github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/collector/default.go (about) 1 package collector 2 3 import ( 4 "encoding/binary" 5 6 "github.com/cespare/xxhash" 7 "go.aporeto.io/underwater/core/policy/services" 8 ) 9 10 // DefaultCollector implements a default collector infrastructure to syslog 11 type DefaultCollector struct{} 12 13 // NewDefaultCollector returns a default implementation of an EventCollector 14 func NewDefaultCollector() EventCollector { 15 return &DefaultCollector{} 16 } 17 18 // CollectFlowEvent is part of the EventCollector interface. 19 func (d *DefaultCollector) CollectFlowEvent(record *FlowRecord) {} 20 21 // CollectContainerEvent is part of the EventCollector interface. 22 func (d *DefaultCollector) CollectContainerEvent(record *ContainerRecord) {} 23 24 // CollectUserEvent is part of the EventCollector interface. 25 func (d *DefaultCollector) CollectUserEvent(record *UserRecord) {} 26 27 // CollectTraceEvent collects iptables trace events 28 func (d *DefaultCollector) CollectTraceEvent(records []string) {} 29 30 // CollectPacketEvent collects packet events from the datapath 31 func (d *DefaultCollector) CollectPacketEvent(report *PacketReport) {} 32 33 // CollectCounterEvent collect counters from the datapath 34 func (d *DefaultCollector) CollectCounterEvent(report *CounterReport) {} 35 36 // CollectDNSRequests collect counters from the datapath 37 func (d *DefaultCollector) CollectDNSRequests(report *DNSRequestReport) {} 38 39 // CollectPingEvent collects ping events from the datapath 40 func (d *DefaultCollector) CollectPingEvent(report *PingReport) {} 41 42 // CollectConnectionExceptionReport collects the connection exception report 43 func (d *DefaultCollector) CollectConnectionExceptionReport(report *ConnectionExceptionReport) {} 44 45 // StatsFlowHash is a hash function to hash flows. Ignores source ports. Returns two hashes 46 // flowhash - minimal with SIP/DIP/Dport 47 // contenthash - hash with all contents to compare quickly and report when changes are observed 48 func StatsFlowHash(r *FlowRecord) (flowhash, contenthash uint64) { 49 50 hash := xxhash.New() 51 hash.Write([]byte(r.Source.ID)) // nolint errcheck 52 hash.Write([]byte(r.Destination.ID)) // nolint errcheck 53 hash.Write([]byte(r.Destination.URI)) // nolint errcheck 54 hash.Write([]byte(r.Source.IP)) // nolint errcheck 55 hash.Write([]byte(r.Destination.IP)) // nolint errcheck 56 port := make([]byte, 2) 57 binary.BigEndian.PutUint16(port, r.Destination.Port) 58 hash.Write(port) // nolint errcheck 59 flowhash = hash.Sum64() 60 61 hash.Write([]byte(r.Action.String())) // nolint errcheck 62 hash.Write([]byte(r.ObservedAction.String())) // nolint errcheck 63 hash.Write([]byte(r.DropReason)) // nolint errcheck 64 hash.Write([]byte(r.PolicyID)) // nolint errcheck 65 return flowhash, hash.Sum64() 66 } 67 68 // StatsFlowContentHash is a hash function to hash flows. Ignores source ports. Returns 69 // contenthash - hash with all contents to compare quickly and report when changes are observed 70 func StatsFlowContentHash(r *FlowRecord) (contenthash uint64) { 71 72 _, contenthash = StatsFlowHash(r) 73 return contenthash 74 } 75 76 // StatsUserHash is a hash function to hash user records. 77 func StatsUserHash(r *UserRecord) error { 78 hash, err := services.HashClaims(r.Claims, r.Namespace) 79 if err != nil { 80 return err 81 } 82 r.ID = hash 83 return nil 84 } 85 86 // ConnectionExceptionReportHash is a hash function to hash connection exception reports. 87 func ConnectionExceptionReportHash(r *ConnectionExceptionReport) uint64 { 88 89 hash := xxhash.New() 90 hash.Write([]byte(r.PUID)) // nolint errcheck 91 hash.Write([]byte(r.SourceIP)) // nolint errcheck 92 hash.Write([]byte(r.DestinationIP)) // nolint errcheck 93 hash.Write([]byte(r.Reason)) // nolint errcheck 94 hash.Write([]byte(r.State)) // nolint errcheck 95 port := make([]byte, 2) 96 binary.BigEndian.PutUint16(port, r.DestinationPort) 97 hash.Write(port) // nolint errcheck 98 99 return hash.Sum64() 100 }