Documentation
¶
Index ¶
- func CreateToken(apiKey string, apiSecret string) (string, error)
- func RespFromFixture(fixtureFile string) (*http.Response, error)
- func SlimStructAsJSONString[T iAPIType](objectToSlim T, keysToDelete []string) ([]byte, error)
- func ValidateConfig(config Config) (bool, error)
- type AlertRule
- type AlertRuleCategories
- type AlertRuleCategory
- type AlertRuleDestination
- type AlertRuleQuery
- type AlertRules
- type Asset
- type AssetCapabilities
- type AssetCloudInfo
- type AssetGroupRule
- type AssetGroupRules
- type AssetInterface
- type AssetTag
- type AssetTags
- type Assets
- type AtcQueries
- type AtcQuery
- type AuditConfiguration
- type AuditConfigurations
- type AuditEntry
- type AutoAlertConfig
- type BlockRule
- type BlockRules
- type BuilderConfig
- type BuilderConfigLite
- type Carve
- type Carves
- type City
- type Client
- func (c *Client) CreateAlertRule(alertRule AlertRule) (AlertRule, error)
- func (c *Client) CreateAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
- func (c *Client) CreateAsset(asset Asset) (Asset, error)
- func (c *Client) CreateAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
- func (c *Client) CreateAssetTag(assetTag AssetTag) (AssetTag, error)
- func (c *Client) CreateAtcQuery(atcQuery AtcQuery) (AtcQuery, error)
- func (c *Client) CreateBlockRule(blockRule BlockRule) (BlockRule, error)
- func (c *Client) CreateCarve(carve Carve) (Carve, error)
- func (c *Client) CreateComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
- func (c *Client) CreateCustomProfile(customProfile CustomProfile) (CustomProfile, error)
- func (c *Client) CreateDestination(destination Destination) (Destination, error)
- func (c *Client) CreateEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
- func (c *Client) CreateEventRule(eventRule EventRule) (EventRule, error)
- func (c *Client) CreateException(exception Exception) (Exception, error)
- func (c *Client) CreateFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
- func (c *Client) CreateFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
- func (c *Client) CreateLookupTable(lookupTable LookupTable) (LookupTable, error)
- func (c *Client) CreateLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) CreateQuery(query Query) (Query, error)
- func (c *Client) CreateQueryJob(queryJob QueryJob) (QueryJob, error)
- func (c *Client) CreateQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
- func (c *Client) CreateQuerypack(querypack Querypack) (Querypack, error)
- func (c *Client) CreateRegistryPath(registryPath RegistryPath) (RegistryPath, error)
- func (c *Client) CreateRole(role Role) (Role, error)
- func (c *Client) CreateTag(tag Tag) (Tag, error)
- func (c *Client) CreateTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
- func (c *Client) CreateTagRule(tagRule TagRule) (TagRule, error)
- func (c *Client) CreateUser(user User) (User, error)
- func (c *Client) CreateWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
- func (c *Client) CreateYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
- func (c *Client) DeleteAlertRule(alertRule AlertRule) (AlertRule, error)
- func (c *Client) DeleteAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
- func (c *Client) DeleteAsset(asset Asset) (Asset, error)
- func (c *Client) DeleteAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
- func (c *Client) DeleteAssetTag(assetTag AssetTag) (AssetTag, error)
- func (c *Client) DeleteAtcQuery(atcQuery AtcQuery) (AtcQuery, error)
- func (c *Client) DeleteBlockRule(blockRule BlockRule) (BlockRule, error)
- func (c *Client) DeleteCarve(carve Carve) (Carve, error)
- func (c *Client) DeleteComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
- func (c *Client) DeleteCustomProfile(customProfile CustomProfile) (CustomProfile, error)
- func (c *Client) DeleteDestination(destination Destination) (Destination, error)
- func (c *Client) DeleteEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
- func (c *Client) DeleteEventRule(eventRule EventRule) (EventRule, error)
- func (c *Client) DeleteException(exception Exception) (Exception, error)
- func (c *Client) DeleteFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
- func (c *Client) DeleteFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
- func (c *Client) DeleteLookupTable(lookupTable LookupTable) (LookupTable, error)
- func (c *Client) DeleteLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) DeleteQuery(query Query) (Query, error)
- func (c *Client) DeleteQueryJob(queryJob QueryJob) (QueryJob, error)
- func (c *Client) DeleteQueryJobResult(queryJobResult QueryJobResult) (QueryJobResult, error)
- func (c *Client) DeleteQuerypack(querypack Querypack) (Querypack, error)
- func (c *Client) DeleteRegistryPath(registryPath RegistryPath) (RegistryPath, error)
- func (c *Client) DeleteRole(role Role) (Role, error)
- func (c *Client) DeleteTag(tag Tag) (Tag, error)
- func (c *Client) DeleteTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
- func (c *Client) DeleteTagRule(tagRule TagRule) (TagRule, error)
- func (c *Client) DeleteUser(user User) (User, error)
- func (c *Client) DeleteWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
- func (c *Client) DeleteYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
- func (c *Client) FindLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) GetAlertRule(alertRule AlertRule) (AlertRule, error)
- func (c *Client) GetAlertRuleCategories() (AlertRuleCategories, error)
- func (c *Client) GetAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
- func (c *Client) GetAlertRules() (AlertRules, error)
- func (c *Client) GetAsset(asset Asset) (Asset, error)
- func (c *Client) GetAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
- func (c *Client) GetAssetGroupRules() (AssetGroupRules, error)
- func (c *Client) GetAssetTag(assetTag AssetTag) (AssetTag, error)
- func (c *Client) GetAssetTags() (AssetTags, error)
- func (c *Client) GetAssets() (Assets, error)
- func (c *Client) GetAtcQueries() (AtcQueries, error)
- func (c *Client) GetAtcQuery(atcQuery AtcQuery) (AtcQuery, error)
- func (c *Client) GetAuditConfiguration(auditConfiguration AuditConfiguration) (AuditConfiguration, error)
- func (c *Client) GetAuditConfigurations() (AuditConfigurations, error)
- func (c *Client) GetBlockRule(blockRule BlockRule) (BlockRule, error)
- func (c *Client) GetBlockRules() (BlockRules, error)
- func (c *Client) GetCarve(carve Carve) (Carve, error)
- func (c *Client) GetCarves() (Carves, error)
- func (c *Client) GetComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
- func (c *Client) GetComplianceProfiles() (ComplianceProfiles, error)
- func (c *Client) GetCustomProfile(customProfile CustomProfile) (CustomProfile, error)
- func (c *Client) GetCustomProfiles() (CustomProfiles, error)
- func (c *Client) GetDestination(destination Destination) (Destination, error)
- func (c *Client) GetDestinations() (Destinations, error)
- func (c *Client) GetEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
- func (c *Client) GetEventExcludeProfiles() (EventExcludeProfiles, error)
- func (c *Client) GetEventRule(eventRule EventRule) (EventRule, error)
- func (c *Client) GetEventRules() (EventRules, error)
- func (c *Client) GetException(exception Exception) (Exception, error)
- func (c *Client) GetExceptions() (Exceptions, error)
- func (c *Client) GetFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
- func (c *Client) GetFilePathGroups() (FilePathGroups, error)
- func (c *Client) GetFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
- func (c *Client) GetFlagProfiles() (FlagProfiles, error)
- func (c *Client) GetLookupTable(lookupTable LookupTable) (LookupTable, error)
- func (c *Client) GetLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) GetLookupTables() (LookupTables, error)
- func (c *Client) GetObjectGroup(objectGroup ObjectGroup) (ObjectGroup, error)
- func (c *Client) GetObjectGroups() (ObjectGroups, error)
- func (c *Client) GetQueries() (Queries, error)
- func (c *Client) GetQuery(query Query) (Query, error)
- func (c *Client) GetQueryJob(queryJob QueryJob) (QueryJob, error)
- func (c *Client) GetQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
- func (c *Client) GetQueryJobs() (QueryJobs, error)
- func (c *Client) GetQuerypack(querypack Querypack) (Querypack, error)
- func (c *Client) GetQuerypacks() (Querypacks, error)
- func (c *Client) GetRegistryPath(registryPath RegistryPath) (RegistryPath, error)
- func (c *Client) GetRegistryPaths() (RegistryPaths, error)
- func (c *Client) GetRole(role Role) (Role, error)
- func (c *Client) GetRoles() (Roles, error)
- func (c *Client) GetTag(tag Tag) (Tag, error)
- func (c *Client) GetTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
- func (c *Client) GetTagConfigurations() (TagConfigurations, error)
- func (c *Client) GetTagRule(tagRule TagRule) (TagRule, error)
- func (c *Client) GetTagRules() (TagRules, error)
- func (c *Client) GetTags() (Tags, error)
- func (c *Client) GetUser(user User) (User, error)
- func (c *Client) GetUsers() (Users, error)
- func (c *Client) GetWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
- func (c *Client) GetWindowsDefenderPreferences() (WindowsDefenderPreferences, error)
- func (c *Client) GetYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
- func (c *Client) GetYaraGroupRules() (YaraGroupRules, error)
- func (c *Client) UpdateAlertRule(alertRule AlertRule) (AlertRule, error)
- func (c *Client) UpdateAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
- func (c *Client) UpdateAsset(asset Asset) (Asset, error)
- func (c *Client) UpdateAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
- func (c *Client) UpdateAssetTag(assetTag AssetTag) (AssetTag, error)
- func (c *Client) UpdateAtcQuery(atcQuery AtcQuery) (AtcQuery, error)
- func (c *Client) UpdateBlockRule(blockRule BlockRule) (BlockRule, error)
- func (c *Client) UpdateCarve(carve Carve) (Carve, error)
- func (c *Client) UpdateComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
- func (c *Client) UpdateCustomProfile(customProfile CustomProfile) (CustomProfile, error)
- func (c *Client) UpdateDestination(destination Destination) (Destination, error)
- func (c *Client) UpdateEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
- func (c *Client) UpdateEventRule(eventRule EventRule) (EventRule, error)
- func (c *Client) UpdateException(exception Exception) (Exception, error)
- func (c *Client) UpdateFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
- func (c *Client) UpdateFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
- func (c *Client) UpdateLookupTable(lookupTable LookupTable) (LookupTable, error)
- func (c *Client) UpdateLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
- func (c *Client) UpdateQuery(query Query) (Query, error)
- func (c *Client) UpdateQueryJob(queryJob QueryJob) (QueryJob, error)
- func (c *Client) UpdateQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
- func (c *Client) UpdateQuerypack(querypack Querypack) (Querypack, error)
- func (c *Client) UpdateRegistryPath(registryPath RegistryPath) (RegistryPath, error)
- func (c *Client) UpdateRole(role Role) (Role, error)
- func (c *Client) UpdateTag(tag Tag) (Tag, error)
- func (c *Client) UpdateTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
- func (c *Client) UpdateTagRule(tagRule TagRule) (TagRule, error)
- func (c *Client) UpdateUser(user User) (User, error)
- func (c *Client) UpdateWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
- func (c *Client) UpdateYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
- type ComplianceProfile
- type ComplianceProfiles
- type Config
- type CustomJSONString
- type CustomProfile
- type CustomProfiles
- type DNSLookupEvents
- type DataLookupTable
- type Destination
- type DestinationConfig
- type Destinations
- type EbpfDNSLookupEvents
- type EventExcludeProfile
- type EventExcludeProfileMetadata
- type EventExcludeProfiles
- type EventRule
- type EventRules
- type Exception
- type Exceptions
- type FilePathGroup
- type FilePathGroupSignature
- type FilePathGroups
- type FlagProfile
- type FlagProfiles
- type HTTPEvents
- type LinkItem
- type LookupTable
- type LookupTableDataRow
- type LookupTables
- type MockClient
- type ObjectGroup
- type ObjectGroups
- type PathStruct
- type ProcessEvents
- type ProcessFileEvents
- type Queries
- type Query
- type QueryError
- type QueryJob
- type QueryJobColumn
- type QueryJobParameter
- type QueryJobResult
- type QueryJobResultsStats
- type QueryJobs
- type Querypack
- type Querypacks
- type RegistryEvents
- type RegistryPath
- type RegistryPaths
- type Role
- type Roles
- type RuleException
- type SQLConfig
- type SocketEvents
- type Tag
- type TagConfiguration
- type TagConfigurationObject
- type TagConfigurationObjectDetails
- type TagConfigurations
- type TagRule
- type TagRules
- type Tags
- type User
- type UserEvents
- type Users
- type WindowsDefenderPreference
- type WindowsDefenderPreferences
- type YaraGroupRule
- type YaraGroupRules
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SlimStructAsJSONString ¶ added in v0.0.21
func ValidateConfig ¶
Types ¶
type AlertRule ¶
type AlertRule struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Code string `json:"code,omitempty"`
Type string `json:"type,omitempty" validate:"required,oneof=sql builder"`
Rule string `json:"rule,omitempty"`
Grouping string `json:"grouping,omitempty"`
Enabled bool `json:"enabled"`
Custom bool `json:"custom"`
Throttled bool `json:"throttled"`
CreatedAt string `json:"createdAt,omitempty"`
IsInternal bool `json:"isInternal"`
AlertTags []string `json:"alertTags" validate:"required_if=Type sql"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
TimeSuppresionStart string `json:"timeSuppresionStart,omitempty"`
TimeSuppresionDuration int `json:"timeSuppresionDuration,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
GroupingL2 string `json:"groupingL2,omitempty"`
GroupingL3 string `json:"groupingL3,omitempty"`
Lock bool `json:"lock"`
AlertNotifyInterval int `json:"alertNotifyInterval,omitempty"`
AlertNotifyCount int `json:"alertNotifyCount,omitempty"`
AlertRuleExceptions []RuleException `json:"alertRuleExceptions"`
Destinations []AlertRuleDestination `json:"destinations"`
SQLConfig *SQLConfig `json:"sqlConfig,omitempty"`
Links []LinkItem `json:"links,omitempty"`
BuilderConfig *BuilderConfigLite `json:"builderConfig"`
}
func (AlertRule) KeysToDelete ¶ added in v0.0.18
type AlertRuleCategories ¶ added in v0.0.23
type AlertRuleCategories struct {
Links []LinkItem `json:"links"`
Items []AlertRuleCategory `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type AlertRuleCategory ¶ added in v0.0.23
type AlertRuleCategory struct {
ID string `json:"id,omitempty"`
RuleID string `json:"ruleId,omitempty"`
Name string `json:"name,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (AlertRuleCategory) GetID ¶ added in v0.0.23
func (T AlertRuleCategory) GetID() string
func (AlertRuleCategory) GetName ¶ added in v0.0.23
func (T AlertRuleCategory) GetName() string
func (AlertRuleCategory) KeysToDelete ¶ added in v0.0.23
func (T AlertRuleCategory) KeysToDelete() []string
type AlertRuleDestination ¶
type AlertRuleDestination struct {
ID string `json:"id,omitempty"`
RuleID string `json:"ruleId,omitempty"`
Severity string `json:"severity,omitempty"`
DestinationID string `json:"destinationId,omitempty"`
NotifyEveryAlert bool `json:"notifyEveryAlert"`
CloseAfterDelivery bool `json:"closeAfterDelivery"`
CreatedAt string `json:"createdAt,omitempty"`
}
type AlertRuleQuery ¶
type AlertRules ¶
type Asset ¶ added in v0.0.27
type Asset struct {
Gateway string `json:"gateway,omitempty"`
Name string `json:"hostname,omitempty"` // there is no name, use hostname for ease
CityID string `json:"cityId,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
Disabled bool `json:"disabled"`
HostName string `json:"hostName,omitempty"`
ID string `json:"id,omitempty"`
LastEnrolledAt string `json:"lastEnrolledAt,omitempty"`
Os string `json:"os,omitempty"`
OsFlavor string `json:"osFlavor,omitempty"`
OsqueryVersion string `json:"osqueryVersion,omitempty"`
OsVersion string `json:"osVersion,omitempty"`
Status string `json:"status,omitempty"`
UpgradeState bool `json:"upgradeState"`
ObjectGroupID string `json:"objectGroupId,omitempty"`
Live bool `json:"live"`
Location string `json:"location,omitempty"`
ManualSlackAssignment bool `json:"manualSlackAssignment"`
HardwareVendor string `json:"hardwareVendor,omitempty"`
AssetObjectGroupID string `json:"assetObjectGroupId,omitempty"`
PackageObjectGroupID string `json:"packageObjectGroupId,omitempty"`
ObjectGroup ObjectGroup `json:"objectGroup"`
City City `json:"city"`
