resources

package

v0.0.0-...-b23332f Latest Latest Go to latest Published: Mar 25, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/IBM/ibm-auditlogging-operator

Documentation ¶

Index ¶

Constants
Variables
func BuildAuditService(instanceName string, namespace string) *corev1.Service
func BuildCertsForAuditLogging(namespace string, issuer string, name string) *certmgr.Certificate
func BuildConfigMap(instance *operatorv1alpha1.AuditLogging, name string, namespace string) (*corev1.ConfigMap, error)
func BuildDaemonForFluentd(instance *operatorv1alpha1.AuditLogging, namespace string) *appsv1.DaemonSet
func BuildDeploymentForFluentd(instance *operatorv1.CommonAudit) *appsv1.Deployment
func BuildDeploymentForPolicyController(instance *operatorv1alpha1.AuditLogging, namespace string) *appsv1.Deployment
func BuildFluentdConfigMap(instance *operatorv1.CommonAudit, name string) (*corev1.ConfigMap, error)
func BuildGodIssuer(namespace string) *certmgr.Issuer
func BuildJobForAuditLogging(instance *operatorv1alpha1.AuditLogging, namespace string) *batchv1.Job
func BuildRootCACert(namespace string) *certmgr.Certificate
func BuildRootCAIssuer(namespace string) *certmgr.Issuer
func BuildSecret(instance *operatorv1.CommonAudit) *corev1.Secret
func BuildServiceAccount(namespace string) *corev1.ServiceAccount
func BuildWithSIEMConfigs(found *corev1.ConfigMap) (string, error)
func EqualCerts(expected *certmgr.Certificate, found *certmgr.Certificate) bool
func EqualConfig(found *corev1.ConfigMap, expected *corev1.ConfigMap, key string) bool
func EqualContainers(expected corev1.Container, found corev1.Container, allowModify bool) bool
func EqualDaemonSets(expected *appsv1.DaemonSet, found *appsv1.DaemonSet) bool
func EqualDeployments(expected *appsv1.Deployment, found *appsv1.Deployment, allowModify bool) bool
func EqualIssuers(expected *certmgr.Issuer, found *certmgr.Issuer) bool
func EqualMatchTags(found *corev1.ConfigMap) bool
func EqualPods(expected corev1.PodTemplateSpec, found corev1.PodTemplateSpec, ...) bool
func EqualRoleBindings(expected *rbacv1.RoleBinding, found *rbacv1.RoleBinding) bool
func EqualRoles(expected *rbacv1.Role, found *rbacv1.Role) bool
func EqualSIEMConfig(instance *operatorv1.CommonAudit, found *corev1.ConfigMap) (bool, bool)
func EqualServices(expected *corev1.Service, found *corev1.Service) bool
func EqualSourceConfig(expected *corev1.ConfigMap, found *corev1.ConfigMap) (bool, []string)
func UpdateMatchTags(found *corev1.ConfigMap) string
func UpdateSIEMConfig(instance *operatorv1.CommonAudit, found *corev1.ConfigMap) string
type Data
type DataQRadar
type DataS
type DataSplunk

Constants ¶

View Source

const AuditLoggingCertName = "fluentd"

View Source

const AuditLoggingClientCertSecName = "audit-certs"

View Source

const AuditLoggingHTTPSCertName = "fluentd-https"

View Source

const AuditLoggingServerCertSecName = "audit-server-certs"

View Source

const AuditPolicyControllerDeploy = "audit-policy-controller"

AuditPolicyControllerDeploy is the name of the audit-policy-controller deployment

View Source

const AuditPolicyServiceAccount = "ibm-audit-policy-controller"

AuditPolicyServiceAccount defines the name of the policy controller ServiceAccount

View Source

const ConfigName = "config"

ConfigName defines the name of the config configmap

View Source

const DefaultIssuer = "cs-ca-issuer"

View Source

const EnableAuditLogForwardKey = "ENABLE_AUDIT_LOGGING_FORWARDING"

EnableAuditLogForwardKey defines the key in the source config map for turning audit on or off

View Source

const FluentdConfigKey = "fluent.conf"

FluentdConfigKey defines the key for the config configmap

View Source

const FluentdConfigName = "main-config"

FluentdConfigName defines the name of the volume for the config configmap

View Source

const FluentdDaemonSetName = "audit-logging-fluentd-ds"

FluentdDaemonSetName is the name of the fluentd daemonset name

View Source

const FluentdDeploymentName = "audit-logging-fluentd"

