model

package
v0.0.0-...-cc1f0fe Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 29, 2025 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var JobStatus = []string{
	"Scheduled",
	"Running",
	"Failed",
	"Success",
}
View Source 
var Migrations embed.FS
View Source 
var ServerToken = fp.Random(20)

Functions

func FromEnv 

func FromEnv(name string, defaults []string) []string

Types

type Asset 

type Asset struct {
	ID     string `gorm:"primaryKey"`
	Status string
	Type   string
	Name   string
	Addr   string
	Notes  string
	CaseID string

	FirstSeen Time `gorm:"->"`
	LastSeen  Time `gorm:"->"`
}

type Case 

type Case struct {
	ID             string
	Name           string
	SummaryWho     string
	SummaryWhat    string
	SummaryWhen    string
	SummaryWhere   string
	SummaryWhy     string
	SummaryHow     string
	Classification string
	Severity       string
	Outcome        string
	Closed         bool

	SketchID int

	Assets     []Asset     `gorm:"-"`
	Evidences  []Evidence  `gorm:"-"`
	Indicators []Indicator `gorm:"-"`
	Events     []Event     `gorm:"-"`
	Malware    []Malware   `gorm:"-"`
	Notes      []Note      `gorm:"-"`
	Tasks      []Task      `gorm:"-"`
}

func (Case) String 

func (c Case) String() string

type Enum 

type Enum struct {
	ID       string `gorm:"primaryKey"`
	Category string `gorm:"<-:create"`
	Rank     int
	Name     string
	Icon     string
	State    string
}

type Enums 

type Enums struct {
	AssetStatus     []Enum
	AssetTypes      []Enum
	CaseSeverities  []Enum
	CaseOutcomes    []Enum
	EventTypes      []Enum
	EvidenceTypes   []Enum
	IndicatorStatus []Enum
	IndicatorTypes  []Enum
	IndicatorTLPs   []Enum
	KeyTypes        []Enum
	MalwareStatus   []Enum
	TaskTypes       []Enum

	UserRoles   []Enum
	HookTrigger []Enum
}

type Event 

type Event struct {
	ID            string `gorm:"primaryKey"`
	Time          Time
	Type          string
	Event         string
	Raw           string
	Flagged       bool
	CaseID        string
	RawAssets     []byte `gorm:"-"`
	RawIndicators []byte `gorm:"-"`

	Assets     []Asset     `gorm:"many2many:event_assets;"`
	Indicators []Indicator `gorm:"many2many:event_indicators;"`
}

func (Event) HasAsset 

func (e Event) HasAsset(aid string) bool

func (Event) HasIndicator 

func (e Event) HasIndicator(iid string) bool

type Evidence 

type Evidence struct {
	ID     string
	Type   string
	Name   string
	Hash   string
	Size   int64
	Source string
	Notes  string
	CaseID string
}

type Hook 

type Hook struct {
	ID        string
	Trigger   string
	Name      string
	Mod       string
	Condition string
	Enabled   bool
}

type Indicator 

type Indicator struct {
	ID     string
	Status string
	Type   string
	Value  string
	TLP    string
	Source string
	Notes  string
	CaseID string

	FirstSeen Time `gorm:"->"`
	LastSeen  Time `gorm:"->"`
	Events    int  `gorm:"->"`
}

type Job 

type Job struct {
	ID          string
	CaseID      string
	EvidenceID  string
	Name        string
	Status      string
	Error       string
	ServerToken string
	WorkerToken string

	Description string
}

type Key 

type Key struct {
	Key  string `gorm:"primaryKey"`
	Name string
	Type string
}

type Malware 

type Malware struct {
	ID       string
	Status   string
	Path     string
	Hash     string
	Notes    string
	CaseID   string
	RawAsset []byte `gorm:"-"`

	AssetID string
	Asset   Asset
}

func (Malware) TableName 

func (Malware) TableName() string

type Note 

type Note struct {
	ID          string
	Title       string
	Category    string
	Description string
	CaseID      string
}

type Policy 

type Policy struct {
	Ptype string `gorm:"primaryKey"`
	V0    string `gorm:"primaryKey"`
	V1    string `gorm:"primaryKey"`
	V2    string `gorm:"primaryKey"`
	V3    string `gorm:"primaryKey"`
	V4    string `gorm:"primaryKey"`
	V5    string `gorm:"primaryKey"`
}

func (Policy) TableName 

func (Policy) TableName() string

type Report 

type Report struct {
	ID    string
	Name  string
	Notes string
}

type Store 

type Store struct {
	RawConn *sql.DB
	DB      *gorm.DB
}

func Connect 

func Connect(dburl string) (*Store, error)

func (*Store) AckJob 

func (store *Store) AckJob(id string, status string, errmsg string) error

func (*Store) AddPolicy 

func (store *Store) AddPolicy(sec string, ptype string, rule []string) error

AddPolicy adds a policy rule to the storage. This is part of the Auto-Save feature.

func (*Store) DeleteAsset 

func (store *Store) DeleteAsset(cid string, id string) error

func (*Store) DeleteCase 

func (store *Store) DeleteCase(cid string) error

func (*Store) DeleteEnum 

func (store *Store) DeleteEnum(id string) error

func (*Store) DeleteEvent 

func (store *Store) DeleteEvent(cid string, id string) error

func (*Store) DeleteEvidence 

func (store *Store) DeleteEvidence(cid string, id string) error

func (*Store) DeleteHook 

func (store *Store) DeleteHook(id string) error

func (*Store) DeleteIndicator 

func (store *Store) DeleteIndicator(cid string, id string) error

func (*Store) DeleteKey 

func (store *Store) DeleteKey(key string) error

func (*Store) DeleteMalware 

func (store *Store) DeleteMalware(cid string, id string) error

func (*Store) DeleteNote 

func (store *Store) DeleteNote(cid string, id string) error

func (*Store) DeleteReport 

func (store *Store) DeleteReport(id string) error

func (*Store) DeleteTask 

func (store *Store) DeleteTask(cid string, id string) error

func (*Store) DeleteUser 

func (store *Store) DeleteUser(id string) error

func (*Store) GetAsset 

func (store *Store) GetAsset(cid string, id string) (Asset, error)

func (*Store) GetAssetByName 

func (store *Store) GetAssetByName(cid string, name string) (Asset, error)

func (*Store) GetCase 

func (store *Store) GetCase(cid string) (Case, error)

func (*Store) GetCaseFull 

func (store *Store) GetCaseFull(cid string) (Case, error)

func (*Store) GetCasePermissions 

func (store *Store) GetCasePermissions(cid string) ([]string, error)

func (*Store) GetEnum 

func (store *Store) GetEnum(id string) (Enum, error)

func (*Store) GetEvent 

func (store *Store) GetEvent(cid string, id string) (Event, error)

func (*Store) GetEvidence 

func (store *Store) GetEvidence(cid string, id string) (Evidence, error)

func (*Store) GetHook 

func (store *Store) GetHook(id string) (Hook, error)

func (*Store) GetIndicator 

func (store *Store) GetIndicator(cid string, id string) (Indicator, error)

func (*Store) GetIndicatorByValue 

func (store *Store) GetIndicatorByValue(cid string, value string) (Indicator, error)

func (*Store) GetJobs 

func (store *Store) GetJobs(eid string) ([]Job, error)

func (*Store) GetKey 

func (store *Store) GetKey(key string) (Key, error)

func (*Store) GetMalware 

func (store *Store) GetMalware(cid string, id string) (Malware, error)

func (*Store) GetNote 

func (store *Store) GetNote(cid string, id string) (Note, error)

func (*Store) GetReport 

func (store *Store) GetReport(id string) (Report, error)

func (*Store) GetReportByName 

func (store *Store) GetReportByName(name string) (Report, error)

func (*Store) GetRunningJobs 

func (store *Store) GetRunningJobs() ([]Job, error)

func (*Store) GetTask 

func (store *Store) GetTask(cid string, id string) (Task, error)

func (*Store) GetUser 

func (store *Store) GetUser(id string) (User, error)

func (*Store) GetUserPermissions 

func (store *Store) GetUserPermissions(uid string) ([]string, error)

func (*Store) ListAssets 

func (store *Store) ListAssets(cid string) ([]Asset, error)

func (*Store) ListCases 

func (store *Store) ListCases() ([]Case, error)

func (*Store) ListEnums 

func (store *Store) ListEnums() (Enums, error)

func (*Store) ListEvents 

func (store *Store) ListEvents(cid string) ([]Event, error)

func (*Store) ListEvidences 

func (store *Store) ListEvidences(cid string) ([]Evidence, error)

func (*Store) ListHooks 

func (store *Store) ListHooks() ([]Hook, error)

func (*Store) ListIndicators 

func (store *Store) ListIndicators(cid string) ([]Indicator, error)

func (*Store) ListKeys 

func (store *Store) ListKeys() ([]Key, error)

func (*Store) ListMalware 

func (store *Store) ListMalware(cid string) ([]Malware, error)

func (*Store) ListNotes 

func (store *Store) ListNotes(cid string) ([]Note, error)

func (*Store) ListReports 

func (store *Store) ListReports() ([]Report, error)

func (*Store) ListTasks 

func (store *Store) ListTasks(cid string) ([]Task, error)

func (*Store) ListUsers 

func (store *Store) ListUsers() ([]User, error)

func (*Store) LoadPolicy 

func (store *Store) LoadPolicy(model model.Model) error

LoadPolicy loads all policy rules from the storage.

func (*Store) PopJob 

func (store *Store) PopJob(workerid string, modules []string) (Job, Case, Evidence, error)

func (*Store) PushJob 

func (store *Store) PushJob(obj Job) error

func (*Store) RemoveFilteredPolicy 

func (store *Store) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error

RemoveFilteredPolicy removes policy rules that match the filter from the storage. This is part of the Auto-Save feature.

func (*Store) RemovePolicy 

func (store *Store) RemovePolicy(sec string, ptype string, rule []string) error

RemovePolicy removes a policy rule from the storage. This is part of the Auto-Save feature.

func (*Store) RescheduleStaleJobs 

func (store *Store) RescheduleStaleJobs() error

func (*Store) RescheduleWorkerJobs 

func (store *Store) RescheduleWorkerJobs(workerToken string) error

func (*Store) SaveAsset 

func (store *Store) SaveAsset(cid string, obj Asset) error

func (*Store) SaveCase 

func (store *Store) SaveCase(obj Case) error

func (*Store) SaveEnum 

func (store *Store) SaveEnum(obj Enum) error

func (*Store) SaveEvent 

func (store *Store) SaveEvent(cid string, obj Event, override bool) error

func (*Store) SaveEvidence 

func (store *Store) SaveEvidence(cid string, obj Evidence) error

func (*Store) SaveHook 

func (store *Store) SaveHook(obj Hook) error

func (*Store) SaveIndicator 

func (store *Store) SaveIndicator(cid string, obj Indicator, override bool) error

func (*Store) SaveJob 

func (store *Store) SaveJob(obj Job) error

func (*Store) SaveKey 

func (store *Store) SaveKey(obj Key) error

func (*Store) SaveMalware 

func (store *Store) SaveMalware(cid string, obj Malware) error

func (*Store) SaveNote 

func (store *Store) SaveNote(cid string, obj Note) error

func (*Store) SavePolicy 

func (store *Store) SavePolicy(model model.Model) error

SavePolicy saves all policy rules to the storage.

func (*Store) SaveReport 

func (store *Store) SaveReport(obj Report) error

func (*Store) SaveTask 

func (store *Store) SaveTask(cid string, obj Task) error

func (*Store) SaveUser 

func (store *Store) SaveUser(obj User) error

type Task 

type Task struct {
	ID      string
	Type    string
	Task    string
	Done    bool
	Owner   string
	DateDue Time
	CaseID  string
}

type Time 

type Time time.Time

func (Time) Format 

func (t Time) Format(layout string) string

func (Time) IsZero 

func (t Time) IsZero() bool

func (*Time) Scan 

func (t *Time) Scan(src interface{}) (err error)

func (*Time) UnmarshalText 

func (t *Time) UnmarshalText(text []byte) (err error)

func (Time) Value 

func (t Time) Value() (driver.Value, error)

type User 

type User struct {
	ID        string
	Name      string
	UPN       string
	Email     string
	Role      string
	LastLogin Time
}

func (User) String 

func (u User) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.