AssetCloudInfo AssetCloudInfo `json:"assetCloudInfo"`
LastActivityAt string `json:"lastActivityAt,omitempty"`
LastUpgradedAt string `json:"lastUpgradedAt,omitempty"`
EventExcludeProfiles []EventExcludeProfiles `json:"eventExcludeProfiles"`
Tags []string `json:"tags"`
Capabilities []AssetCapabilities `json:"capabilities"`
OsDisplay string `json:"osDisplay,omitempty"`
Description string `json:"description,omitempty"`
Latitude float64 `json:"latitude"`
Longitude float64 `json:"longitude"`
CPUBrand string `json:"cpuBrand,omitempty"`
HardwareModel string `json:"hardwareModel,omitempty"`
HardwareSerial string `json:"hardwareSerial,omitempty"`
Cores int `json:"cores"`
LogicalCores int `json:"logicalCores"`
MemoryMb int `json:"memoryMb"`
OsKey string `json:"osKey,omitempty"`
OsVersionSortable string `json:"osVersionSortable,omitempty"`
ProfileID string `json:"profileId,omitempty"`
OsqueryVersionSortable string `json:"osqueryVersionSortable,omitempty"`
UpgradeOsqueryVersion string `json:"upgradeOsqueryVersion,omitempty"`
NewEpoch bool `json:"newEpoch"`
LastEpoch string `json:"lastEpoch,omitempty"`
ComplianceProfileID string `json:"complianceProfileId,omitempty"`
Flags CustomJSONString `json:"flags"`
UpdatedBy string `json:"updatedBy,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
DeletedAt string `json:"deletedAt,omitempty"`
FlagsFile string `json:"flagsFile,omitempty"`
FlagsFileChecksum string `json:"flagsFileChecksum,omitempty"`
ActiveFlagProfileID string `json:"activeFlagProfileId,omitempty"`
ActiveFlagProfileSource string `json:"activeFlagProfileSource,omitempty"`
ActiveCustomProfileID string `json:"activeCustomProfileId,omitempty"`
ActiveCustomProfileSource string `json:"activeCustomProfileSource,omitempty"`
Protect bool `json:"protect"`
AgentVersion string `json:"agentVersion,omitempty"`
AgentVersionSortable string `json:"agentVersionSortable,omitempty"`
AgentID string `json:"agentId,omitempty"`
AgentType string `json:"agentType,omitempty"`
ResourceType string `json:"resourceType,omitempty"`
Arch string `json:"arch,omitempty"`
Platform string `json:"platform,omitempty"`
PlatformLike string `json:"platformLike,omitempty"`
AssetCapabilities []AssetCapabilities `json:"assetCapabilities"`
Interfaces []AssetInterface `json:"interfaces"`
Links []LinkItem `json:"links"`
}
func (Asset) KeysToDelete ¶ added in v0.0.27
type AssetCapabilities ¶ added in v0.0.27
type AssetCapabilities struct {
ID string `json:"id"`
AssetID string `json:"assetId,omitempty"`
Name string `json:"name,omitempty"`
Status string `json:"status,omitempty"`
IndividualStatus struct {
ConfigurationStatus string `json:"configurationStatus,omitempty"`
FlagStatus string `json:"flagStatus,omitempty"`
ScheduledQueryStatus string `json:"scheduledQueryStatus,omitempty"`
} `json:"individualStatus,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
}
type AssetCloudInfo ¶ added in v0.0.27
type AssetCloudInfo struct {
CloudID string `json:"cloudId,omitempty"`
Provider string `json:"provider,omitempty"`
Account string `json:"account,omitempty"`
Image string `json:"image,omitempty"`
Type string `json:"type,omitempty"`
Region string `json:"region,omitempty"`
Zone string `json:"zone,omitempty"`
Service string `json:"service,omitempty"`
}
type AssetGroupRule ¶ added in v0.0.23
type AssetGroupRule struct {
ID string `json:"id,omitempty"`
Name string `json:"name"`
Description string `json:"description,omitempty"`
Query string `json:"query"`
Interval int `json:"interval,omitempty"`
OsqueryVersion string `json:"osqueryVersion,omitempty"`
Platform string `json:"platform,omitempty"`
Enabled bool `json:"enabled"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (AssetGroupRule) GetID ¶ added in v0.0.23
func (T AssetGroupRule) GetID() string
func (AssetGroupRule) GetName ¶ added in v0.0.23
func (T AssetGroupRule) GetName() string
func (AssetGroupRule) KeysToDelete ¶ added in v0.0.23
func (T AssetGroupRule) KeysToDelete() []string
type AssetGroupRules ¶ added in v0.0.23
type AssetGroupRules struct {
Links []LinkItem `json:"links"`
Items []AssetGroupRule `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type AssetInterface ¶ added in v0.0.27
type AssetTag ¶ added in v0.0.27
AssetTag only supports PUT/POST/DELETE, not GET
func (AssetTag) KeysToDelete ¶ added in v0.0.27
type AssetTags ¶ added in v0.0.27
type AssetTags struct {
Links []LinkItem `json:"links"`
Items []AssetTag `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
This wont actually exist, cant get assetTags
type AtcQueries ¶ added in v0.0.23
type AtcQuery ¶ added in v0.0.23
type AtcQuery struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Query string `json:"query,omitempty"`
OsPaths struct {
Darwin []PathStruct `json:"darwin,omitempty"`
Debian []PathStruct `json:"debian,omitempty"`
Windows []PathStruct `json:"windows,omitempty"`
} `json:"osPaths,omitempty"`
Columns []struct {
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
} `json:"columns,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (AtcQuery) KeysToDelete ¶ added in v0.0.23
type AuditConfiguration ¶ added in v0.0.22
type AuditConfiguration struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Framework string `json:"framework" validate:"required,oneof=CIS PCI CUSTOM FEDRAMP SOC2 HIPAA STIG NIST ISO VDA-TISAX"`
Version string `json:"version" validate:"required,max=256,min=1"`
OsVersion string `json:"osVersion" validate:"required,min=1"`
Platform string `json:"platform" validate:"required,min=1"`
TableName string `json:"tableName" validate:"required,min=1"`
Sha256 string `json:"sha256,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Type string `json:"type,omitempty"`
Checks int `json:"checks,omitempty"`
AuditEntry []AuditEntry `json:"auditEntities"`
Links []LinkItem `json:"links,omitempty"`
}
func (AuditConfiguration) GetID ¶ added in v0.0.22
func (T AuditConfiguration) GetID() string
func (AuditConfiguration) GetName ¶ added in v0.0.22
func (T AuditConfiguration) GetName() string
func (AuditConfiguration) KeysToDelete ¶ added in v0.0.22
func (T AuditConfiguration) KeysToDelete() []string
type AuditConfigurations ¶ added in v0.0.22
type AuditConfigurations struct {
Links []LinkItem `json:"links"`
Items []AuditConfiguration `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type AuditEntry ¶ added in v0.0.22
type AuditEntry struct {
ID string `json:"id,omitempty"`
AuditConfigurationID string `json:"auditConfigurationId,omitempty"`
AuditName []string `json:"auditName"`
Standard string `json:"standard,omitempty"`
Version string `json:"version,omitempty"`
Section string `json:"section,omitempty"`
Title string `json:"title,omitempty"`
Scored bool `json:"scored"`
Level string `json:"level,omitempty"`
Description string `json:"description,omitempty"`
Rationale string `json:"rationale,omitempty"`
Command string `json:"command,omitempty"`
Remediation string `json:"remediation,omitempty"`
ExpectedValue string `json:"expectedValue,omitempty"`
AuthoritativeSource string `json:"authoritativeSource,omitempty"`
Exception string `json:"exception,omitempty"`
Chapter string `json:"chapter,omitempty"`
CheckID string `json:"checkId,omitempty"`
Enabled bool `json:"enabled"`
Service string `json:"service,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
Score float64 `json:"score"`
UpdatedBy string `json:"updatedBy,omitempty"`
RunCategory int `json:"runCategory"`
Timeout int `json:"timeout"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
IsManual bool `json:"isManual"`
}
type AutoAlertConfig ¶
type AutoAlertConfig struct {
RaiseAlert bool `json:"raiseAlert"`
DisableAlert bool `json:"disableAlert"`
MetadataSources CustomJSONString `json:"metadataSources,omitempty"`
}
type BlockRule ¶ added in v0.0.26
type BlockRule struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Platform string `json:"platform,omitempty"`
Priority int `json:"priority"`
Type string `json:"type,omitempty"`
Status string `json:"status,omitempty"`
Custom bool `json:"custom"`
EnableLockdown bool `json:"enableLockdown"`
CertificateMode string `json:"certificateMode,omitempty"`
HasLookupTable bool `json:"hasLookupTable"`
CreatedAt string `json:"createdAt,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
Checks int `json:"checks"`
AssetsCount int `json:"assetsCount"`
UptycsProtectEnabledCount int `json:"uptycsProtectEnabledCount"`
Links []LinkItem `json:"links,omitempty"`
}
