trireme-lib: Index | Files | Directories

package collector

import ""


Package Files

default.go interfaces.go


const (
    // FlowReject indicates that a flow was rejected
    FlowReject = "reject"
    // FlowAccept logs that a flow is accepted
    FlowAccept = "accept"
    // MissingToken indicates that the token was missing
    MissingToken = "missingtoken"
    // InvalidToken indicates that the token was invalid
    InvalidToken = "token"
    // InvalidFormat indicates that the packet metadata were not correct
    InvalidFormat = "format"
    // InvalidHeader indicates that the TCP header was not there.
    InvalidHeader = "header"
    // InvalidPayload indicates that the TCP payload was not there or bad.
    InvalidPayload = "payload"
    // InvalidContext indicates that there was no context in the metadata
    InvalidContext = "context"
    // InvalidConnection indicates that there was no connection found
    InvalidConnection = "connection"
    // InvalidState indicates that a packet was received without proper state information
    InvalidState = "state"
    // InvalidNonse indicates that the nonse check failed
    InvalidNonse = "nonse"
    // PolicyDrop indicates that the flow is rejected because of the policy decision
    PolicyDrop = "policy"
    // APIPolicyDrop indicates that the request was dropped because of failed API validation.
    APIPolicyDrop = "api"
    // UnableToDial indicates that the proxy cannot dial out the connection
    UnableToDial = "dial"
    // CompressedTagMismatch indicates that the compressed tag version is dissimilar
    CompressedTagMismatch = "compressedtagmismatch"
    // EncryptionMismatch indicates that the policy encryption varies between client and server enforcer
    EncryptionMismatch = "encryptionmismatch"
    // DatapathVersionMismatch indicates that the datapath version is dissimilar
    DatapathVersionMismatch = "datapathversionmismatch"

Flow event description

const (
    // ContainerStart indicates a container start event
    ContainerStart = "start"
    // ContainerStop indicates a container stop event
    ContainerStop = "stop"
    // ContainerCreate indicates a container create event
    ContainerCreate = "create"
    // ContainerDelete indicates a container delete event
    ContainerDelete = "delete"
    // ContainerUpdate indicates a container policy update event
    ContainerUpdate = "update"
    // ContainerFailed indicates an event that a container was stopped because of policy issues
    ContainerFailed = "forcestop"
    // ContainerIgnored indicates that the container will be ignored by Trireme
    ContainerIgnored = "ignore"
    // ContainerDeleteUnknown indicates that policy for an unknown  container was deleted
    ContainerDeleteUnknown = "unknowncontainer"

Container event description

const (
    // PolicyValid Normal flow accept
    PolicyValid = "V"
    // DefaultEndPoint  provides a string for unknown container sources
    DefaultEndPoint = "default"
    // SomeClaimsSource provides a string for some claims flow source.
    SomeClaimsSource = "some-claims"

func StatsFlowHash Uses

func StatsFlowHash(r *FlowRecord) string

StatsFlowHash is a hash function to hash flows

func StatsUserHash Uses

func StatsUserHash(r *UserRecord) error

StatsUserHash is a hash function to hash user records

type ContainerRecord Uses

type ContainerRecord struct {
    ContextID string
    IPAddress policy.ExtendedMap
    Tags      *policy.TagStore
    Event     string

ContainerRecord is a statistics record for a container

type DefaultCollector Uses

type DefaultCollector struct{}

DefaultCollector implements a default collector infrastructure to syslog

func (*DefaultCollector) CollectContainerEvent Uses

func (d *DefaultCollector) CollectContainerEvent(record *ContainerRecord)

CollectContainerEvent is part of the EventCollector interface.

func (*DefaultCollector) CollectFlowEvent Uses

func (d *DefaultCollector) CollectFlowEvent(record *FlowRecord)

CollectFlowEvent is part of the EventCollector interface.

func (*DefaultCollector) CollectPacketEvent Uses

func (d *DefaultCollector) CollectPacketEvent(report *PacketReport)

CollectPacketEvent collects packet events from the datapath

func (*DefaultCollector) CollectTraceEvent Uses

func (d *DefaultCollector) CollectTraceEvent(records []string)

CollectTraceEvent collects iptables trace events

func (*DefaultCollector) CollectUserEvent Uses

func (d *DefaultCollector) CollectUserEvent(record *UserRecord)

CollectUserEvent is part of the EventCollector interface.

type EndPoint Uses

type EndPoint struct {
    ID         string
    IP         string
    URI        string
    HTTPMethod string
    UserID     string
    Type       EndPointType
    Port       uint16

EndPoint is a structure that holds all the endpoint information

type EndPointType Uses

type EndPointType byte

EndPointType is the type of an endpoint (PU or an external IP address )

const (
    // EndPointTypeExternalIP indicates that the endpoint is an external IP address
    EndPointTypeExternalIP EndPointType = iota
    // EnpointTypePU indicates that the endpoint is a PU.
    // EndpointTypeClaims indicates that the endpoint is of type claims.

func (*EndPointType) String Uses

func (e *EndPointType) String() string

type EventCollector Uses

type EventCollector interface {

    // CollectFlowEvent collect a  flow event.
    CollectFlowEvent(record *FlowRecord)

    // CollectContainerEvent collects a container events
    CollectContainerEvent(record *ContainerRecord)

    // CollectUserEvent  collects a user event
    CollectUserEvent(record *UserRecord)

    // CollectTraceEvent collects a set of trace messages generated with Iptables trace command
    CollectTraceEvent(records []string)

    // CollectPacketEvent collects packet event from nfqdatapath
    CollectPacketEvent(report *PacketReport)

EventCollector is the interface for collecting events.

func NewDefaultCollector Uses

func NewDefaultCollector() EventCollector

NewDefaultCollector returns a default implementation of an EventCollector

type FlowRecord Uses

type FlowRecord struct {
    ContextID        string
    Source           *EndPoint
    Destination      *EndPoint
    Tags             *policy.TagStore
    DropReason       string
    PolicyID         string
    ObservedPolicyID string
    ServiceType      policy.ServiceType
    ServiceID        string
    Count            int
    Action           policy.ActionType
    ObservedAction   policy.ActionType
    L4Protocol       uint8

FlowRecord describes a flow record for statistis

func (*FlowRecord) String Uses

func (f *FlowRecord) String() string

type PacketReport Uses

type PacketReport struct {
    TCPFlags        int
    Claims          []string
    DestinationIP   string
    DestinationPort int
    DropReason      string
    Encrypt         bool
    Event           packettracing.PacketEvent
    Length          int
    Mark            int
    Namespace       string
    PacketID        int
    Protocol        int
    PUID            string
    SourceIP        string
    SourcePort      int
    TriremePacket   bool

PacketReport is the struct which is used to report packets captured in datapath

type UserRecord Uses

type UserRecord struct {
    ID     string
    Claims []string

UserRecord reports a new user access. These will be reported periodically.


mockcollectorPackage mockcollector is a generated GoMock package.

Package collector imports 7 packages (graph) and is imported by 40 packages. Updated 2019-03-20. Refresh now. Tools for package owners.