

func (s *SSHDCompiler) MISPexport() error

func (*SSHDCompiler) Pull ¶

func (s *SSHDCompiler) Pull(c chan error)

Pull pulls a line of groked sshd logline from redis

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL