Documentation ¶
Index ¶
- func CreateToken(apiKey string, apiSecret string) (string, error)
- func RespFromFixture(fixtureFile string) (*http.Response, error)
- func SlimStructAsJSONString[T iAPIType](objectToSlim T, keysToDelete []string) ([]byte, error)
- func ValidateConfig(config Config) (bool, error)
- type AlertRule
- type AlertRuleCategories
- type AlertRuleCategory
- type AlertRuleDestination
- type AlertRuleQuery
- type AlertRules
- type Asset
- type AssetCapabilities
- type AssetCloudInfo
- type AssetGroupRule
- type AssetGroupRules
- type AssetInterface
- type AssetTag
- type AssetTags
- type Assets
- type AtcQueries
- type AtcQuery
- type AuditConfiguration
- type AuditConfigurations
- type AuditEntry
- type AutoAlertConfig
- type BlockRule
- type BlockRules
- type BuilderConfig
- type BuilderConfigLite
- type Carve
- type Carves
- type City
- type Client
- func (c *Client) CreateAlertRule(alertRule AlertRule) (AlertRule, error)
- func (c *Client) CreateAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
- func (c *Client) CreateAsset(asset Asset) (Asset, error)
- func (c *Client) CreateAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
- func (c *Client) CreateAssetTag(assetTag AssetTag) (AssetTag, error)
- func (c *Client) CreateAtcQuery(atcQuery AtcQuery) (AtcQuery, error)
- func (c *Client) CreateBlockRule(blockRule BlockRule) (BlockRule, error)
- func (c *Client) CreateCarve(carve Carve) (Carve, error)
- func (c *Client) CreateComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
- func (c *Client) CreateCustomProfile(customProfile CustomProfile) (CustomProfile, error)
- func (c *Client) CreateDestination(destination Destination) (Destination, error)
- func (c *Client) CreateEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
- func (c *Client) CreateEventRule(eventRule EventRule) (EventRule, error)
- func (c *Client) CreateException(exception Exception) (Exception, error)
- func (c *Client) CreateFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
- func (c *Client) CreateFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
- func (c *Client) CreateLookupTable(lookupTable LookupTable) (LookupTable, error)
- func (c *Client) CreateLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) CreateQuery(query Query) (Query, error)
- func (c *Client) CreateQueryJob(queryJob QueryJob) (QueryJob, error)
- func (c *Client) CreateQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
- func (c *Client) CreateQuerypack(querypack Querypack) (Querypack, error)
- func (c *Client) CreateRegistryPath(registryPath RegistryPath) (RegistryPath, error)
- func (c *Client) CreateRole(role Role) (Role, error)
- func (c *Client) CreateTag(tag Tag) (Tag, error)
- func (c *Client) CreateTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
- func (c *Client) CreateTagRule(tagRule TagRule) (TagRule, error)
- func (c *Client) CreateUser(user User) (User, error)
- func (c *Client) CreateWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
- func (c *Client) CreateYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
- func (c *Client) DeleteAlertRule(alertRule AlertRule) (AlertRule, error)
- func (c *Client) DeleteAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
- func (c *Client) DeleteAsset(asset Asset) (Asset, error)
- func (c *Client) DeleteAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
- func (c *Client) DeleteAssetTag(assetTag AssetTag) (AssetTag, error)
- func (c *Client) DeleteAtcQuery(atcQuery AtcQuery) (AtcQuery, error)
- func (c *Client) DeleteBlockRule(blockRule BlockRule) (BlockRule, error)
- func (c *Client) DeleteCarve(carve Carve) (Carve, error)
- func (c *Client) DeleteComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
- func (c *Client) DeleteCustomProfile(customProfile CustomProfile) (CustomProfile, error)
- func (c *Client) DeleteDestination(destination Destination) (Destination, error)
- func (c *Client) DeleteEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
- func (c *Client) DeleteEventRule(eventRule EventRule) (EventRule, error)
- func (c *Client) DeleteException(exception Exception) (Exception, error)
- func (c *Client) DeleteFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
- func (c *Client) DeleteFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
- func (c *Client) DeleteLookupTable(lookupTable LookupTable) (LookupTable, error)
- func (c *Client) DeleteLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) DeleteQuery(query Query) (Query, error)
- func (c *Client) DeleteQueryJob(queryJob QueryJob) (QueryJob, error)
- func (c *Client) DeleteQueryJobResult(queryJobResult QueryJobResult) (QueryJobResult, error)
- func (c *Client) DeleteQuerypack(querypack Querypack) (Querypack, error)
- func (c *Client) DeleteRegistryPath(registryPath RegistryPath) (RegistryPath, error)
- func (c *Client) DeleteRole(role Role) (Role, error)
- func (c *Client) DeleteTag(tag Tag) (Tag, error)
- func (c *Client) DeleteTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
- func (c *Client) DeleteTagRule(tagRule TagRule) (TagRule, error)
- func (c *Client) DeleteUser(user User) (User, error)
- func (c *Client) DeleteWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
- func (c *Client) DeleteYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
- func (c *Client) FindLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) GetAlertRule(alertRule AlertRule) (AlertRule, error)
- func (c *Client) GetAlertRuleCategories() (AlertRuleCategories, error)
- func (c *Client) GetAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
- func (c *Client) GetAlertRules() (AlertRules, error)
- func (c *Client) GetAsset(asset Asset) (Asset, error)
- func (c *Client) GetAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
- func (c *Client) GetAssetGroupRules() (AssetGroupRules, error)
- func (c *Client) GetAssetTag(assetTag AssetTag) (AssetTag, error)
- func (c *Client) GetAssetTags() (AssetTags, error)
- func (c *Client) GetAssets() (Assets, error)
- func (c *Client) GetAtcQueries() (AtcQueries, error)
- func (c *Client) GetAtcQuery(atcQuery AtcQuery) (AtcQuery, error)
- func (c *Client) GetAuditConfiguration(auditConfiguration AuditConfiguration) (AuditConfiguration, error)
- func (c *Client) GetAuditConfigurations() (AuditConfigurations, error)
- func (c *Client) GetBlockRule(blockRule BlockRule) (BlockRule, error)
- func (c *Client) GetBlockRules() (BlockRules, error)
- func (c *Client) GetCarve(carve Carve) (Carve, error)
- func (c *Client) GetCarves() (Carves, error)
- func (c *Client) GetComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
- func (c *Client) GetComplianceProfiles() (ComplianceProfiles, error)
- func (c *Client) GetCustomProfile(customProfile CustomProfile) (CustomProfile, error)
- func (c *Client) GetCustomProfiles() (CustomProfiles, error)
- func (c *Client) GetDestination(destination Destination) (Destination, error)
- func (c *Client) GetDestinations() (Destinations, error)
- func (c *Client) GetEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
- func (c *Client) GetEventExcludeProfiles() (EventExcludeProfiles, error)
- func (c *Client) GetEventRule(eventRule EventRule) (EventRule, error)
- func (c *Client) GetEventRules() (EventRules, error)
- func (c *Client) GetException(exception Exception) (Exception, error)
- func (c *Client) GetExceptions() (Exceptions, error)
- func (c *Client) GetFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
- func (c *Client) GetFilePathGroups() (FilePathGroups, error)
- func (c *Client) GetFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
- func (c *Client) GetFlagProfiles() (FlagProfiles, error)
- func (c *Client) GetLookupTable(lookupTable LookupTable) (LookupTable, error)
- func (c *Client) GetLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) GetLookupTables() (LookupTables, error)
- func (c *Client) GetObjectGroup(objectGroup ObjectGroup) (ObjectGroup, error)
- func (c *Client) GetObjectGroups() (ObjectGroups, error)
- func (c *Client) GetQueries() (Queries, error)
- func (c *Client) GetQuery(query Query) (Query, error)
- func (c *Client) GetQueryJob(queryJob QueryJob) (QueryJob, error)
- func (c *Client) GetQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
- func (c *Client) GetQueryJobs() (QueryJobs, error)
- func (c *Client) GetQuerypack(querypack Querypack) (Querypack, error)
- func (c *Client) GetQuerypacks() (Querypacks, error)
- func (c *Client) GetRegistryPath(registryPath RegistryPath) (RegistryPath, error)
- func (c *Client) GetRegistryPaths() (RegistryPaths, error)
- func (c *Client) GetRole(role Role) (Role, error)
- func (c *Client) GetRoles() (Roles, error)
- func (c *Client) GetTag(tag Tag) (Tag, error)
- func (c *Client) GetTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
- func (c *Client) GetTagConfigurations() (TagConfigurations, error)
- func (c *Client) GetTagRule(tagRule TagRule) (TagRule, error)
- func (c *Client) GetTagRules() (TagRules, error)
- func (c *Client) GetTags() (Tags, error)
- func (c *Client) GetUser(user User) (User, error)
- func (c *Client) GetUsers() (Users, error)
- func (c *Client) GetWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
- func (c *Client) GetWindowsDefenderPreferences() (WindowsDefenderPreferences, error)
- func (c *Client) GetYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
- func (c *Client) GetYaraGroupRules() (YaraGroupRules, error)
- func (c *Client) UpdateAlertRule(alertRule AlertRule) (AlertRule, error)
- func (c *Client) UpdateAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
- func (c *Client) UpdateAsset(asset Asset) (Asset, error)
- func (c *Client) UpdateAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
- func (c *Client) UpdateAssetTag(assetTag AssetTag) (AssetTag, error)
- func (c *Client) UpdateAtcQuery(atcQuery AtcQuery) (AtcQuery, error)
- func (c *Client) UpdateBlockRule(blockRule BlockRule) (BlockRule, error)
- func (c *Client) UpdateCarve(carve Carve) (Carve, error)
- func (c *Client) UpdateComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
- func (c *Client) UpdateCustomProfile(customProfile CustomProfile) (CustomProfile, error)
- func (c *Client) UpdateDestination(destination Destination) (Destination, error)
- func (c *Client) UpdateEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
- func (c *Client) UpdateEventRule(eventRule EventRule) (EventRule, error)
- func (c *Client) UpdateException(exception Exception) (Exception, error)
- func (c *Client) UpdateFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
- func (c *Client) UpdateFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
- func (c *Client) UpdateLookupTable(lookupTable LookupTable) (LookupTable, error)
- func (c *Client) UpdateLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) UpdateQuery(query Query) (Query, error)
- func (c *Client) UpdateQueryJob(queryJob QueryJob) (QueryJob, error)
- func (c *Client) UpdateQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
- func (c *Client) UpdateQuerypack(querypack Querypack) (Querypack, error)
- func (c *Client) UpdateRegistryPath(registryPath RegistryPath) (RegistryPath, error)
- func (c *Client) UpdateRole(role Role) (Role, error)
- func (c *Client) UpdateTag(tag Tag) (Tag, error)
- func (c *Client) UpdateTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
- func (c *Client) UpdateTagRule(tagRule TagRule) (TagRule, error)
- func (c *Client) UpdateUser(user User) (User, error)
- func (c *Client) UpdateWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
- func (c *Client) UpdateYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
- type ComplianceProfile
- type ComplianceProfiles
- type Config
- type CustomJSONString
- type CustomProfile
- type CustomProfiles
- type DNSLookupEvents
- type DataLookupTable
- type Destination
- type DestinationConfig
- type Destinations
- type EbpfDNSLookupEvents
- type EventExcludeProfile
- type EventExcludeProfileMetadata
- type EventExcludeProfiles
- type EventRule
- type EventRules
- type Exception
- type Exceptions
- type FilePathGroup
- type FilePathGroupSignature
- type FilePathGroups
- type FlagProfile
- type FlagProfiles
- type HTTPEvents
- type LinkItem
- type LookupTable
- type LookupTableDataRow
- type LookupTables
- type MockClient
- type ObjectGroup
- type ObjectGroups
- type PathStruct
- type ProcessEvents
- type ProcessFileEvents
- type Queries
- type Query
- type QueryError
- type QueryJob
- type QueryJobColumn
- type QueryJobParameter
- type QueryJobResult
- type QueryJobResultsStats
- type QueryJobs
- type Querypack
- type Querypacks
- type RegistryEvents
- type RegistryPath
- type RegistryPaths
- type Role
- type Roles
- type RuleException
- type SQLConfig
- type SocketEvents
- type Tag
- type TagConfiguration
- type TagConfigurationObject
- type TagConfigurationObjectDetails
- type TagConfigurations
- type TagRule
- type TagRules
- type Tags
- type User
- type UserEvents
- type Users
- type WindowsDefenderPreference
- type WindowsDefenderPreferences
- type YaraGroupRule
- type YaraGroupRules
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SlimStructAsJSONString ¶ added in v0.0.21
func ValidateConfig ¶
Types ¶
type AlertRule ¶
type AlertRule struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Code string `json:"code,omitempty"` Type string `json:"type,omitempty" validate:"required,oneof=sql builder"` Rule string `json:"rule,omitempty"` Grouping string `json:"grouping,omitempty"` Enabled bool `json:"enabled"` Custom bool `json:"custom"` Throttled bool `json:"throttled"` CreatedAt string `json:"createdAt,omitempty"` IsInternal bool `json:"isInternal"` AlertTags []string `json:"alertTags" validate:"required_if=Type sql"` CreatedBy string `json:"createdBy,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` TimeSuppresionStart string `json:"timeSuppresionStart,omitempty"` TimeSuppresionDuration int `json:"timeSuppresionDuration,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` GroupingL2 string `json:"groupingL2,omitempty"` GroupingL3 string `json:"groupingL3,omitempty"` Lock bool `json:"lock"` AlertNotifyInterval int `json:"alertNotifyInterval,omitempty"` AlertNotifyCount int `json:"alertNotifyCount,omitempty"` AlertRuleExceptions []RuleException `json:"alertRuleExceptions"` Destinations []AlertRuleDestination `json:"destinations"` SQLConfig *SQLConfig `json:"sqlConfig,omitempty"` Links []LinkItem `json:"links,omitempty"` BuilderConfig *BuilderConfigLite `json:"builderConfig"` }
func (AlertRule) KeysToDelete ¶ added in v0.0.18
type AlertRuleCategories ¶ added in v0.0.23
type AlertRuleCategories struct { Links []LinkItem `json:"links"` Items []AlertRuleCategory `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type AlertRuleCategory ¶ added in v0.0.23
type AlertRuleCategory struct { ID string `json:"id,omitempty"` RuleID string `json:"ruleId,omitempty"` Name string `json:"name,omitempty"` CreatedAt string `json:"createdAt,omitempty"` CreatedBy string `json:"createdBy,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (AlertRuleCategory) GetID ¶ added in v0.0.23
func (T AlertRuleCategory) GetID() string
func (AlertRuleCategory) GetName ¶ added in v0.0.23
func (T AlertRuleCategory) GetName() string
func (AlertRuleCategory) KeysToDelete ¶ added in v0.0.23
func (T AlertRuleCategory) KeysToDelete() []string
type AlertRuleDestination ¶
type AlertRuleDestination struct { ID string `json:"id,omitempty"` RuleID string `json:"ruleId,omitempty"` Severity string `json:"severity,omitempty"` DestinationID string `json:"destinationId,omitempty"` NotifyEveryAlert bool `json:"notifyEveryAlert"` CloseAfterDelivery bool `json:"closeAfterDelivery"` CreatedAt string `json:"createdAt,omitempty"` }
type AlertRuleQuery ¶
type AlertRules ¶
type Asset ¶ added in v0.0.27
type Asset struct { Gateway string `json:"gateway,omitempty"` Name string `json:"hostname,omitempty"` // there is no name, use hostname for ease CityID string `json:"cityId,omitempty"` CreatedAt string `json:"createdAt,omitempty"` Disabled bool `json:"disabled"` HostName string `json:"hostName,omitempty"` ID string `json:"id,omitempty"` LastEnrolledAt string `json:"lastEnrolledAt,omitempty"` Os string `json:"os,omitempty"` OsFlavor string `json:"osFlavor,omitempty"` OsqueryVersion string `json:"osqueryVersion,omitempty"` OsVersion string `json:"osVersion,omitempty"` Status string `json:"status,omitempty"` UpgradeState bool `json:"upgradeState"` ObjectGroupID string `json:"objectGroupId,omitempty"` Live bool `json:"live"` Location string `json:"location,omitempty"` ManualSlackAssignment bool `json:"manualSlackAssignment"` HardwareVendor string `json:"hardwareVendor,omitempty"` AssetObjectGroupID string `json:"assetObjectGroupId,omitempty"` PackageObjectGroupID string `json:"packageObjectGroupId,omitempty"` ObjectGroup ObjectGroup `json:"objectGroup"` City City `json:"city"` AssetCloudInfo AssetCloudInfo `json:"assetCloudInfo"` LastActivityAt string `json:"lastActivityAt,omitempty"` LastUpgradedAt string `json:"lastUpgradedAt,omitempty"` EventExcludeProfiles []EventExcludeProfiles `json:"eventExcludeProfiles"` Tags []string `json:"tags"` Capabilities []AssetCapabilities `json:"capabilities"` OsDisplay string `json:"osDisplay,omitempty"` Description string `json:"description,omitempty"` Latitude float64 `json:"latitude"` Longitude float64 `json:"longitude"` CPUBrand string `json:"cpuBrand,omitempty"` HardwareModel string `json:"hardwareModel,omitempty"` HardwareSerial string `json:"hardwareSerial,omitempty"` Cores int `json:"cores"` LogicalCores int `json:"logicalCores"` MemoryMb int `json:"memoryMb"` OsKey string `json:"osKey,omitempty"` OsVersionSortable string `json:"osVersionSortable,omitempty"` ProfileID string `json:"profileId,omitempty"` OsqueryVersionSortable string `json:"osqueryVersionSortable,omitempty"` UpgradeOsqueryVersion string `json:"upgradeOsqueryVersion,omitempty"` NewEpoch bool `json:"newEpoch"` LastEpoch string `json:"lastEpoch,omitempty"` ComplianceProfileID string `json:"complianceProfileId,omitempty"` Flags CustomJSONString `json:"flags"` UpdatedBy string `json:"updatedBy,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` DeletedAt string `json:"deletedAt,omitempty"` FlagsFile string `json:"flagsFile,omitempty"` FlagsFileChecksum string `json:"flagsFileChecksum,omitempty"` ActiveFlagProfileID string `json:"activeFlagProfileId,omitempty"` ActiveFlagProfileSource string `json:"activeFlagProfileSource,omitempty"` ActiveCustomProfileID string `json:"activeCustomProfileId,omitempty"` ActiveCustomProfileSource string `json:"activeCustomProfileSource,omitempty"` Protect bool `json:"protect"` AgentVersion string `json:"agentVersion,omitempty"` AgentVersionSortable string `json:"agentVersionSortable,omitempty"` AgentID string `json:"agentId,omitempty"` AgentType string `json:"agentType,omitempty"` ResourceType string `json:"resourceType,omitempty"` Arch string `json:"arch,omitempty"` Platform string `json:"platform,omitempty"` PlatformLike string `json:"platformLike,omitempty"` AssetCapabilities []AssetCapabilities `json:"assetCapabilities"` Interfaces []AssetInterface `json:"interfaces"` Links []LinkItem `json:"links"` }
func (Asset) KeysToDelete ¶ added in v0.0.27
type AssetCapabilities ¶ added in v0.0.27
type AssetCapabilities struct { ID string `json:"id"` AssetID string `json:"assetId,omitempty"` Name string `json:"name,omitempty"` Status string `json:"status,omitempty"` IndividualStatus struct { ConfigurationStatus string `json:"configurationStatus,omitempty"` FlagStatus string `json:"flagStatus,omitempty"` ScheduledQueryStatus string `json:"scheduledQueryStatus,omitempty"` } `json:"individualStatus,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` }
type AssetCloudInfo ¶ added in v0.0.27
type AssetCloudInfo struct { CloudID string `json:"cloudId,omitempty"` Provider string `json:"provider,omitempty"` Account string `json:"account,omitempty"` Image string `json:"image,omitempty"` Type string `json:"type,omitempty"` Region string `json:"region,omitempty"` Zone string `json:"zone,omitempty"` Service string `json:"service,omitempty"` }
type AssetGroupRule ¶ added in v0.0.23
type AssetGroupRule struct { ID string `json:"id,omitempty"` Name string `json:"name"` Description string `json:"description,omitempty"` Query string `json:"query"` Interval int `json:"interval,omitempty"` OsqueryVersion string `json:"osqueryVersion,omitempty"` Platform string `json:"platform,omitempty"` Enabled bool `json:"enabled"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (AssetGroupRule) GetID ¶ added in v0.0.23
func (T AssetGroupRule) GetID() string
func (AssetGroupRule) GetName ¶ added in v0.0.23
func (T AssetGroupRule) GetName() string
func (AssetGroupRule) KeysToDelete ¶ added in v0.0.23
func (T AssetGroupRule) KeysToDelete() []string
type AssetGroupRules ¶ added in v0.0.23
type AssetGroupRules struct { Links []LinkItem `json:"links"` Items []AssetGroupRule `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type AssetInterface ¶ added in v0.0.27
type AssetTag ¶ added in v0.0.27
AssetTag only supports PUT/POST/DELETE, not GET
func (AssetTag) KeysToDelete ¶ added in v0.0.27
type AssetTags ¶ added in v0.0.27
type AssetTags struct { Links []LinkItem `json:"links"` Items []AssetTag `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
This wont actually exist, cant get assetTags
type AtcQueries ¶ added in v0.0.23
type AtcQuery ¶ added in v0.0.23
type AtcQuery struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Query string `json:"query,omitempty"` OsPaths struct { Darwin []PathStruct `json:"darwin,omitempty"` Debian []PathStruct `json:"debian,omitempty"` Windows []PathStruct `json:"windows,omitempty"` } `json:"osPaths,omitempty"` Columns []struct { Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` } `json:"columns,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (AtcQuery) KeysToDelete ¶ added in v0.0.23
type AuditConfiguration ¶ added in v0.0.22
type AuditConfiguration struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Framework string `json:"framework" validate:"required,oneof=CIS PCI CUSTOM FEDRAMP SOC2 HIPAA STIG NIST ISO VDA-TISAX"` Version string `json:"version" validate:"required,max=256,min=1"` OsVersion string `json:"osVersion" validate:"required,min=1"` Platform string `json:"platform" validate:"required,min=1"` TableName string `json:"tableName" validate:"required,min=1"` Sha256 string `json:"sha256,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Type string `json:"type,omitempty"` Checks int `json:"checks,omitempty"` AuditEntry []AuditEntry `json:"auditEntities"` Links []LinkItem `json:"links,omitempty"` }
func (AuditConfiguration) GetID ¶ added in v0.0.22
func (T AuditConfiguration) GetID() string
func (AuditConfiguration) GetName ¶ added in v0.0.22
func (T AuditConfiguration) GetName() string
func (AuditConfiguration) KeysToDelete ¶ added in v0.0.22
func (T AuditConfiguration) KeysToDelete() []string
type AuditConfigurations ¶ added in v0.0.22
type AuditConfigurations struct { Links []LinkItem `json:"links"` Items []AuditConfiguration `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type AuditEntry ¶ added in v0.0.22
type AuditEntry struct { ID string `json:"id,omitempty"` AuditConfigurationID string `json:"auditConfigurationId,omitempty"` AuditName []string `json:"auditName"` Standard string `json:"standard,omitempty"` Version string `json:"version,omitempty"` Section string `json:"section,omitempty"` Title string `json:"title,omitempty"` Scored bool `json:"scored"` Level string `json:"level,omitempty"` Description string `json:"description,omitempty"` Rationale string `json:"rationale,omitempty"` Command string `json:"command,omitempty"` Remediation string `json:"remediation,omitempty"` ExpectedValue string `json:"expectedValue,omitempty"` AuthoritativeSource string `json:"authoritativeSource,omitempty"` Exception string `json:"exception,omitempty"` Chapter string `json:"chapter,omitempty"` CheckID string `json:"checkId,omitempty"` Enabled bool `json:"enabled"` Service string `json:"service,omitempty"` CreatedBy string `json:"createdBy,omitempty"` Score float64 `json:"score"` UpdatedBy string `json:"updatedBy,omitempty"` RunCategory int `json:"runCategory"` Timeout int `json:"timeout"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` IsManual bool `json:"isManual"` }
type AutoAlertConfig ¶
type AutoAlertConfig struct { RaiseAlert bool `json:"raiseAlert"` DisableAlert bool `json:"disableAlert"` MetadataSources CustomJSONString `json:"metadataSources,omitempty"` }
type BlockRule ¶ added in v0.0.26
type BlockRule struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Platform string `json:"platform,omitempty"` Priority int `json:"priority"` Type string `json:"type,omitempty"` Status string `json:"status,omitempty"` Custom bool `json:"custom"` EnableLockdown bool `json:"enableLockdown"` CertificateMode string `json:"certificateMode,omitempty"` HasLookupTable bool `json:"hasLookupTable"` CreatedAt string `json:"createdAt,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` Checks int `json:"checks"` AssetsCount int `json:"assetsCount"` UptycsProtectEnabledCount int `json:"uptycsProtectEnabledCount"` Links []LinkItem `json:"links,omitempty"` }