FluentdDeploymentName is the name of the fluentd deployment

View Source

const GodIssuer = "audit-god-issuer"

View Source

const HTTPIngestName = "http-ingesturl"

HTTPIngestName defines the name of the http-ingesturl configmap

View Source

const HTTPIngestURLKey = "AuditLoggingHttpIngestURL"

HTTPIngestURLKey defines the Http endpoint

View Source

const JobName = "audit-logging-cleanup"

View Source

const OperandServiceAccount = "ibm-auditlogging-operand"

OperandServiceAccount defines the name of the operands' ServiceAccount

View Source

const OutputPluginMatches = "icp-audit icp-audit.** syslog syslog.**"

OutputPluginMatches defines the match tags for Splunk and QRadar outputs

View Source

const QRadarConfigKey = "remoteSyslog.conf"

QRadarConfigKey defines the key for the remote-syslog-config configmap

View Source

const QRadarConfigName = "remote-syslog-config"

QRadarConfigName defines the name of the remote-syslog-config configmap

View Source

const RoleBindingPostfix = "-rolebinding"

View Source

const RolePostfix = "-role"

View Source

const RootCert = "audit-root-ca-cert"

View Source

const RootIssuer = "audit-root-ca-issuer"

View Source

const SourceConfigKey = "source.conf"

SourceConfigKey defines the key for the source-config configmap

View Source

const SourceConfigName = "source-config"

SourceConfigName defines the name of the source-config configmap

View Source

const SplunkConfigKey = "splunkHEC.conf"

SplunkConfigKey defines the key for the splunk-hec-config configmap

View Source

const SplunkConfigName = "splunk-hec-config"

SplunkConfigName defines the name of the splunk-hec-config configmap

View Source

const SyslogIngestURLKey = "AuditLoggingSyslogIngestURL"

SyslogIngestURLKey defines the Http endpoint

Variables ¶

View Source

var FluentdConfigMaps = []string{
	FluentdDaemonSetName + "-" + ConfigName,
	FluentdDaemonSetName + "-" + SourceConfigName,
	FluentdDaemonSetName + "-" + SplunkConfigName,
	FluentdDaemonSetName + "-" + QRadarConfigName,
	FluentdDaemonSetName + "-" + HTTPIngestName,
}

FluentdConfigMaps defines the names of the fluentd configmaps

View Source

var Protocols = map[bool]string{
	// contains filtered or unexported fields
}

View Source

var QradarPlugin = `@include /fluentd/etc/remoteSyslog.conf`

View Source

var RegexHecHost = regexp.MustCompile(hecHost + `.*`)

View Source

var RegexHecPort = regexp.MustCompile(hecPort + `.*`)

View Source

var RegexHecToken = regexp.MustCompile(hecToken + `.*`)

View Source

var RegexHost = regexp.MustCompile(host + `.*`)

View Source

var RegexHostname = regexp.MustCompile(hostname + `.*`)

View Source

var RegexPort = regexp.MustCompile(port + `.*`)

View Source

var RegexProtocol = regexp.MustCompile(protocol + `.*`)

View Source

var RegexTLS = regexp.MustCompile(tls + `.*`)

View Source

var SplunkPlugin = `@include /fluentd/etc/splunkHEC.conf`

Functions ¶

func BuildAuditService ¶

func BuildAuditService(instanceName string, namespace string) *corev1.Service

BuildAuditService returns a Service object

func BuildCertsForAuditLogging ¶

func BuildCertsForAuditLogging(namespace string, issuer string, name string) *certmgr.Certificate

BuildCertsForAuditLogging returns a Certificate object

func BuildConfigMap ¶

func BuildConfigMap(instance *operatorv1alpha1.AuditLogging, name string, namespace string) (*corev1.ConfigMap, error)

BuildConfigMap returns a ConfigMap object

func BuildDaemonForFluentd ¶

func BuildDaemonForFluentd(instance *operatorv1alpha1.AuditLogging, namespace string) *appsv1.DaemonSet

BuildDaemonForFluentd returns a Daemonset object

func BuildDeploymentForFluentd ¶

func BuildDeploymentForFluentd(instance *operatorv1.CommonAudit) *appsv1.Deployment

BuildDeploymentForFluentd returns a Deployment object

func BuildDeploymentForPolicyController ¶

func BuildDeploymentForPolicyController(instance *operatorv1alpha1.AuditLogging, namespace string) *appsv1.Deployment

