├── .gitignore
├── Dockerfile
├── LICENSE
├── README.md
├── cmd
    └── galah
    │   └── main.go
├── config
    ├── config.yaml
    └── rules.yaml
├── data
    ├── event_log_claude-3-5-sonnet_adversarial.json
    ├── event_log_claude-3-5-sonnet_rep1.json
    ├── event_log_claude-3-5-sonnet_rep2.json
    ├── event_log_claude-3-opus.json
    ├── event_log_claude-3-opus_adversarial.json
    ├── event_log_claude-3-sonnet.json
    ├── event_log_claude-3-sonnet_adversarial.json
    ├── event_log_codegemma-7b-instruct.json
    ├── event_log_codegemma-7b-instruct_adversarial.json
    ├── event_log_codellama-7b-instruct.json
    ├── event_log_codellama-7b-instruct_adversarial.json
    ├── event_log_command-r-plus.json
    ├── event_log_command-r-plus_adversarial.json
    ├── event_log_gemini-1.0-pro.json
    ├── event_log_gemini-1.0-pro_adversarial.json
    ├── event_log_gemini-1.5-flash.json
    ├── event_log_gemini-1.5-flash_adversarial.json
    ├── event_log_gemini-1.5-pro.json
    ├── event_log_gemini-1.5-pro_adversarial.json
    ├── event_log_gemma2_adversarial.json
    ├── event_log_gemma2_rep1.json
    ├── event_log_gemma2_rep2.json
    ├── event_log_gpt-3.5-turbo_adversarial.json
    ├── event_log_gpt-3.5-turbo_rep1.json
    ├── event_log_gpt-3.5-turbo_rep2.json
    ├── event_log_gpt-4-turbo_adversarial.json
    ├── event_log_gpt-4-turbo_rep1.json
    ├── event_log_gpt-4-turbo_rep2.json
    ├── event_log_gpt-4o-mini.json
    ├── event_log_gpt-4o-mini_adversarial.json
    ├── event_log_gpt-4o_adversarial.json
    ├── event_log_gpt-4o_rep1.json
    ├── event_log_gpt-4o_rep2.json
    ├── event_log_llama3_adversarial.json
    ├── event_log_llama3_rep1.json
    ├── event_log_llama3_rep2.json
    ├── event_log_mistral.json
    ├── event_log_mistral_adversarial.json
    ├── event_log_phi3.json
    └── event_log_phi3_adversarial.json
├── deploy
    ├── README.md
    └── galah.yml
├── docs
    ├── EXAMPLES.md
    ├── SURICATA.md
    └── images
    │   ├── galah.png
    │   ├── gemini-1.0-pro-002.png
    │   ├── gemini-1.5-pro-preview-0409 PAN.png
    │   └── suricata-rule-matching.png
├── galah
    ├── service.go
    └── service_test.go
├── go.mod
├── go.sum
├── internal
    ├── app
    │   ├── app.go
    │   └── args.go
    ├── cache
    │   └── cache.go
    ├── config
    │   ├── config.go
    │   ├── config_test.go
    │   └── rules.go
    ├── logger
    │   ├── logger.go
    │   ├── session.go
    │   └── types.go
    └── server
    │   ├── server.go
    │   └── server_test.go
├── pkg
    ├── enrich
    │   ├── enrich.go
    │   └── enrich_test.go
    ├── llm
    │   ├── anthropic.go
    │   ├── cohere.go
    │   ├── googleai.go
    │   ├── llm.go
    │   ├── llm_test.go
    │   ├── ollama.go
    │   ├── openai.go
    │   └── vertex.go
    └── suricata
    │   ├── rules.go
    │   └── rules_test.go
└── templates
    ├── default.json
    └── example-json.json


/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/.gitignore


--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/Dockerfile


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/LICENSE


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/README.md


--------------------------------------------------------------------------------
/cmd/galah/main.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/cmd/galah/main.go


--------------------------------------------------------------------------------
/config/config.yaml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/config/config.yaml


--------------------------------------------------------------------------------
/config/rules.yaml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/config/rules.yaml


--------------------------------------------------------------------------------
/data/event_log_claude-3-5-sonnet_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_claude-3-5-sonnet_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_claude-3-5-sonnet_rep1.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_claude-3-5-sonnet_rep1.json


--------------------------------------------------------------------------------
/data/event_log_claude-3-5-sonnet_rep2.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_claude-3-5-sonnet_rep2.json


--------------------------------------------------------------------------------
/data/event_log_claude-3-opus.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_claude-3-opus.json


--------------------------------------------------------------------------------
/data/event_log_claude-3-opus_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_claude-3-opus_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_claude-3-sonnet.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_claude-3-sonnet.json


--------------------------------------------------------------------------------
/data/event_log_claude-3-sonnet_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_claude-3-sonnet_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_codegemma-7b-instruct.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_codegemma-7b-instruct.json


--------------------------------------------------------------------------------
/data/event_log_codegemma-7b-instruct_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_codegemma-7b-instruct_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_codellama-7b-instruct.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_codellama-7b-instruct.json


--------------------------------------------------------------------------------
/data/event_log_codellama-7b-instruct_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_codellama-7b-instruct_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_command-r-plus.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_command-r-plus.json


--------------------------------------------------------------------------------
/data/event_log_command-r-plus_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_command-r-plus_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gemini-1.0-pro.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemini-1.0-pro.json


--------------------------------------------------------------------------------
/data/event_log_gemini-1.0-pro_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemini-1.0-pro_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gemini-1.5-flash.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemini-1.5-flash.json