func (BlockRule) KeysToDelete ¶ added in v0.0.26
type BlockRules ¶ added in v0.0.26
type BuilderConfig ¶
type BuilderConfig struct { ID string `json:"id,omitempty"` TableName string `json:"tableName,omitempty"` Added bool `json:"added"` MatchesFilter bool `json:"matchesFilter"` Filters CustomJSONString `json:"filters,omitempty"` Severity string `json:"severity,omitempty"` Key string `json:"key,omitempty"` ValueField string `json:"valueField,omitempty"` AutoAlertConfig AutoAlertConfig `json:"autoAlertConfig"` }
type BuilderConfigLite ¶ added in v0.0.27
type BuilderConfigLite struct {
ID string `json:"id"`
}
type Carve ¶ added in v0.0.23
type Carve struct { ID string `json:"id,omitempty"` Name string `json:"-"` // Required but not actually in a carve AssetID string `json:"assetId,omitempty"` Path string `json:"path,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Status string `json:"status,omitempty"` DeletedUserName string `json:"deletedUserName,omitempty"` DeletedAt string `json:"deletedAt,omitempty"` AssetHostName string `json:"assetHostName,omitempty"` Offset int `json:"offset,omitempty"` Length int `json:"length,omitempty"` }
func (Carve) KeysToDelete ¶ added in v0.0.23
type City ¶ added in v0.0.27
type City struct { ID string `json:"id"` Name string `json:"name,omitempty"` SubdivisionIsoCode string `json:"subdivisionIsoCode,omitempty"` SubdivisionName string `json:"subdivisionName,omitempty"` CountryIsoCode string `json:"countryIsoCode,omitempty"` CountryName string `json:"countryName,omitempty"` }
type Client ¶
func (*Client) CreateAlertRule ¶
func (*Client) CreateAlertRuleCategory ¶ added in v0.0.23
func (c *Client) CreateAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
func (*Client) CreateAsset ¶ added in v0.0.27
func (*Client) CreateAssetGroupRule ¶ added in v0.0.23
func (c *Client) CreateAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
func (*Client) CreateAssetTag ¶ added in v0.0.27
func (*Client) CreateAtcQuery ¶ added in v0.0.23
func (*Client) CreateBlockRule ¶ added in v0.0.26
func (*Client) CreateCarve ¶ added in v0.0.23
func (*Client) CreateComplianceProfile ¶ added in v0.0.22
func (c *Client) CreateComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
func (*Client) CreateCustomProfile ¶ added in v0.0.26
func (c *Client) CreateCustomProfile(customProfile CustomProfile) (CustomProfile, error)
func (*Client) CreateDestination ¶
func (c *Client) CreateDestination(destination Destination) (Destination, error)
func (*Client) CreateEventExcludeProfile ¶
func (c *Client) CreateEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
func (*Client) CreateEventRule ¶
func (*Client) CreateException ¶ added in v0.0.26
func (*Client) CreateFilePathGroup ¶ added in v0.0.22
func (c *Client) CreateFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
func (*Client) CreateFlagProfile ¶ added in v0.0.26
func (c *Client) CreateFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
func (*Client) CreateLookupTable ¶ added in v0.0.28
func (c *Client) CreateLookupTable(lookupTable LookupTable) (LookupTable, error)
func (*Client) CreateLookupTableDataRow ¶ added in v0.0.28
func (c *Client) CreateLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) CreateQuery ¶ added in v0.0.32
func (*Client) CreateQueryJob ¶ added in v0.0.28
func (*Client) CreateQueryJobResults ¶ added in v0.0.28
func (c *Client) CreateQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
func (*Client) CreateQuerypack ¶ added in v0.0.22
func (*Client) CreateRegistryPath ¶ added in v0.0.22
func (c *Client) CreateRegistryPath(registryPath RegistryPath) (RegistryPath, error)
func (*Client) CreateTagConfiguration ¶ added in v0.0.22
func (c *Client) CreateTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
func (*Client) CreateTagRule ¶ added in v0.0.22
func (*Client) CreateWindowsDefenderPreference ¶ added in v0.0.26
func (c *Client) CreateWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
func (*Client) CreateYaraGroupRule ¶ added in v0.0.22
func (c *Client) CreateYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
func (*Client) DeleteAlertRule ¶
func (*Client) DeleteAlertRuleCategory ¶ added in v0.0.23
func (c *Client) DeleteAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
func (*Client) DeleteAsset ¶ added in v0.0.27
func (*Client) DeleteAssetGroupRule ¶ added in v0.0.23
func (c *Client) DeleteAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
func (*Client) DeleteAssetTag ¶ added in v0.0.27
func (*Client) DeleteAtcQuery ¶ added in v0.0.23
func (*Client) DeleteBlockRule ¶ added in v0.0.26
func (*Client) DeleteCarve ¶ added in v0.0.23
func (*Client) DeleteComplianceProfile ¶ added in v0.0.22
func (c *Client) DeleteComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
func (*Client) DeleteCustomProfile ¶ added in v0.0.26
func (c *Client) DeleteCustomProfile(customProfile CustomProfile) (CustomProfile, error)
func (*Client) DeleteDestination ¶
func (c *Client) DeleteDestination(destination Destination) (Destination, error)
func (*Client) DeleteEventExcludeProfile ¶
func (c *Client) DeleteEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
func (*Client) DeleteEventRule ¶
func (*Client) DeleteException ¶ added in v0.0.26
func (*Client) DeleteFilePathGroup ¶ added in v0.0.22
func (c *Client) DeleteFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
func (*Client) DeleteFlagProfile ¶ added in v0.0.26
func (c *Client) DeleteFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
func (*Client) DeleteLookupTable ¶ added in v0.0.28
func (c *Client) DeleteLookupTable(lookupTable LookupTable) (LookupTable, error)
func (*Client) DeleteLookupTableDataRow ¶ added in v0.0.28
func (c *Client) DeleteLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) DeleteQuery ¶ added in v0.0.32
func (*Client) DeleteQueryJob ¶ added in v0.0.28
func (*Client) DeleteQueryJobResult ¶ added in v0.0.28
func (c *Client) DeleteQueryJobResult(queryJobResult QueryJobResult) (QueryJobResult, error)
func (*Client) DeleteQuerypack ¶ added in v0.0.22
func (*Client) DeleteRegistryPath ¶ added in v0.0.22
func (c *Client) DeleteRegistryPath(registryPath RegistryPath) (RegistryPath, error)
func (*Client) DeleteTagConfiguration ¶ added in v0.0.22
func (c *Client) DeleteTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
func (*Client) DeleteTagRule ¶ added in v0.0.22
func (*Client) DeleteWindowsDefenderPreference ¶ added in v0.0.26
func (c *Client) DeleteWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
func (*Client) DeleteYaraGroupRule ¶ added in v0.0.22
func (c *Client) DeleteYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
func (*Client) FindLookupTableDataRow ¶ added in v0.0.28
func (c *Client) FindLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) GetAlertRuleCategories ¶ added in v0.0.23
func (c *Client) GetAlertRuleCategories() (AlertRuleCategories, error)
func (*Client) GetAlertRuleCategory ¶ added in v0.0.23
func (c *Client) GetAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
func (*Client) GetAlertRules ¶
func (c *Client) GetAlertRules() (AlertRules, error)
func (*Client) GetAssetGroupRule ¶ added in v0.0.23
func (c *Client) GetAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
func (*Client) GetAssetGroupRules ¶ added in v0.0.23
func (c *Client) GetAssetGroupRules() (AssetGroupRules, error)
func (*Client) GetAssetTag ¶ added in v0.0.27
func (*Client) GetAssetTags ¶ added in v0.0.27
func (*Client) GetAtcQueries ¶ added in v0.0.23
func (c *Client) GetAtcQueries() (AtcQueries, error)
func (*Client) GetAtcQuery ¶ added in v0.0.23
func (*Client) GetAuditConfiguration ¶ added in v0.0.22
func (c *Client) GetAuditConfiguration(auditConfiguration AuditConfiguration) (AuditConfiguration, error)
func (*Client) GetAuditConfigurations ¶ added in v0.0.22
func (c *Client) GetAuditConfigurations() (AuditConfigurations, error)
func (*Client) GetBlockRule ¶ added in v0.0.26
func (*Client) GetBlockRules ¶ added in v0.0.26
func (c *Client) GetBlockRules() (BlockRules, error)
func (*Client) GetComplianceProfile ¶ added in v0.0.22
func (c *Client) GetComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
func (*Client) GetComplianceProfiles ¶ added in v0.0.22
func (c *Client) GetComplianceProfiles() (ComplianceProfiles, error)
func (*Client) GetCustomProfile ¶ added in v0.0.26
func (c *Client) GetCustomProfile(customProfile CustomProfile) (CustomProfile, error)
