Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Rules ¶
type Rules []struct {
Name string `yaml:"name"`
Description string `yaml:"description"`
ExtraInfo string `yaml:"extra_info"`
EventType string `yaml:"event_type"`
Query string `yaml:"query"`
Actions []string `yaml:"actions"`
IndicatorType string `yaml:"indicator_type"`
Score int `yaml:"score"`
// contains filtered or unexported fields
}
Rules are user defined rules loaded at run time from a yaml file
type RulesEngine ¶
type RulesEngine struct {
Out chan models.Event
Rules Rules
// contains filtered or unexported fields
}
RulesEngine stores engine state
func NewDynamicRulesEngine ¶
func NewDynamicRulesEngine(ctx context.Context) RulesEngine
NewDynamicRulesEngine returns engine with configs loaded
func (*RulesEngine) AnalyzeFromPipeline ¶
func (engine *RulesEngine) AnalyzeFromPipeline(in chan models.Event)
AnalyzeFromPipeline initiates the engine on the pipeline
Source Files
Click to show internal directories.
Click to hide internal directories.