├── .github └── workflows │ └── go.yml ├── .gitignore ├── CHANGELOG.md ├── LICENSE ├── README.md ├── cmd └── fever │ ├── cmds │ ├── alertify.go │ ├── alertify_test.go │ ├── bloom.go │ ├── makeman.go │ ├── root.go │ ├── run.go │ ├── testdata │ │ └── alertify_input.json │ └── version.go │ └── main.go ├── db ├── slurper.go ├── slurper_dummy.go ├── slurper_ejdb.go ├── slurper_mongodb.go ├── slurper_postgres.go ├── slurper_postgres_test.go └── sql.go ├── doc ├── database.md └── flow-agg.md ├── fever.service ├── fever.yaml ├── go.mod ├── go.sum ├── input ├── input.go ├── input_redis.go ├── input_redis_test.go ├── input_socket.go ├── input_socket_test.go └── input_stdin.go ├── mgmt ├── endpointconfig.go ├── mgmt.pb.go ├── mgmt.proto ├── mgmtserver.go ├── server.go ├── server_test.go └── state.go ├── processing ├── bloom_handler.go ├── bloom_handler_test.go ├── context_collector.go ├── context_collector_test.go ├── context_shipper_amqp.go ├── context_shipper_amqp_test.go ├── dns_aggregator.go ├── dns_aggregator_test.go ├── event_profiler.go ├── flow_aggregator.go ├── flow_aggregator_test.go ├── flow_extractor.go ├── flow_extractor_test.go ├── flow_notifier.go ├── flow_profiler.go ├── flow_profiler_test.go ├── forward_handler.go ├── forward_handler_test.go ├── handler.go ├── handler_dispatcher.go ├── handler_dispatcher_test.go ├── heartbeat_injector.go ├── heartbeat_injector_test.go ├── ip_handler.go ├── ip_handler_test.go ├── multi_forward.go ├── pdns_collector.go ├── rdns_handler.go ├── rdns_handler_test.go ├── unicorn_aggregator.go ├── unicorn_aggregator_test.go └── void_handler.go ├── protoc.sh ├── protomgmtc.sh ├── scripts └── makelpush ├── thirdparty └── google │ └── protobuf │ ├── empty.proto │ └── timestamp.proto ├── types ├── entry.go ├── eve.go ├── eve_test.go ├── flow_event.go └── flow_event_test.go └── util ├── add_fields_preprocess.go ├── add_fields_preprocess_test.go ├── alertifier.go ├── alertifier_providers.go ├── alertifier_test.go ├── consumer.go ├── hostnamer.go ├── hostnamer_rdns.go ├── hostnamer_rdns_test.go ├── performance_stats_encoder.go ├── performance_stats_encoder_test.go ├── submitter.go ├── submitter_amqp.go ├── submitter_dummy.go ├── submitter_test.go ├── testdata ├── jsonparse_eve.json ├── jsonparse_eve_broken1.json ├── jsonparse_eve_empty.json └── jsonparse_eve_nulls.json ├── util.go └── util_test.go /.github/workflows/go.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/.github/workflows/go.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/.gitignore -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/CHANGELOG.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/README.md -------------------------------------------------------------------------------- /cmd/fever/cmds/alertify.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/cmds/alertify.go -------------------------------------------------------------------------------- /cmd/fever/cmds/alertify_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/cmds/alertify_test.go -------------------------------------------------------------------------------- /cmd/fever/cmds/bloom.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/cmds/bloom.go -------------------------------------------------------------------------------- /cmd/fever/cmds/makeman.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/cmds/makeman.go -------------------------------------------------------------------------------- /cmd/fever/cmds/root.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/cmds/root.go -------------------------------------------------------------------------------- /cmd/fever/cmds/run.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/cmds/run.go -------------------------------------------------------------------------------- /cmd/fever/cmds/testdata/alertify_input.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/cmds/testdata/alertify_input.json -------------------------------------------------------------------------------- /cmd/fever/cmds/version.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/cmds/version.go -------------------------------------------------------------------------------- /cmd/fever/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/cmd/fever/main.go -------------------------------------------------------------------------------- /db/slurper.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/db/slurper.go -------------------------------------------------------------------------------- /db/slurper_dummy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/db/slurper_dummy.go -------------------------------------------------------------------------------- /db/slurper_ejdb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/db/slurper_ejdb.go -------------------------------------------------------------------------------- /db/slurper_mongodb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/db/slurper_mongodb.go -------------------------------------------------------------------------------- /db/slurper_postgres.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/db/slurper_postgres.go -------------------------------------------------------------------------------- /db/slurper_postgres_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/db/slurper_postgres_test.go -------------------------------------------------------------------------------- /db/sql.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/db/sql.go -------------------------------------------------------------------------------- /doc/database.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/doc/database.md -------------------------------------------------------------------------------- /doc/flow-agg.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/doc/flow-agg.md -------------------------------------------------------------------------------- /fever.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/fever.service -------------------------------------------------------------------------------- /fever.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/fever.yaml -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/go.sum -------------------------------------------------------------------------------- /input/input.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/input/input.go -------------------------------------------------------------------------------- /input/input_redis.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/input/input_redis.go -------------------------------------------------------------------------------- /input/input_redis_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/input/input_redis_test.go -------------------------------------------------------------------------------- /input/input_socket.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/input/input_socket.go -------------------------------------------------------------------------------- /input/input_socket_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/input/input_socket_test.go -------------------------------------------------------------------------------- /input/input_stdin.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/input/input_stdin.go -------------------------------------------------------------------------------- /mgmt/endpointconfig.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/mgmt/endpointconfig.go -------------------------------------------------------------------------------- /mgmt/mgmt.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/mgmt/mgmt.pb.go -------------------------------------------------------------------------------- /mgmt/mgmt.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/mgmt/mgmt.proto -------------------------------------------------------------------------------- /mgmt/mgmtserver.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/mgmt/mgmtserver.go -------------------------------------------------------------------------------- /mgmt/server.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/mgmt/server.go -------------------------------------------------------------------------------- /mgmt/server_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/mgmt/server_test.go -------------------------------------------------------------------------------- /mgmt/state.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/mgmt/state.go -------------------------------------------------------------------------------- /processing/bloom_handler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/bloom_handler.go -------------------------------------------------------------------------------- /processing/bloom_handler_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/bloom_handler_test.go -------------------------------------------------------------------------------- /processing/context_collector.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/context_collector.go -------------------------------------------------------------------------------- /processing/context_collector_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/context_collector_test.go -------------------------------------------------------------------------------- /processing/context_shipper_amqp.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/context_shipper_amqp.go -------------------------------------------------------------------------------- /processing/context_shipper_amqp_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/context_shipper_amqp_test.go -------------------------------------------------------------------------------- /processing/dns_aggregator.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/dns_aggregator.go -------------------------------------------------------------------------------- /processing/dns_aggregator_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/dns_aggregator_test.go -------------------------------------------------------------------------------- /processing/event_profiler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/event_profiler.go -------------------------------------------------------------------------------- /processing/flow_aggregator.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/flow_aggregator.go -------------------------------------------------------------------------------- /processing/flow_aggregator_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/flow_aggregator_test.go -------------------------------------------------------------------------------- /processing/flow_extractor.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/flow_extractor.go -------------------------------------------------------------------------------- /processing/flow_extractor_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/flow_extractor_test.go -------------------------------------------------------------------------------- /processing/flow_notifier.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/flow_notifier.go -------------------------------------------------------------------------------- /processing/flow_profiler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/flow_profiler.go -------------------------------------------------------------------------------- /processing/flow_profiler_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/flow_profiler_test.go -------------------------------------------------------------------------------- /processing/forward_handler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/forward_handler.go -------------------------------------------------------------------------------- /processing/forward_handler_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/forward_handler_test.go -------------------------------------------------------------------------------- /processing/handler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/handler.go -------------------------------------------------------------------------------- /processing/handler_dispatcher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/handler_dispatcher.go -------------------------------------------------------------------------------- /processing/handler_dispatcher_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/handler_dispatcher_test.go -------------------------------------------------------------------------------- /processing/heartbeat_injector.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/heartbeat_injector.go -------------------------------------------------------------------------------- /processing/heartbeat_injector_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/heartbeat_injector_test.go -------------------------------------------------------------------------------- /processing/ip_handler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/ip_handler.go -------------------------------------------------------------------------------- /processing/ip_handler_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/ip_handler_test.go -------------------------------------------------------------------------------- /processing/multi_forward.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/multi_forward.go -------------------------------------------------------------------------------- /processing/pdns_collector.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/pdns_collector.go -------------------------------------------------------------------------------- /processing/rdns_handler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/rdns_handler.go -------------------------------------------------------------------------------- /processing/rdns_handler_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/rdns_handler_test.go -------------------------------------------------------------------------------- /processing/unicorn_aggregator.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/unicorn_aggregator.go -------------------------------------------------------------------------------- /processing/unicorn_aggregator_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/unicorn_aggregator_test.go -------------------------------------------------------------------------------- /processing/void_handler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/processing/void_handler.go -------------------------------------------------------------------------------- /protoc.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/protoc.sh -------------------------------------------------------------------------------- /protomgmtc.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/protomgmtc.sh -------------------------------------------------------------------------------- /scripts/makelpush: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/scripts/makelpush -------------------------------------------------------------------------------- /thirdparty/google/protobuf/empty.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/thirdparty/google/protobuf/empty.proto -------------------------------------------------------------------------------- /thirdparty/google/protobuf/timestamp.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/thirdparty/google/protobuf/timestamp.proto -------------------------------------------------------------------------------- /types/entry.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/types/entry.go -------------------------------------------------------------------------------- /types/eve.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/types/eve.go -------------------------------------------------------------------------------- /types/eve_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/types/eve_test.go -------------------------------------------------------------------------------- /types/flow_event.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/types/flow_event.go -------------------------------------------------------------------------------- /types/flow_event_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/types/flow_event_test.go -------------------------------------------------------------------------------- /util/add_fields_preprocess.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/add_fields_preprocess.go -------------------------------------------------------------------------------- /util/add_fields_preprocess_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/add_fields_preprocess_test.go -------------------------------------------------------------------------------- /util/alertifier.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/alertifier.go -------------------------------------------------------------------------------- /util/alertifier_providers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/alertifier_providers.go -------------------------------------------------------------------------------- /util/alertifier_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/alertifier_test.go -------------------------------------------------------------------------------- /util/consumer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/consumer.go -------------------------------------------------------------------------------- /util/hostnamer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/hostnamer.go -------------------------------------------------------------------------------- /util/hostnamer_rdns.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/hostnamer_rdns.go -------------------------------------------------------------------------------- /util/hostnamer_rdns_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/hostnamer_rdns_test.go -------------------------------------------------------------------------------- /util/performance_stats_encoder.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/performance_stats_encoder.go -------------------------------------------------------------------------------- /util/performance_stats_encoder_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/performance_stats_encoder_test.go -------------------------------------------------------------------------------- /util/submitter.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/submitter.go -------------------------------------------------------------------------------- /util/submitter_amqp.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/submitter_amqp.go -------------------------------------------------------------------------------- /util/submitter_dummy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/submitter_dummy.go -------------------------------------------------------------------------------- /util/submitter_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/submitter_test.go -------------------------------------------------------------------------------- /util/testdata/jsonparse_eve.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/testdata/jsonparse_eve.json -------------------------------------------------------------------------------- /util/testdata/jsonparse_eve_broken1.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/testdata/jsonparse_eve_broken1.json -------------------------------------------------------------------------------- /util/testdata/jsonparse_eve_empty.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /util/testdata/jsonparse_eve_nulls.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/testdata/jsonparse_eve_nulls.json -------------------------------------------------------------------------------- /util/util.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/util.go -------------------------------------------------------------------------------- /util/util_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/DCSO/fever/HEAD/util/util_test.go --------------------------------------------------------------------------------