BuildDeploymentForPolicyController returns a Deployment object

func BuildFluentdConfigMap ¶

func BuildFluentdConfigMap(instance *operatorv1.CommonAudit, name string) (*corev1.ConfigMap, error)

BuildFluentdConfigMap returns a ConfigMap object

func BuildGodIssuer ¶

func BuildGodIssuer(namespace string) *certmgr.Issuer

BuildGodIssuer returns an Issuer object

func BuildJobForAuditLogging ¶

func BuildJobForAuditLogging(instance *operatorv1alpha1.AuditLogging, namespace string) *batchv1.Job

func BuildRootCACert ¶

func BuildRootCACert(namespace string) *certmgr.Certificate

BuildRootCACert returns a Certificate object

func BuildRootCAIssuer ¶

func BuildRootCAIssuer(namespace string) *certmgr.Issuer

BuildRootCAIssuer returns an Issuer object

func BuildSecret ¶

func BuildSecret(instance *operatorv1.CommonAudit) *corev1.Secret

BuildSecret returns a Secret object

func BuildServiceAccount ¶

func BuildServiceAccount(namespace string) *corev1.ServiceAccount

BuildServiceAccount returns a ServiceAccoutn object

func BuildWithSIEMConfigs ¶

func BuildWithSIEMConfigs(found *corev1.ConfigMap) (string, error)

BuildWithSIEMConfigs returns a String and an Error

func EqualCerts ¶

func EqualCerts(expected *certmgr.Certificate, found *certmgr.Certificate) bool

EqualCerts returns a Boolean

func EqualConfig ¶

func EqualConfig(found *corev1.ConfigMap, expected *corev1.ConfigMap, key string) bool

EqualConfig returns a Boolean

func EqualContainers ¶

func EqualContainers(expected corev1.Container, found corev1.Container, allowModify bool) bool

EqualContainers returns a Boolean

func EqualDaemonSets ¶

func EqualDaemonSets(expected *appsv1.DaemonSet, found *appsv1.DaemonSet) bool

EqualDaemonSets returns a Boolean

func EqualDeployments ¶

func EqualDeployments(expected *appsv1.Deployment, found *appsv1.Deployment, allowModify bool) bool

EqualDeployments returns a Boolean

func EqualIssuers ¶

func EqualIssuers(expected *certmgr.Issuer, found *certmgr.Issuer) bool

EqualIssuers returns a boolean

func EqualMatchTags ¶

func EqualMatchTags(found *corev1.ConfigMap) bool

EqualMatchTags returns a Boolean

func EqualPods ¶

func EqualPods(expected corev1.PodTemplateSpec, found corev1.PodTemplateSpec, allowModify bool) bool

EqualPods returns a Boolean

func EqualRoleBindings ¶

func EqualRoleBindings(expected *rbacv1.RoleBinding, found *rbacv1.RoleBinding) bool

EqualRoleBindings returns a Boolean

func EqualRoles ¶

func EqualRoles(expected *rbacv1.Role, found *rbacv1.Role) bool

EqualRoles returns a Boolean

func EqualSIEMConfig ¶

func EqualSIEMConfig(instance *operatorv1.CommonAudit, found *corev1.ConfigMap) (bool, bool)

EqualSIEMConfig returns a Boolean

func EqualServices ¶

func EqualServices(expected *corev1.Service, found *corev1.Service) bool

EqualServices returns a Boolean

func EqualSourceConfig ¶

func EqualSourceConfig(expected *corev1.ConfigMap, found *corev1.ConfigMap) (bool, []string)

EqualSourceConfig returns a Boolean and a String slice

func UpdateMatchTags ¶

func UpdateMatchTags(found *corev1.ConfigMap) string

UpdateMatchTags returns a String

func UpdateSIEMConfig ¶

func UpdateSIEMConfig(instance *operatorv1.CommonAudit, found *corev1.ConfigMap) string

UpdateSIEMConfig returns a String

Types ¶

type Data ¶

type Data struct {
	Value string `yaml:"fluent.conf"`
}

type DataQRadar ¶

type DataQRadar struct {
	Value string `yaml:"remoteSyslog.conf"`
}

DataQRadar defines the struct for remote-syslog-config

type DataS ¶

type DataS struct {
	Value string `yaml:"source.conf"`
}

type DataSplunk ¶

type DataSplunk struct {
	Value string `yaml:"splunkHEC.conf"`
}

DataSplunk defines the struct for splunk-hec-config

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL