models

package

v0.1.2 Latest Latest Go to latest Published: Aug 17, 2020 License: Apache-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mole-ids/mole

Links

Open Source Insights

Documentation ¶

Overview ¶

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index ¶

Constants
type AlertEvent
- func (alert AlertEvent) MarshalLogObject(enc zapcore.ObjectEncoder) error
type EveEvent
- func (eve *EveEvent) MarshalLogObject(enc zapcore.ObjectEncoder) error
type MatchArray
- func (ma MatchArray) MarshalLogArray(enc zapcore.ArrayEncoder) error
type MatchString
- func (ms MatchString) MarshalLogObject(enc zapcore.ObjectEncoder) error
type MetaMap
- func (meta MetaMap) MarshalLogObject(enc zapcore.ObjectEncoder) error
type MoleTime
type TagArray
- func (tags TagArray) MarshalLogArray(enc zapcore.ArrayEncoder) error

Constants ¶

View Source

const MoleTimestampFormat = "2006-01-02T15:04:05.999999-0700"

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AlertEvent ¶

type AlertEvent struct {
	Name string   `json:"name,omitempty"`
	ID   string   `json:"id,omitempty"`
	Tags TagArray `json:"tags,omitempty"`
	Meta MetaMap  `json:"meta,omitempty"`
}

func (AlertEvent) MarshalLogObject ¶

func (alert AlertEvent) MarshalLogObject(enc zapcore.ObjectEncoder) error

type EveEvent ¶

type EveEvent struct {
	Timestamp *MoleTime `json:"timestamp"`
	EventType string    `json:"event_type"`
	InIface   string    `json:"in_iface,omitempty"`
	SrcIP     string    `json:"src_ip,omitempty"`
	SrcPort   int       `json:"src_port,omitempty"`
	DstIP     string    `json:"dest_ip,omitempty"`
	DstPort   int       `json:"dest_port,omitempty"`
	Proto     string    `json:"proto,omitempty"`
	AppProto  string    `json:"app_proto,omitempty"`

	Alert   AlertEvent `json:"alert,omitempty"`
	Matches MatchArray `json:"matches,omitempty"`
}

EveEvent is the huge struct which can contain a parsed suricata eve.json log event.

func (*EveEvent) MarshalLogObject ¶

func (eve *EveEvent) MarshalLogObject(enc zapcore.ObjectEncoder) error

type MatchArray ¶

type MatchArray []MatchString

func (MatchArray) MarshalLogArray ¶

func (ma MatchArray) MarshalLogArray(enc zapcore.ArrayEncoder) error

type MatchString ¶

type MatchString struct {
	Name   string `json:"name,omitempty"`
	Base   uint64 `json:"base,omitempty"`
	Offset uint64 `json:"offset,omitempty"`
	Data   []byte `json:"data,omitempty"`
}

func (MatchString) MarshalLogObject ¶

func (ms MatchString) MarshalLogObject(enc zapcore.ObjectEncoder) error

type MetaMap ¶

type MetaMap map[string]interface{}

func (MetaMap) MarshalLogObject ¶

func (meta MetaMap) MarshalLogObject(enc zapcore.ObjectEncoder) error

type MoleTime ¶

type MoleTime struct{ time.Time }

func (*MoleTime) GetMoletime ¶

func (t *MoleTime) GetMoletime() string

func (*MoleTime) MarshalJSON ¶

func (t *MoleTime) MarshalJSON() ([]byte, error)

func (*MoleTime) UnmarshalJSON ¶

func (t *MoleTime) UnmarshalJSON(b []byte) error

type TagArray ¶

type TagArray []string

func (TagArray) MarshalLogArray ¶

func (tags TagArray) MarshalLogArray(enc zapcore.ArrayEncoder) error

Source Files ¶

View all Source files

mole.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL