diff --git a/sdk/proto/events/event.pb.go b/sdk/proto/events/event.pb.go
index dfb5f1526..903408281 100644
--- a/sdk/proto/events/event.pb.go
+++ b/sdk/proto/events/event.pb.go
@@ -321,58 +321,49 @@ func (m *ActivityEvent) GetDimensions() []*common.Dimension {
// SecurityViolationEvent represents a Security Violation that is emitted by the Agent
type SecurityViolationEvent struct {
- DateTime string `protobuf:"bytes,1,opt,name=DateTime,proto3" json:"date_time"`
- PolicyName string `protobuf:"bytes,2,opt,name=PolicyName,proto3" json:"policy_name"`
- SupportID string `protobuf:"bytes,3,opt,name=SupportID,proto3" json:"support_id"`
- Outcome string `protobuf:"bytes,4,opt,name=Outcome,proto3" json:"outcome"`
- OutcomeReason string `protobuf:"bytes,5,opt,name=OutcomeReason,proto3" json:"outcome_reason"`
- BlockingExceptionReason string `protobuf:"bytes,6,opt,name=BlockingExceptionReason,proto3" json:"blocking_exception_reason"`
- Method string `protobuf:"bytes,7,opt,name=Method,proto3" json:"method"`
- Protocol string `protobuf:"bytes,8,opt,name=Protocol,proto3" json:"protocol"`
- XForwardedForHeaderValue string `protobuf:"bytes,9,opt,name=XForwardedForHeaderValue,proto3" json:"xff_header_value"`
- URI string `protobuf:"bytes,10,opt,name=URI,proto3" json:"uri"`
- Request string `protobuf:"bytes,11,opt,name=Request,proto3" json:"request"`
- IsTruncated string `protobuf:"bytes,12,opt,name=IsTruncated,proto3" json:"is_truncated"`
- RequestStatus string `protobuf:"bytes,13,opt,name=RequestStatus,proto3" json:"request_status"`
- ResponseCode string `protobuf:"bytes,14,opt,name=ResponseCode,proto3" json:"response_code"`
- GeoIP string `protobuf:"bytes,15,opt,name=GeoIP,proto3" json:"geo_ip"`
- Host string `protobuf:"bytes,16,opt,name=Host,proto3" json:"host"`
- UnitHostname string `protobuf:"bytes,17,opt,name=UnitHostname,proto3" json:"unit_hostname"`
- SourceHost string `protobuf:"bytes,18,opt,name=SourceHost,proto3" json:"source_host"`
- VSName string `protobuf:"bytes,19,opt,name=VSName,proto3" json:"vs_name"`
- IPClient string `protobuf:"bytes,20,opt,name=IPClient,proto3" json:"ip_client"`
- DestinationPort string `protobuf:"bytes,21,opt,name=DestinationPort,proto3" json:"destination_port"`
- SourcePort string `protobuf:"bytes,22,opt,name=SourcePort,proto3" json:"source_port"`
- Violations string `protobuf:"bytes,23,opt,name=Violations,proto3" json:"violations"`
- SubViolations string `protobuf:"bytes,24,opt,name=SubViolations,proto3" json:"sub_violations"`
- ViolationRating string `protobuf:"bytes,25,opt,name=ViolationRating,proto3" json:"violation_rating"`
- SigID string `protobuf:"bytes,26,opt,name=SigID,proto3" json:"sig_id"`
- SigNames string `protobuf:"bytes,27,opt,name=SigNames,proto3" json:"sig_names"`
- SigSetNames string `protobuf:"bytes,28,opt,name=SigSetNames,proto3" json:"sig_set_names"`
- SigCVEs string `protobuf:"bytes,29,opt,name=SigCVEs,proto3" json:"sig_cves"`
- ClientClass string `protobuf:"bytes,30,opt,name=ClientClass,proto3" json:"client_class"`
- ClientApplication string `protobuf:"bytes,31,opt,name=ClientApplication,proto3" json:"client_application"`
- ClientApplicationVersion string `protobuf:"bytes,32,opt,name=ClientApplicationVersion,proto3" json:"client_application_version"`
- Severity string `protobuf:"bytes,33,opt,name=Severity,proto3" json:"severity"`
- // NOTE: Severity Label might be deprecated if we have no use for it
- SeverityLabel string `protobuf:"bytes,34,opt,name=SeverityLabel,proto3" json:"severity_label"`
- Priority string `protobuf:"bytes,35,opt,name=Priority,proto3" json:"priority"`
- ThreatCampaignNames string `protobuf:"bytes,36,opt,name=ThreatCampaignNames,proto3" json:"threat_campaign_names"`
- BotAnomalies string `protobuf:"bytes,37,opt,name=BotAnomalies,proto3" json:"bot_anomalies"`
- BotCategory string `protobuf:"bytes,38,opt,name=BotCategory,proto3" json:"bot_category"`
- EnforcedBotAnomalies string `protobuf:"bytes,39,opt,name=EnforcedBotAnomalies,proto3" json:"enforced_bot_anomalies"`
- BotSignatureName string `protobuf:"bytes,40,opt,name=BotSignatureName,proto3" json:"bot_signature_name"`
- ViolationContexts string `protobuf:"bytes,41,opt,name=ViolationContexts,proto3" json:"violation_contexts"`
- ViolationsData []*ViolationData `protobuf:"bytes,42,rep,name=ViolationsData,proto3" json:"violations_data"`
- SystemID string `protobuf:"bytes,43,opt,name=SystemID,proto3" json:"system_id"`
- Hostname string `protobuf:"bytes,44,opt,name=Hostname,proto3" json:"hostname"`
- InstanceTags string `protobuf:"bytes,45,opt,name=InstanceTags,proto3" json:"instance_tags"`
- InstanceGroup string `protobuf:"bytes,46,opt,name=InstanceGroup,proto3" json:"instance_group"`
- DisplayName string `protobuf:"bytes,47,opt,name=DisplayName,proto3" json:"display_name"`
- NginxID string `protobuf:"bytes,48,opt,name=NginxID,proto3" json:"nginx_id"`
- XXX_NoUnkeyedLiteral struct{} `json:"-"`
- XXX_unrecognized []byte `json:"-"`
- XXX_sizecache int32 `json:"-"`
+ PolicyName string `protobuf:"bytes,1,opt,name=PolicyName,proto3" json:"policy_name"`
+ SupportID string `protobuf:"bytes,2,opt,name=SupportID,proto3" json:"support_id"`
+ Outcome string `protobuf:"bytes,3,opt,name=Outcome,proto3" json:"outcome"`
+ OutcomeReason string `protobuf:"bytes,4,opt,name=OutcomeReason,proto3" json:"outcome_reason"`
+ BlockingExceptionReason string `protobuf:"bytes,5,opt,name=BlockingExceptionReason,proto3" json:"blocking_exception_reason"`
+ Method string `protobuf:"bytes,6,opt,name=Method,proto3" json:"method"`
+ Protocol string `protobuf:"bytes,7,opt,name=Protocol,proto3" json:"protocol"`
+ XForwardedForHeaderValue string `protobuf:"bytes,8,opt,name=XForwardedForHeaderValue,proto3" json:"xff_header_value"`
+ URI string `protobuf:"bytes,9,opt,name=URI,proto3" json:"uri"`
+ Request string `protobuf:"bytes,10,opt,name=Request,proto3" json:"request"`
+ IsTruncated string `protobuf:"bytes,11,opt,name=IsTruncated,proto3" json:"is_truncated"`
+ RequestStatus string `protobuf:"bytes,12,opt,name=RequestStatus,proto3" json:"request_status"`
+ ResponseCode string `protobuf:"bytes,13,opt,name=ResponseCode,proto3" json:"response_code"`
+ ServerAddr string `protobuf:"bytes,14,opt,name=ServerAddr,proto3" json:"server_addr"`
+ VSName string `protobuf:"bytes,15,opt,name=VSName,proto3" json:"vs_name"`
+ RemoteAddr string `protobuf:"bytes,16,opt,name=RemoteAddr,proto3" json:"remote_addr"`
+ RemotePort string `protobuf:"bytes,17,opt,name=RemotePort,proto3" json:"destination_port"`
+ ServerPort string `protobuf:"bytes,18,opt,name=ServerPort,proto3" json:"server_port"`
+ Violations string `protobuf:"bytes,19,opt,name=Violations,proto3" json:"violations"`
+ SubViolations string `protobuf:"bytes,20,opt,name=SubViolations,proto3" json:"sub_violations"`
+ ViolationRating string `protobuf:"bytes,21,opt,name=ViolationRating,proto3" json:"violation_rating"`
+ SigSetNames string `protobuf:"bytes,22,opt,name=SigSetNames,proto3" json:"sig_set_names"`
+ SigCVEs string `protobuf:"bytes,23,opt,name=SigCVEs,proto3" json:"sig_cves"`
+ ClientClass string `protobuf:"bytes,24,opt,name=ClientClass,proto3" json:"client_class"`
+ ClientApplication string `protobuf:"bytes,25,opt,name=ClientApplication,proto3" json:"client_application"`
+ ClientApplicationVersion string `protobuf:"bytes,26,opt,name=ClientApplicationVersion,proto3" json:"client_application_version"`
+ Severity string `protobuf:"bytes,27,opt,name=Severity,proto3" json:"severity"`
+ ThreatCampaignNames string `protobuf:"bytes,28,opt,name=ThreatCampaignNames,proto3" json:"threat_campaign_names"`
+ BotAnomalies string `protobuf:"bytes,29,opt,name=BotAnomalies,proto3" json:"bot_anomalies"`
+ BotCategory string `protobuf:"bytes,30,opt,name=BotCategory,proto3" json:"bot_category"`
+ EnforcedBotAnomalies string `protobuf:"bytes,31,opt,name=EnforcedBotAnomalies,proto3" json:"enforced_bot_anomalies"`
+ BotSignatureName string `protobuf:"bytes,32,opt,name=BotSignatureName,proto3" json:"bot_signature_name"`
+ ViolationContexts string `protobuf:"bytes,33,opt,name=ViolationContexts,proto3" json:"violation_contexts"`
+ ViolationsData []*ViolationData `protobuf:"bytes,34,rep,name=ViolationsData,proto3" json:"violations_data"`
+ SystemID string `protobuf:"bytes,35,opt,name=SystemID,proto3" json:"system_id"`
+ InstanceTags string `protobuf:"bytes,36,opt,name=InstanceTags,proto3" json:"instance_tags"`
+ InstanceGroup string `protobuf:"bytes,37,opt,name=InstanceGroup,proto3" json:"instance_group"`
+ DisplayName string `protobuf:"bytes,38,opt,name=DisplayName,proto3" json:"display_name"`
+ NginxID string `protobuf:"bytes,39,opt,name=NginxID,proto3" json:"nginx_id"`
+ ParentHostname string `protobuf:"bytes,40,opt,name=ParentHostname,proto3" json:"parent_hostname"`
+ XXX_NoUnkeyedLiteral struct{} `json:"-"`
+ XXX_unrecognized []byte `json:"-"`
+ XXX_sizecache int32 `json:"-"`
}
func (m *SecurityViolationEvent) Reset() { *m = SecurityViolationEvent{} }
@@ -408,13 +399,6 @@ func (m *SecurityViolationEvent) XXX_DiscardUnknown() {
var xxx_messageInfo_SecurityViolationEvent proto.InternalMessageInfo
-func (m *SecurityViolationEvent) GetDateTime() string {
- if m != nil {
- return m.DateTime
- }
- return ""
-}
-
func (m *SecurityViolationEvent) GetPolicyName() string {
if m != nil {
return m.PolicyName
@@ -506,30 +490,9 @@ func (m *SecurityViolationEvent) GetResponseCode() string {
return ""
}
-func (m *SecurityViolationEvent) GetGeoIP() string {
- if m != nil {
- return m.GeoIP
- }
- return ""
-}
-
-func (m *SecurityViolationEvent) GetHost() string {
- if m != nil {
- return m.Host
- }
- return ""
-}
-
-func (m *SecurityViolationEvent) GetUnitHostname() string {
- if m != nil {
- return m.UnitHostname
- }
- return ""
-}
-
-func (m *SecurityViolationEvent) GetSourceHost() string {
+func (m *SecurityViolationEvent) GetServerAddr() string {
if m != nil {
- return m.SourceHost
+ return m.ServerAddr
}
return ""
}
@@ -541,23 +504,23 @@ func (m *SecurityViolationEvent) GetVSName() string {
return ""
}
-func (m *SecurityViolationEvent) GetIPClient() string {
+func (m *SecurityViolationEvent) GetRemoteAddr() string {
if m != nil {
- return m.IPClient
+ return m.RemoteAddr
}
return ""
}
-func (m *SecurityViolationEvent) GetDestinationPort() string {
+func (m *SecurityViolationEvent) GetRemotePort() string {
if m != nil {
- return m.DestinationPort
+ return m.RemotePort
}
return ""
}
-func (m *SecurityViolationEvent) GetSourcePort() string {
+func (m *SecurityViolationEvent) GetServerPort() string {
if m != nil {
- return m.SourcePort
+ return m.ServerPort
}
return ""
}
@@ -583,20 +546,6 @@ func (m *SecurityViolationEvent) GetViolationRating() string {
return ""
}
-func (m *SecurityViolationEvent) GetSigID() string {
- if m != nil {
- return m.SigID
- }
- return ""
-}
-
-func (m *SecurityViolationEvent) GetSigNames() string {
- if m != nil {
- return m.SigNames
- }
- return ""
-}
-
func (m *SecurityViolationEvent) GetSigSetNames() string {
if m != nil {
return m.SigSetNames
@@ -639,20 +588,6 @@ func (m *SecurityViolationEvent) GetSeverity() string {
return ""
}
-func (m *SecurityViolationEvent) GetSeverityLabel() string {
- if m != nil {
- return m.SeverityLabel
- }
- return ""
-}
-
-func (m *SecurityViolationEvent) GetPriority() string {
- if m != nil {
- return m.Priority
- }
- return ""
-}
-
func (m *SecurityViolationEvent) GetThreatCampaignNames() string {
if m != nil {
return m.ThreatCampaignNames
@@ -709,13 +644,6 @@ func (m *SecurityViolationEvent) GetSystemID() string {
return ""
}
-func (m *SecurityViolationEvent) GetHostname() string {
- if m != nil {
- return m.Hostname
- }
- return ""
-}
-
func (m *SecurityViolationEvent) GetInstanceTags() string {
if m != nil {
return m.InstanceTags
@@ -744,6 +672,13 @@ func (m *SecurityViolationEvent) GetNginxID() string {
return ""
}
+func (m *SecurityViolationEvent) GetParentHostname() string {
+ if m != nil {
+ return m.ParentHostname
+ }
+ return ""
+}
+
type SignatureData struct {
ID string `protobuf:"bytes,1,opt,name=ID,proto3" json:"sig_data_id"`
BlockingMask string `protobuf:"bytes,2,opt,name=BlockingMask,proto3" json:"sig_data_blocking_mask"`
@@ -963,118 +898,110 @@ func init() {
func init() { proto.RegisterFile("event.proto", fileDescriptor_2d17a9d3f0ddf27e) }
var fileDescriptor_2d17a9d3f0ddf27e = []byte{
- // 1768 bytes of a gzipped FileDescriptorProto
- 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x58, 0xdd, 0x6e, 0xdb, 0xc8,
- 0x15, 0xae, 0x6c, 0xc7, 0x3f, 0x23, 0x3b, 0x3f, 0x63, 0x6f, 0x32, 0xf6, 0x66, 0x4d, 0x57, 0xd9,
- 0x4d, 0xbd, 0xcd, 0x56, 0x6a, 0xbd, 0x5d, 0xa0, 0x40, 0x81, 0x05, 0x22, 0x2b, 0x9b, 0x08, 0x8d,
- 0xb3, 0xc6, 0xc8, 0x71, 0x8b, 0xbd, 0x21, 0x68, 0x72, 0x44, 0x4f, 0x2d, 0x71, 0x54, 0xce, 0x50,
- 0x8d, 0x1f, 0xa1, 0x40, 0xdf, 0xa1, 0x6f, 0x53, 0xec, 0x65, 0x9e, 0x80, 0x28, 0x72, 0xc9, 0x17,
- 0xe8, 0x6d, 0x31, 0x67, 0x86, 0x1c, 0xd2, 0x7f, 0xbd, 0x8a, 0x78, 0xbe, 0xef, 0xcc, 0xe1, 0x39,
- 0x73, 0xbe, 0xc3, 0xe3, 0xa0, 0x36, 0x9b, 0xb3, 0x44, 0x75, 0x67, 0xa9, 0x50, 0x02, 0x6f, 0x8f,
- 0xbf, 0xeb, 0x26, 0x31, 0x4f, 0x3e, 0x74, 0x83, 0x58, 0x5b, 0x65, 0x74, 0xd1, 0x05, 0x5c, 0xee,
- 0xa0, 0x58, 0xc4, 0xc2, 0xd0, 0x76, 0xbc, 0x58, 0x88, 0x78, 0xc2, 0x7a, 0xf0, 0x74, 0x96, 0x8d,
- 0x7b, 0x8a, 0x4f, 0x99, 0x54, 0xc1, 0x74, 0x66, 0x09, 0x9b, 0xa1, 0x98, 0x4e, 0x45, 0xd2, 0x33,
- 0xff, 0x18, 0x63, 0xe7, 0xe7, 0x05, 0xb4, 0x7a, 0xc4, 0x54, 0x10, 0x05, 0x2a, 0xc0, 0x1d, 0xb4,
- 0x7c, 0x24, 0xa2, 0x6c, 0xc2, 0x48, 0x6b, 0xaf, 0xb5, 0xbf, 0xd6, 0x47, 0x45, 0xee, 0x2d, 0x4f,
- 0xc1, 0x42, 0x2d, 0x82, 0x9f, 0xa2, 0xa5, 0xf7, 0xef, 0x87, 0x03, 0xb2, 0x00, 0x8c, 0xd5, 0x22,
- 0xf7, 0x96, 0xb2, 0x8c, 0x47, 0x14, 0xac, 0xf8, 0x0f, 0x68, 0xe3, 0x50, 0xa4, 0x29, 0x9b, 0x04,
- 0x8a, 0x8b, 0x64, 0x38, 0x20, 0x8b, 0x40, 0xc3, 0x45, 0xee, 0xdd, 0x0f, 0x1d, 0xe0, 0xf3, 0x88,
- 0x36, 0x89, 0xf8, 0x35, 0x5a, 0x3b, 0x29, 0x5f, 0x98, 0x2c, 0xed, 0xb5, 0xf6, 0xdb, 0x07, 0x3b,
- 0x5d, 0x93, 0x52, 0xb7, 0x4c, 0xa9, 0x5b, 0x31, 0xfa, 0x1b, 0x45, 0xee, 0xad, 0x55, 0x19, 0x52,
- 0xe7, 0x8b, 0x7b, 0x08, 0xbd, 0xd2, 0xd5, 0x79, 0xcb, 0xe6, 0x6c, 0x42, 0xee, 0x41, 0xfc, 0x07,
- 0x45, 0xee, 0x99, 0x9a, 0xfa, 0x13, 0x6d, 0xa6, 0x35, 0x8a, 0xce, 0xe8, 0xe4, 0x72, 0xc6, 0xc8,
- 0xb2, 0xcb, 0x48, 0x5d, 0xce, 0x18, 0x05, 0x2b, 0xde, 0x47, 0xab, 0x87, 0x81, 0x62, 0xb1, 0x48,
- 0x2f, 0xc9, 0x0a, 0x30, 0xd6, 0x8b, 0xdc, 0x5b, 0x0d, 0xad, 0x8d, 0x56, 0x68, 0xe7, 0xe3, 0x02,
- 0xba, 0x07, 0xc7, 0xe2, 0x23, 0x57, 0x53, 0xa8, 0x64, 0xfb, 0xe0, 0x59, 0xf7, 0xd6, 0x4b, 0xec,
- 0x96, 0x54, 0x73, 0xf0, 0xd4, 0x3e, 0x51, 0x77, 0x2d, 0x11, 0xda, 0x78, 0x19, 0x2a, 0x3e, 0xe7,
- 0xea, 0x12, 0xce, 0x87, 0xda, 0xb7, 0x0f, 0xf6, 0xef, 0x38, 0xb3, 0xc1, 0x37, 0xe5, 0x0f, 0xac,
- 0xc9, 0x07, 0xca, 0x9b, 0x5f, 0xd0, 0xe6, 0xa1, 0xf8, 0x1f, 0x2d, 0xf4, 0x78, 0xc4, 0xc2, 0x2c,
- 0xe5, 0xea, 0xf2, 0x94, 0x0b, 0x73, 0x31, 0x26, 0xde, 0x22, 0xc4, 0xfb, 0xdd, 0x1d, 0xf1, 0x6e,
- 0x76, 0xec, 0x3f, 0x2d, 0x72, 0x8f, 0x48, 0x8b, 0xf9, 0xf3, 0x12, 0xac, 0x5e, 0xe1, 0x96, 0x80,
- 0xfd, 0x65, 0xb4, 0xa4, 0x33, 0xef, 0x8c, 0x50, 0x1b, 0x0c, 0x94, 0xcd, 0x44, 0xaa, 0xf0, 0x00,
- 0x2d, 0xc3, 0xa3, 0x24, 0xad, 0xbd, 0xc5, 0xfd, 0xf6, 0xc1, 0xde, 0x1d, 0x6f, 0x64, 0x0e, 0x82,
- 0x0e, 0x36, 0x16, 0x6a, 0x7d, 0x3b, 0xff, 0x6c, 0x5d, 0xa9, 0x27, 0xfe, 0x0a, 0xad, 0x1c, 0x31,
- 0x29, 0x83, 0xb8, 0x6c, 0xfc, 0x76, 0x91, 0x7b, 0x2b, 0x53, 0x63, 0xa2, 0x25, 0x86, 0x4f, 0x10,
- 0x1a, 0xf0, 0x29, 0x4b, 0x24, 0x17, 0x89, 0x24, 0x0b, 0xf0, 0x0a, 0x5f, 0xde, 0xf4, 0x0a, 0x56,
- 0x61, 0x15, 0xb9, 0x7f, 0xbf, 0xc8, 0x3d, 0x14, 0x55, 0xbe, 0xb4, 0x76, 0x4e, 0xe7, 0x5f, 0x5b,
- 0xb7, 0xd5, 0x1d, 0x7f, 0x8d, 0x56, 0x07, 0x81, 0x62, 0xba, 0xb7, 0xed, 0x8b, 0x41, 0xdb, 0x47,
- 0x81, 0x62, 0xbe, 0xee, 0x7d, 0x5a, 0xc1, 0xba, 0xeb, 0x8f, 0xc5, 0x84, 0x87, 0x97, 0xef, 0x82,
- 0x29, 0xb3, 0xe2, 0x84, 0xae, 0x9f, 0x81, 0xd5, 0x4f, 0x82, 0x29, 0xa3, 0x35, 0x0a, 0xfe, 0x06,
- 0xad, 0x8d, 0xb2, 0x99, 0x2e, 0x6b, 0xa5, 0x52, 0x78, 0x4b, 0x69, 0x8c, 0x5a, 0xa1, 0x8e, 0xa0,
- 0x2b, 0xf4, 0x63, 0xa6, 0x42, 0x31, 0x65, 0xa0, 0x4d, 0x5b, 0x21, 0x61, 0x4c, 0xb4, 0xc4, 0xb4,
- 0xfc, 0xed, 0x4f, 0xca, 0x02, 0x29, 0x12, 0x2b, 0x3f, 0xe8, 0x3f, 0x4b, 0xf6, 0x53, 0x40, 0x68,
- 0x93, 0x88, 0xff, 0x8c, 0x9e, 0xf4, 0x27, 0x22, 0xbc, 0xe0, 0x49, 0xfc, 0xea, 0x43, 0xc8, 0x66,
- 0xba, 0x08, 0xf6, 0x0c, 0xa3, 0xcb, 0x2f, 0x8a, 0xdc, 0xdb, 0x3e, 0xb3, 0x14, 0x9f, 0x95, 0x9c,
- 0xf2, 0xb8, 0xdb, 0xbc, 0x61, 0xa6, 0x31, 0x75, 0x2e, 0x22, 0xab, 0x5e, 0x33, 0xd3, 0xc0, 0x42,
- 0x2d, 0xa2, 0x35, 0x7e, 0xac, 0x47, 0x4c, 0x28, 0x26, 0x64, 0xd5, 0x69, 0x7c, 0x66, 0x6d, 0xb4,
- 0x42, 0xf1, 0x31, 0x22, 0x7f, 0xf9, 0x41, 0xa4, 0x7f, 0x0f, 0xd2, 0x88, 0x45, 0x3f, 0x88, 0xf4,
- 0x0d, 0x0b, 0x22, 0x96, 0x9e, 0x06, 0x93, 0x8c, 0x91, 0x35, 0xf0, 0xdc, 0x2a, 0x72, 0xef, 0xe1,
- 0x87, 0xf1, 0xd8, 0x3f, 0x07, 0xc8, 0x9f, 0x6b, 0x8c, 0xde, 0xea, 0x85, 0xb7, 0xd1, 0xe2, 0x7b,
- 0x3a, 0x24, 0x08, 0x9c, 0x57, 0x8a, 0xdc, 0x5b, 0xcc, 0x52, 0x4e, 0xb5, 0x4d, 0x17, 0x9d, 0xb2,
- 0xbf, 0x65, 0x4c, 0x2a, 0xd2, 0x76, 0x45, 0x4f, 0x8d, 0x89, 0x96, 0x18, 0x3e, 0x40, 0xed, 0xa1,
- 0x3c, 0x49, 0xb3, 0x44, 0xcf, 0xa4, 0x88, 0xac, 0x03, 0xf5, 0x61, 0x91, 0x7b, 0xeb, 0x5c, 0xfa,
- 0xaa, 0xb4, 0xd3, 0x3a, 0x49, 0x5f, 0x94, 0x75, 0x1f, 0xa9, 0x40, 0x65, 0x92, 0x6c, 0xb8, 0x8b,
- 0xb2, 0x01, 0x7c, 0x09, 0x08, 0x6d, 0x12, 0xf1, 0x77, 0x68, 0x9d, 0x32, 0x39, 0x13, 0x89, 0x64,
- 0x87, 0x22, 0x62, 0xe4, 0x3e, 0x38, 0x3e, 0x2a, 0x72, 0x6f, 0x23, 0xb5, 0x76, 0x3f, 0x14, 0x11,
- 0xa3, 0x0d, 0x1a, 0xde, 0x43, 0xf7, 0x5e, 0x33, 0x31, 0x3c, 0x26, 0x0f, 0xdc, 0x2d, 0xc4, 0x4c,
- 0xf8, 0x7c, 0x46, 0x0d, 0xa0, 0xc7, 0xf0, 0x1b, 0x21, 0x15, 0x79, 0xe8, 0xc6, 0xf0, 0xb9, 0x90,
- 0x8a, 0x82, 0x55, 0x87, 0x7d, 0x9f, 0x70, 0xa5, 0x7f, 0xeb, 0x56, 0x26, 0x8f, 0x5c, 0xd8, 0x2c,
- 0xe1, 0xca, 0x3f, 0xb7, 0x00, 0x6d, 0xd0, 0xb4, 0x2c, 0x46, 0x22, 0x4b, 0x43, 0x06, 0x47, 0x63,
- 0x27, 0x0b, 0x09, 0x56, 0x70, 0xa3, 0x35, 0x0a, 0x7e, 0x86, 0x96, 0x4f, 0x47, 0xa0, 0xa1, 0x4d,
- 0x57, 0xf2, 0xb9, 0x34, 0xfa, 0xb1, 0x90, 0xd6, 0xe5, 0xf0, 0xf8, 0x70, 0xc2, 0xf5, 0x6c, 0xdc,
- 0x72, 0xba, 0xe4, 0x33, 0x3f, 0x04, 0x23, 0xad, 0x60, 0xfc, 0x3d, 0x7a, 0x30, 0x60, 0x52, 0xf1,
- 0x04, 0x64, 0x7d, 0x2c, 0x52, 0x45, 0x3e, 0x73, 0x7d, 0x12, 0x39, 0xc8, 0xd7, 0x4a, 0xa3, 0x57,
- 0xc9, 0x2e, 0x01, 0x70, 0x7d, 0x7c, 0x2d, 0x01, 0xf0, 0xaa, 0x51, 0x70, 0x17, 0xa1, 0x6a, 0x8a,
- 0x48, 0xf2, 0xc4, 0x09, 0xbb, 0x9a, 0xbe, 0x92, 0xd6, 0x18, 0xba, 0x13, 0x46, 0xd9, 0x59, 0xcd,
- 0x85, 0xb8, 0x4e, 0x90, 0xd9, 0x99, 0x5f, 0x73, 0x6b, 0x12, 0x75, 0x6a, 0xd5, 0x13, 0x0d, 0x14,
- 0x4f, 0x62, 0xb2, 0xed, 0x52, 0x73, 0xc3, 0x3e, 0x05, 0x8c, 0x5e, 0x25, 0xeb, 0x96, 0x18, 0xf1,
- 0x78, 0x38, 0x20, 0x3b, 0xae, 0x25, 0x24, 0x8f, 0xf5, 0xe4, 0x31, 0x80, 0xae, 0xf3, 0x88, 0xc7,
- 0xba, 0xe4, 0x92, 0x7c, 0xee, 0xea, 0xac, 0x49, 0xfa, 0x3e, 0x24, 0xad, 0x60, 0xfc, 0x2d, 0x6a,
- 0x8f, 0x78, 0x3c, 0x62, 0xca, 0xb0, 0x9f, 0xba, 0xf6, 0xd0, 0x6c, 0xc9, 0x94, 0xf5, 0xa8, 0xb3,
- 0xf0, 0x73, 0xb4, 0x32, 0xe2, 0xf1, 0xe1, 0xe9, 0x2b, 0x49, 0xbe, 0x70, 0xb2, 0xd7, 0x0e, 0xe1,
- 0x9c, 0x49, 0x5a, 0x82, 0x5a, 0x61, 0xe6, 0x3a, 0x0f, 0x27, 0x81, 0x94, 0x64, 0xd7, 0x29, 0xcc,
- 0xdc, 0xb7, 0x1f, 0x6a, 0x3b, 0xad, 0x93, 0xf0, 0x00, 0x3d, 0x32, 0x8f, 0x2f, 0x67, 0xb3, 0x09,
- 0x0f, 0x21, 0x71, 0xe2, 0x81, 0xe7, 0xe3, 0x22, 0xf7, 0xb0, 0xf5, 0x0c, 0x1c, 0x4a, 0xaf, 0x3b,
- 0xe0, 0x9f, 0x10, 0xb9, 0x66, 0x3c, 0x65, 0xa9, 0xfe, 0x72, 0x90, 0x3d, 0x38, 0x6c, 0xb7, 0xc8,
- 0xbd, 0x9d, 0xeb, 0x87, 0xf9, 0x73, 0xc3, 0xa2, 0xb7, 0xfa, 0xeb, 0xa9, 0x37, 0x62, 0x73, 0xa6,
- 0xbf, 0x3b, 0xe4, 0x97, 0xb5, 0xf4, 0xad, 0x8d, 0x56, 0x28, 0xf4, 0x88, 0xfd, 0xfd, 0x36, 0x38,
- 0x63, 0x13, 0xd2, 0xa9, 0xf5, 0x88, 0x05, 0xfc, 0x89, 0x46, 0x68, 0x93, 0x68, 0x26, 0x2b, 0x17,
- 0x10, 0xe3, 0x59, 0x7d, 0xb2, 0x1a, 0x1b, 0xad, 0x50, 0xfc, 0x27, 0xb4, 0x79, 0x72, 0x9e, 0xb2,
- 0x40, 0x1d, 0x06, 0xd3, 0x59, 0xc0, 0xe3, 0xc4, 0x5c, 0xe4, 0x97, 0xe0, 0xb4, 0x5d, 0xe4, 0xde,
- 0x67, 0x0a, 0x60, 0x3f, 0xb4, 0xb8, 0xbd, 0xd0, 0x9b, 0xbc, 0xf4, 0xb4, 0xe8, 0x0b, 0xf5, 0x32,
- 0x11, 0xd3, 0x60, 0xc2, 0x99, 0x24, 0x5f, 0xb9, 0x76, 0x38, 0x13, 0xca, 0x0f, 0x4a, 0x80, 0x36,
- 0x68, 0xfa, 0x9e, 0xfb, 0x42, 0x55, 0xeb, 0xde, 0x73, 0x77, 0xcf, 0xda, 0xab, 0x5a, 0xf9, 0xea,
- 0x24, 0xfc, 0x0e, 0x6d, 0xbd, 0x4a, 0xc6, 0x22, 0x0d, 0x59, 0xd4, 0x08, 0xf9, 0x2b, 0x70, 0xde,
- 0x29, 0x72, 0xef, 0x31, 0xb3, 0xb8, 0xdf, 0x8c, 0x7d, 0xa3, 0x1f, 0xee, 0xa3, 0x87, 0x7d, 0xa1,
- 0x46, 0x3c, 0x4e, 0x02, 0x95, 0xa5, 0x0c, 0x46, 0xd1, 0xbe, 0x6b, 0x1b, 0x7d, 0x84, 0x2c, 0x41,
- 0x33, 0x95, 0xae, 0xf1, 0x75, 0xef, 0x55, 0x62, 0x3b, 0x14, 0x89, 0x62, 0x1f, 0x94, 0x24, 0x5f,
- 0xbb, 0x43, 0x9c, 0x36, 0x43, 0x8b, 0xd2, 0xeb, 0x0e, 0x98, 0xa1, 0xfb, 0x4e, 0xed, 0x03, 0xbd,
- 0xcb, 0xfe, 0x1a, 0x56, 0x9e, 0xbb, 0xf6, 0xce, 0xca, 0x41, 0xf3, 0xfb, 0x9b, 0x45, 0xee, 0x3d,
- 0x70, 0x03, 0xc4, 0x87, 0xbd, 0xf6, 0xca, 0xa1, 0x20, 0xf2, 0x4b, 0xa9, 0xd8, 0x74, 0x38, 0x20,
- 0x2f, 0x6a, 0x22, 0x07, 0x9b, 0x1e, 0x06, 0x15, 0xac, 0xbb, 0xa9, 0xfa, 0x00, 0x7c, 0xe3, 0xba,
- 0xa9, 0x9a, 0xfd, 0x15, 0xaa, 0x1b, 0x60, 0x98, 0x48, 0x15, 0x24, 0x21, 0x3b, 0x09, 0x62, 0x49,
- 0x7e, 0xe3, 0x1a, 0x80, 0x5b, 0xbb, 0xaf, 0x82, 0x58, 0xd2, 0x06, 0x4d, 0x37, 0x7a, 0xf9, 0xfc,
- 0x3a, 0x15, 0xd9, 0x8c, 0x74, 0x5d, 0xa3, 0x57, 0x7e, 0xb1, 0x46, 0x68, 0x93, 0xa8, 0x5b, 0x67,
- 0xc0, 0xe5, 0x6c, 0x12, 0x98, 0x05, 0xac, 0xe7, 0x5a, 0x27, 0x32, 0x66, 0x73, 0x57, 0x75, 0x92,
- 0x1e, 0x3f, 0xef, 0x74, 0x19, 0x87, 0x03, 0xf2, 0x5b, 0x97, 0x0d, 0x54, 0x56, 0xe7, 0x5d, 0x82,
- 0x9d, 0xff, 0xb6, 0xd0, 0x46, 0x75, 0xc1, 0x50, 0x33, 0x0f, 0x2d, 0x0c, 0x07, 0x76, 0x25, 0x34,
- 0x5f, 0x03, 0x1e, 0x43, 0x75, 0xb5, 0xdf, 0xc2, 0x70, 0x80, 0xbf, 0x47, 0xeb, 0xe5, 0x42, 0x74,
- 0x14, 0xc8, 0x0b, 0xbb, 0x10, 0x42, 0x37, 0x56, 0xd4, 0x6a, 0x99, 0x9a, 0x06, 0xf2, 0x82, 0x36,
- 0xf8, 0xf8, 0x05, 0x5a, 0xee, 0x67, 0xe3, 0x31, 0x4b, 0xed, 0x6a, 0x08, 0x37, 0xe9, 0x3c, 0x01,
- 0xa2, 0x96, 0xa2, 0xc9, 0x3f, 0x8e, 0xc7, 0x92, 0x29, 0xbb, 0x1b, 0x36, 0xc9, 0x02, 0x20, 0x6a,
- 0x29, 0x9a, 0xfc, 0x96, 0x25, 0xb1, 0x3a, 0xb7, 0xbb, 0x61, 0x93, 0x3c, 0x01, 0x88, 0x5a, 0x4a,
- 0xe7, 0xaf, 0xa8, 0x6d, 0xdb, 0x11, 0xd2, 0x7e, 0x81, 0x96, 0xa0, 0xba, 0x26, 0xf1, 0x27, 0x45,
- 0xee, 0x6d, 0xce, 0x82, 0x34, 0x98, 0x32, 0xc5, 0x52, 0xe3, 0x0f, 0x45, 0x06, 0x12, 0xee, 0xa2,
- 0x7b, 0x66, 0x2f, 0x33, 0xb9, 0x93, 0x22, 0xf7, 0xb6, 0xae, 0xb0, 0xcd, 0x6e, 0x66, 0x68, 0x9d,
- 0x7f, 0x2f, 0xa0, 0x8d, 0x46, 0xfb, 0xde, 0x14, 0xce, 0x29, 0xe7, 0x6a, 0xb8, 0xdf, 0xa3, 0x15,
- 0xfb, 0xaa, 0xf5, 0x62, 0x5f, 0xe1, 0x5b, 0xb9, 0xd1, 0x92, 0x8a, 0x79, 0x23, 0x41, 0xfb, 0x87,
- 0xd6, 0xf3, 0x3b, 0x04, 0x56, 0x63, 0xf7, 0xbd, 0x22, 0xf7, 0x3e, 0xbf, 0x39, 0x82, 0x91, 0x5a,
- 0xa3, 0x78, 0x31, 0x42, 0x55, 0x13, 0x49, 0xb2, 0xf4, 0x7f, 0xa5, 0xdc, 0xe8, 0x38, 0xb3, 0x7e,
- 0x5f, 0x89, 0x55, 0xcd, 0x21, 0x49, 0x6b, 0x47, 0xf7, 0xe9, 0xcf, 0x9f, 0x76, 0x5b, 0x1f, 0x3f,
- 0xed, 0xb6, 0xfe, 0xf3, 0x69, 0xb7, 0xf5, 0xd3, 0x20, 0xe6, 0xea, 0x3c, 0x3b, 0xd3, 0x7f, 0x13,
- 0xf5, 0x20, 0x52, 0x0f, 0x22, 0xf5, 0x64, 0x74, 0xd1, 0x9b, 0x1f, 0x98, 0xff, 0xad, 0xe8, 0x99,
- 0x90, 0x7f, 0xbc, 0xf5, 0x65, 0xce, 0x96, 0x81, 0xf7, 0xed, 0xff, 0x02, 0x00, 0x00, 0xff, 0xff,
- 0x48, 0x0a, 0x71, 0xa1, 0x19, 0x11, 0x00, 0x00,
+ // 1646 bytes of a gzipped FileDescriptorProto
+ 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x57, 0xdd, 0x6e, 0xdc, 0xc6,
+ 0x15, 0xee, 0xca, 0xb2, 0x7e, 0x66, 0x25, 0xd9, 0x1e, 0x39, 0xf6, 0x48, 0x71, 0x44, 0x75, 0x9d,
+ 0xb8, 0x2a, 0x52, 0xec, 0xa2, 0x4a, 0x02, 0x14, 0x08, 0x10, 0xc0, 0xab, 0x75, 0x92, 0x45, 0x23,
+ 0x47, 0x98, 0x95, 0xd5, 0x22, 0x37, 0xc4, 0x88, 0x9c, 0xa5, 0x58, 0xed, 0x72, 0x58, 0xce, 0x70,
+ 0x6b, 0x3d, 0x42, 0x81, 0x3e, 0x57, 0x91, 0xcb, 0xdc, 0x17, 0x20, 0x0a, 0x5f, 0xf2, 0x05, 0x7a,
+ 0x5b, 0xcc, 0x99, 0x21, 0x87, 0xd4, 0x5f, 0xae, 0x6c, 0x9e, 0xef, 0xfb, 0xce, 0x99, 0x39, 0x3f,
+ 0xb3, 0x47, 0xa8, 0xcb, 0x17, 0x3c, 0x51, 0xfd, 0x34, 0x13, 0x4a, 0xe0, 0x9d, 0xe9, 0x57, 0xfd,
+ 0x24, 0x8a, 0x93, 0xf7, 0x7d, 0x16, 0x69, 0xab, 0x0c, 0x2f, 0xfb, 0x80, 0xcb, 0x5d, 0x14, 0x89,
+ 0x48, 0x18, 0xda, 0xae, 0x17, 0x09, 0x11, 0xcd, 0xf8, 0x00, 0xbe, 0xce, 0xf3, 0xe9, 0x40, 0xc5,
+ 0x73, 0x2e, 0x15, 0x9b, 0xa7, 0x96, 0xb0, 0x1d, 0x88, 0xf9, 0x5c, 0x24, 0x03, 0xf3, 0x8f, 0x31,
+ 0xf6, 0x7e, 0x5e, 0x42, 0x6b, 0xc7, 0x5c, 0xb1, 0x90, 0x29, 0x86, 0x7b, 0x68, 0xe5, 0x58, 0x84,
+ 0xf9, 0x8c, 0x93, 0xce, 0x7e, 0xe7, 0x60, 0x7d, 0x88, 0xca, 0xc2, 0x5b, 0x99, 0x83, 0x85, 0x5a,
+ 0x04, 0xbf, 0x40, 0xcb, 0xef, 0xde, 0x8d, 0x47, 0x64, 0x09, 0x18, 0x6b, 0x65, 0xe1, 0x2d, 0xe7,
+ 0x79, 0x1c, 0x52, 0xb0, 0xe2, 0x3f, 0xa1, 0xcd, 0x23, 0x91, 0x65, 0x7c, 0xc6, 0x54, 0x2c, 0x92,
+ 0xf1, 0x88, 0x3c, 0x00, 0x1a, 0x2e, 0x0b, 0x6f, 0x2b, 0x70, 0x80, 0x1f, 0x87, 0xb4, 0x4d, 0xc4,
+ 0xdf, 0xa1, 0xf5, 0xd3, 0xea, 0xc0, 0x64, 0x79, 0xbf, 0x73, 0xd0, 0x3d, 0xdc, 0xed, 0x9b, 0x2b,
+ 0xf5, 0xab, 0x2b, 0xf5, 0x6b, 0xc6, 0x70, 0xb3, 0x2c, 0xbc, 0xf5, 0xfa, 0x86, 0xd4, 0x69, 0xf1,
+ 0x00, 0xa1, 0x37, 0x3a, 0x3b, 0x3f, 0xf0, 0x05, 0x9f, 0x91, 0x87, 0x10, 0xff, 0x51, 0x59, 0x78,
+ 0x26, 0xa7, 0xfe, 0x4c, 0x9b, 0x69, 0x83, 0xa2, 0x6f, 0x74, 0x7a, 0x95, 0x72, 0xb2, 0xe2, 0x6e,
+ 0xa4, 0xae, 0x52, 0x4e, 0xc1, 0x8a, 0x0f, 0xd0, 0xda, 0x11, 0x53, 0x3c, 0x12, 0xd9, 0x15, 0x59,
+ 0x05, 0xc6, 0x46, 0x59, 0x78, 0x6b, 0x81, 0xb5, 0xd1, 0x1a, 0xed, 0xfd, 0xb2, 0x84, 0x1e, 0x82,
+ 0x5b, 0x7c, 0xec, 0x72, 0x0a, 0x99, 0xec, 0x1e, 0xbe, 0xec, 0xdf, 0x59, 0xc4, 0x7e, 0x45, 0x35,
+ 0x8e, 0xe7, 0xf6, 0x8b, 0xba, 0xb2, 0x84, 0x68, 0xf3, 0x75, 0xa0, 0xe2, 0x45, 0xac, 0xae, 0xc0,
+ 0x3f, 0xe4, 0xbe, 0x7b, 0x78, 0x70, 0x8f, 0xcf, 0x16, 0xdf, 0xa4, 0x9f, 0x59, 0x93, 0x0f, 0x94,
+ 0xef, 0x7f, 0x43, 0xdb, 0x4e, 0xf1, 0x3f, 0x3b, 0xe8, 0xd9, 0x84, 0x07, 0x79, 0x16, 0xab, 0xab,
+ 0xb3, 0x58, 0x98, 0xc2, 0x98, 0x78, 0x0f, 0x20, 0xde, 0x1f, 0xef, 0x89, 0x77, 0xbb, 0x70, 0xf8,
+ 0xa2, 0x2c, 0x3c, 0x22, 0x2d, 0xe6, 0x2f, 0x2a, 0xb0, 0x3e, 0xc2, 0x1d, 0x01, 0x87, 0x2b, 0x68,
+ 0x59, 0xdf, 0xbc, 0x37, 0x41, 0x5d, 0x30, 0x50, 0x9e, 0x8a, 0x4c, 0xe1, 0x11, 0x5a, 0x81, 0x4f,
+ 0x49, 0x3a, 0xfb, 0x0f, 0x0e, 0xba, 0x87, 0xfb, 0xf7, 0x9c, 0xc8, 0x38, 0x82, 0x0e, 0x36, 0x16,
+ 0x6a, 0xb5, 0xbd, 0x7f, 0x75, 0xae, 0xe5, 0x13, 0x7f, 0x86, 0x56, 0x8f, 0xb9, 0x94, 0x2c, 0xaa,
+ 0x1a, 0xbf, 0x5b, 0x16, 0xde, 0xea, 0xdc, 0x98, 0x68, 0x85, 0xe1, 0x53, 0x84, 0x46, 0xf1, 0x9c,
+ 0x27, 0x32, 0x16, 0x89, 0x24, 0x4b, 0x70, 0x84, 0x4f, 0x6f, 0x3b, 0x82, 0x9d, 0xb0, 0x9a, 0x3c,
+ 0xdc, 0x2a, 0x0b, 0x0f, 0x85, 0xb5, 0x96, 0x36, 0xfc, 0xf4, 0xfe, 0xf3, 0xe4, 0xae, 0xbc, 0xeb,
+ 0x56, 0x3e, 0x11, 0xb3, 0x38, 0xb8, 0x7a, 0xcb, 0xe6, 0xd5, 0xd1, 0xa0, 0x95, 0x53, 0xb0, 0xfa,
+ 0x09, 0x9b, 0x73, 0xda, 0xa0, 0xe0, 0x3f, 0xa0, 0xf5, 0x49, 0x9e, 0xea, 0x5c, 0xd5, 0x13, 0x0a,
+ 0xa1, 0xa5, 0x31, 0xea, 0xb1, 0x73, 0x04, 0x7d, 0xed, 0x1f, 0x73, 0x15, 0x88, 0x39, 0xb7, 0x63,
+ 0x0a, 0xd7, 0x16, 0xc6, 0x44, 0x2b, 0x4c, 0xcf, 0xb4, 0xfd, 0x2f, 0xe5, 0x4c, 0x8a, 0x04, 0xa6,
+ 0xd3, 0xce, 0xb4, 0x25, 0xfb, 0x19, 0x20, 0xb4, 0x4d, 0xc4, 0x7f, 0x41, 0xcf, 0x87, 0x33, 0x11,
+ 0x5c, 0xc6, 0x49, 0xf4, 0xe6, 0x7d, 0xc0, 0x53, 0x7d, 0x33, 0xeb, 0xc3, 0xcc, 0xe5, 0x27, 0x65,
+ 0xe1, 0xed, 0x9c, 0x5b, 0x8a, 0xcf, 0x2b, 0x4e, 0xe5, 0xee, 0x2e, 0x35, 0x3c, 0x54, 0x5c, 0x5d,
+ 0x88, 0xd0, 0x0e, 0xad, 0x79, 0xa8, 0xc0, 0x42, 0x2d, 0xa2, 0x07, 0xf7, 0x44, 0xbf, 0x1b, 0x81,
+ 0x98, 0x35, 0x07, 0x37, 0xb5, 0x36, 0x5a, 0xa3, 0xf8, 0x04, 0x91, 0xbf, 0x7e, 0x2b, 0xb2, 0x7f,
+ 0xb0, 0x2c, 0xe4, 0xe1, 0xb7, 0x22, 0xfb, 0x9e, 0xb3, 0x90, 0x67, 0x67, 0x6c, 0x96, 0x73, 0xb2,
+ 0x06, 0xca, 0xa7, 0x65, 0xe1, 0x3d, 0x7e, 0x3f, 0x9d, 0xfa, 0x17, 0x00, 0xf9, 0x0b, 0x8d, 0xd1,
+ 0x3b, 0x55, 0x78, 0x07, 0x3d, 0x78, 0x47, 0xc7, 0x64, 0x1d, 0xc4, 0xab, 0x65, 0xe1, 0x3d, 0xc8,
+ 0xb3, 0x98, 0x6a, 0x9b, 0x4e, 0x3a, 0xe5, 0x7f, 0xcf, 0xb9, 0x54, 0x04, 0xb9, 0xa4, 0x67, 0xc6,
+ 0x44, 0x2b, 0x0c, 0x1f, 0xa2, 0xee, 0x58, 0x9e, 0x66, 0x79, 0xa2, 0x1f, 0x9a, 0x90, 0x74, 0x81,
+ 0xfa, 0xb8, 0x2c, 0xbc, 0x8d, 0x58, 0xfa, 0xaa, 0xb2, 0xd3, 0x26, 0x49, 0x17, 0xca, 0xca, 0x27,
+ 0x8a, 0xa9, 0x5c, 0x92, 0x0d, 0x57, 0x28, 0x1b, 0xc0, 0x97, 0x80, 0xd0, 0x36, 0x11, 0x7f, 0x85,
+ 0x36, 0x28, 0x97, 0xa9, 0x48, 0x24, 0x3f, 0x12, 0x21, 0x27, 0x9b, 0x20, 0x7c, 0x52, 0x16, 0xde,
+ 0x66, 0x66, 0xed, 0x7e, 0x20, 0x42, 0x4e, 0x5b, 0x34, 0xdd, 0x9f, 0x13, 0x9e, 0x2d, 0x78, 0xf6,
+ 0x3a, 0x0c, 0x33, 0xb2, 0xe5, 0xfa, 0x53, 0x82, 0xd5, 0x67, 0x61, 0x98, 0xd1, 0x06, 0x05, 0xbf,
+ 0x44, 0x2b, 0x67, 0x13, 0x68, 0xe6, 0x47, 0xee, 0xee, 0x0b, 0x69, 0x1a, 0xd9, 0x42, 0xda, 0x2b,
+ 0xe5, 0x73, 0xa1, 0x38, 0x78, 0x7d, 0xec, 0xbc, 0x66, 0x60, 0xb5, 0x5e, 0x1d, 0x05, 0x7f, 0x59,
+ 0x09, 0x4e, 0x44, 0xa6, 0xc8, 0x13, 0x57, 0xb1, 0x90, 0x4b, 0x15, 0x27, 0xe6, 0xc9, 0xd1, 0x3d,
+ 0x4f, 0x1b, 0x3c, 0x77, 0x78, 0x50, 0xe1, 0x1b, 0x87, 0x37, 0x02, 0x47, 0xc1, 0x7d, 0x84, 0xea,
+ 0xf9, 0x94, 0x64, 0xdb, 0x4d, 0x57, 0xfd, 0xae, 0x49, 0xda, 0x60, 0xe8, 0x72, 0x4c, 0xf2, 0xf3,
+ 0x86, 0xe4, 0xa9, 0x2b, 0x87, 0xcc, 0xcf, 0xfd, 0x86, 0xac, 0x4d, 0xc4, 0xdf, 0xa0, 0x47, 0xf5,
+ 0x17, 0x65, 0x2a, 0x4e, 0x22, 0xf2, 0x91, 0xbb, 0x95, 0x7b, 0x46, 0x33, 0xc0, 0xe8, 0x75, 0x32,
+ 0xfe, 0x02, 0x75, 0x27, 0x71, 0x34, 0xe1, 0x4a, 0xe7, 0x53, 0x92, 0x67, 0xae, 0x9a, 0x32, 0x8e,
+ 0x7c, 0xc9, 0x15, 0x24, 0x5c, 0xd2, 0x26, 0x0b, 0xbf, 0x42, 0xab, 0x93, 0x38, 0x3a, 0x3a, 0x7b,
+ 0x23, 0xc9, 0x73, 0x37, 0x2e, 0x5a, 0x10, 0x2c, 0xb8, 0xa4, 0x15, 0xa8, 0x3b, 0xf3, 0x68, 0x16,
+ 0xf3, 0x44, 0x1d, 0xcd, 0x98, 0x94, 0x84, 0xb8, 0xce, 0x0c, 0xc0, 0xec, 0x07, 0xda, 0x4e, 0x9b,
+ 0x24, 0x3c, 0x42, 0x4f, 0xcc, 0xe7, 0xeb, 0x34, 0x9d, 0xc5, 0x01, 0x9c, 0x95, 0xec, 0x80, 0xf2,
+ 0x59, 0x59, 0x78, 0xd8, 0x2a, 0x99, 0x43, 0xe9, 0x4d, 0x01, 0xfe, 0x09, 0x91, 0x1b, 0xc6, 0x33,
+ 0x9e, 0xe9, 0x67, 0x94, 0xec, 0x82, 0xb3, 0xbd, 0xb2, 0xf0, 0x76, 0x6f, 0x3a, 0xf3, 0x17, 0x86,
+ 0x45, 0xef, 0xd4, 0xeb, 0xd7, 0x62, 0xc2, 0x17, 0x5c, 0x3f, 0xc2, 0xe4, 0xe3, 0xc6, 0xf5, 0xad,
+ 0x8d, 0xd6, 0x28, 0xfe, 0x33, 0xda, 0x3e, 0xbd, 0xc8, 0x38, 0x53, 0x47, 0x6c, 0x9e, 0xb2, 0x38,
+ 0x4a, 0x4c, 0x92, 0x5f, 0x80, 0x68, 0xa7, 0x2c, 0xbc, 0x8f, 0x14, 0xc0, 0x7e, 0x60, 0x71, 0x9b,
+ 0xec, 0xdb, 0x54, 0x7a, 0xf0, 0x86, 0x42, 0xbd, 0x4e, 0xc4, 0x9c, 0xcd, 0x62, 0x2e, 0xc9, 0x27,
+ 0xae, 0x54, 0xe7, 0x42, 0xf9, 0xac, 0x02, 0x68, 0x8b, 0xa6, 0x6b, 0x30, 0x14, 0xaa, 0xde, 0x4b,
+ 0xf6, 0x5c, 0x0d, 0xb4, 0xaa, 0xde, 0x4d, 0x9a, 0x24, 0xfc, 0x16, 0x3d, 0x7d, 0x93, 0x4c, 0x45,
+ 0x16, 0xf0, 0xb0, 0x15, 0xd2, 0x03, 0xf1, 0x6e, 0x59, 0x78, 0xcf, 0xb8, 0xc5, 0xfd, 0x76, 0xec,
+ 0x5b, 0x75, 0x78, 0x88, 0x1e, 0x0f, 0x85, 0x9a, 0xc4, 0x51, 0xc2, 0x54, 0x9e, 0x71, 0x98, 0xea,
+ 0x7d, 0x57, 0x52, 0xed, 0x42, 0x56, 0xa0, 0x19, 0xf0, 0x1b, 0x7c, 0xdd, 0x17, 0x75, 0xef, 0x1e,
+ 0x89, 0x44, 0xf1, 0xf7, 0x4a, 0x92, 0xdf, 0x3a, 0x27, 0xae, 0xd5, 0x03, 0x8b, 0xd2, 0x9b, 0x02,
+ 0xcc, 0xd1, 0x96, 0x1b, 0x9e, 0x91, 0x5e, 0xba, 0x7a, 0xf0, 0xdb, 0x7c, 0xdf, 0x82, 0x54, 0x0b,
+ 0x34, 0x7f, 0xb8, 0x5d, 0x16, 0xde, 0x23, 0x37, 0x8f, 0x3e, 0x2c, 0x60, 0xd7, 0x9c, 0xe2, 0xdf,
+ 0xa3, 0xb5, 0xc9, 0x95, 0x54, 0x7c, 0x3e, 0x1e, 0x91, 0x97, 0x70, 0x46, 0x58, 0x42, 0x25, 0xd8,
+ 0xf4, 0x4f, 0x6b, 0x0d, 0xeb, 0xb2, 0x8e, 0x13, 0xa9, 0x58, 0x12, 0xf0, 0x53, 0x16, 0x49, 0xf2,
+ 0xa9, 0x2b, 0x6b, 0x6c, 0xed, 0xbe, 0x62, 0x91, 0xa4, 0x2d, 0x9a, 0x7e, 0x31, 0xaa, 0xef, 0xef,
+ 0x32, 0x91, 0xa7, 0xe4, 0x33, 0xf7, 0x62, 0xd4, 0xba, 0x48, 0x23, 0xb4, 0x4d, 0xd4, 0x0d, 0x31,
+ 0x8a, 0x65, 0x3a, 0x63, 0x66, 0x55, 0x78, 0xe5, 0x1a, 0x22, 0x34, 0x66, 0x53, 0x81, 0x26, 0x49,
+ 0x0f, 0xfc, 0x5b, 0x9d, 0x9c, 0xf1, 0x88, 0xfc, 0xce, 0x75, 0x3c, 0xe4, 0x4b, 0xdf, 0xa6, 0x02,
+ 0xf1, 0xd7, 0x68, 0xeb, 0x84, 0x65, 0x7a, 0x61, 0x13, 0x52, 0x69, 0x37, 0xe4, 0x00, 0xe8, 0x90,
+ 0xb4, 0x14, 0x10, 0xff, 0xc2, 0x42, 0xf4, 0x1a, 0xb5, 0xf7, 0xbf, 0x0e, 0xda, 0xac, 0x6b, 0x0e,
+ 0x69, 0xf4, 0xd0, 0xd2, 0x78, 0xd4, 0x5c, 0x66, 0xf4, 0x13, 0xa3, 0x13, 0xae, 0x83, 0x2e, 0x8d,
+ 0x47, 0xf8, 0x1b, 0xb4, 0x51, 0xfd, 0xee, 0x1f, 0x33, 0x79, 0x69, 0xf7, 0x18, 0x68, 0xd0, 0x9a,
+ 0x5a, 0xef, 0x0c, 0x73, 0x26, 0x2f, 0x69, 0x8b, 0x8f, 0x3f, 0x47, 0x2b, 0xc3, 0x7c, 0x3a, 0xe5,
+ 0x99, 0xdd, 0x6a, 0xe0, 0x9c, 0x4e, 0x09, 0x10, 0xb5, 0x14, 0x4d, 0xfe, 0x71, 0x3a, 0x95, 0x5c,
+ 0xd9, 0xad, 0xa6, 0x4d, 0x16, 0x00, 0x51, 0x4b, 0xd1, 0xe4, 0x1f, 0x78, 0x12, 0xa9, 0x0b, 0xbb,
+ 0xbe, 0xb4, 0xc9, 0x33, 0x80, 0xa8, 0xa5, 0xf4, 0xfe, 0x86, 0xba, 0xb6, 0x43, 0xe1, 0xda, 0x9f,
+ 0xa3, 0xe5, 0xc6, 0x16, 0xf7, 0xbc, 0x2c, 0xbc, 0xed, 0x94, 0x65, 0x6c, 0xce, 0x15, 0xcf, 0x8c,
+ 0x1e, 0xf2, 0x07, 0x24, 0xdc, 0x47, 0x0f, 0xcd, 0xfa, 0x61, 0xee, 0x4e, 0xca, 0xc2, 0x7b, 0x7a,
+ 0x8d, 0x6d, 0x56, 0x10, 0x43, 0xeb, 0xfd, 0x7b, 0x09, 0x6d, 0xb6, 0x3a, 0xfa, 0xb6, 0x70, 0x6e,
+ 0x98, 0xae, 0x87, 0xfb, 0x12, 0xad, 0xda, 0xa3, 0x36, 0x93, 0x7d, 0x8d, 0x6f, 0x27, 0x90, 0x56,
+ 0x54, 0x1c, 0xb7, 0x2e, 0x68, 0xff, 0x48, 0x78, 0x75, 0xcf, 0xcc, 0x35, 0xd8, 0x43, 0xaf, 0x2c,
+ 0xbc, 0x8f, 0x6f, 0x8f, 0x60, 0xa6, 0xaf, 0x95, 0xbc, 0x08, 0xa1, 0xba, 0x89, 0x24, 0x59, 0xfe,
+ 0xd5, 0xe9, 0x6e, 0x75, 0x9c, 0xd9, 0x32, 0xaf, 0xc5, 0xaa, 0x9f, 0x26, 0x49, 0x1b, 0xae, 0x87,
+ 0xf4, 0xe7, 0x0f, 0x7b, 0x9d, 0x5f, 0x3e, 0xec, 0x75, 0xfe, 0xfb, 0x61, 0xaf, 0xf3, 0xd3, 0x28,
+ 0x8a, 0xd5, 0x45, 0x7e, 0xae, 0xf7, 0xf9, 0x01, 0x44, 0x1a, 0x40, 0xa4, 0x81, 0x0c, 0x2f, 0x07,
+ 0x8b, 0x43, 0xf3, 0x97, 0xf6, 0xc0, 0x84, 0xfc, 0xfa, 0xce, 0xc3, 0x9c, 0xaf, 0x00, 0xef, 0x8b,
+ 0xff, 0x07, 0x00, 0x00, 0xff, 0xff, 0x89, 0xc8, 0x71, 0xe0, 0xd5, 0x0f, 0x00, 0x00,
}
func (m *Metadata) Marshal() (dAtA []byte, err error) {
@@ -1361,14 +1288,23 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i -= len(m.XXX_unrecognized)
copy(dAtA[i:], m.XXX_unrecognized)
}
+ if len(m.ParentHostname) > 0 {
+ i -= len(m.ParentHostname)
+ copy(dAtA[i:], m.ParentHostname)
+ i = encodeVarintEvent(dAtA, i, uint64(len(m.ParentHostname)))
+ i--
+ dAtA[i] = 0x2
+ i--
+ dAtA[i] = 0xc2
+ }
if len(m.NginxID) > 0 {
i -= len(m.NginxID)
copy(dAtA[i:], m.NginxID)
i = encodeVarintEvent(dAtA, i, uint64(len(m.NginxID)))
i--
- dAtA[i] = 0x3
+ dAtA[i] = 0x2
i--
- dAtA[i] = 0x82
+ dAtA[i] = 0xba
}
if len(m.DisplayName) > 0 {
i -= len(m.DisplayName)
@@ -1377,7 +1313,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x2
i--
- dAtA[i] = 0xfa
+ dAtA[i] = 0xb2
}
if len(m.InstanceGroup) > 0 {
i -= len(m.InstanceGroup)
@@ -1386,7 +1322,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x2
i--
- dAtA[i] = 0xf2
+ dAtA[i] = 0xaa
}
if len(m.InstanceTags) > 0 {
i -= len(m.InstanceTags)
@@ -1395,16 +1331,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x2
i--
- dAtA[i] = 0xea
- }
- if len(m.Hostname) > 0 {
- i -= len(m.Hostname)
- copy(dAtA[i:], m.Hostname)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.Hostname)))
- i--
- dAtA[i] = 0x2
- i--
- dAtA[i] = 0xe2
+ dAtA[i] = 0xa2
}
if len(m.SystemID) > 0 {
i -= len(m.SystemID)
@@ -1413,7 +1340,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x2
i--
- dAtA[i] = 0xda
+ dAtA[i] = 0x9a
}
if len(m.ViolationsData) > 0 {
for iNdEx := len(m.ViolationsData) - 1; iNdEx >= 0; iNdEx-- {
@@ -1428,7 +1355,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x2
i--
- dAtA[i] = 0xd2
+ dAtA[i] = 0x92
}
}
if len(m.ViolationContexts) > 0 {
@@ -1438,7 +1365,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x2
i--
- dAtA[i] = 0xca
+ dAtA[i] = 0x8a
}
if len(m.BotSignatureName) > 0 {
i -= len(m.BotSignatureName)
@@ -1447,79 +1374,61 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x2
i--
- dAtA[i] = 0xc2
+ dAtA[i] = 0x82
}
if len(m.EnforcedBotAnomalies) > 0 {
i -= len(m.EnforcedBotAnomalies)
copy(dAtA[i:], m.EnforcedBotAnomalies)
i = encodeVarintEvent(dAtA, i, uint64(len(m.EnforcedBotAnomalies)))
i--
- dAtA[i] = 0x2
+ dAtA[i] = 0x1
i--
- dAtA[i] = 0xba
+ dAtA[i] = 0xfa
}
if len(m.BotCategory) > 0 {
i -= len(m.BotCategory)
copy(dAtA[i:], m.BotCategory)
i = encodeVarintEvent(dAtA, i, uint64(len(m.BotCategory)))
i--
- dAtA[i] = 0x2
+ dAtA[i] = 0x1
i--
- dAtA[i] = 0xb2
+ dAtA[i] = 0xf2
}
if len(m.BotAnomalies) > 0 {
i -= len(m.BotAnomalies)
copy(dAtA[i:], m.BotAnomalies)
i = encodeVarintEvent(dAtA, i, uint64(len(m.BotAnomalies)))
i--
- dAtA[i] = 0x2
+ dAtA[i] = 0x1
i--
- dAtA[i] = 0xaa
+ dAtA[i] = 0xea
}
if len(m.ThreatCampaignNames) > 0 {
i -= len(m.ThreatCampaignNames)
copy(dAtA[i:], m.ThreatCampaignNames)
i = encodeVarintEvent(dAtA, i, uint64(len(m.ThreatCampaignNames)))
i--
- dAtA[i] = 0x2
- i--
- dAtA[i] = 0xa2
- }
- if len(m.Priority) > 0 {
- i -= len(m.Priority)
- copy(dAtA[i:], m.Priority)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.Priority)))
- i--
- dAtA[i] = 0x2
- i--
- dAtA[i] = 0x9a
- }
- if len(m.SeverityLabel) > 0 {
- i -= len(m.SeverityLabel)
- copy(dAtA[i:], m.SeverityLabel)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.SeverityLabel)))
- i--
- dAtA[i] = 0x2
+ dAtA[i] = 0x1
i--
- dAtA[i] = 0x92
+ dAtA[i] = 0xe2
}
if len(m.Severity) > 0 {
i -= len(m.Severity)
copy(dAtA[i:], m.Severity)
i = encodeVarintEvent(dAtA, i, uint64(len(m.Severity)))
i--
- dAtA[i] = 0x2
+ dAtA[i] = 0x1
i--
- dAtA[i] = 0x8a
+ dAtA[i] = 0xda
}
if len(m.ClientApplicationVersion) > 0 {
i -= len(m.ClientApplicationVersion)
copy(dAtA[i:], m.ClientApplicationVersion)
i = encodeVarintEvent(dAtA, i, uint64(len(m.ClientApplicationVersion)))
i--
- dAtA[i] = 0x2
+ dAtA[i] = 0x1
i--
- dAtA[i] = 0x82
+ dAtA[i] = 0xd2
}
if len(m.ClientApplication) > 0 {
i -= len(m.ClientApplication)
@@ -1528,7 +1437,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xfa
+ dAtA[i] = 0xca
}
if len(m.ClientClass) > 0 {
i -= len(m.ClientClass)
@@ -1537,7 +1446,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xf2
+ dAtA[i] = 0xc2
}
if len(m.SigCVEs) > 0 {
i -= len(m.SigCVEs)
@@ -1546,7 +1455,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xea
+ dAtA[i] = 0xba
}
if len(m.SigSetNames) > 0 {
i -= len(m.SigSetNames)
@@ -1555,25 +1464,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xe2
- }
- if len(m.SigNames) > 0 {
- i -= len(m.SigNames)
- copy(dAtA[i:], m.SigNames)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.SigNames)))
- i--
- dAtA[i] = 0x1
- i--
- dAtA[i] = 0xda
- }
- if len(m.SigID) > 0 {
- i -= len(m.SigID)
- copy(dAtA[i:], m.SigID)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.SigID)))
- i--
- dAtA[i] = 0x1
- i--
- dAtA[i] = 0xd2
+ dAtA[i] = 0xb2
}
if len(m.ViolationRating) > 0 {
i -= len(m.ViolationRating)
@@ -1582,7 +1473,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xca
+ dAtA[i] = 0xaa
}
if len(m.SubViolations) > 0 {
i -= len(m.SubViolations)
@@ -1591,7 +1482,7 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xc2
+ dAtA[i] = 0xa2
}
if len(m.Violations) > 0 {
i -= len(m.Violations)
@@ -1600,174 +1491,138 @@ func (m *SecurityViolationEvent) MarshalToSizedBuffer(dAtA []byte) (int, error)
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xba
+ dAtA[i] = 0x9a
}
- if len(m.SourcePort) > 0 {
- i -= len(m.SourcePort)
- copy(dAtA[i:], m.SourcePort)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.SourcePort)))
+ if len(m.ServerPort) > 0 {
+ i -= len(m.ServerPort)
+ copy(dAtA[i:], m.ServerPort)
+ i = encodeVarintEvent(dAtA, i, uint64(len(m.ServerPort)))
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xb2
+ dAtA[i] = 0x92
}
- if len(m.DestinationPort) > 0 {
- i -= len(m.DestinationPort)
- copy(dAtA[i:], m.DestinationPort)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.DestinationPort)))
+ if len(m.RemotePort) > 0 {
+ i -= len(m.RemotePort)
+ copy(dAtA[i:], m.RemotePort)
+ i = encodeVarintEvent(dAtA, i, uint64(len(m.RemotePort)))
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xaa
+ dAtA[i] = 0x8a
}
- if len(m.IPClient) > 0 {
- i -= len(m.IPClient)
- copy(dAtA[i:], m.IPClient)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.IPClient)))
+ if len(m.RemoteAddr) > 0 {
+ i -= len(m.RemoteAddr)
+ copy(dAtA[i:], m.RemoteAddr)
+ i = encodeVarintEvent(dAtA, i, uint64(len(m.RemoteAddr)))
i--
dAtA[i] = 0x1
i--
- dAtA[i] = 0xa2
+ dAtA[i] = 0x82
}
if len(m.VSName) > 0 {
i -= len(m.VSName)
copy(dAtA[i:], m.VSName)
i = encodeVarintEvent(dAtA, i, uint64(len(m.VSName)))
i--
- dAtA[i] = 0x1
- i--
- dAtA[i] = 0x9a
- }
- if len(m.SourceHost) > 0 {
- i -= len(m.SourceHost)
- copy(dAtA[i:], m.SourceHost)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.SourceHost)))
- i--
- dAtA[i] = 0x1
- i--
- dAtA[i] = 0x92
- }
- if len(m.UnitHostname) > 0 {
- i -= len(m.UnitHostname)
- copy(dAtA[i:], m.UnitHostname)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.UnitHostname)))
- i--
- dAtA[i] = 0x1
- i--
- dAtA[i] = 0x8a
- }
- if len(m.Host) > 0 {
- i -= len(m.Host)
- copy(dAtA[i:], m.Host)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.Host)))
- i--
- dAtA[i] = 0x1
- i--
- dAtA[i] = 0x82
+ dAtA[i] = 0x7a
}
- if len(m.GeoIP) > 0 {
- i -= len(m.GeoIP)
- copy(dAtA[i:], m.GeoIP)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.GeoIP)))
+ if len(m.ServerAddr) > 0 {
+ i -= len(m.ServerAddr)
+ copy(dAtA[i:], m.ServerAddr)
+ i = encodeVarintEvent(dAtA, i, uint64(len(m.ServerAddr)))
i--
- dAtA[i] = 0x7a
+ dAtA[i] = 0x72
}
if len(m.ResponseCode) > 0 {
i -= len(m.ResponseCode)
copy(dAtA[i:], m.ResponseCode)
i = encodeVarintEvent(dAtA, i, uint64(len(m.ResponseCode)))
i--
- dAtA[i] = 0x72
+ dAtA[i] = 0x6a
}
if len(m.RequestStatus) > 0 {
i -= len(m.RequestStatus)
copy(dAtA[i:], m.RequestStatus)
i = encodeVarintEvent(dAtA, i, uint64(len(m.RequestStatus)))
i--
- dAtA[i] = 0x6a
+ dAtA[i] = 0x62
}
if len(m.IsTruncated) > 0 {
i -= len(m.IsTruncated)
copy(dAtA[i:], m.IsTruncated)
i = encodeVarintEvent(dAtA, i, uint64(len(m.IsTruncated)))
i--
- dAtA[i] = 0x62
+ dAtA[i] = 0x5a
}
if len(m.Request) > 0 {
i -= len(m.Request)
copy(dAtA[i:], m.Request)
i = encodeVarintEvent(dAtA, i, uint64(len(m.Request)))
i--
- dAtA[i] = 0x5a
+ dAtA[i] = 0x52
}
if len(m.URI) > 0 {
i -= len(m.URI)
copy(dAtA[i:], m.URI)
i = encodeVarintEvent(dAtA, i, uint64(len(m.URI)))
i--
- dAtA[i] = 0x52
+ dAtA[i] = 0x4a
}
if len(m.XForwardedForHeaderValue) > 0 {
i -= len(m.XForwardedForHeaderValue)
copy(dAtA[i:], m.XForwardedForHeaderValue)
i = encodeVarintEvent(dAtA, i, uint64(len(m.XForwardedForHeaderValue)))
i--
- dAtA[i] = 0x4a
+ dAtA[i] = 0x42
}
if len(m.Protocol) > 0 {
i -= len(m.Protocol)
copy(dAtA[i:], m.Protocol)
i = encodeVarintEvent(dAtA, i, uint64(len(m.Protocol)))
i--
- dAtA[i] = 0x42
+ dAtA[i] = 0x3a
}
if len(m.Method) > 0 {
i -= len(m.Method)
copy(dAtA[i:], m.Method)
i = encodeVarintEvent(dAtA, i, uint64(len(m.Method)))
i--
- dAtA[i] = 0x3a
+ dAtA[i] = 0x32
}
if len(m.BlockingExceptionReason) > 0 {
i -= len(m.BlockingExceptionReason)
copy(dAtA[i:], m.BlockingExceptionReason)
i = encodeVarintEvent(dAtA, i, uint64(len(m.BlockingExceptionReason)))
i--
- dAtA[i] = 0x32
+ dAtA[i] = 0x2a
}
if len(m.OutcomeReason) > 0 {
i -= len(m.OutcomeReason)
copy(dAtA[i:], m.OutcomeReason)
i = encodeVarintEvent(dAtA, i, uint64(len(m.OutcomeReason)))
i--
- dAtA[i] = 0x2a
+ dAtA[i] = 0x22
}
if len(m.Outcome) > 0 {
i -= len(m.Outcome)
copy(dAtA[i:], m.Outcome)
i = encodeVarintEvent(dAtA, i, uint64(len(m.Outcome)))
i--
- dAtA[i] = 0x22
+ dAtA[i] = 0x1a
}
if len(m.SupportID) > 0 {
i -= len(m.SupportID)
copy(dAtA[i:], m.SupportID)
i = encodeVarintEvent(dAtA, i, uint64(len(m.SupportID)))
i--
- dAtA[i] = 0x1a
+ dAtA[i] = 0x12
}
if len(m.PolicyName) > 0 {
i -= len(m.PolicyName)
copy(dAtA[i:], m.PolicyName)
i = encodeVarintEvent(dAtA, i, uint64(len(m.PolicyName)))
i--
- dAtA[i] = 0x12
- }
- if len(m.DateTime) > 0 {
- i -= len(m.DateTime)
- copy(dAtA[i:], m.DateTime)
- i = encodeVarintEvent(dAtA, i, uint64(len(m.DateTime)))
- i--
dAtA[i] = 0xa
}
return len(dAtA) - i, nil
@@ -2083,10 +1938,6 @@ func (m *SecurityViolationEvent) Size() (n int) {
}
var l int
_ = l
- l = len(m.DateTime)
- if l > 0 {
- n += 1 + l + sovEvent(uint64(l))
- }
l = len(m.PolicyName)
if l > 0 {
n += 1 + l + sovEvent(uint64(l))
@@ -2139,35 +1990,23 @@ func (m *SecurityViolationEvent) Size() (n int) {
if l > 0 {
n += 1 + l + sovEvent(uint64(l))
}
- l = len(m.GeoIP)
+ l = len(m.ServerAddr)
if l > 0 {
n += 1 + l + sovEvent(uint64(l))
}
- l = len(m.Host)
- if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
- }
- l = len(m.UnitHostname)
- if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
- }
- l = len(m.SourceHost)
- if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
- }
l = len(m.VSName)
if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
+ n += 1 + l + sovEvent(uint64(l))
}
- l = len(m.IPClient)
+ l = len(m.RemoteAddr)
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
}
- l = len(m.DestinationPort)
+ l = len(m.RemotePort)
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
}
- l = len(m.SourcePort)
+ l = len(m.ServerPort)
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
}
@@ -2183,14 +2022,6 @@ func (m *SecurityViolationEvent) Size() (n int) {
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
}
- l = len(m.SigID)
- if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
- }
- l = len(m.SigNames)
- if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
- }
l = len(m.SigSetNames)
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
@@ -2215,14 +2046,6 @@ func (m *SecurityViolationEvent) Size() (n int) {
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
}
- l = len(m.SeverityLabel)
- if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
- }
- l = len(m.Priority)
- if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
- }
l = len(m.ThreatCampaignNames)
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
@@ -2257,10 +2080,6 @@ func (m *SecurityViolationEvent) Size() (n int) {
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
}
- l = len(m.Hostname)
- if l > 0 {
- n += 2 + l + sovEvent(uint64(l))
- }
l = len(m.InstanceTags)
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
@@ -2277,6 +2096,10 @@ func (m *SecurityViolationEvent) Size() (n int) {
if l > 0 {
n += 2 + l + sovEvent(uint64(l))
}
+ l = len(m.ParentHostname)
+ if l > 0 {
+ n += 2 + l + sovEvent(uint64(l))
+ }
if m.XXX_unrecognized != nil {
n += len(m.XXX_unrecognized)
}
@@ -3040,7 +2863,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
switch fieldNum {
case 1:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field DateTime", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field PolicyName", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3068,11 +2891,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.DateTime = string(dAtA[iNdEx:postIndex])
+ m.PolicyName = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 2:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field PolicyName", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field SupportID", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3100,11 +2923,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.PolicyName = string(dAtA[iNdEx:postIndex])
+ m.SupportID = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 3:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field SupportID", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field Outcome", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3132,11 +2955,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.SupportID = string(dAtA[iNdEx:postIndex])
+ m.Outcome = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 4:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field Outcome", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field OutcomeReason", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3164,11 +2987,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.Outcome = string(dAtA[iNdEx:postIndex])
+ m.OutcomeReason = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 5:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field OutcomeReason", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field BlockingExceptionReason", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3196,11 +3019,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.OutcomeReason = string(dAtA[iNdEx:postIndex])
+ m.BlockingExceptionReason = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 6:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field BlockingExceptionReason", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field Method", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3228,11 +3051,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.BlockingExceptionReason = string(dAtA[iNdEx:postIndex])
+ m.Method = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 7:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field Method", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3260,11 +3083,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.Method = string(dAtA[iNdEx:postIndex])
+ m.Protocol = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 8:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field XForwardedForHeaderValue", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3292,11 +3115,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.Protocol = string(dAtA[iNdEx:postIndex])
+ m.XForwardedForHeaderValue = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 9:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field XForwardedForHeaderValue", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field URI", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3324,41 +3147,9 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.XForwardedForHeaderValue = string(dAtA[iNdEx:postIndex])
+ m.URI = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
case 10:
- if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field URI", wireType)
- }
- var stringLen uint64
- for shift := uint(0); ; shift += 7 {
- if shift >= 64 {
- return ErrIntOverflowEvent
- }
- if iNdEx >= l {
- return io.ErrUnexpectedEOF
- }
- b := dAtA[iNdEx]
- iNdEx++
- stringLen |= uint64(b&0x7F) << shift
- if b < 0x80 {
- break
- }
- }
- intStringLen := int(stringLen)
- if intStringLen < 0 {
- return ErrInvalidLengthEvent
- }
- postIndex := iNdEx + intStringLen
- if postIndex < 0 {
- return ErrInvalidLengthEvent
- }
- if postIndex > l {
- return io.ErrUnexpectedEOF
- }
- m.URI = string(dAtA[iNdEx:postIndex])
- iNdEx = postIndex
- case 11:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Request", wireType)
}
@@ -3390,7 +3181,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.Request = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 12:
+ case 11:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field IsTruncated", wireType)
}
@@ -3422,7 +3213,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.IsTruncated = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 13:
+ case 12:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field RequestStatus", wireType)
}
@@ -3454,7 +3245,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.RequestStatus = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 14:
+ case 13:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ResponseCode", wireType)
}
@@ -3486,105 +3277,9 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.ResponseCode = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 15:
- if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field GeoIP", wireType)
- }
- var stringLen uint64
- for shift := uint(0); ; shift += 7 {
- if shift >= 64 {
- return ErrIntOverflowEvent
- }
- if iNdEx >= l {
- return io.ErrUnexpectedEOF
- }
- b := dAtA[iNdEx]
- iNdEx++
- stringLen |= uint64(b&0x7F) << shift
- if b < 0x80 {
- break
- }
- }
- intStringLen := int(stringLen)
- if intStringLen < 0 {
- return ErrInvalidLengthEvent
- }
- postIndex := iNdEx + intStringLen
- if postIndex < 0 {
- return ErrInvalidLengthEvent
- }
- if postIndex > l {
- return io.ErrUnexpectedEOF
- }
- m.GeoIP = string(dAtA[iNdEx:postIndex])
- iNdEx = postIndex
- case 16:
- if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field Host", wireType)
- }
- var stringLen uint64
- for shift := uint(0); ; shift += 7 {
- if shift >= 64 {
- return ErrIntOverflowEvent
- }
- if iNdEx >= l {
- return io.ErrUnexpectedEOF
- }
- b := dAtA[iNdEx]
- iNdEx++
- stringLen |= uint64(b&0x7F) << shift
- if b < 0x80 {
- break
- }
- }
- intStringLen := int(stringLen)
- if intStringLen < 0 {
- return ErrInvalidLengthEvent
- }
- postIndex := iNdEx + intStringLen
- if postIndex < 0 {
- return ErrInvalidLengthEvent
- }
- if postIndex > l {
- return io.ErrUnexpectedEOF
- }
- m.Host = string(dAtA[iNdEx:postIndex])
- iNdEx = postIndex
- case 17:
- if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field UnitHostname", wireType)
- }
- var stringLen uint64
- for shift := uint(0); ; shift += 7 {
- if shift >= 64 {
- return ErrIntOverflowEvent
- }
- if iNdEx >= l {
- return io.ErrUnexpectedEOF
- }
- b := dAtA[iNdEx]
- iNdEx++
- stringLen |= uint64(b&0x7F) << shift
- if b < 0x80 {
- break
- }
- }
- intStringLen := int(stringLen)
- if intStringLen < 0 {
- return ErrInvalidLengthEvent
- }
- postIndex := iNdEx + intStringLen
- if postIndex < 0 {
- return ErrInvalidLengthEvent
- }
- if postIndex > l {
- return io.ErrUnexpectedEOF
- }
- m.UnitHostname = string(dAtA[iNdEx:postIndex])
- iNdEx = postIndex
- case 18:
+ case 14:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field SourceHost", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field ServerAddr", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3612,9 +3307,9 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.SourceHost = string(dAtA[iNdEx:postIndex])
+ m.ServerAddr = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 19:
+ case 15:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field VSName", wireType)
}
@@ -3646,9 +3341,9 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.VSName = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 20:
+ case 16:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field IPClient", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field RemoteAddr", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3676,11 +3371,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.IPClient = string(dAtA[iNdEx:postIndex])
+ m.RemoteAddr = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 21:
+ case 17:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field DestinationPort", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field RemotePort", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3708,11 +3403,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.DestinationPort = string(dAtA[iNdEx:postIndex])
+ m.RemotePort = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 22:
+ case 18:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field SourcePort", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field ServerPort", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -3740,9 +3435,9 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.SourcePort = string(dAtA[iNdEx:postIndex])
+ m.ServerPort = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 23:
+ case 19:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Violations", wireType)
}
@@ -3774,7 +3469,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.Violations = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 24:
+ case 20:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field SubViolations", wireType)
}
@@ -3806,7 +3501,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.SubViolations = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 25:
+ case 21:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ViolationRating", wireType)
}
@@ -3838,71 +3533,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.ViolationRating = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 26:
- if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field SigID", wireType)
- }
- var stringLen uint64
- for shift := uint(0); ; shift += 7 {
- if shift >= 64 {
- return ErrIntOverflowEvent
- }
- if iNdEx >= l {
- return io.ErrUnexpectedEOF
- }
- b := dAtA[iNdEx]
- iNdEx++
- stringLen |= uint64(b&0x7F) << shift
- if b < 0x80 {
- break
- }
- }
- intStringLen := int(stringLen)
- if intStringLen < 0 {
- return ErrInvalidLengthEvent
- }
- postIndex := iNdEx + intStringLen
- if postIndex < 0 {
- return ErrInvalidLengthEvent
- }
- if postIndex > l {
- return io.ErrUnexpectedEOF
- }
- m.SigID = string(dAtA[iNdEx:postIndex])
- iNdEx = postIndex
- case 27:
- if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field SigNames", wireType)
- }
- var stringLen uint64
- for shift := uint(0); ; shift += 7 {
- if shift >= 64 {
- return ErrIntOverflowEvent
- }
- if iNdEx >= l {
- return io.ErrUnexpectedEOF
- }
- b := dAtA[iNdEx]
- iNdEx++
- stringLen |= uint64(b&0x7F) << shift
- if b < 0x80 {
- break
- }
- }
- intStringLen := int(stringLen)
- if intStringLen < 0 {
- return ErrInvalidLengthEvent
- }
- postIndex := iNdEx + intStringLen
- if postIndex < 0 {
- return ErrInvalidLengthEvent
- }
- if postIndex > l {
- return io.ErrUnexpectedEOF
- }
- m.SigNames = string(dAtA[iNdEx:postIndex])
- iNdEx = postIndex
- case 28:
+ case 22:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field SigSetNames", wireType)
}
@@ -3934,7 +3565,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.SigSetNames = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 29:
+ case 23:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field SigCVEs", wireType)
}
@@ -3966,7 +3597,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.SigCVEs = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 30:
+ case 24:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ClientClass", wireType)
}
@@ -3998,7 +3629,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.ClientClass = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 31:
+ case 25:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ClientApplication", wireType)
}
@@ -4030,7 +3661,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.ClientApplication = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 32:
+ case 26:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ClientApplicationVersion", wireType)
}
@@ -4062,7 +3693,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.ClientApplicationVersion = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 33:
+ case 27:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field Severity", wireType)
}
@@ -4094,71 +3725,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.Severity = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 34:
- if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field SeverityLabel", wireType)
- }
- var stringLen uint64
- for shift := uint(0); ; shift += 7 {
- if shift >= 64 {
- return ErrIntOverflowEvent
- }
- if iNdEx >= l {
- return io.ErrUnexpectedEOF
- }
- b := dAtA[iNdEx]
- iNdEx++
- stringLen |= uint64(b&0x7F) << shift
- if b < 0x80 {
- break
- }
- }
- intStringLen := int(stringLen)
- if intStringLen < 0 {
- return ErrInvalidLengthEvent
- }
- postIndex := iNdEx + intStringLen
- if postIndex < 0 {
- return ErrInvalidLengthEvent
- }
- if postIndex > l {
- return io.ErrUnexpectedEOF
- }
- m.SeverityLabel = string(dAtA[iNdEx:postIndex])
- iNdEx = postIndex
- case 35:
- if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field Priority", wireType)
- }
- var stringLen uint64
- for shift := uint(0); ; shift += 7 {
- if shift >= 64 {
- return ErrIntOverflowEvent
- }
- if iNdEx >= l {
- return io.ErrUnexpectedEOF
- }
- b := dAtA[iNdEx]
- iNdEx++
- stringLen |= uint64(b&0x7F) << shift
- if b < 0x80 {
- break
- }
- }
- intStringLen := int(stringLen)
- if intStringLen < 0 {
- return ErrInvalidLengthEvent
- }
- postIndex := iNdEx + intStringLen
- if postIndex < 0 {
- return ErrInvalidLengthEvent
- }
- if postIndex > l {
- return io.ErrUnexpectedEOF
- }
- m.Priority = string(dAtA[iNdEx:postIndex])
- iNdEx = postIndex
- case 36:
+ case 28:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ThreatCampaignNames", wireType)
}
@@ -4190,7 +3757,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.ThreatCampaignNames = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 37:
+ case 29:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field BotAnomalies", wireType)
}
@@ -4222,7 +3789,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.BotAnomalies = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 38:
+ case 30:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field BotCategory", wireType)
}
@@ -4254,7 +3821,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.BotCategory = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 39:
+ case 31:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field EnforcedBotAnomalies", wireType)
}
@@ -4286,7 +3853,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.EnforcedBotAnomalies = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 40:
+ case 32:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field BotSignatureName", wireType)
}
@@ -4318,7 +3885,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.BotSignatureName = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 41:
+ case 33:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ViolationContexts", wireType)
}
@@ -4350,7 +3917,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.ViolationContexts = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 42:
+ case 34:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field ViolationsData", wireType)
}
@@ -4384,7 +3951,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
return err
}
iNdEx = postIndex
- case 43:
+ case 35:
if wireType != 2 {
return fmt.Errorf("proto: wrong wireType = %d for field SystemID", wireType)
}
@@ -4416,9 +3983,9 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
}
m.SystemID = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 44:
+ case 36:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field Hostname", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field InstanceTags", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -4446,11 +4013,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.Hostname = string(dAtA[iNdEx:postIndex])
+ m.InstanceTags = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 45:
+ case 37:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field InstanceTags", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field InstanceGroup", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -4478,11 +4045,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.InstanceTags = string(dAtA[iNdEx:postIndex])
+ m.InstanceGroup = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 46:
+ case 38:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field InstanceGroup", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field DisplayName", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -4510,11 +4077,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.InstanceGroup = string(dAtA[iNdEx:postIndex])
+ m.DisplayName = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 47:
+ case 39:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field DisplayName", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field NginxID", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -4542,11 +4109,11 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.DisplayName = string(dAtA[iNdEx:postIndex])
+ m.NginxID = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
- case 48:
+ case 40:
if wireType != 2 {
- return fmt.Errorf("proto: wrong wireType = %d for field NginxID", wireType)
+ return fmt.Errorf("proto: wrong wireType = %d for field ParentHostname", wireType)
}
var stringLen uint64
for shift := uint(0); ; shift += 7 {
@@ -4574,7 +4141,7 @@ func (m *SecurityViolationEvent) Unmarshal(dAtA []byte) error {
if postIndex > l {
return io.ErrUnexpectedEOF
}
- m.NginxID = string(dAtA[iNdEx:postIndex])
+ m.ParentHostname = string(dAtA[iNdEx:postIndex])
iNdEx = postIndex
default:
iNdEx = preIndex
diff --git a/sdk/proto/events/event.proto b/sdk/proto/events/event.proto
index f866e640a..bbbf8aff9 100644
--- a/sdk/proto/events/event.proto
+++ b/sdk/proto/events/event.proto
@@ -47,67 +47,57 @@ message ActivityEvent {
// SecurityViolationEvent represents a Security Violation that is emitted by the Agent
message SecurityViolationEvent {
- string DateTime = 1 [(gogoproto.jsontag) = "date_time" ];
- string PolicyName = 2 [(gogoproto.jsontag) = "policy_name" ];
- string SupportID = 3 [(gogoproto.jsontag) = "support_id" ];
-
- string Outcome = 4 [(gogoproto.jsontag) = "outcome" ];
- string OutcomeReason = 5 [(gogoproto.jsontag) = "outcome_reason" ];
- string BlockingExceptionReason = 6 [(gogoproto.jsontag) = "blocking_exception_reason" ];
-
- string Method = 7 [(gogoproto.jsontag) = "method" ];
- string Protocol = 8 [(gogoproto.jsontag) = "protocol" ];
- string XForwardedForHeaderValue = 9 [(gogoproto.jsontag) = "xff_header_value" ];
-
- string URI = 10 [(gogoproto.jsontag) = "uri" ];
- string Request = 11 [(gogoproto.jsontag) = "request" ];
- string IsTruncated = 12 [(gogoproto.jsontag) = "is_truncated" ];
- string RequestStatus = 13 [(gogoproto.jsontag) = "request_status" ];
- string ResponseCode = 14 [(gogoproto.jsontag) = "response_code" ];
-
- string GeoIP = 15 [(gogoproto.jsontag) = "geo_ip" ];
- string Host = 16 [(gogoproto.jsontag) = "host" ];
- string UnitHostname = 17 [(gogoproto.jsontag) = "unit_hostname" ];
- string SourceHost = 18 [(gogoproto.jsontag) = "source_host" ];
- string VSName = 19 [(gogoproto.jsontag) = "vs_name" ];
- string IPClient = 20 [(gogoproto.jsontag) = "ip_client" ];
- string DestinationPort = 21 [(gogoproto.jsontag) = "destination_port" ];
- string SourcePort = 22 [(gogoproto.jsontag) = "source_port" ];
-
- string Violations = 23 [(gogoproto.jsontag) = "violations" ];
- string SubViolations = 24 [(gogoproto.jsontag) = "sub_violations" ];
- string ViolationRating = 25 [(gogoproto.jsontag) = "violation_rating" ];
-
- string SigID = 26 [(gogoproto.jsontag) = "sig_id" ];
- string SigNames = 27 [(gogoproto.jsontag) = "sig_names" ];
- string SigSetNames = 28 [(gogoproto.jsontag) = "sig_set_names" ];
- string SigCVEs = 29 [(gogoproto.jsontag) = "sig_cves" ];
-
- string ClientClass = 30 [(gogoproto.jsontag) = "client_class" ];
- string ClientApplication = 31 [(gogoproto.jsontag) = "client_application" ];
- string ClientApplicationVersion = 32 [(gogoproto.jsontag) = "client_application_version" ];
-
- string Severity = 33 [(gogoproto.jsontag) = "severity" ];
- // NOTE: Severity Label might be deprecated if we have no use for it
- string SeverityLabel = 34 [(gogoproto.jsontag) = "severity_label" ];
- string Priority = 35 [(gogoproto.jsontag) = "priority" ];
-
- string ThreatCampaignNames = 36 [(gogoproto.jsontag) = "threat_campaign_names" ];
-
- string BotAnomalies = 37 [(gogoproto.jsontag) = "bot_anomalies" ];
- string BotCategory = 38 [(gogoproto.jsontag) = "bot_category" ];
- string EnforcedBotAnomalies = 39 [(gogoproto.jsontag) = "enforced_bot_anomalies" ];
- string BotSignatureName = 40 [(gogoproto.jsontag) = "bot_signature_name" ];