func (*Client) GetCustomProfiles ¶ added in v0.0.26
func (c *Client) GetCustomProfiles() (CustomProfiles, error)
func (*Client) GetDestination ¶
func (c *Client) GetDestination(destination Destination) (Destination, error)
func (*Client) GetDestinations ¶
func (c *Client) GetDestinations() (Destinations, error)
func (*Client) GetEventExcludeProfile ¶
func (c *Client) GetEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
func (*Client) GetEventExcludeProfiles ¶
func (c *Client) GetEventExcludeProfiles() (EventExcludeProfiles, error)
func (*Client) GetEventRules ¶
func (c *Client) GetEventRules() (EventRules, error)
func (*Client) GetException ¶ added in v0.0.26
func (*Client) GetExceptions ¶ added in v0.0.26
func (c *Client) GetExceptions() (Exceptions, error)
func (*Client) GetFilePathGroup ¶ added in v0.0.22
func (c *Client) GetFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
func (*Client) GetFilePathGroups ¶ added in v0.0.22
func (c *Client) GetFilePathGroups() (FilePathGroups, error)
func (*Client) GetFlagProfile ¶ added in v0.0.26
func (c *Client) GetFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
func (*Client) GetFlagProfiles ¶ added in v0.0.26
func (c *Client) GetFlagProfiles() (FlagProfiles, error)
func (*Client) GetLookupTable ¶ added in v0.0.28
func (c *Client) GetLookupTable(lookupTable LookupTable) (LookupTable, error)
func (*Client) GetLookupTableDataRow ¶ added in v0.0.28
func (c *Client) GetLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) GetLookupTables ¶ added in v0.0.28
func (c *Client) GetLookupTables() (LookupTables, error)
func (*Client) GetObjectGroup ¶ added in v0.0.21
func (c *Client) GetObjectGroup(objectGroup ObjectGroup) (ObjectGroup, error)
func (*Client) GetObjectGroups ¶ added in v0.0.21
func (c *Client) GetObjectGroups() (ObjectGroups, error)
func (*Client) GetQueries ¶ added in v0.0.32
func (*Client) GetQueryJob ¶ added in v0.0.28
func (*Client) GetQueryJobResults ¶ added in v0.0.28
func (c *Client) GetQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
func (*Client) GetQueryJobs ¶ added in v0.0.28
func (*Client) GetQuerypack ¶ added in v0.0.22
func (*Client) GetQuerypacks ¶ added in v0.0.22
func (c *Client) GetQuerypacks() (Querypacks, error)
func (*Client) GetRegistryPath ¶ added in v0.0.22
func (c *Client) GetRegistryPath(registryPath RegistryPath) (RegistryPath, error)
func (*Client) GetRegistryPaths ¶ added in v0.0.22
func (c *Client) GetRegistryPaths() (RegistryPaths, error)
func (*Client) GetTagConfiguration ¶ added in v0.0.22
func (c *Client) GetTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
func (*Client) GetTagConfigurations ¶ added in v0.0.22
func (c *Client) GetTagConfigurations() (TagConfigurations, error)
func (*Client) GetTagRule ¶ added in v0.0.22
func (*Client) GetTagRules ¶ added in v0.0.22
func (*Client) GetWindowsDefenderPreference ¶ added in v0.0.26
func (c *Client) GetWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
func (*Client) GetWindowsDefenderPreferences ¶ added in v0.0.26
func (c *Client) GetWindowsDefenderPreferences() (WindowsDefenderPreferences, error)
func (*Client) GetYaraGroupRule ¶ added in v0.0.22
func (c *Client) GetYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
func (*Client) GetYaraGroupRules ¶ added in v0.0.22
func (c *Client) GetYaraGroupRules() (YaraGroupRules, error)
func (*Client) UpdateAlertRule ¶
func (*Client) UpdateAlertRuleCategory ¶ added in v0.0.23
func (c *Client) UpdateAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
func (*Client) UpdateAsset ¶ added in v0.0.27
func (*Client) UpdateAssetGroupRule ¶ added in v0.0.23
func (c *Client) UpdateAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
func (*Client) UpdateAssetTag ¶ added in v0.0.27
func (*Client) UpdateAtcQuery ¶ added in v0.0.23
func (*Client) UpdateBlockRule ¶ added in v0.0.26
func (*Client) UpdateCarve ¶ added in v0.0.23
func (*Client) UpdateComplianceProfile ¶ added in v0.0.22
func (c *Client) UpdateComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
func (*Client) UpdateCustomProfile ¶ added in v0.0.26
func (c *Client) UpdateCustomProfile(customProfile CustomProfile) (CustomProfile, error)
func (*Client) UpdateDestination ¶
func (c *Client) UpdateDestination(destination Destination) (Destination, error)
func (*Client) UpdateEventExcludeProfile ¶
func (c *Client) UpdateEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
func (*Client) UpdateEventRule ¶
func (*Client) UpdateException ¶ added in v0.0.26
func (*Client) UpdateFilePathGroup ¶ added in v0.0.22
func (c *Client) UpdateFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
func (*Client) UpdateFlagProfile ¶ added in v0.0.26
func (c *Client) UpdateFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
func (*Client) UpdateLookupTable ¶ added in v0.0.28
func (c *Client) UpdateLookupTable(lookupTable LookupTable) (LookupTable, error)
func (*Client) UpdateLookupTableDataRow ¶ added in v0.0.28
func (c *Client) UpdateLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) UpdateQuery ¶ added in v0.0.32
func (*Client) UpdateQueryJob ¶ added in v0.0.28
func (*Client) UpdateQueryJobResults ¶ added in v0.0.28
func (c *Client) UpdateQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
func (*Client) UpdateQuerypack ¶ added in v0.0.22
func (*Client) UpdateRegistryPath ¶ added in v0.0.22
func (c *Client) UpdateRegistryPath(registryPath RegistryPath) (RegistryPath, error)
func (*Client) UpdateTagConfiguration ¶ added in v0.0.22
func (c *Client) UpdateTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
func (*Client) UpdateTagRule ¶ added in v0.0.22
func (*Client) UpdateWindowsDefenderPreference ¶ added in v0.0.26
func (c *Client) UpdateWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
func (*Client) UpdateYaraGroupRule ¶ added in v0.0.22
func (c *Client) UpdateYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
type ComplianceProfile ¶ added in v0.0.22
type ComplianceProfile struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Custom bool `json:"custom"` Priority int `json:"priority,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (ComplianceProfile) GetID ¶ added in v0.0.22
func (T ComplianceProfile) GetID() string
func (ComplianceProfile) GetName ¶ added in v0.0.22
func (T ComplianceProfile) GetName() string
func (ComplianceProfile) KeysToDelete ¶ added in v0.0.22
func (T ComplianceProfile) KeysToDelete() []string
type ComplianceProfiles ¶ added in v0.0.22
type ComplianceProfiles struct { Links []LinkItem `json:"links"` Items []ComplianceProfile `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` Decorators []string `json:"decorators"` }
type CustomJSONString ¶ added in v0.0.22
type CustomJSONString string
func (CustomJSONString) MarshalJSON ¶ added in v0.0.22
func (bcfs CustomJSONString) MarshalJSON() ([]byte, error)
func (*CustomJSONString) UnmarshalJSON ¶ added in v0.0.22
func (bcfs *CustomJSONString) UnmarshalJSON(raw []byte) error
type CustomProfile ¶ added in v0.0.26
type CustomProfile struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` QuerySchedules CustomJSONString `json:"querySchedules,omitempty" validate:"required,min=1"` Priority int `json:"priority"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` ResourceType string `json:"resourceType,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (CustomProfile) GetID ¶ added in v0.0.26
func (T CustomProfile) GetID() string
func (CustomProfile) GetName ¶ added in v0.0.26
func (T CustomProfile) GetName() string
func (CustomProfile) KeysToDelete ¶ added in v0.0.26
func (T CustomProfile) KeysToDelete() []string
type CustomProfiles ¶ added in v0.0.26
type CustomProfiles struct { Links []LinkItem `json:"links"` Items []CustomProfile `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type DNSLookupEvents ¶ added in v0.0.21
type DataLookupTable ¶ added in v0.0.28
type DataLookupTable struct { ID string `json:"id"` LookupTableID string `json:"lookupTableId"` LookupTableName string `json:"lookupTableName"` LookupKeyName string `json:"lookupKeyName"` Enabled bool `json:"enabled"` RefreshFrequencyMinutes int `json:"refreshFrequencyMinutes"` LastRefreshAt string `json:"lastRefreshAt"` RefreshInfo struct { Key string `json:"key"` Query string `json:"query"` UptDay int `json:"uptDay"` UptBatch int `json:"uptBatch"` TableName string `json:"tableName"` CustomerDb string `json:"customerDb"` LookupTable string `json:"lookupTable"` LookupSchema string `json:"lookupSchema"` LastRefreshAt int64 `json:"lastRefreshAt"` RefreshFrequency int `json:"refreshFrequency"` QueryForDashboard string `json:"queryForDashboard"` } `json:"refreshInfo"` }
