Documentation ¶
Index ¶
- type AWSBucketJob
- type AWSBucketJobParams
- type AWSCloudWatchJob
- type AWSCloudWatchJobParams
- type Client
- func (client *Client) Authenticate() error
- func (client *Client) CreateAWSBucketJob(j *AWSBucketJob) error
- func (client *Client) CreateAWSCloudWatchJob(j *AWSCloudWatchJob) error
- func (client *Client) CreateSensorKey() (*SensorKey, error)
- func (client *Client) CreateSensorViaAppliance(ctx context.Context, sensor *Sensor, ip net.IP) error
- func (client *Client) DeleteAWSBucketJob(j *AWSBucketJob) error
- func (client *Client) DeleteAWSCloudWatchJob(j *AWSCloudWatchJob) error
- func (client *Client) DeleteSensor(sensor *Sensor) error
- func (client *Client) DeleteSensorKey(key *SensorKey) error
- func (client *Client) GetAWSBucketJob(uuid string) (*AWSBucketJob, error)
- func (client *Client) GetAWSBucketJobs() ([]AWSBucketJob, error)
- func (client *Client) GetAWSCloudWatchJob(uuid string) (*AWSCloudWatchJob, error)
- func (client *Client) GetAWSCloudWatchJobs() ([]AWSCloudWatchJob, error)
- func (client *Client) GetLicense() (*License, error)
- func (client *Client) GetSensor(id string) (*Sensor, error)
- func (client *Client) GetSensorKey(id string) (*SensorKey, error)
- func (client *Client) GetSensorKeys() ([]SensorKey, error)
- func (client *Client) GetSensors() ([]Sensor, error)
- func (client *Client) HasSensorAvailability() (bool, error)
- func (client *Client) HasSensorKeyAvailability() (bool, error)
- func (client *Client) UpdateAWSBucketJob(j *AWSBucketJob) error
- func (client *Client) UpdateAWSCloudWatchJob(j *AWSCloudWatchJob) error
- func (client *Client) UpdateSensor(sensor *Sensor) error
- type Credentials
- type JobAction
- type JobApplication
- type JobSchedule
- type JobSourceFormat
- type JobType
- type License
- type Sensor
- type SensorKey
- type SensorSetupStatus
- type SensorStatus
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AWSBucketJob ¶
type AWSBucketJob struct { Params AWSBucketJobParams `json:"params"` // Params allows you to dictate which bucket and path to use for the job, and specify which plugin should be used to process the logs. // contains filtered or unexported fields }
AWSBucketJob is a scheduled job for retrieving logs from an S3 bucket
type AWSBucketJobParams ¶
type AWSBucketJobParams struct { BucketName string `json:"bucketName"` // The name of the bucket to use when retrieving logs for this job Path string `json:"path"` // The path to use when looking for logs in the specified bucket // contains filtered or unexported fields }
AWSBucketJobParams are parameters for an AWSBucketJob
type AWSCloudWatchJob ¶
type AWSCloudWatchJob struct { Params AWSCloudWatchJobParams `json:"params"` // Params allows you to specify which region/group/stream you wish to retrieve logs from, and which plugin should be used to process those logs // contains filtered or unexported fields }
AWSCloudWatchJob is a job which retrieves logs from cloudwatch groups(s)/stream(s)
type AWSCloudWatchJobParams ¶
type AWSCloudWatchJobParams struct { Region string `json:"regionName"` // The region to use when retrieving logs from cloudwatch Group string `json:"groupName"` // The group to use when retrieving logs from cloudwatch Stream string `json:"streamName"` // The stream to use when retrieving logs from cloudwatch // contains filtered or unexported fields }
AWSCloudWatchJobParams allows you to specify cloudwatch job parameters
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is an API client for interacting with AlienVault USM Anywhere
func New ¶
func New(fqdn string, creds Credentials, skipTLSVerification bool, version int) *Client
New creates a new client using the provided FQDN and credentials
func (*Client) Authenticate ¶
Authenticate gives the client a session to use in subsequent calls.
func (*Client) CreateAWSBucketJob ¶
func (client *Client) CreateAWSBucketJob(j *AWSBucketJob) error
CreateAWSBucketJob creates a new bucket job
func (*Client) CreateAWSCloudWatchJob ¶
func (client *Client) CreateAWSCloudWatchJob(j *AWSCloudWatchJob) error
CreateAWSCloudWatchJob creates a new AWS cloudwatch job
func (*Client) CreateSensorKey ¶
CreateSensorKey will create a new key used to activate a sensor. However, if the useExisting option is used, and an unused key already exists, this will be returned instead.