-
- string ViolationContexts = 41 [(gogoproto.jsontag) = "violation_contexts" ];
- repeated ViolationData ViolationsData = 42 [(gogoproto.jsontag) = "violations_data" ];
-
- string SystemID = 43 [(gogoproto.jsontag) = "system_id" ];
- string Hostname = 44 [(gogoproto.jsontag) = "hostname" ];
- string InstanceTags = 45 [(gogoproto.jsontag) = "instance_tags" ];
- string InstanceGroup = 46 [(gogoproto.jsontag) = "instance_group" ];
- string DisplayName = 47 [(gogoproto.jsontag) = "display_name" ];
- string NginxID = 48 [(gogoproto.jsontag) = "nginx_id" ];
+ string PolicyName = 1 [(gogoproto.jsontag) = "policy_name" ];
+ string SupportID = 2 [(gogoproto.jsontag) = "support_id" ];
+
+ string Outcome = 3 [(gogoproto.jsontag) = "outcome" ];
+ string OutcomeReason = 4 [(gogoproto.jsontag) = "outcome_reason" ];
+ string BlockingExceptionReason = 5 [(gogoproto.jsontag) = "blocking_exception_reason" ];
+
+ string Method = 6 [(gogoproto.jsontag) = "method" ];
+ string Protocol = 7 [(gogoproto.jsontag) = "protocol" ];
+ string XForwardedForHeaderValue = 8 [(gogoproto.jsontag) = "xff_header_value" ];
+
+ string URI = 9 [(gogoproto.jsontag) = "uri" ];
+ string Request = 10 [(gogoproto.jsontag) = "request" ];
+ string IsTruncated = 11 [(gogoproto.jsontag) = "is_truncated" ];
+ string RequestStatus = 12 [(gogoproto.jsontag) = "request_status" ];
+ string ResponseCode = 13 [(gogoproto.jsontag) = "response_code" ];
+
+ string ServerAddr = 14 [(gogoproto.jsontag) = "server_addr" ];
+ string VSName = 15 [(gogoproto.jsontag) = "vs_name" ];
+ string RemoteAddr = 16[(gogoproto.jsontag) = "remote_addr" ];
+ string RemotePort = 17 [(gogoproto.jsontag) = "destination_port" ];
+ string ServerPort = 18 [(gogoproto.jsontag) = "server_port" ];
+
+ string Violations = 19 [(gogoproto.jsontag) = "violations" ];
+ string SubViolations = 20 [(gogoproto.jsontag) = "sub_violations" ];
+ string ViolationRating = 21 [(gogoproto.jsontag) = "violation_rating" ];
+
+ string SigSetNames = 22 [(gogoproto.jsontag) = "sig_set_names" ];
+ string SigCVEs = 23 [(gogoproto.jsontag) = "sig_cves" ];
+
+ string ClientClass = 24 [(gogoproto.jsontag) = "client_class" ];
+ string ClientApplication = 25 [(gogoproto.jsontag) = "client_application" ];
+ string ClientApplicationVersion = 26 [(gogoproto.jsontag) = "client_application_version" ];
+
+ string Severity = 27 [(gogoproto.jsontag) = "severity" ];
+ string ThreatCampaignNames = 28 [(gogoproto.jsontag) = "threat_campaign_names" ];
+
+ string BotAnomalies = 29 [(gogoproto.jsontag) = "bot_anomalies" ];
+ string BotCategory = 30 [(gogoproto.jsontag) = "bot_category" ];
+ string EnforcedBotAnomalies = 31 [(gogoproto.jsontag) = "enforced_bot_anomalies" ];
+ string BotSignatureName = 32 [(gogoproto.jsontag) = "bot_signature_name" ];
+
+ string ViolationContexts = 33 [(gogoproto.jsontag) = "violation_contexts" ];
+ repeated ViolationData ViolationsData = 34 [(gogoproto.jsontag) = "violations_data" ];
+
+ string SystemID = 35 [(gogoproto.jsontag) = "system_id" ];
+ string InstanceTags = 36 [(gogoproto.jsontag) = "instance_tags" ];
+ string InstanceGroup = 37 [(gogoproto.jsontag) = "instance_group" ];
+ string DisplayName = 38 [(gogoproto.jsontag) = "display_name" ];
+ string NginxID = 39 [(gogoproto.jsontag) = "nginx_id" ];
+ string ParentHostname = 40 [(gogoproto.jsontag) = "parent_hostname" ];
}
message SignatureData {
diff --git a/src/extensions/nginx-app-protect/monitoring/collector/nap.go b/src/extensions/nginx-app-protect/monitoring/collector/nap.go
index c11a2e3ab..50daf5aa6 100644
--- a/src/extensions/nginx-app-protect/monitoring/collector/nap.go
+++ b/src/extensions/nginx-app-protect/monitoring/collector/nap.go
@@ -93,7 +93,7 @@ func (nap *NAPCollector) Collect(ctx context.Context, wg *sync.WaitGroup, collec
break
}
- nap.logger.Infof("collected log line succesfully.")
+ nap.logger.Tracef("collected log line succesfully: %v", line)
collect <- &monitoring.RawLog{Origin: monitoring.NAP, Logline: line}
case <-ctx.Done():
nap.logger.Infof("Context cancellation, collector is wrapping up...")
diff --git a/src/extensions/nginx-app-protect/monitoring/manager/manager.go b/src/extensions/nginx-app-protect/monitoring/manager/manager.go
index 8d5f45b54..d4182c9ca 100644
--- a/src/extensions/nginx-app-protect/monitoring/manager/manager.go
+++ b/src/extensions/nginx-app-protect/monitoring/manager/manager.go
@@ -16,7 +16,7 @@ import (
)
const (
- componentName = "security-events-manager"
+ componentName = "nginx-app-protect-monitoring"
defaultCollectorBufferSize = 50000
defaultProcessorBufferSize = 50000
)
diff --git a/src/extensions/nginx-app-protect/monitoring/processor/nap.go b/src/extensions/nginx-app-protect/monitoring/processor/nap.go
index b64287f40..6d824f1ba 100644
--- a/src/extensions/nginx-app-protect/monitoring/processor/nap.go
+++ b/src/extensions/nginx-app-protect/monitoring/processor/nap.go
@@ -16,114 +16,88 @@ import (
)
const (
- napDateTimeLayout = "2006-01-02 15:04:05.000"
- listSeperator = "::"
- parameterCtx = "parameter"
- headerCtx = "header"
- cookieCtx = "cookie"
-)
-
-var (
- logFormatKeys = []string{
- // TODO: Remove `date_time` from syslog format as it is unused (NMS-38119)
- "date_time",
- "blocking_exception_reason",
- "dest_port",
- "ip_client",
- "is_truncated",
- "method",
- "policy_name",
- "protocol",
- "request_status",
- "response_code",
- "severity",
- "sig_cves",
- "sig_ids",
- "sig_names",
- "sig_set_names",
- "src_port",
- "sub_violations",
- "support_id",
- "threat_campaign_names",
- "unit_hostname",
- "uri",
- "violation_rating",
- "vs_name",
- "x_forwarded_for_header_value",
- "outcome",
- "outcome_reason",
- "violations",
- "violation_details",
- "bot_signature_name",
- "bot_category",
- "bot_anomalies",
- "enforced_bot_anomalies",
- "client_class",
- "client_application",
- "client_application_version",
- "transport_protocol",
- }
+ napDateTimeLayout = "2006-01-02 15:04:05.000"
+ listSeperator = "::"
+ parameterCtx = "parameter"
+ headerCtx = "header"
+ cookieCtx = "cookie"
+ defaultBlockedRespCode = "0"
+ defaultBlockedRespValue = "Blocked"
)
+// NGINX App Protect Logging Directives
const (
- // TODO: Identify the usage of the following new keys (NMS-38311)
blockingExceptionReason = "blocking_exception_reason"
protocol = "protocol"
requestStatus = "request_status"
severity = "severity"
sigSetNames = "sig_set_names"
threatCampaignNames = "threat_campaign_names"
- unitHostname = "unit_hostname"
violationDetails = "violation_details"
clientApplication = "client_application"
clientApplicationVersion = "client_application_version"
transportProtocol = "transport_protocol"
- // Older CAS Naming (this needs to be removed)
- // httpRequestMethod = "http_request_method"
- // httpResponseCode = "http_response_code"
- // sigCVEs = "signature_cves"
- // sigIds = "signature_ids"
- // sigNames = "signature_names"
- // httpRemotePort = "http_remote_port"
- // httpURI = "http_uri"
- // httpHostname = "http_hostname"
- // requestOutcome = "request_outcome"
- // requestOutcomeReason = "request_outcome_reason"
- // description = "description"
- // As -> description == "attack_type"
- // httpRemoteAddr = "http_remote_addr"
- // httpServerPort = "http_server_port"
- // isTruncated = "is_truncated_bool"
-
- // Using default values instead of overriden keys per older CAS policy
- httpRequestMethod = "method"
- httpResponseCode = "response_code"
- sigCVEs = "sig_cves"
- sigIds = "sig_ids"
- sigNames = "sig_names"
- httpRemotePort = "src_port"
- httpURI = "uri"
- httpHostname = "vs_name"
- requestOutcome = "outcome"
- requestOutcomeReason = "outcome_reason"
- httpRemoteAddr = "ip_client"
- httpServerPort = "dest_port"
- isTruncated = "is_truncated"
-
- // Existing parsed keys from the log
- dateTime = "date_time"
- policyName = "policy_name"
- request = "request"
- subViolations = "sub_violations"
- supportID = "support_id"
- violations = "violations"
- violationRating = "violation_rating"
- xForwardedForHeaderVal = "x_forwarded_for_header_value"
- botAnomalies = "bot_anomalies"
- botCategory = "bot_category"
- clientClass = "client_class"
- botSignatureName = "bot_signature_name"
- enforcedBotAnomalies = "enforced_bot_anomalies"
+ httpRequestMethod = "method"
+ httpResponseCode = "response_code"
+ sigCVEs = "sig_cves"
+ httpRemotePort = "src_port"
+ httpURI = "uri"
+ httpHostname = "vs_name"
+ requestOutcome = "outcome"
+ requestOutcomeReason = "outcome_reason"
+ httpRemoteAddr = "ip_client"
+ httpServerPort = "dest_port"
+ isTruncated = "is_truncated_bool"
+ policyName = "policy_name"
+ request = "request"
+ subViolations = "sub_violations"
+ supportID = "support_id"
+ violations = "violations"
+ violationRating = "violation_rating"
+ xForwardedForHeaderVal = "x_forwarded_for_header_value"
+ botAnomalies = "bot_anomalies"
+ botCategory = "bot_category"
+ clientClass = "client_class"
+ botSignatureName = "bot_signature_name"
+ enforcedBotAnomalies = "enforced_bot_anomalies"
+)
+
+// NGINX App Protect Log Directives Order Per Config
+var (
+ logFormatKeys = []string{
+ blockingExceptionReason,
+ httpServerPort,
+ httpRemoteAddr,
+ isTruncated,
+ httpRequestMethod,
+ policyName,
+ protocol,
+ requestStatus,
+ httpResponseCode,
+ severity,
+ sigCVEs,
+ sigSetNames,
+ httpRemotePort,
+ subViolations,
+ supportID,
+ threatCampaignNames,
+ httpURI,
+ violationRating,
+ httpHostname,
+ xForwardedForHeaderVal,
+ requestOutcome,
+ requestOutcomeReason,
+ violations,
+ violationDetails,
+ botSignatureName,
+ botCategory,
+ botAnomalies,
+ enforcedBotAnomalies,
+ clientClass,
+ clientApplication,
+ clientApplicationVersion,
+ transportProtocol,
+ }
)
type ParameterData struct {
@@ -209,8 +183,6 @@ type NAPConfig struct {
HTTPResponseCode string
Severity string
SignatureCVEs string
- SignatureIDs string
- SignatureNames string
SigSetNames string
HTTPRemotePort string
SubViolations string
@@ -278,16 +250,13 @@ func (f *NAPConfig) getSecurityViolation(logger *logrus.Entry) *models.SecurityV
IsTruncated: f.IsTruncated,
RequestStatus: f.RequestStatus,
ResponseCode: f.HTTPResponseCode,
- UnitHostname: f.UnitHostname,
VSName: f.HTTPHostname,
- IPClient: f.HTTPRemoteAddr,
- DestinationPort: f.HTTPRemotePort,
- SourcePort: f.HTTPServerPort,
+ RemoteAddr: f.HTTPRemoteAddr,
+ RemotePort: f.HTTPRemotePort,
+ ServerPort: f.HTTPServerPort,
Violations: f.Violations,
SubViolations: f.SubViolations,
ViolationRating: f.ViolationRating,
- SigID: f.SignatureIDs,
- SigNames: f.SignatureNames,
SigSetNames: f.SigSetNames,
SigCVEs: f.SignatureCVEs,
Severity: f.Severity,
@@ -301,16 +270,9 @@ func (f *NAPConfig) getSecurityViolation(logger *logrus.Entry) *models.SecurityV
EnforcedBotAnomalies: f.EnforcedBotAnomalies,
ViolationContexts: f.getViolationContext(),
ViolationsData: f.getViolations(logger),
- // TODO: The following items needs to be fixed before release (NMS-38119)
- DateTime: f.DateTime, // remove, metadata has it
- Outcome: f.RequestOutcome, //rename the proto
- OutcomeReason: f.RequestOutcomeReason, //rename the proto
- URI: f.HTTPURI, // rename to HTTP URI?
- GeoIP: "blah", // to add
- Host: "blah", // to add
- SourceHost: "blah", // remove, this is the same as HTTPRemoteAddr
- SeverityLabel: "blah", // to do
- Priority: "blah", // to do
+ Outcome: f.RequestOutcome,
+ OutcomeReason: f.RequestOutcomeReason,
+ URI: f.HTTPURI,
}
}
@@ -433,8 +395,6 @@ func (f *NAPConfig) getViolations(logger *logrus.Entry) []*models.ViolationData
Name: string(decodedName),
Value: string(decodedValue),
}
- default:
- logger.Warnf("Got an invalid context %v while parsing ViolationDetails for %v", v.Context, f.SupportID)
}
for _, s := range v.SigData {
@@ -469,14 +429,10 @@ func parseNAPDateTime(raw string) (*types.Timestamp, error) {
return types.TimestampProto(t)
}
-// TODO: Assumptions while parsing the NAP Syslog data (NMS-38118)
-// 1. list values do not contain `commas`, rather have `::` as delimiter
-// 2. no json values
-// 3. no other comma exists in the response other than the delimiter comma
func parseNAP(logEntry string, logger *logrus.Entry) (*NAPConfig, error) {
- var waf NAPConfig
+ logger.Tracef("Parsing log entry: %s", logEntry)
- logger.Debugf("Got log entry: %s", logEntry)
+ var waf NAPConfig
values := strings.Split(logEntry, ",")
@@ -487,7 +443,7 @@ func parseNAP(logEntry string, logger *logrus.Entry) (*NAPConfig, error) {
}
}
- err := setValue(&waf, "request", strings.Join(values[len(logFormatKeys):], ","), logger)
+ err := setValue(&waf, request, strings.Join(values[len(logFormatKeys):], ","), logger)
if err != nil {
return &NAPConfig{}, err
}
@@ -509,15 +465,15 @@ func setValue(napConfig *NAPConfig, key, value string, logger *logrus.Entry) err
napConfig.SigSetNames = replaceEncodedList(value, listSeperator)
case threatCampaignNames:
napConfig.ThreatCampaignNames = value
- case unitHostname:
- napConfig.UnitHostname = value
case violationDetails:
napConfig.ViolationDetailsXML = func(data string) *BADMSG {
var xmlData BADMSG
- err := xml.Unmarshal([]byte(data), &xmlData)
- if err != nil {
- logger.Errorf("failed to parse XML message: %v", err)
- return nil
+ if data != "" {
+ err := xml.Unmarshal([]byte(data), &xmlData)
+ if err != nil {
+ logger.Errorf("failed to parse XML message: %v", err)
+ return nil
+ }
}
return &xmlData
}(value)
@@ -527,8 +483,6 @@ func setValue(napConfig *NAPConfig, key, value string, logger *logrus.Entry) err
napConfig.ClientApplicationVersion = value
case transportProtocol:
napConfig.TransportProtocol = value
- case dateTime:
- napConfig.DateTime = value
case httpHostname:
napConfig.HTTPHostname = value
case httpRemoteAddr:
@@ -539,6 +493,9 @@ func setValue(napConfig *NAPConfig, key, value string, logger *logrus.Entry) err
napConfig.HTTPRequestMethod = value
case httpResponseCode:
napConfig.HTTPResponseCode = value
+ if value == defaultBlockedRespCode {
+ napConfig.HTTPResponseCode = defaultBlockedRespValue
+ }
case httpServerPort:
napConfig.HTTPServerPort = value
case httpURI:
@@ -555,10 +512,6 @@ func setValue(napConfig *NAPConfig, key, value string, logger *logrus.Entry) err
napConfig.RequestOutcomeReason = value
case sigCVEs:
napConfig.SignatureCVEs = replaceEncodedList(value, listSeperator)
- case sigIds:
- napConfig.SignatureIDs = replaceEncodedList(value, listSeperator)
- case sigNames:
- napConfig.SignatureNames = replaceEncodedList(value, listSeperator)
case subViolations:
napConfig.SubViolations = value
case supportID:
diff --git a/src/extensions/nginx-app-protect/monitoring/processor/processor.go b/src/extensions/nginx-app-protect/monitoring/processor/processor.go
index 6c96a042c..387a1c4f5 100644
--- a/src/extensions/nginx-app-protect/monitoring/processor/processor.go
+++ b/src/extensions/nginx-app-protect/monitoring/processor/processor.go
@@ -2,7 +2,6 @@ package processor
import (
"context"
- "errors"
"fmt"
"regexp"
"sync"
@@ -24,7 +23,6 @@ var (
componentLogFields = logrus.Fields{
"component": componentName,
}
- errFalsePositive = errors.New("false positive event detected, will not generate event")
)
// Eventer is the interface implemented to generate an Event from a log entry.
@@ -89,31 +87,30 @@ func (c *Client) processorWorker(ctx context.Context, wg *sync.WaitGroup, id int
var event *pb.Event
event, err = e.GetEvent(c.hostPattern, c.logger)
if err != nil {
- if errors.Is(err, errFalsePositive) {
- c.logger.Debugf("%d: Event %s generated: %s", id, logline.Logline, err)
- } else {
- c.logger.Errorf("%d: Error while generating event %s: %s", id, logline.Logline, err)
- }
+ c.logger.Errorf("%d: Error while generating event %s: %s", id, logline.Logline, err)
break
}
if event.GetSecurityViolationEvent() == nil {
- c.logger.Errorf("event expected as SecurityViolationEvent from nap monitor processing")
+ c.logger.Errorf("expected SecurityViolationEvent, got %v, skipping sending", event)
break
}
event.GetSecurityViolationEvent().SystemID = c.commonDims.SystemId
- event.GetSecurityViolationEvent().Hostname = c.commonDims.Hostname
+ event.GetSecurityViolationEvent().ParentHostname = c.commonDims.Hostname
+ // Note: Currently using the Hostname of the machine as the Server Address as well, we may
+ // change this to the Host present in Request Header
+ event.GetSecurityViolationEvent().ServerAddr = c.commonDims.Hostname
event.GetSecurityViolationEvent().InstanceTags = c.commonDims.InstanceTags
event.GetSecurityViolationEvent().InstanceGroup = c.commonDims.InstanceGroup
event.GetSecurityViolationEvent().DisplayName = c.commonDims.DisplayName
event.GetSecurityViolationEvent().NginxID = c.commonDims.NginxId
- c.logger.Debugf("%d: Generated Event: %s", id, event)
+ c.logger.Debugf("worker %d: generated SecurityViolationEvent: %v", id, event)
processed <- event
case <-ctx.Done():
- c.logger.Debugf("%d: Context cancellation, processor is wrapping up...", id)
+ c.logger.Debugf("worker %d: Context cancellation, processor is wrapping up...", id)
return
}
}
@@ -138,7 +135,7 @@ func (c *Client) parse(waf monitoring.WAFType, logentry string) (Eventer, error)
case monitoring.NAP:
return parseNAP(logentry, c.logger)
default:
- err := fmt.Errorf("could not parse logentry, invalid WAF type: %s", waf)
+ err := fmt.Errorf("could not parse log entry, invalid WAF type: %s", waf)
c.logger.Error(err)
return nil, err
}
diff --git a/src/extensions/nginx-app-protect/monitoring/processor/processor_test.go b/src/extensions/nginx-app-protect/monitoring/processor/processor_test.go
index aa9a372fa..74f87e85b 100644
--- a/src/extensions/nginx-app-protect/monitoring/processor/processor_test.go
+++ b/src/extensions/nginx-app-protect/monitoring/processor/processor_test.go
@@ -31,52 +31,37 @@ func TestNAPProcess(t *testing.T) {
testName: "PassedEvent",
testFile: "./testdata/expanded_nap_waf.log.txt",
expected: nil,
- // Event will not be generated because violationRating = 0, so it will be ignored as a low-risk event.
- isNegative: false,
},
-
// XML Parsing
{
testName: "violation name parsing",
testFile: "./testdata/xml_violation_name.log.txt",
expected: nil,
- // Event will not be generated because violationRating = 0, so it will be ignored as a low-risk event.
- isNegative: false,
},
{
testName: "parameter data parsing",
testFile: "./testdata/xml_parameter_data.log.txt",
expected: nil,
- // Event will not be generated because violationRating = 0, so it will be ignored as a low-risk event.
- isNegative: false,
},
{
testName: "parameter data parsing with empty context key",
testFile: "./testdata/xml_parameter_data_empty_context.log.txt",
expected: nil,
- // Event will not be generated because violationRating = 0, so it will be ignored as a low-risk event.
- isNegative: false,
},
{
testName: "parameter data parsing as param_data",
testFile: "./testdata/xml_parameter_data_as_param_data.log.txt",
expected: nil,
- // Event will not be generated because violationRating = 0, so it will be ignored as a low-risk event.
- isNegative: false,
},
{
testName: "header data parsing",
testFile: "./testdata/xml_header_data.log.txt",
expected: nil,
- // Event will not be generated because violationRating = 0, so it will be ignored as a low-risk event.
- isNegative: false,
},
{
testName: "signature data parsing",
testFile: "./testdata/xml_signature_data.log.txt",
expected: nil,
- // Event will not be generated because violationRating = 0, so it will be ignored as a low-risk event.
- isNegative: false,
},
}
diff --git a/src/extensions/nginx-app-protect/monitoring/processor/testdata/expanded_nap_waf.log.txt b/src/extensions/nginx-app-protect/monitoring/processor/testdata/expanded_nap_waf.log.txt
index f6a9569b9..d2d9b3a78 100644
--- a/src/extensions/nginx-app-protect/monitoring/processor/testdata/expanded_nap_waf.log.txt
+++ b/src/extensions/nginx-app-protect/monitoring/processor/testdata/expanded_nap_waf.log.txt
@@ -1 +1 @@
-2022-04-19 17:12:31,N/A,80,127.0.0.1,,GET,app_protect_default_policy,HTTP,blocked,0,Critical,::,200001475::200000098,XSS script tag end (Parameter) (2)::XSS script tag (Parameter),{Cross Site Scripting Signatures;High Accuracy Signatures}::{Cross Site Scripting Signatures;High Accuracy Signatures},61478,HTTP protocol compliance failed:Host header contains IP address,4355056874564592513,N/A,unit-hostname,/,5,1-localhost:1-/,N/A,REJECTED,SECURITY_WAF_VIOLATION,HTTP protocol compliance failed::Illegal meta character in value::Attack signature detected::Violation Rating Threat detected::Bot Client Detected,410000000200c00-3a03030c30000072-8000000000000000-0477f0ffcbbd0fea-befbf35cb000007e-8000000000000000-00-20-0-00-0-0-042VIOL_ATTACK_SIGNATUREparameterglobalYQ==alpha-numericPHNjcmlwdD4=query*002000014753YT08c2NyaXB0Pg==372000000983YT08c2NyaXB0Pg==2714VIOL_HTTP_PROTOCOL20482048SG9zdCBoZWFkZXIgd2l0aCBJUCB2YWx1ZTogMTAuMTQ2LjE3OS4xMTk=24VIOL_PARAMETER_VALUE_METACHARglobalYQ==alpha-numericPHNjcmlwdD4=query*046062,curl,HTTP Library,N/A,N/A,Untrusted Bot,N/A,N/A,GET /?a=