type Destination ¶
type Destination struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Type string `json:"type,omitempty" validate:"oneof=email slack http pagerduty azure"` Address string `json:"address,omitempty"` CreatedAt string `json:"createdAt,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` Enabled bool `json:"enabled"` Default bool `json:"default"` Config DestinationConfig `json:"config,omitempty"` Template struct { Template string `json:"template,omitempty"` } `json:"template,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (Destination) GetID ¶ added in v0.0.18
func (T Destination) GetID() string
func (Destination) GetName ¶ added in v0.0.18
func (T Destination) GetName() string
func (Destination) KeysToDelete ¶ added in v0.0.18
func (T Destination) KeysToDelete() []string
type DestinationConfig ¶ added in v0.0.31
type DestinationConfig struct { Sender string `json:"sender,omitempty"` Method string `json:"method,omitempty"` Username string `json:"username,omitempty"` Password string `json:"password,omitempty"` DataKey string `json:"dataKey,omitempty"` Token string `json:"token,omitempty"` SlackAttachment bool `json:"slackAttachment,omitempty"` //noqa Headers CustomJSONString `json:"headers,omitempty"` }
type Destinations ¶
type Destinations struct { Links []LinkItem `json:"links"` Items []Destination `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type EbpfDNSLookupEvents ¶ added in v0.0.21
type EventExcludeProfile ¶
type EventExcludeProfile struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Priority int `json:"priority,omitempty"` Metadata EventExcludeProfileMetadata `json:"metadata,omitempty"` MetadataJSON string `json:"metadataJson,omitempty"` ResourceType string `json:"resourceType,omitempty"` Platform string `json:"platform,omitempty"` CreatedAt string `json:"createdAt,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (EventExcludeProfile) GetID ¶ added in v0.0.18
func (T EventExcludeProfile) GetID() string
func (EventExcludeProfile) GetName ¶ added in v0.0.18
func (T EventExcludeProfile) GetName() string
func (EventExcludeProfile) KeysToDelete ¶ added in v0.0.18
func (T EventExcludeProfile) KeysToDelete() []string
type EventExcludeProfileMetadata ¶
type EventExcludeProfileMetadata struct { DNSLookupEvents DNSLookupEvents `json:"dns_lookup_events,omitempty"` UserEvents UserEvents `json:"user_events,omitempty"` SocketEvents SocketEvents `json:"socket_events,omitempty"` ProcessEvents ProcessEvents `json:"process_events,omitempty"` RegistryEvents RegistryEvents `json:"registry_events,omitempty"` ProcessFileEvents ProcessFileEvents `json:"process_file_events,omitempty"` HTTPEvents HTTPEvents `json:"http_events,omitempty"` EbpfDNSLookupEvents EbpfDNSLookupEvents `json:"ebpf_dns_lookup_events,omitempty"` }
type EventExcludeProfiles ¶
type EventExcludeProfiles struct { Links []LinkItem `json:"links"` Items []EventExcludeProfile `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type EventRule ¶
type EventRule struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Code string `json:"code,omitempty"` Type string `json:"type,omitempty"` Rule string `json:"rule,omitempty"` Grouping string `json:"grouping,omitempty"` Enabled bool `json:"enabled"` Custom bool `json:"custom"` CreatedAt string `json:"createdAt,omitempty"` IsInternal bool `json:"isInternal"` EventTags []string `json:"eventTags"` CreatedBy string `json:"createdBy,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` GroupingL2 string `json:"groupingL2,omitempty"` GroupingL3 string `json:"groupingL3,omitempty"` Score string `json:"score,omitempty"` Lock bool `json:"lock"` Exceptions []RuleException `json:"exceptions"` SQLConfig *SQLConfig `json:"sqlConfig,omitempty"` BuilderConfig *BuilderConfig `json:"builderConfig"` Links []LinkItem `json:"links,omitempty"` }
func (EventRule) KeysToDelete ¶ added in v0.0.18
type EventRules ¶
type Exception ¶ added in v0.0.26
type Exception struct { ID string `json:"id"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` ExceptionType string `json:"exceptionType,omitempty"` CreatedBy string `json:"createdBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` TableName string `json:"tableName,omitempty"` IsGlobal bool `json:"isGlobal"` Custom bool `json:"custom"` Disabled bool `json:"disabled"` CloseOpenAlerts bool `json:"closeOpenAlerts"` Rule CustomJSONString `json:"rule,omitempty"` Links []LinkItem `json:"links"` }
func (Exception) KeysToDelete ¶ added in v0.0.26
type Exceptions ¶ added in v0.0.26
type FilePathGroup ¶ added in v0.0.22
type FilePathGroup struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Grouping string `json:"grouping,omitempty"` IncludePaths []string `json:"includePaths"` IncludePathExtensions []string `json:"includePathExtensions"` ExcludePaths []string `json:"excludePaths"` Custom bool `json:"custom" validate:"required"` CheckSignature bool `json:"checkSignature"` FileAccesses bool `json:"fileAccesses"` ExcludeProcessNames []string `json:"excludeProcessNames"` PriorityPaths []string `json:"priorityPaths"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Signatures []FilePathGroupSignature `json:"signatures" validate:"required,min=0"` YaraGroupRules []YaraGroupRule `json:"yaraGroupRules" validate:"required,min=0"` Links []LinkItem `json:"links,omitempty"` }
func (FilePathGroup) GetID ¶ added in v0.0.22
func (T FilePathGroup) GetID() string
func (FilePathGroup) GetName ¶ added in v0.0.22
func (T FilePathGroup) GetName() string
func (FilePathGroup) KeysToDelete ¶ added in v0.0.22
func (T FilePathGroup) KeysToDelete() []string
type FilePathGroupSignature ¶ added in v0.0.22
type FilePathGroupSignature struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Paths []string `json:"paths"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` }
type FilePathGroups ¶ added in v0.0.22
type FilePathGroups struct { Links []LinkItem `json:"links"` Items []FilePathGroup `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type FlagProfile ¶ added in v0.0.26
type FlagProfile struct { ID string `json:"id,omitempty"` Custom bool `json:"custom"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Priority int `json:"priority"` Flags CustomJSONString `json:"flags,omitempty" validate:"required,min=1"` OsFlags CustomJSONString `json:"osFlags,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` ResourceType string `json:"resourceType,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (FlagProfile) GetID ¶ added in v0.0.26
func (T FlagProfile) GetID() string
func (FlagProfile) GetName ¶ added in v0.0.26
func (T FlagProfile) GetName() string
func (FlagProfile) KeysToDelete ¶ added in v0.0.26
func (T FlagProfile) KeysToDelete() []string
type FlagProfiles ¶ added in v0.0.26
type FlagProfiles struct { Links []LinkItem `json:"links"` Items []FlagProfile `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type HTTPEvents ¶ added in v0.0.21
type HTTPEvents struct {
Host []string `json:"host"`
}
type LookupTable ¶ added in v0.0.28
type LookupTable struct { ID string `json:"id"` Name string `json:"name"` Description string `json:"description,omitempty"` Active bool `json:"active"` IDField string `json:"idField,omitempty"` RowCount int `json:"rowCount"` ForRuleEngine bool `json:"forRuleEngine"` CreatedBy string `json:"createdBy"` UpdatedBy string `json:"updatedBy"` CreatedAt string `json:"createdAt"` UpdatedAt string `json:"updatedAt"` DataLookupTable DataLookupTable `json:"dataLookupTable,omitempty"` FetchRowsquery string `json:"fetchRowsquery"` DataRows []LookupTableDataRow `json:"-,omitempty"` Links []LinkItem `json:"links"` }
func (LookupTable) GetID ¶ added in v0.0.28
func (T LookupTable) GetID() string
func (LookupTable) GetName ¶ added in v0.0.28
func (T LookupTable) GetName() string
func (LookupTable) KeysToDelete ¶ added in v0.0.28
func (T LookupTable) KeysToDelete() []string
type LookupTableDataRow ¶ added in v0.0.28
type LookupTableDataRow struct { ID string `json:"id"` Name string `json:"-"` //Not provided LookupTableID string `json:"lookupTableId"` IDFieldValue string `json:"idFieldValue"` Data CustomJSONString `json:"data"` CreatedAt string `json:"createdAt"` }
func GetAllLookupTableData ¶ added in v0.0.28
func GetAllLookupTableData(c *Client, endpointStr string) ([]LookupTableDataRow, error)
func (LookupTableDataRow) GetID ¶ added in v0.0.28
func (T LookupTableDataRow) GetID() string
func (LookupTableDataRow) GetName ¶ added in v0.0.28
func (T LookupTableDataRow) GetName() string
func (LookupTableDataRow) KeysToDelete ¶ added in v0.0.28
func (T LookupTableDataRow) KeysToDelete() []string
type LookupTables ¶ added in v0.0.28
type LookupTables struct { Links []LinkItem `json:"links"` Items []LookupTable `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type ObjectGroup ¶ added in v0.0.21
type ObjectGroup struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Key string `json:"key,omitempty"` Value string `json:"value,omitempty"` AssetGroupRuleID string `json:"assetGroupRuleId,omitempty"` ObjectGroupID string `json:"objectGroupId,omitempty"` UserID string `json:"userid,omitempty"` RoleID string `json:"roleid,omitempty"` Description string `json:"description,omitempty"` Secret string `json:"secret,omitempty"` ObjectType string `json:"objectType,omitempty"` Custom bool `json:"custom"` RetentionDays int `json:"retentionDays,omitempty"` RangerID int `json:"rangerId,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Destinations []Destination `json:"destinations"` }
func (ObjectGroup) GetID ¶ added in v0.0.21
func (T ObjectGroup) GetID() string
func (ObjectGroup) GetName ¶ added in v0.0.21
func (T ObjectGroup) GetName() string
func (ObjectGroup) KeysToDelete ¶ added in v0.0.21
func (T ObjectGroup) KeysToDelete() []string
type ObjectGroups ¶ added in v0.0.21
type ObjectGroups struct { Links []LinkItem `json:"links"` Items []ObjectGroup `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type PathStruct ¶ added in v0.0.23
type PathStruct struct {
Path string `json:"path,omitempty"`
}
type ProcessEvents ¶
type ProcessEvents struct {
Path []string `json:"path"`
}
type ProcessFileEvents ¶
type Query ¶ added in v0.0.22
type Query struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Query string `json:"query,omitempty"` Removed bool `json:"removed"` Version string `json:"version,omitempty"` Interval int `json:"interval"` Platform string `json:"platform,omitempty"` Snapshot bool `json:"snapshot"` RunNow bool `json:"runNow"` Value string `json:"value,omitempty"` QuerypackID string `json:"querypackId,omitempty"` TableName string `json:"tableName,omitempty"` DataTypes CustomJSONString `json:"dataTypes,omitempty"` //This is super ephemeral Verified bool `json:"verified"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` }
func (Query) KeysToDelete ¶ added in v0.0.32
type QueryError ¶ added in v0.0.28
type QueryError struct { Message struct { Detail string `json:"detail"` } `json:"message"` }
type QueryJob ¶ added in v0.0.28
type QueryJob struct { ID string `json:"id"` Name string `json:"name"` Query string `json:"query" validate:"required"` Type string `json:"type" validate:"required,oneof=global"` Parameters []QueryJobParameter `json:"parameters,omitempty"` ParameterValues struct { From string `json:"from,omitempty"` To string `json:"to,omitempty"` } `json:"parameterValues,omitempty"` QueryID string `json:"queryId,omitempty"` Status string `json:"status,omitempty"` RowCount int `json:"rowCount"` Columns []QueryJobColumn `json:"columns,omitempty"` StartTime string `json:"startTime,omitempty"` EndTime string `json:"endTime,omitempty"` Error QueryError `json:"error"` Purged bool `json:"purged"` IncompleteResults bool `json:"incompleteResults"` AlertID string `json:"alertId,omitempty"` CreatedBy string `json:"createdBy"` UpdatedBy string `json:"updatedBy"` CreatedAt string `json:"createdAt"` UpdatedAt string `json:"updatedAt"` Source string `json:"source,omitempty"` ResultStore string `json:"resultStore,omitempty"` AgentType string `json:"agentType,omitempty"` ResourceType string `json:"resourceType,omitempty"` Links []LinkItem `json:"links"` }
func (QueryJob) KeysToDelete ¶ added in v0.0.28
type QueryJobColumn ¶ added in v0.0.28
type QueryJobParameter ¶ added in v0.0.28
type QueryJobResult ¶ added in v0.0.28
type QueryJobResult struct { QueryStats struct { CPUTimeMillis int `json:"cpuTimeMillis"` ProcessedRows int `json:"processedRows"` ProcessedBytes int `json:"processedBytes"` ElapsedTimeMillis int `json:"elapsedTimeMillis"` } `json:"queryStats"` Status string `json:"status"` ID string `json:"id"` Name string `json:"-"` RowDataHash string `json:"rowDataHash"` Error interface{} `json:"error"` EndTime string `json:"endTime"` StartTime string `json:"startTime"` RowCount int `json:"rowCount"` ResultStore string `json:"resultStore"` RowData CustomJSONString `json:"rowData"` CreatedAt string `json:"createdAt"` RowNumber int `json:"rowNumber"` QueryJobID string `json:"queryJobId"` Columns []QueryJobColumn `json:"columns"` Offset int `json:"offset"` Limit int `json:"limit"` Items []QueryJobResult `json:"items"` Links []LinkItem `json:"links"` }
func (QueryJobResult) GetID ¶ added in v0.0.28
func (T QueryJobResult) GetID() string
func (QueryJobResult) GetName ¶ added in v0.0.28
func (T QueryJobResult) GetName() string
func (QueryJobResult) KeysToDelete ¶ added in v0.0.28
func (T QueryJobResult) KeysToDelete() []string
type QueryJobResultsStats ¶ added in v0.0.28
type Querypack ¶ added in v0.0.22
type Querypack struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description" validate:"required,max=1024,min=1"` Type string `json:"type" validate:"required,oneof=compliance default hardware incident system vulnerability"` AdditionalLogger bool `json:"additionalLogger"` Custom bool `json:"custom"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` IsInternal bool `json:"isInternal"` ResourceType string `json:"resourceType"` Queries []Query `json:"queries"` Conf CustomJSONString `json:"conf,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (Querypack) KeysToDelete ¶ added in v0.0.22
type Querypacks ¶ added in v0.0.22
type RegistryEvents ¶
type RegistryEvents struct {
Action []string `json:"action"`
}
type RegistryPath ¶ added in v0.0.22
type RegistryPath struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Grouping string `json:"grouping,omitempty"` IncludeRegistryPaths []string `json:"includeRegistryPaths" validate:"required,min=1"` RegAccesses bool `json:"regAccesses"` ExcludeRegistryPaths []string `json:"excludeRegistryPaths"` Custom bool `json:"custom"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (RegistryPath) GetID ¶ added in v0.0.22
func (T RegistryPath) GetID() string
func (RegistryPath) GetName ¶ added in v0.0.22
func (T RegistryPath) GetName() string
func (RegistryPath) KeysToDelete ¶ added in v0.0.22
func (T RegistryPath) KeysToDelete() []string
type RegistryPaths ¶ added in v0.0.22
type RegistryPaths struct { Links []LinkItem `json:"links"` Items []RegistryPath `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type Role ¶ added in v0.0.21
type Role struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Permissions []string `json:"permissions" validate:"required,min=0"` Custom bool `json:"custom"` Hidden bool `json:"hidden"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` NoMinimalPermissions bool `json:"noMinimalPermissions"` RoleObjectGroups []ObjectGroup `json:"roleObjectGroups" validate:"required,min=0"` }
func (Role) KeysToDelete ¶ added in v0.0.21
type RuleException ¶
type SocketEvents ¶
type SocketEvents struct {
RemoteAddress []string `json:"remote_address"`
}
type Tag ¶ added in v0.0.22
type Tag struct { ID string `json:"id,omitempty"` Name string `json:"-"` // There is no name Value string `json:"value,omitempty"` Key string `json:"key"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` FlagProfileID string `json:"flagProfileId,omitempty"` CustomProfileID string `json:"customProfileId,omitempty"` ComplianceProfileID string `json:"complianceProfileId,omitempty"` ProcessBlockRuleID string `json:"processBlockRuleId,omitempty"` DNSBlockRuleID string `json:"dnsBlockRuleId,omitempty"` WindowsDefenderPreferenceID string `json:"windowsDefenderPreferenceId,omitempty"` TagRuleID string `json:"tagRuleId,omitempty"` Tag string `json:"tag,omitempty"` Custom bool `json:"custom"` System bool `json:"system"` CreatedAt string `json:"createdAt,omitempty"` ExpireAt string `json:"expireAt,omitempty"` Status string `json:"status,omitempty"` Source string `json:"source,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` ResourceType string `json:"resourceType,omitempty"` FilePathGroups []TagConfigurationObject `json:"filePathGroups" validate:"required,min=0"` EventExcludeProfiles []TagConfigurationObject `json:"eventExcludeProfiles" validate:"required,min=0"` RegistryPaths []TagConfigurationObject `json:"registryPaths" validate:"required,min=0"` Querypacks []TagConfigurationObject `json:"querypacks" validate:"required,min=0"` YaraGroupRules []TagConfigurationObject `json:"yaraGroupRules" validate:"required,min=0"` AuditConfigurations []TagConfigurationObject `json:"auditConfigurations" validate:"required,min=0"` }
func (Tag) KeysToDelete ¶ added in v0.0.22
type TagConfiguration ¶ added in v0.0.22
type TagConfiguration Tag
func (TagConfiguration) GetID ¶ added in v0.0.22
func (T TagConfiguration) GetID() string
func (TagConfiguration) GetName ¶ added in v0.0.22
func (T TagConfiguration) GetName() string
func (TagConfiguration) KeysToDelete ¶ added in v0.0.22
func (T TagConfiguration) KeysToDelete() []string
type TagConfigurationObject ¶ added in v0.0.22
type TagConfigurationObject struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` AuditConfigurationTag *TagConfigurationObjectDetails `json:"AuditConfigurationTag,omitempty"` YaraGroupRuleTag *TagConfigurationObjectDetails `json:"YaraGroupRuleTag,omitempty"` QuerypackTag *TagConfigurationObjectDetails `json:"QuerypackTag,omitempty"` RegistryPathTag *TagConfigurationObjectDetails `json:"RegistryPathTag,omitempty"` EventExcludeProfileTag *TagConfigurationObjectDetails `json:"EventExcludeProfileTag,omitempty"` FilePathGroupTag *TagConfigurationObjectDetails `json:"FilePathGroupTag,omitempty"` Links []LinkItem `json:"links,omitempty"` }
type TagConfigurationObjectDetails ¶ added in v0.0.22
type TagConfigurationObjectDetails struct { ID string `json:"id,omitempty"` AuditConfigurationID string `json:"auditConfigurationId,omitempty"` YaraGroupRuleID string `json:"yaraGroupRuleId,omitempty"` QuerypackID string `json:"querypackId,omitempty"` RegistryPathID string `json:"registryPathId,omitempty"` EventExcludeProfile string `json:"eventExcludeProfile,omitempty"` FilePathGroupID string `json:"filePathGroupId,omitempty"` TagID string `json:"tagId,omitempty"` CreatedBy string `json:"createdBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` }
type TagConfigurations ¶ added in v0.0.22
type TagConfigurations struct { Links []LinkItem `json:"links"` Items []TagConfiguration `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type TagRule ¶ added in v0.0.22
type TagRule struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty" validate:"required,max=255,min=1"` Description string `json:"description,omitempty"` Query string `json:"query,omitempty" validate:"required"` Source string `json:"source,omitempty" validate:"required,oneof=global realtime"` RunOnce bool `json:"runOnce"` Interval int `json:"interval,omitempty" validate:"required_if=RunOnce false"` OSqueryVersion string `json:"osqueryVersion,omitempty"` Platform string `json:"platform,omitempty" validate:"required_if=Source realtime"` Enabled bool `json:"enabled"` System bool `json:"system"` LastRunAt string `json:"lastRunAt,omitempty"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` ResourceType string `json:"resourceType,omitempty"` }
func (TagRule) KeysToDelete ¶ added in v0.0.22
type User ¶ added in v0.0.18
type User struct { ID string `json:"id,omitempty"` Name string `json:"name"` Email string `json:"email,omitempty" validate:"required_if=Bot false"` Phone string `json:"phone,omitempty" validate:"required_if=Bot false"` Active bool `json:"active"` SuperAdmin bool `json:"superAdmin"` Bot bool `json:"bot" validate:"excluded_with=Email"` Support bool `json:"support"` PriorLogin bool `json:"priorLogin"` ImageURL string `json:"imageUrl,omitempty"` Password string `json:"password,omitempty"` MaxIdleTimeMins int `json:"maxIdleTimeMins" validate:"required,max=360,min=1"` AlertHiddenColumns []string `json:"alertHiddenColumns" validate:"required,min=0"` UpdatedAt string `json:"updatedAt,omitempty"` CreatedAt string `json:"createdAt,omitempty"` LastUpdatedByUptycs string `json:"lastUpdatedByUptycs"` Roles []Role `json:"roles" validate:"required,min=0"` UserObjectGroups []ObjectGroup `json:"userObjectGroups" validate:"required,min=0"` }
func (User) KeysToDelete ¶ added in v0.0.18
type UserEvents ¶
type UserEvents struct {
Message []string `json:"message"`
}
type WindowsDefenderPreference ¶ added in v0.0.26
type WindowsDefenderPreference struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Priority int `json:"priority"` RealTimeScanDirection int `json:"realTimeScanDirection"` CheckForSignaturesBeforeRunningScan bool `json:"checkForSignaturesBeforeRunningScan"` ScanOnlyIfIdleEnabled bool `json:"scanOnlyIfIdleEnabled"` ScanScheduleDay int `json:"scanScheduleDay"` SignatureDisableUpdateOnStartupWithoutEngine bool `json:"signatureDisableUpdateOnStartupWithoutEngine"` SignatureScheduleDay int `json:"signatureScheduleDay"` DisablePrivacyMode bool `json:"disablePrivacyMode"` RandomizeScheduleTaskTimes bool `json:"randomizeScheduleTaskTimes"` DisableBehaviorMonitoring bool `json:"disableBehaviorMonitoring"` DisableIntrusionPreventionSystem bool `json:"disableIntrusionPreventionSystem"` DisableIOAVProtection bool `json:"disableIOAVProtection"` DisableRealtimeMonitoring bool `json:"disableRealtimeMonitoring"` DisableScriptScanning bool `json:"disableScriptScanning"` DisableArchiveScanning bool `json:"disableArchiveScanning"` DisableCatchupFullScan bool `json:"disableCatchupFullScan"` DisableCatchupQuickScan bool `json:"disableCatchupQuickScan"` DisableEmailScanning bool `json:"disableEmailScanning"` DisableRemovableDriveScanning bool `json:"disableRemovableDriveScanning"` DisableRestorePoint bool `json:"disableRestorePoint"` DisableScanningMappedNetworkDrivesForFullScan bool `json:"disableScanningMappedNetworkDrivesForFullScan"` DisableScanningNetworkFiles bool `json:"disableScanningNetworkFiles"` UILockdown bool `json:"uILockdown"` Force bool `json:"force"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Links []LinkItem `json:"links"` }
func (WindowsDefenderPreference) GetID ¶ added in v0.0.26
func (T WindowsDefenderPreference) GetID() string
func (WindowsDefenderPreference) GetName ¶ added in v0.0.26
func (T WindowsDefenderPreference) GetName() string
func (WindowsDefenderPreference) KeysToDelete ¶ added in v0.0.26
func (T WindowsDefenderPreference) KeysToDelete() []string
type WindowsDefenderPreferences ¶ added in v0.0.26
type WindowsDefenderPreferences struct { Links []LinkItem `json:"links"` Items []WindowsDefenderPreference `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
type YaraGroupRule ¶ added in v0.0.22
type YaraGroupRule struct { ID string `json:"id,omitempty"` Name string `json:"name,omitempty"` Description string `json:"description,omitempty"` Rules string `json:"rules,omitempty"` Custom bool `json:"custom"` CreatedBy string `json:"createdBy,omitempty"` UpdatedBy string `json:"updatedBy,omitempty"` CreatedAt string `json:"createdAt,omitempty"` UpdatedAt string `json:"updatedAt,omitempty"` Links []LinkItem `json:"links,omitempty"` }
func (YaraGroupRule) GetID ¶ added in v0.0.22
func (T YaraGroupRule) GetID() string
func (YaraGroupRule) GetName ¶ added in v0.0.22
func (T YaraGroupRule) GetName() string
func (YaraGroupRule) KeysToDelete ¶ added in v0.0.22
func (T YaraGroupRule) KeysToDelete() []string
type YaraGroupRules ¶ added in v0.0.22
type YaraGroupRules struct { Links []LinkItem `json:"links"` Items []YaraGroupRule `json:"items"` Offset int `json:"offset,omitempty"` Limit int `json:"limit,omitempty"` }
Source Files ¶
- alert_rule_category.go
- alertrule.go
- asset.go
- asset_group_rule.go
- asset_tag.go
- atc_query.go
- audit_configuration.go
- block_rule.go
- carve.go
- client.go
- compliance_profile.go
- custom_profile.go
- destination.go
- event_exclude_profile.go
- eventrule.go
- exception.go
- file_path_groups.go
- flag_profile.go
- lookup_table.go
- lookup_table_data_row.go
- models.go
- objectGroup.go
- query.go
- query_job.go
- query_job_result.go
- querypack.go
- registry_path.go
- role.go
- tag_configurations.go
- tag_rules.go
- tags.go
- test_common.go
- user.go
- utils.go
- windows_defender_preference.go
- yara_group_rules.go
Click to show internal directories.
Click to hide internal directories.