func (BlockRule) KeysToDelete ¶ added in v0.0.26
type BlockRules ¶ added in v0.0.26
type BuilderConfig ¶
type BuilderConfig struct {
ID string `json:"id,omitempty"`
TableName string `json:"tableName,omitempty"`
Added bool `json:"added"`
MatchesFilter bool `json:"matchesFilter"`
Filters CustomJSONString `json:"filters,omitempty"`
Severity string `json:"severity,omitempty"`
Key string `json:"key,omitempty"`
ValueField string `json:"valueField,omitempty"`
AutoAlertConfig AutoAlertConfig `json:"autoAlertConfig"`
}
type BuilderConfigLite ¶ added in v0.0.27
type BuilderConfigLite struct {
ID string `json:"id"`
}
type Carve ¶ added in v0.0.23
type Carve struct {
ID string `json:"id,omitempty"`
Name string `json:"-"` // Required but not actually in a carve
AssetID string `json:"assetId,omitempty"`
Path string `json:"path,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Status string `json:"status,omitempty"`
DeletedUserName string `json:"deletedUserName,omitempty"`
DeletedAt string `json:"deletedAt,omitempty"`
AssetHostName string `json:"assetHostName,omitempty"`
Offset int `json:"offset,omitempty"`
Length int `json:"length,omitempty"`
}
func (Carve) KeysToDelete ¶ added in v0.0.23
type City ¶ added in v0.0.27
type City struct {
ID string `json:"id"`
Name string `json:"name,omitempty"`
SubdivisionIsoCode string `json:"subdivisionIsoCode,omitempty"`
SubdivisionName string `json:"subdivisionName,omitempty"`
CountryIsoCode string `json:"countryIsoCode,omitempty"`
CountryName string `json:"countryName,omitempty"`
}
type Client ¶
func (*Client) CreateAlertRule ¶
func (*Client) CreateAlertRuleCategory ¶ added in v0.0.23
func (c *Client) CreateAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
func (*Client) CreateAsset ¶ added in v0.0.27
func (*Client) CreateAssetGroupRule ¶ added in v0.0.23
func (c *Client) CreateAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
func (*Client) CreateAssetTag ¶ added in v0.0.27
func (*Client) CreateAtcQuery ¶ added in v0.0.23
func (*Client) CreateBlockRule ¶ added in v0.0.26
func (*Client) CreateCarve ¶ added in v0.0.23
func (*Client) CreateComplianceProfile ¶ added in v0.0.22
func (c *Client) CreateComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
func (*Client) CreateCustomProfile ¶ added in v0.0.26
func (c *Client) CreateCustomProfile(customProfile CustomProfile) (CustomProfile, error)
func (*Client) CreateDestination ¶
func (c *Client) CreateDestination(destination Destination) (Destination, error)
func (*Client) CreateEventExcludeProfile ¶
func (c *Client) CreateEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
func (*Client) CreateEventRule ¶
func (*Client) CreateException ¶ added in v0.0.26
func (*Client) CreateFilePathGroup ¶ added in v0.0.22
func (c *Client) CreateFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
func (*Client) CreateFlagProfile ¶ added in v0.0.26
func (c *Client) CreateFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
func (*Client) CreateLookupTable ¶ added in v0.0.28
func (c *Client) CreateLookupTable(lookupTable LookupTable) (LookupTable, error)
func (*Client) CreateLookupTableDataRow ¶ added in v0.0.28
func (c *Client) CreateLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) CreateQuery ¶ added in v0.0.32
func (*Client) CreateQueryJob ¶ added in v0.0.28
func (*Client) CreateQueryJobResults ¶ added in v0.0.28
func (c *Client) CreateQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
func (*Client) CreateQuerypack ¶ added in v0.0.22
func (*Client) CreateRegistryPath ¶ added in v0.0.22
func (c *Client) CreateRegistryPath(registryPath RegistryPath) (RegistryPath, error)
func (*Client) CreateTagConfiguration ¶ added in v0.0.22
func (c *Client) CreateTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
func (*Client) CreateTagRule ¶ added in v0.0.22
func (*Client) CreateWindowsDefenderPreference ¶ added in v0.0.26
func (c *Client) CreateWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
func (*Client) CreateYaraGroupRule ¶ added in v0.0.22
func (c *Client) CreateYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
func (*Client) DeleteAlertRule ¶
func (*Client) DeleteAlertRuleCategory ¶ added in v0.0.23
func (c *Client) DeleteAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
func (*Client) DeleteAsset ¶ added in v0.0.27
func (*Client) DeleteAssetGroupRule ¶ added in v0.0.23
func (c *Client) DeleteAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
func (*Client) DeleteAssetTag ¶ added in v0.0.27
func (*Client) DeleteAtcQuery ¶ added in v0.0.23
func (*Client) DeleteBlockRule ¶ added in v0.0.26
func (*Client) DeleteCarve ¶ added in v0.0.23
func (*Client) DeleteComplianceProfile ¶ added in v0.0.22
func (c *Client) DeleteComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
func (*Client) DeleteCustomProfile ¶ added in v0.0.26
func (c *Client) DeleteCustomProfile(customProfile CustomProfile) (CustomProfile, error)
func (*Client) DeleteDestination ¶
func (c *Client) DeleteDestination(destination Destination) (Destination, error)
func (*Client) DeleteEventExcludeProfile ¶
func (c *Client) DeleteEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
func (*Client) DeleteEventRule ¶
func (*Client) DeleteException ¶ added in v0.0.26
func (*Client) DeleteFilePathGroup ¶ added in v0.0.22
func (c *Client) DeleteFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
func (*Client) DeleteFlagProfile ¶ added in v0.0.26
func (c *Client) DeleteFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
func (*Client) DeleteLookupTable ¶ added in v0.0.28
func (c *Client) DeleteLookupTable(lookupTable LookupTable) (LookupTable, error)
func (*Client) DeleteLookupTableDataRow ¶ added in v0.0.28
func (c *Client) DeleteLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) DeleteQuery ¶ added in v0.0.32
func (*Client) DeleteQueryJob ¶ added in v0.0.28
func (*Client) DeleteQueryJobResult ¶ added in v0.0.28
func (c *Client) DeleteQueryJobResult(queryJobResult QueryJobResult) (QueryJobResult, error)
func (*Client) DeleteQuerypack ¶ added in v0.0.22
func (*Client) DeleteRegistryPath ¶ added in v0.0.22
func (c *Client) DeleteRegistryPath(registryPath RegistryPath) (RegistryPath, error)
func (*Client) DeleteTagConfiguration ¶ added in v0.0.22
func (c *Client) DeleteTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
func (*Client) DeleteTagRule ¶ added in v0.0.22
func (*Client) DeleteWindowsDefenderPreference ¶ added in v0.0.26
func (c *Client) DeleteWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
func (*Client) DeleteYaraGroupRule ¶ added in v0.0.22
func (c *Client) DeleteYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
func (*Client) FindLookupTableDataRow ¶ added in v0.0.28
func (c *Client) FindLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) GetAlertRuleCategories ¶ added in v0.0.23
func (c *Client) GetAlertRuleCategories() (AlertRuleCategories, error)
func (*Client) GetAlertRuleCategory ¶ added in v0.0.23
func (c *Client) GetAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
func (*Client) GetAlertRules ¶
func (c *Client) GetAlertRules() (AlertRules, error)
func (*Client) GetAssetGroupRule ¶ added in v0.0.23
func (c *Client) GetAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
func (*Client) GetAssetGroupRules ¶ added in v0.0.23
func (c *Client) GetAssetGroupRules() (AssetGroupRules, error)
func (*Client) GetAssetTag ¶ added in v0.0.27
func (*Client) GetAssetTags ¶ added in v0.0.27
func (*Client) GetAtcQueries ¶ added in v0.0.23
func (c *Client) GetAtcQueries() (AtcQueries, error)
func (*Client) GetAtcQuery ¶ added in v0.0.23
func (*Client) GetAuditConfiguration ¶ added in v0.0.22
func (c *Client) GetAuditConfiguration(auditConfiguration AuditConfiguration) (AuditConfiguration, error)
func (*Client) GetAuditConfigurations ¶ added in v0.0.22
func (c *Client) GetAuditConfigurations() (AuditConfigurations, error)
func (*Client) GetBlockRule ¶ added in v0.0.26
func (*Client) GetBlockRules ¶ added in v0.0.26
func (c *Client) GetBlockRules() (BlockRules, error)
func (*Client) GetComplianceProfile ¶ added in v0.0.22
func (c *Client) GetComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
func (*Client) GetComplianceProfiles ¶ added in v0.0.22
func (c *Client) GetComplianceProfiles() (ComplianceProfiles, error)
func (*Client) GetCustomProfile ¶ added in v0.0.26
func (c *Client) GetCustomProfile(customProfile CustomProfile) (CustomProfile, error)
func (*Client) GetCustomProfiles ¶ added in v0.0.26
func (c *Client) GetCustomProfiles() (CustomProfiles, error)
func (*Client) GetDestination ¶
func (c *Client) GetDestination(destination Destination) (Destination, error)
func (*Client) GetDestinations ¶
func (c *Client) GetDestinations() (Destinations, error)
func (*Client) GetEventExcludeProfile ¶
func (c *Client) GetEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
func (*Client) GetEventExcludeProfiles ¶
func (c *Client) GetEventExcludeProfiles() (EventExcludeProfiles, error)
func (*Client) GetEventRules ¶
func (c *Client) GetEventRules() (EventRules, error)
func (*Client) GetException ¶ added in v0.0.26
func (*Client) GetExceptions ¶ added in v0.0.26
func (c *Client) GetExceptions() (Exceptions, error)
func (*Client) GetFilePathGroup ¶ added in v0.0.22
func (c *Client) GetFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
func (*Client) GetFilePathGroups ¶ added in v0.0.22
func (c *Client) GetFilePathGroups() (FilePathGroups, error)
func (*Client) GetFlagProfile ¶ added in v0.0.26
func (c *Client) GetFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
func (*Client) GetFlagProfiles ¶ added in v0.0.26
func (c *Client) GetFlagProfiles() (FlagProfiles, error)
func (*Client) GetLookupTable ¶ added in v0.0.28
func (c *Client) GetLookupTable(lookupTable LookupTable) (LookupTable, error)
func (*Client) GetLookupTableDataRow ¶ added in v0.0.28
func (c *Client) GetLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) GetLookupTables ¶ added in v0.0.28
func (c *Client) GetLookupTables() (LookupTables, error)
func (*Client) GetObjectGroup ¶ added in v0.0.21
func (c *Client) GetObjectGroup(objectGroup ObjectGroup) (ObjectGroup, error)
func (*Client) GetObjectGroups ¶ added in v0.0.21
func (c *Client) GetObjectGroups() (ObjectGroups, error)
func (*Client) GetQueries ¶ added in v0.0.32
func (*Client) GetQueryJob ¶ added in v0.0.28
func (*Client) GetQueryJobResults ¶ added in v0.0.28
func (c *Client) GetQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
func (*Client) GetQueryJobs ¶ added in v0.0.28
func (*Client) GetQuerypack ¶ added in v0.0.22
func (*Client) GetQuerypacks ¶ added in v0.0.22
func (c *Client) GetQuerypacks() (Querypacks, error)
func (*Client) GetRegistryPath ¶ added in v0.0.22
func (c *Client) GetRegistryPath(registryPath RegistryPath) (RegistryPath, error)
func (*Client) GetRegistryPaths ¶ added in v0.0.22
func (c *Client) GetRegistryPaths() (RegistryPaths, error)
func (*Client) GetTagConfiguration ¶ added in v0.0.22
func (c *Client) GetTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
func (*Client) GetTagConfigurations ¶ added in v0.0.22
func (c *Client) GetTagConfigurations() (TagConfigurations, error)
func (*Client) GetTagRule ¶ added in v0.0.22
func (*Client) GetTagRules ¶ added in v0.0.22
func (*Client) GetWindowsDefenderPreference ¶ added in v0.0.26
func (c *Client) GetWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
func (*Client) GetWindowsDefenderPreferences ¶ added in v0.0.26
func (c *Client) GetWindowsDefenderPreferences() (WindowsDefenderPreferences, error)
func (*Client) GetYaraGroupRule ¶ added in v0.0.22
func (c *Client) GetYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
func (*Client) GetYaraGroupRules ¶ added in v0.0.22
func (c *Client) GetYaraGroupRules() (YaraGroupRules, error)
func (*Client) UpdateAlertRule ¶
func (*Client) UpdateAlertRuleCategory ¶ added in v0.0.23
func (c *Client) UpdateAlertRuleCategory(alertRuleCategory AlertRuleCategory) (AlertRuleCategory, error)
func (*Client) UpdateAsset ¶ added in v0.0.27
func (*Client) UpdateAssetGroupRule ¶ added in v0.0.23
func (c *Client) UpdateAssetGroupRule(assetGroupRule AssetGroupRule) (AssetGroupRule, error)
func (*Client) UpdateAssetTag ¶ added in v0.0.27
func (*Client) UpdateAtcQuery ¶ added in v0.0.23
func (*Client) UpdateBlockRule ¶ added in v0.0.26
func (*Client) UpdateCarve ¶ added in v0.0.23
func (*Client) UpdateComplianceProfile ¶ added in v0.0.22
func (c *Client) UpdateComplianceProfile(complianceProfile ComplianceProfile) (ComplianceProfile, error)
func (*Client) UpdateCustomProfile ¶ added in v0.0.26
func (c *Client) UpdateCustomProfile(customProfile CustomProfile) (CustomProfile, error)
func (*Client) UpdateDestination ¶
func (c *Client) UpdateDestination(destination Destination) (Destination, error)
func (*Client) UpdateEventExcludeProfile ¶
func (c *Client) UpdateEventExcludeProfile(eventExcludeProfile EventExcludeProfile) (EventExcludeProfile, error)
func (*Client) UpdateEventRule ¶
func (*Client) UpdateException ¶ added in v0.0.26
func (*Client) UpdateFilePathGroup ¶ added in v0.0.22
func (c *Client) UpdateFilePathGroup(filePathGroup FilePathGroup) (FilePathGroup, error)
func (*Client) UpdateFlagProfile ¶ added in v0.0.26
func (c *Client) UpdateFlagProfile(flagProfile FlagProfile) (FlagProfile, error)
func (*Client) UpdateLookupTable ¶ added in v0.0.28
func (c *Client) UpdateLookupTable(lookupTable LookupTable) (LookupTable, error)
func (*Client) UpdateLookupTableDataRow ¶ added in v0.0.28
func (c *Client) UpdateLookupTableDataRow(lookupTable LookupTable, lookupTableDataRow LookupTableDataRow) (LookupTableDataRow, error)
func (*Client) UpdateQuery ¶ added in v0.0.32
func (*Client) UpdateQueryJob ¶ added in v0.0.28
func (*Client) UpdateQueryJobResults ¶ added in v0.0.28
func (c *Client) UpdateQueryJobResults(queryJobResult QueryJobResult) (QueryJobResult, error)
func (*Client) UpdateQuerypack ¶ added in v0.0.22
func (*Client) UpdateRegistryPath ¶ added in v0.0.22
func (c *Client) UpdateRegistryPath(registryPath RegistryPath) (RegistryPath, error)
func (*Client) UpdateTagConfiguration ¶ added in v0.0.22
func (c *Client) UpdateTagConfiguration(tagConfiguration TagConfiguration) (TagConfiguration, error)
func (*Client) UpdateTagRule ¶ added in v0.0.22
func (*Client) UpdateWindowsDefenderPreference ¶ added in v0.0.26
func (c *Client) UpdateWindowsDefenderPreference(windowsDefenderPreference WindowsDefenderPreference) (WindowsDefenderPreference, error)
func (*Client) UpdateYaraGroupRule ¶ added in v0.0.22
func (c *Client) UpdateYaraGroupRule(yaraGroupRule YaraGroupRule) (YaraGroupRule, error)
type ComplianceProfile ¶ added in v0.0.22
type ComplianceProfile struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Custom bool `json:"custom"`
Priority int `json:"priority,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (ComplianceProfile) GetID ¶ added in v0.0.22
func (T ComplianceProfile) GetID() string
func (ComplianceProfile) GetName ¶ added in v0.0.22
func (T ComplianceProfile) GetName() string
func (ComplianceProfile) KeysToDelete ¶ added in v0.0.22
func (T ComplianceProfile) KeysToDelete() []string
type ComplianceProfiles ¶ added in v0.0.22
type ComplianceProfiles struct {
Links []LinkItem `json:"links"`
Items []ComplianceProfile `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
Decorators []string `json:"decorators"`
}
type CustomJSONString ¶ added in v0.0.22
type CustomJSONString string
func (CustomJSONString) MarshalJSON ¶ added in v0.0.22
func (bcfs CustomJSONString) MarshalJSON() ([]byte, error)
func (*CustomJSONString) UnmarshalJSON ¶ added in v0.0.22
func (bcfs *CustomJSONString) UnmarshalJSON(raw []byte) error
type CustomProfile ¶ added in v0.0.26
type CustomProfile struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
QuerySchedules CustomJSONString `json:"querySchedules,omitempty" validate:"required,min=1"`
Priority int `json:"priority"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
ResourceType string `json:"resourceType,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (CustomProfile) GetID ¶ added in v0.0.26
func (T CustomProfile) GetID() string
func (CustomProfile) GetName ¶ added in v0.0.26
func (T CustomProfile) GetName() string
func (CustomProfile) KeysToDelete ¶ added in v0.0.26
func (T CustomProfile) KeysToDelete() []string
type CustomProfiles ¶ added in v0.0.26
type CustomProfiles struct {
Links []LinkItem `json:"links"`
Items []CustomProfile `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type DNSLookupEvents ¶ added in v0.0.21
type DataLookupTable ¶ added in v0.0.28
type DataLookupTable struct {
ID string `json:"id"`
LookupTableID string `json:"lookupTableId"`
LookupTableName string `json:"lookupTableName"`
LookupKeyName string `json:"lookupKeyName"`
Enabled bool `json:"enabled"`
RefreshFrequencyMinutes int `json:"refreshFrequencyMinutes"`
LastRefreshAt string `json:"lastRefreshAt"`
RefreshInfo struct {
Key string `json:"key"`
Query string `json:"query"`
UptDay int `json:"uptDay"`
UptBatch int `json:"uptBatch"`
TableName string `json:"tableName"`
CustomerDb string `json:"customerDb"`
LookupTable string `json:"lookupTable"`
LookupSchema string `json:"lookupSchema"`
LastRefreshAt int64 `json:"lastRefreshAt"`
RefreshFrequency int `json:"refreshFrequency"`
QueryForDashboard string `json:"queryForDashboard"`
} `json:"refreshInfo"`
}
type Destination ¶
type Destination struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Type string `json:"type,omitempty" validate:"oneof=email slack http pagerduty azure"`
Address string `json:"address,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
Enabled bool `json:"enabled"`
Default bool `json:"default"`
Config DestinationConfig `json:"config,omitempty"`
Template struct {
Template string `json:"template,omitempty"`
} `json:"template,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (Destination) GetID ¶ added in v0.0.18
func (T Destination) GetID() string
func (Destination) GetName ¶ added in v0.0.18
func (T Destination) GetName() string
func (Destination) KeysToDelete ¶ added in v0.0.18
func (T Destination) KeysToDelete() []string
type DestinationConfig ¶ added in v0.0.31
type DestinationConfig struct {
Sender string `json:"sender,omitempty"`
Method string `json:"method,omitempty"`
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
DataKey string `json:"dataKey,omitempty"`
Token string `json:"token,omitempty"`
SlackAttachment bool `json:"slackAttachment,omitempty"` //noqa
Headers CustomJSONString `json:"headers,omitempty"`
}
type Destinations ¶
type Destinations struct {
Links []LinkItem `json:"links"`
Items []Destination `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type EbpfDNSLookupEvents ¶ added in v0.0.21
type EventExcludeProfile ¶
type EventExcludeProfile struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Priority int `json:"priority,omitempty"`
Metadata EventExcludeProfileMetadata `json:"metadata,omitempty"`
MetadataJSON string `json:"metadataJson,omitempty"`
ResourceType string `json:"resourceType,omitempty"`
Platform string `json:"platform,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (EventExcludeProfile) GetID ¶ added in v0.0.18
func (T EventExcludeProfile) GetID() string
func (EventExcludeProfile) GetName ¶ added in v0.0.18
func (T EventExcludeProfile) GetName() string
func (EventExcludeProfile) KeysToDelete ¶ added in v0.0.18
func (T EventExcludeProfile) KeysToDelete() []string
type EventExcludeProfileMetadata ¶
type EventExcludeProfileMetadata struct {
DNSLookupEvents DNSLookupEvents `json:"dns_lookup_events,omitempty"`
UserEvents UserEvents `json:"user_events,omitempty"`
SocketEvents SocketEvents `json:"socket_events,omitempty"`
ProcessEvents ProcessEvents `json:"process_events,omitempty"`
RegistryEvents RegistryEvents `json:"registry_events,omitempty"`
ProcessFileEvents ProcessFileEvents `json:"process_file_events,omitempty"`
HTTPEvents HTTPEvents `json:"http_events,omitempty"`
EbpfDNSLookupEvents EbpfDNSLookupEvents `json:"ebpf_dns_lookup_events,omitempty"`
}
type EventExcludeProfiles ¶
type EventExcludeProfiles struct {
Links []LinkItem `json:"links"`
Items []EventExcludeProfile `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type EventRule ¶
type EventRule struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Code string `json:"code,omitempty"`
Type string `json:"type,omitempty"`
Rule string `json:"rule,omitempty"`
Grouping string `json:"grouping,omitempty"`
Enabled bool `json:"enabled"`
Custom bool `json:"custom"`
CreatedAt string `json:"createdAt,omitempty"`
IsInternal bool `json:"isInternal"`
EventTags []string `json:"eventTags"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
GroupingL2 string `json:"groupingL2,omitempty"`
GroupingL3 string `json:"groupingL3,omitempty"`
Score string `json:"score,omitempty"`
Lock bool `json:"lock"`
Exceptions []RuleException `json:"exceptions"`
SQLConfig *SQLConfig `json:"sqlConfig,omitempty"`
BuilderConfig *BuilderConfig `json:"builderConfig"`
Links []LinkItem `json:"links,omitempty"`
}
func (EventRule) KeysToDelete ¶ added in v0.0.18
type EventRules ¶
type Exception ¶ added in v0.0.26
type Exception struct {
ID string `json:"id"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
ExceptionType string `json:"exceptionType,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
TableName string `json:"tableName,omitempty"`
IsGlobal bool `json:"isGlobal"`
Custom bool `json:"custom"`
Disabled bool `json:"disabled"`
CloseOpenAlerts bool `json:"closeOpenAlerts"`
Rule CustomJSONString `json:"rule,omitempty"`
Links []LinkItem `json:"links"`
}
func (Exception) KeysToDelete ¶ added in v0.0.26
type Exceptions ¶ added in v0.0.26
type FilePathGroup ¶ added in v0.0.22
type FilePathGroup struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Grouping string `json:"grouping,omitempty"`
IncludePaths []string `json:"includePaths"`
IncludePathExtensions []string `json:"includePathExtensions"`
ExcludePaths []string `json:"excludePaths"`
Custom bool `json:"custom" validate:"required"`
CheckSignature bool `json:"checkSignature"`
FileAccesses bool `json:"fileAccesses"`
ExcludeProcessNames []string `json:"excludeProcessNames"`
PriorityPaths []string `json:"priorityPaths"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Signatures []FilePathGroupSignature `json:"signatures" validate:"required,min=0"`
YaraGroupRules []YaraGroupRule `json:"yaraGroupRules" validate:"required,min=0"`
Links []LinkItem `json:"links,omitempty"`
}
func (FilePathGroup) GetID ¶ added in v0.0.22
func (T FilePathGroup) GetID() string
func (FilePathGroup) GetName ¶ added in v0.0.22
func (T FilePathGroup) GetName() string
func (FilePathGroup) KeysToDelete ¶ added in v0.0.22
func (T FilePathGroup) KeysToDelete() []string
type FilePathGroupSignature ¶ added in v0.0.22
type FilePathGroupSignature struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Paths []string `json:"paths"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
}
type FilePathGroups ¶ added in v0.0.22
type FilePathGroups struct {
Links []LinkItem `json:"links"`
Items []FilePathGroup `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type FlagProfile ¶ added in v0.0.26
type FlagProfile struct {
ID string `json:"id,omitempty"`
Custom bool `json:"custom"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Priority int `json:"priority"`
Flags CustomJSONString `json:"flags,omitempty" validate:"required,min=1"`
OsFlags CustomJSONString `json:"osFlags,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
ResourceType string `json:"resourceType,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (FlagProfile) GetID ¶ added in v0.0.26
func (T FlagProfile) GetID() string
func (FlagProfile) GetName ¶ added in v0.0.26
func (T FlagProfile) GetName() string
func (FlagProfile) KeysToDelete ¶ added in v0.0.26
func (T FlagProfile) KeysToDelete() []string
type FlagProfiles ¶ added in v0.0.26
type FlagProfiles struct {
Links []LinkItem `json:"links"`
Items []FlagProfile `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type HTTPEvents ¶ added in v0.0.21
type HTTPEvents struct {
Host []string `json:"host"`
}
type LookupTable ¶ added in v0.0.28
type LookupTable struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description,omitempty"`
Active bool `json:"active"`
IDField string `json:"idField,omitempty"`
RowCount int `json:"rowCount"`
ForRuleEngine bool `json:"forRuleEngine"`
CreatedBy string `json:"createdBy"`
UpdatedBy string `json:"updatedBy"`
CreatedAt string `json:"createdAt"`
UpdatedAt string `json:"updatedAt"`
DataLookupTable DataLookupTable `json:"dataLookupTable,omitempty"`
FetchRowsquery string `json:"fetchRowsquery"`
DataRows []LookupTableDataRow `json:"-,omitempty"`
Links []LinkItem `json:"links"`
}
func (LookupTable) GetID ¶ added in v0.0.28
func (T LookupTable) GetID() string
func (LookupTable) GetName ¶ added in v0.0.28
func (T LookupTable) GetName() string
func (LookupTable) KeysToDelete ¶ added in v0.0.28
func (T LookupTable) KeysToDelete() []string
type LookupTableDataRow ¶ added in v0.0.28
type LookupTableDataRow struct {
ID string `json:"id"`
Name string `json:"-"` //Not provided
LookupTableID string `json:"lookupTableId"`
IDFieldValue string `json:"idFieldValue"`
Data CustomJSONString `json:"data"`
CreatedAt string `json:"createdAt"`
}
func GetAllLookupTableData ¶ added in v0.0.28
func GetAllLookupTableData(c *Client, endpointStr string) ([]LookupTableDataRow, error)
func (LookupTableDataRow) GetID ¶ added in v0.0.28
func (T LookupTableDataRow) GetID() string
func (LookupTableDataRow) GetName ¶ added in v0.0.28
func (T LookupTableDataRow) GetName() string
func (LookupTableDataRow) KeysToDelete ¶ added in v0.0.28
func (T LookupTableDataRow) KeysToDelete() []string
type LookupTables ¶ added in v0.0.28
type LookupTables struct {
Links []LinkItem `json:"links"`
Items []LookupTable `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type ObjectGroup ¶ added in v0.0.21
type ObjectGroup struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Key string `json:"key,omitempty"`
Value string `json:"value,omitempty"`
AssetGroupRuleID string `json:"assetGroupRuleId,omitempty"`
ObjectGroupID string `json:"objectGroupId,omitempty"`
UserID string `json:"userid,omitempty"`
RoleID string `json:"roleid,omitempty"`
Description string `json:"description,omitempty"`
Secret string `json:"secret,omitempty"`
ObjectType string `json:"objectType,omitempty"`
Custom bool `json:"custom"`
RetentionDays int `json:"retentionDays,omitempty"`
RangerID int `json:"rangerId,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Destinations []Destination `json:"destinations"`
}
func (ObjectGroup) GetID ¶ added in v0.0.21
func (T ObjectGroup) GetID() string
func (ObjectGroup) GetName ¶ added in v0.0.21
func (T ObjectGroup) GetName() string
func (ObjectGroup) KeysToDelete ¶ added in v0.0.21
func (T ObjectGroup) KeysToDelete() []string
type ObjectGroups ¶ added in v0.0.21
type ObjectGroups struct {
Links []LinkItem `json:"links"`
Items []ObjectGroup `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type PathStruct ¶ added in v0.0.23
type PathStruct struct {
Path string `json:"path,omitempty"`
}
type ProcessEvents ¶
type ProcessEvents struct {
Path []string `json:"path"`
}
type ProcessFileEvents ¶
type Query ¶ added in v0.0.22
type Query struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Query string `json:"query,omitempty"`
Removed bool `json:"removed"`
Version string `json:"version,omitempty"`
Interval int `json:"interval"`
Platform string `json:"platform,omitempty"`
Snapshot bool `json:"snapshot"`
RunNow bool `json:"runNow"`
Value string `json:"value,omitempty"`
QuerypackID string `json:"querypackId,omitempty"`
TableName string `json:"tableName,omitempty"`
DataTypes CustomJSONString `json:"dataTypes,omitempty"` //This is super ephemeral
Verified bool `json:"verified"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
}
func (Query) KeysToDelete ¶ added in v0.0.32
type QueryError ¶ added in v0.0.28
type QueryError struct {
Message struct {
Detail string `json:"detail"`
} `json:"message"`
}
type QueryJob ¶ added in v0.0.28
type QueryJob struct {
ID string `json:"id"`
Name string `json:"name"`
Query string `json:"query" validate:"required"`
Type string `json:"type" validate:"required,oneof=global"`
Parameters []QueryJobParameter `json:"parameters,omitempty"`
ParameterValues struct {
From string `json:"from,omitempty"`
To string `json:"to,omitempty"`
} `json:"parameterValues,omitempty"`
QueryID string `json:"queryId,omitempty"`
Status string `json:"status,omitempty"`
RowCount int `json:"rowCount"`
Columns []QueryJobColumn `json:"columns,omitempty"`
StartTime string `json:"startTime,omitempty"`
EndTime string `json:"endTime,omitempty"`
Error QueryError `json:"error"`
Purged bool `json:"purged"`
IncompleteResults bool `json:"incompleteResults"`
AlertID string `json:"alertId,omitempty"`
CreatedBy string `json:"createdBy"`
UpdatedBy string `json:"updatedBy"`
CreatedAt string `json:"createdAt"`
UpdatedAt string `json:"updatedAt"`
Source string `json:"source,omitempty"`
ResultStore string `json:"resultStore,omitempty"`
AgentType string `json:"agentType,omitempty"`
ResourceType string `json:"resourceType,omitempty"`
Links []LinkItem `json:"links"`
}
func (QueryJob) KeysToDelete ¶ added in v0.0.28
type QueryJobColumn ¶ added in v0.0.28
type QueryJobParameter ¶ added in v0.0.28
type QueryJobResult ¶ added in v0.0.28
type QueryJobResult struct {
QueryStats struct {
CPUTimeMillis int `json:"cpuTimeMillis"`
ProcessedRows int `json:"processedRows"`
ProcessedBytes int `json:"processedBytes"`
ElapsedTimeMillis int `json:"elapsedTimeMillis"`
} `json:"queryStats"`
Status string `json:"status"`
ID string `json:"id"`
Name string `json:"-"`
RowDataHash string `json:"rowDataHash"`
Error interface{} `json:"error"`
EndTime string `json:"endTime"`
StartTime string `json:"startTime"`
RowCount int `json:"rowCount"`
ResultStore string `json:"resultStore"`
RowData CustomJSONString `json:"rowData"`
CreatedAt string `json:"createdAt"`
RowNumber int `json:"rowNumber"`
QueryJobID string `json:"queryJobId"`
Columns []QueryJobColumn `json:"columns"`
Offset int `json:"offset"`
Limit int `json:"limit"`
Items []QueryJobResult `json:"items"`
Links []LinkItem `json:"links"`
}
func (QueryJobResult) GetID ¶ added in v0.0.28
func (T QueryJobResult) GetID() string
func (QueryJobResult) GetName ¶ added in v0.0.28
func (T QueryJobResult) GetName() string
func (QueryJobResult) KeysToDelete ¶ added in v0.0.28
func (T QueryJobResult) KeysToDelete() []string
type QueryJobResultsStats ¶ added in v0.0.28
type Querypack ¶ added in v0.0.22
type Querypack struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description" validate:"required,max=1024,min=1"`
Type string `json:"type" validate:"required,oneof=compliance default hardware incident system vulnerability"`
AdditionalLogger bool `json:"additionalLogger"`
Custom bool `json:"custom"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
IsInternal bool `json:"isInternal"`
ResourceType string `json:"resourceType"`
Queries []Query `json:"queries"`
Conf CustomJSONString `json:"conf,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (Querypack) KeysToDelete ¶ added in v0.0.22
type Querypacks ¶ added in v0.0.22
type RegistryEvents ¶
type RegistryEvents struct {
Action []string `json:"action"`
}
type RegistryPath ¶ added in v0.0.22
type RegistryPath struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Grouping string `json:"grouping,omitempty"`
IncludeRegistryPaths []string `json:"includeRegistryPaths" validate:"required,min=1"`
RegAccesses bool `json:"regAccesses"`
ExcludeRegistryPaths []string `json:"excludeRegistryPaths"`
Custom bool `json:"custom"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (RegistryPath) GetID ¶ added in v0.0.22
func (T RegistryPath) GetID() string
func (RegistryPath) GetName ¶ added in v0.0.22
func (T RegistryPath) GetName() string
func (RegistryPath) KeysToDelete ¶ added in v0.0.22
func (T RegistryPath) KeysToDelete() []string
type RegistryPaths ¶ added in v0.0.22
type RegistryPaths struct {
Links []LinkItem `json:"links"`
Items []RegistryPath `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type Role ¶ added in v0.0.21
type Role struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Permissions []string `json:"permissions" validate:"required,min=0"`
Custom bool `json:"custom"`
Hidden bool `json:"hidden"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
NoMinimalPermissions bool `json:"noMinimalPermissions"`
RoleObjectGroups []ObjectGroup `json:"roleObjectGroups" validate:"required,min=0"`
}
func (Role) KeysToDelete ¶ added in v0.0.21
type RuleException ¶
type SocketEvents ¶
type SocketEvents struct {
RemoteAddress []string `json:"remote_address"`
}
type Tag ¶ added in v0.0.22
type Tag struct {
ID string `json:"id,omitempty"`
Name string `json:"-"` // There is no name
Value string `json:"value,omitempty"`
Key string `json:"key"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
FlagProfileID string `json:"flagProfileId,omitempty"`
CustomProfileID string `json:"customProfileId,omitempty"`
ComplianceProfileID string `json:"complianceProfileId,omitempty"`
ProcessBlockRuleID string `json:"processBlockRuleId,omitempty"`
DNSBlockRuleID string `json:"dnsBlockRuleId,omitempty"`
WindowsDefenderPreferenceID string `json:"windowsDefenderPreferenceId,omitempty"`
TagRuleID string `json:"tagRuleId,omitempty"`
Tag string `json:"tag,omitempty"`
Custom bool `json:"custom"`
System bool `json:"system"`
CreatedAt string `json:"createdAt,omitempty"`
ExpireAt string `json:"expireAt,omitempty"`