func (*Client) CreateSensorViaAppliance ¶
func (client *Client) CreateSensorViaAppliance(ctx context.Context, sensor *Sensor, ip net.IP) error
CreateSensorViaAppliance creates a new sensor via the sensor appliance referenced by the provided IP address
func (*Client) DeleteAWSBucketJob ¶
func (client *Client) DeleteAWSBucketJob(j *AWSBucketJob) error
DeleteAWSBucketJob deletes a bucket job
func (*Client) DeleteAWSCloudWatchJob ¶
func (client *Client) DeleteAWSCloudWatchJob(j *AWSCloudWatchJob) error
DeleteAWSCloudWatchJob deletes an existing AWS cloudwatch job
func (*Client) DeleteSensor ¶
DeleteSensor deletes an existing sensor
func (*Client) DeleteSensorKey ¶
DeleteSensorKey deletes a particular sensor key as identified by the supplied id
func (*Client) GetAWSBucketJob ¶
func (client *Client) GetAWSBucketJob(uuid string) (*AWSBucketJob, error)
GetAWSBucketJob returns a particular *AWSBucketJob as identified by the UUID parameter
func (*Client) GetAWSBucketJobs ¶
func (client *Client) GetAWSBucketJobs() ([]AWSBucketJob, error)
GetAWSBucketJobs returns a slice of all AWS Bucket jobs
func (*Client) GetAWSCloudWatchJob ¶
func (client *Client) GetAWSCloudWatchJob(uuid string) (*AWSCloudWatchJob, error)
GetAWSCloudWatchJob returns a particular *AWSCloudWatchJob as identified by the UUID parameter
func (*Client) GetAWSCloudWatchJobs ¶
func (client *Client) GetAWSCloudWatchJobs() ([]AWSCloudWatchJob, error)
GetAWSCloudWatchJobs returns all AWS CloudWatch jobs
func (*Client) GetLicense ¶
GetLicense returns the license in use by the current account
func (*Client) GetSensorKey ¶
GetSensorKey returns a particular sensor key identified by the supplied id
func (*Client) GetSensorKeys ¶
GetSensorKeys returns a list of all sensor keys on the account
func (*Client) GetSensors ¶
GetSensors returns a list of all sensors
func (*Client) HasSensorAvailability ¶
HasSensorAvailability tells us whether we have room to create new sensors using the current license
func (*Client) HasSensorKeyAvailability ¶
HasSensorKeyAvailability tells us whether we have room to create new sensor keys using the current license
func (*Client) UpdateAWSBucketJob ¶
func (client *Client) UpdateAWSBucketJob(j *AWSBucketJob) error
UpdateAWSBucketJob updates an AWS bucket job
func (*Client) UpdateAWSCloudWatchJob ¶
func (client *Client) UpdateAWSCloudWatchJob(j *AWSCloudWatchJob) error
UpdateAWSCloudWatchJob updates an existing AWS cloudwatch job
func (*Client) UpdateSensor ¶
UpdateSensor updates an existing sensor
type Credentials ¶
Credentials contain a username and password for accessing the AV USM system
type JobAction ¶
type JobAction string
JobAction is the action to take when running this job, such as checking a bucket for log files (alienvault.JobActionMonitorBucket)
type JobApplication ¶
type JobApplication string
JobApplication is the application associated with the job. Currently we support alienvault.JobApplicationAWS, which is Amazon AWS
const ( // JobApplicationAWS Amazon AWS JobApplicationAWS JobApplication = "amazon-aws" )
type JobSchedule ¶
type JobSchedule string
JobSchedule is a cron-like syntax which describes when to run the scheduled job. Constants are available to simplify this, such as alienvault.JobScheduleHourly
const ( // JobScheduleHourly will run every hour at :02 JobScheduleHourly JobSchedule = "0 2 0/1 1/1 * ? *" // JobScheduleDaily will run daily at 00:02 JobScheduleDaily JobSchedule = "0 2 0 1/1 * ? *" )
type JobSourceFormat ¶
type JobSourceFormat string
JobSourceFormat is the format which the log files are in - alienvault.JobSourceFormatRaw or alienvault.JobSourceFormatSyslog
const ( // JobSourceFormatRaw describes raw log files JobSourceFormatRaw JobSourceFormat = "raw" // JobSourceFormatSyslog describes log files in syslog format JobSourceFormatSyslog JobSourceFormat = "syslog" )
type JobType ¶
type JobType string
JobType is the type of job, such as alienvault.JobTypeCollection for collecting log files
const ( // JobTypeCollection is a job type which collects log files from a given source JobTypeCollection JobType = "collection" )
type License ¶
type License struct { ControlNodeLimit int `json:"controlNodesAllowed"` SensorNodeLimit int `json:"sensorNodesAllowed"` MonthlyStorageKB int64 `json:"monthlyKBStorage"` Expiration int64 `json:"expiration"` }
License is an AV license subscription
type Sensor ¶
type Sensor struct { // Annoyingly, AV have two fields ID and UUID which both appear to be a primary key - UUID is used in v1 calls, ID in v2 V1ID string `json:"uuid,omitempty"` V2ID string `json:"id,omitempty"` Name string `json:"name"` Description string `json:"description"` ActivationCode string `json:"activation_code"` Status SensorStatus `json:"status"` SetupStatus SensorSetupStatus `json:"setupStatus"` }
Sensor is a machine which gathers event data from your infrastrcture and absorbs it into the AV system
type SensorKey ¶
type SensorKey struct { ID string `json:"id"` Consumed bool CreatedAt int `json:"createdAt"` ExpiresAt int `json:"expires"` NodeID *string `json:"nodeId"` }
SensorKey is a key used to activate a sensor. The ID is traditionally used as an auth code to activate a sensor using the web UI.
type SensorSetupStatus ¶
type SensorSetupStatus string
SensorSetupStatus refers to whether or not the sensor has had it's configuration finalised
const ( // SensorSetupStatusComplete indicates sensor has had it's configuration finalised SensorSetupStatusComplete SensorSetupStatus = "Complete" )
type SensorStatus ¶
type SensorStatus string
SensorStatus refers to whether or not the sensor is ready for jobs. "Ready" indicates that this is so.
const ( // SensorStatusReady indicates sensor is ready for configuration SensorStatusReady SensorStatus = "Ready" // SensorStatusConnectionLost refers to a sensor configuration which has lost contact with the actual appliance, possibly becuse the appliance no longer exists. SensorStatusConnectionLost SensorStatus = "Connection lost" )