netcap: Index | Files | Directories

package netcap

import ""

This file was generated. Do not edit.


Package Files

netcap.go reader.go utils.go version.go writer.go


var (

    // BlockSize is the file system block size
    BlockSize int
var Version = "v0.4.1"

Netcap version.

func CloseFile Uses

func CloseFile(outDir string, file *os.File, typ string) (name string, size int64)

CloseFile closes the netcap file handle and removes files that do only contain a header but no audit records

func CloseGzipWriters Uses

func CloseGzipWriters(writers ...*gzip.Writer)

func Count Uses

func Count(filename string) (count int64)

Count returns the total number of records found in an audit record file

func CreateFile Uses

func CreateFile(name, ext string) *os.File

CreateFile is a wrapper to create new audit record file

func Dump Uses

func Dump(path string, separator string, tsv bool, structured bool, table bool, selection string, utc bool, fields bool)

Dump reads the specified netcap file and dumps the output according to the configuration to stdout

func FlushWriters Uses

func FlushWriters(writers ...flushableWriter)

func InitRecord Uses

func InitRecord(typ types.Type) (record proto.Message)

InitRecord initializes a new record of the given type that conforms to the proto.Message interface if netcap is extended with new audit records they need to be added here as well

func NewHeader Uses

func NewHeader(t types.Type, source, version string, includesPayloads bool) *types.Header

NewHeader creates and returns a new netcap audit file header

func PrintLogo()

PrintLogo prints the netcap logo

func RemoveAuditRecordFileIfEmpty Uses

func RemoveAuditRecordFileIfEmpty(name string) (size int64)

RemoveAuditRecordFileIfEmpty removes the audit record file if it does not contain audit records

type Reader Uses

type Reader struct {
    // contains filtered or unexported fields

Reader implements reading netcap files

func Open Uses

func Open(file string) (*Reader, error)

Open a file

func (*Reader) Close Uses

func (r *Reader) Close() error

Close the file

func (*Reader) Next Uses

func (r *Reader) Next(msg proto.Message) error

Next Message

func (*Reader) ReadHeader Uses

func (r *Reader) ReadHeader() *types.Header

ReadHeader reads the file header

type Writer Uses

type Writer struct {

    // Name of the associated audit record type
    Name string

    IsChanWriter bool
    // contains filtered or unexported fields

Writer supports writing audit records to disk

func NewWriter Uses

func NewWriter(name string, buffer, compress, csv bool, out string, writeChan bool) *Writer

NewWriter initializes and configures a new Writer

func (*Writer) Close Uses

func (w *Writer) Close() (name string, size int64)

func (*Writer) GetChan Uses

func (w *Writer) GetChan() <-chan []byte

GetChan returns a channel for receiving bytes

func (*Writer) IsCSV Uses

func (w *Writer) IsCSV() bool

func (*Writer) Write Uses

func (w *Writer) Write(msg proto.Message) error

func (*Writer) WriteCSV Uses

func (w *Writer) WriteCSV(msg proto.Message) (int, error)

WriteCSV writes a csv record

func (*Writer) WriteCSVHeader Uses

func (w *Writer) WriteCSVHeader(msg proto.Message) (int, error)

WriteCSVHeader writes a CSV record

func (*Writer) WriteHeader Uses

func (w *Writer) WriteHeader(t types.Type, source string, version string, includesPayloads bool) error

func (*Writer) WriteProto Uses

func (w *Writer) WriteProto(msg proto.Message) error

WriteProto writes a protobuf message


delimitedThis package implements a simple reader and writer for streams of length-delimited byte records Note: - Each record is written as a varint-encoded length in bytes, followed immediately by the record itself - a stream consists of a sequence of such records packed consecutively without additional padding - no checksums or compression are used

Package netcap imports 16 packages (graph) and is imported by 11 packages. Updated 2019-10-19. Refresh now. Tools for package owners.