Documentation ¶
Index ¶
- func MakeFeverAggregateInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, ...) error
- func MakeFjellskaalInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, ...) error
- func MakeGopassivednsInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, ...) error
- func MakePacketbeatInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, ...) error
- func MakeSuricataInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, ...) error
- type MakeObservationFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MakeFeverAggregateInputObservations ¶
func MakeFeverAggregateInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, stop chan bool) error
MakeFeverAggregateInputObservations is a MakeObservationFunc that accepts input in FEVER's JSON format.
func MakeFjellskaalInputObservations ¶
func MakeFjellskaalInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, stop chan bool) error
MakeFjellskaalInputObservations is a MakeObservationFunc that consumes input in the format as used by https://github.com/gamelinux/passivedns.
func MakeGopassivednsInputObservations ¶
func MakeGopassivednsInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, stop chan bool) error
MakeGopassivednsInputObservations is a MakeObservationFunc that accepts input in the format as generated by https://github.com/Phillipmartin/gopassivedns.
func MakePacketbeatInputObservations ¶
func MakePacketbeatInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, stop chan bool) error
MakePacketbeatInputObservations is a MakeObservationFunc that accepts a JSON format from Packetbeat via Logstash. See doc/packetbeat_config.txt for more information.
func MakeSuricataInputObservations ¶
func MakeSuricataInputObservations(inputJSON []byte, sensorID string, out chan observation.InputObservation, stop chan bool) error
MakeSuricataInputObservations is a MakeObservationFunc that accepts input in Suricata's EVE JSON format (DNS type version 1 and 2 are supported).
Types ¶
type MakeObservationFunc ¶
type MakeObservationFunc func([]byte, string, chan observation.InputObservation, chan bool) error
MakeObservationFunc is a function that accepts a byte array with input obtained from a feeder, a sensor ID, a channel for the generated InputObservations, and a channel to signal a stop.