Status string `json:"status,omitempty"`
Source string `json:"source,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
ResourceType string `json:"resourceType,omitempty"`
FilePathGroups []TagConfigurationObject `json:"filePathGroups" validate:"required,min=0"`
EventExcludeProfiles []TagConfigurationObject `json:"eventExcludeProfiles" validate:"required,min=0"`
RegistryPaths []TagConfigurationObject `json:"registryPaths" validate:"required,min=0"`
Querypacks []TagConfigurationObject `json:"querypacks" validate:"required,min=0"`
YaraGroupRules []TagConfigurationObject `json:"yaraGroupRules" validate:"required,min=0"`
AuditConfigurations []TagConfigurationObject `json:"auditConfigurations" validate:"required,min=0"`
}
func (Tag) KeysToDelete ¶ added in v0.0.22
type TagConfiguration ¶ added in v0.0.22
type TagConfiguration Tag
func (TagConfiguration) GetID ¶ added in v0.0.22
func (T TagConfiguration) GetID() string
func (TagConfiguration) GetName ¶ added in v0.0.22
func (T TagConfiguration) GetName() string
func (TagConfiguration) KeysToDelete ¶ added in v0.0.22
func (T TagConfiguration) KeysToDelete() []string
type TagConfigurationObject ¶ added in v0.0.22
type TagConfigurationObject struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
AuditConfigurationTag *TagConfigurationObjectDetails `json:"AuditConfigurationTag,omitempty"`
YaraGroupRuleTag *TagConfigurationObjectDetails `json:"YaraGroupRuleTag,omitempty"`
QuerypackTag *TagConfigurationObjectDetails `json:"QuerypackTag,omitempty"`
RegistryPathTag *TagConfigurationObjectDetails `json:"RegistryPathTag,omitempty"`
EventExcludeProfileTag *TagConfigurationObjectDetails `json:"EventExcludeProfileTag,omitempty"`
FilePathGroupTag *TagConfigurationObjectDetails `json:"FilePathGroupTag,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
type TagConfigurationObjectDetails ¶ added in v0.0.22
type TagConfigurationObjectDetails struct {
ID string `json:"id,omitempty"`
AuditConfigurationID string `json:"auditConfigurationId,omitempty"`
YaraGroupRuleID string `json:"yaraGroupRuleId,omitempty"`
QuerypackID string `json:"querypackId,omitempty"`
RegistryPathID string `json:"registryPathId,omitempty"`
EventExcludeProfile string `json:"eventExcludeProfile,omitempty"`
FilePathGroupID string `json:"filePathGroupId,omitempty"`
TagID string `json:"tagId,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
}
type TagConfigurations ¶ added in v0.0.22
type TagConfigurations struct {
Links []LinkItem `json:"links"`
Items []TagConfiguration `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type TagRule ¶ added in v0.0.22
type TagRule struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty" validate:"required,max=255,min=1"`
Description string `json:"description,omitempty"`
Query string `json:"query,omitempty" validate:"required"`
Source string `json:"source,omitempty" validate:"required,oneof=global realtime"`
RunOnce bool `json:"runOnce"`
Interval int `json:"interval,omitempty" validate:"required_if=RunOnce false"`
OSqueryVersion string `json:"osqueryVersion,omitempty"`
Platform string `json:"platform,omitempty" validate:"required_if=Source realtime"`
Enabled bool `json:"enabled"`
System bool `json:"system"`
LastRunAt string `json:"lastRunAt,omitempty"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
ResourceType string `json:"resourceType,omitempty"`
}
func (TagRule) KeysToDelete ¶ added in v0.0.22
type User ¶ added in v0.0.18
type User struct {
ID string `json:"id,omitempty"`
Name string `json:"name"`
Email string `json:"email,omitempty" validate:"required_if=Bot false"`
Phone string `json:"phone,omitempty" validate:"required_if=Bot false"`
Active bool `json:"active"`
SuperAdmin bool `json:"superAdmin"`
Bot bool `json:"bot" validate:"excluded_with=Email"`
Support bool `json:"support"`
PriorLogin bool `json:"priorLogin"`
ImageURL string `json:"imageUrl,omitempty"`
Password string `json:"password,omitempty"`
MaxIdleTimeMins int `json:"maxIdleTimeMins" validate:"required,max=360,min=1"`
AlertHiddenColumns []string `json:"alertHiddenColumns" validate:"required,min=0"`
UpdatedAt string `json:"updatedAt,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
LastUpdatedByUptycs string `json:"lastUpdatedByUptycs"`
Roles []Role `json:"roles" validate:"required,min=0"`
UserObjectGroups []ObjectGroup `json:"userObjectGroups" validate:"required,min=0"`
}
func (User) KeysToDelete ¶ added in v0.0.18
type UserEvents ¶
type UserEvents struct {
Message []string `json:"message"`
}
type WindowsDefenderPreference ¶ added in v0.0.26
type WindowsDefenderPreference struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Priority int `json:"priority"`
RealTimeScanDirection int `json:"realTimeScanDirection"`
CheckForSignaturesBeforeRunningScan bool `json:"checkForSignaturesBeforeRunningScan"`
ScanOnlyIfIdleEnabled bool `json:"scanOnlyIfIdleEnabled"`
ScanScheduleDay int `json:"scanScheduleDay"`
SignatureDisableUpdateOnStartupWithoutEngine bool `json:"signatureDisableUpdateOnStartupWithoutEngine"`
SignatureScheduleDay int `json:"signatureScheduleDay"`
DisablePrivacyMode bool `json:"disablePrivacyMode"`
RandomizeScheduleTaskTimes bool `json:"randomizeScheduleTaskTimes"`
DisableBehaviorMonitoring bool `json:"disableBehaviorMonitoring"`
DisableIntrusionPreventionSystem bool `json:"disableIntrusionPreventionSystem"`
DisableIOAVProtection bool `json:"disableIOAVProtection"`
DisableRealtimeMonitoring bool `json:"disableRealtimeMonitoring"`
DisableScriptScanning bool `json:"disableScriptScanning"`
DisableArchiveScanning bool `json:"disableArchiveScanning"`
DisableCatchupFullScan bool `json:"disableCatchupFullScan"`
DisableCatchupQuickScan bool `json:"disableCatchupQuickScan"`
DisableEmailScanning bool `json:"disableEmailScanning"`
DisableRemovableDriveScanning bool `json:"disableRemovableDriveScanning"`
DisableRestorePoint bool `json:"disableRestorePoint"`
DisableScanningMappedNetworkDrivesForFullScan bool `json:"disableScanningMappedNetworkDrivesForFullScan"`
DisableScanningNetworkFiles bool `json:"disableScanningNetworkFiles"`
UILockdown bool `json:"uILockdown"`
Force bool `json:"force"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Links []LinkItem `json:"links"`
}
func (WindowsDefenderPreference) GetID ¶ added in v0.0.26
func (T WindowsDefenderPreference) GetID() string
func (WindowsDefenderPreference) GetName ¶ added in v0.0.26
func (T WindowsDefenderPreference) GetName() string
func (WindowsDefenderPreference) KeysToDelete ¶ added in v0.0.26
func (T WindowsDefenderPreference) KeysToDelete() []string
type WindowsDefenderPreferences ¶ added in v0.0.26
type WindowsDefenderPreferences struct {
Links []LinkItem `json:"links"`
Items []WindowsDefenderPreference `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
type YaraGroupRule ¶ added in v0.0.22
type YaraGroupRule struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
Rules string `json:"rules,omitempty"`
Custom bool `json:"custom"`
CreatedBy string `json:"createdBy,omitempty"`
UpdatedBy string `json:"updatedBy,omitempty"`
CreatedAt string `json:"createdAt,omitempty"`
UpdatedAt string `json:"updatedAt,omitempty"`
Links []LinkItem `json:"links,omitempty"`
}
func (YaraGroupRule) GetID ¶ added in v0.0.22
func (T YaraGroupRule) GetID() string
func (YaraGroupRule) GetName ¶ added in v0.0.22
func (T YaraGroupRule) GetName() string
func (YaraGroupRule) KeysToDelete ¶ added in v0.0.22
func (T YaraGroupRule) KeysToDelete() []string
type YaraGroupRules ¶ added in v0.0.22
type YaraGroupRules struct {
Links []LinkItem `json:"links"`
Items []YaraGroupRule `json:"items"`
Offset int `json:"offset,omitempty"`
Limit int `json:"limit,omitempty"`
}
Source Files
¶
- alert_rule_category.go
- alertrule.go
- asset.go
- asset_group_rule.go
- asset_tag.go
- atc_query.go
- audit_configuration.go
- block_rule.go
- carve.go
- client.go
- compliance_profile.go
- custom_profile.go
- destination.go
- event_exclude_profile.go
- eventrule.go
- exception.go
- file_path_groups.go
- flag_profile.go
- lookup_table.go
- lookup_table_data_row.go
- models.go
- objectGroup.go
- query.go
- query_job.go
- query_job_result.go
- querypack.go
- registry_path.go
- role.go
- tag_configurations.go
- tag_rules.go
- tags.go
- test_common.go
- user.go
- utils.go
- windows_defender_preference.go
- yara_group_rules.go
Click to show internal directories.
Click to hide internal directories.