--------------------------------------------------------------------------------
/data/event_log_gemini-1.5-flash_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemini-1.5-flash_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gemini-1.5-pro.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemini-1.5-pro.json


--------------------------------------------------------------------------------
/data/event_log_gemini-1.5-pro_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemini-1.5-pro_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gemma2_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemma2_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gemma2_rep1.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemma2_rep1.json


--------------------------------------------------------------------------------
/data/event_log_gemma2_rep2.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gemma2_rep2.json


--------------------------------------------------------------------------------
/data/event_log_gpt-3.5-turbo_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-3.5-turbo_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gpt-3.5-turbo_rep1.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-3.5-turbo_rep1.json


--------------------------------------------------------------------------------
/data/event_log_gpt-3.5-turbo_rep2.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-3.5-turbo_rep2.json


--------------------------------------------------------------------------------
/data/event_log_gpt-4-turbo_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-4-turbo_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gpt-4-turbo_rep1.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-4-turbo_rep1.json


--------------------------------------------------------------------------------
/data/event_log_gpt-4-turbo_rep2.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-4-turbo_rep2.json


--------------------------------------------------------------------------------
/data/event_log_gpt-4o-mini.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-4o-mini.json


--------------------------------------------------------------------------------
/data/event_log_gpt-4o-mini_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-4o-mini_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gpt-4o_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-4o_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_gpt-4o_rep1.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-4o_rep1.json


--------------------------------------------------------------------------------
/data/event_log_gpt-4o_rep2.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_gpt-4o_rep2.json


--------------------------------------------------------------------------------
/data/event_log_llama3_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_llama3_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_llama3_rep1.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_llama3_rep1.json


--------------------------------------------------------------------------------
/data/event_log_llama3_rep2.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_llama3_rep2.json


--------------------------------------------------------------------------------
/data/event_log_mistral.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_mistral.json


--------------------------------------------------------------------------------
/data/event_log_mistral_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_mistral_adversarial.json


--------------------------------------------------------------------------------
/data/event_log_phi3.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_phi3.json


--------------------------------------------------------------------------------
/data/event_log_phi3_adversarial.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/data/event_log_phi3_adversarial.json


--------------------------------------------------------------------------------
/deploy/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/deploy/README.md


--------------------------------------------------------------------------------
/deploy/galah.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/deploy/galah.yml


--------------------------------------------------------------------------------
/docs/EXAMPLES.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/docs/EXAMPLES.md


--------------------------------------------------------------------------------
/docs/SURICATA.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/docs/SURICATA.md


--------------------------------------------------------------------------------
/docs/images/galah.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/docs/images/galah.png


--------------------------------------------------------------------------------
/docs/images/gemini-1.0-pro-002.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/docs/images/gemini-1.0-pro-002.png


--------------------------------------------------------------------------------
/docs/images/gemini-1.5-pro-preview-0409 PAN.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/docs/images/gemini-1.5-pro-preview-0409 PAN.png


--------------------------------------------------------------------------------
/docs/images/suricata-rule-matching.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/docs/images/suricata-rule-matching.png


--------------------------------------------------------------------------------
/galah/service.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/galah/service.go


--------------------------------------------------------------------------------
/galah/service_test.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/galah/service_test.go


--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/go.mod


--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/go.sum


--------------------------------------------------------------------------------
/internal/app/app.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/app/app.go


--------------------------------------------------------------------------------
/internal/app/args.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/app/args.go


--------------------------------------------------------------------------------
/internal/cache/cache.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/cache/cache.go


--------------------------------------------------------------------------------
/internal/config/config.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/config/config.go


--------------------------------------------------------------------------------
/internal/config/config_test.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/config/config_test.go


--------------------------------------------------------------------------------
/internal/config/rules.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/config/rules.go


--------------------------------------------------------------------------------
/internal/logger/logger.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/logger/logger.go


--------------------------------------------------------------------------------
/internal/logger/session.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/logger/session.go


--------------------------------------------------------------------------------
/internal/logger/types.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/logger/types.go


--------------------------------------------------------------------------------
/internal/server/server.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/server/server.go


--------------------------------------------------------------------------------
/internal/server/server_test.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/internal/server/server_test.go


--------------------------------------------------------------------------------
/pkg/enrich/enrich.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/enrich/enrich.go


--------------------------------------------------------------------------------
/pkg/enrich/enrich_test.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/enrich/enrich_test.go


--------------------------------------------------------------------------------
/pkg/llm/anthropic.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/llm/anthropic.go


--------------------------------------------------------------------------------
/pkg/llm/cohere.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/llm/cohere.go


--------------------------------------------------------------------------------
/pkg/llm/googleai.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/llm/googleai.go


--------------------------------------------------------------------------------
/pkg/llm/llm.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/llm/llm.go


--------------------------------------------------------------------------------
/pkg/llm/llm_test.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/llm/llm_test.go


--------------------------------------------------------------------------------
/pkg/llm/ollama.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/llm/ollama.go


--------------------------------------------------------------------------------
/pkg/llm/openai.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/llm/openai.go


--------------------------------------------------------------------------------
/pkg/llm/vertex.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/llm/vertex.go


--------------------------------------------------------------------------------
/pkg/suricata/rules.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/suricata/rules.go


--------------------------------------------------------------------------------
/pkg/suricata/rules_test.go:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/pkg/suricata/rules_test.go


--------------------------------------------------------------------------------
/templates/default.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/templates/default.json


--------------------------------------------------------------------------------
/templates/example-json.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/0x4D31/galah/HEAD/templates/example-json.json


--------------------------------------------------------------------------------