-
Notifications
You must be signed in to change notification settings - Fork 82
/
schema.go
141 lines (124 loc) · 3.52 KB
/
schema.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
// or more contributor license agreements. Licensed under the Elastic License;
// you may not use this file except in compliance with the Elastic License.
package fleet
import (
"encoding/json"
)
const (
AGENT_ACTION_SAVED_OBJECT_TYPE = "fleet-agent-actions"
)
const (
TypePolicyChange = "POLICY_CHANGE"
TypeUnenroll = "UNENROLL"
)
const (
FieldLastCheckin = "last_checkin"
FieldLocalMetadata = "local_metadata"
)
const kFleetAccessRolesJSON = `
{
"fleet-apikey-access": {
"cluster": [],
"applications": [{
"application": ".fleet",
"privileges": ["no-privileges"],
"resources": ["*"]
}]
}
}
`
const kFleetOutputRolesJSON = `
{
"fleet-output": {
"cluster": ["monitor"],
"index": [{
"names": [
"logs-*",
"metrics-*",
"events-*",
".ds-logs-*",
".ds-metrics-*",
".ds-events-*"
],
"privileges": [
"write",
"create_index",
"indices:admin/auto_create"
]
}]
}
}
`
// Wrong: no AAD;
// This defeats the signature check;
// can copy from one to another and will dispatch.
type AgentAction struct {
AgentId string `json:"agent_id"`
Type string `json:"type"`
SentAt string `json:"sent_at"`
CreatedAt string `json:"created_at"`
Data string `json:"data" saved:"encrypt"`
}
type EnrollRequest struct {
Type string `json:"type"`
SharedId string `json:"shared_id"`
Meta struct {
User json.RawMessage `json:"user_provided"`
Local json.RawMessage `json:"local"`
} `json:"metadata"`
}
type EnrollResponseItem struct {
ID string `json:"id"`
Active bool `json:"active"`
PolicyId string `json:"policy_id"`
Type string `json:"type"`
EnrolledAt string `json:"enrolled_at"`
UserMeta json.RawMessage `json:"user_provided_metadata"`
LocalMeta json.RawMessage `json:"local_metadata"`
Actions []interface{} `json:"actions"`
AccessApiKeyId string `json:"access_api_key_id"`
AccessAPIKey string `json:"access_api_key"`
Status string `json:"status"`
}
type EnrollResponse struct {
Action string `json:"action"`
Item EnrollResponseItem `json:"item"`
}
type CheckinRequest struct {
AckToken string `json:"ack_token,omitempty"`
Events []Event `json:"events"`
LocalMeta json.RawMessage `json:"local_metadata"`
}
type CheckinResponse struct {
AckToken string `json:"ack_token,omitempty"`
Action string `json:"action"`
Actions []ActionResp `json:"actions,omitempty"`
}
type AckRequest struct {
Events []Event `json:"events"`
}
type AckResponse struct {
Action string `json:"action"`
}
type ActionResp struct {
AgentId string `json:"agent_id"`
CreatedAt string `json:"created_at"`
Data json.RawMessage `json:"data"`
Id string `json:"id"`
Type string `json:"type"`
InputId string `json:"input_id"`
}
type Event struct {
Type string `json:"type"`
SubType string `json:"subtype"`
AgentId string `json:"agent_id"`
ActionId string `json:"action_id"`
PolicyId string `json:"policy_id"`
StreamId string `json:"stream_id"`
Timestamp string `json:"timestamp"`
Message string `json:"message"`
Payload string `json:"payload,omitempty"`
Data json.RawMessage `json:"data,omitempty"`
Error string `json:"error,omitempty"`
}