| Package | Description |
|---|---|
| com.mozilla.secops |
General utility classes and transforms for secops-beam
|
| com.mozilla.secops.alert |
Alert generation and output
|
| com.mozilla.secops.amo |
AMO analysis pipeline
|
| com.mozilla.secops.authprofile |
Pipeline for authentication source profiling and alerting
|
| com.mozilla.secops.awsbehavior |
Pipeline for monitoring AWS Cloudtrail events
|
| com.mozilla.secops.customs |
Customs FxA analysis pipeline
|
| com.mozilla.secops.gatekeeper |
Pipeline for AWS Guardduty and GCP ETD analysis
|
| com.mozilla.secops.httprequest |
HTTP request threshold and error rate monitoring
|
| com.mozilla.secops.httprequest.heuristics | |
| com.mozilla.secops.input |
Pipeline input
|
| com.mozilla.secops.parser |
Log parsing, processing, and enrichment
|
| com.mozilla.secops.pioneer |
Pioneer analysis pipeline
|
| com.mozilla.secops.postprocessing |
Pipeline for further processing of and correlation between alerts
|
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| Class and Description |
|---|
| GeoIP
GeoIP resolution
|
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| EventFilterRule
Rule within an event filter
|
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| FxaAuth
Payload parser for FxA authentication server log data
|
| FxaAuth.EventSummary
Event summary is determined based on source event fields
|
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| EventFilter
Event filtering and matching
|
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| EventFilter
Event filtering and matching
|
| ParserCfg
Represents configuration data used to configure an instance of a
Parser |
| Class and Description |
|---|
| AmoDocker.EventType |
| BmoAudit.AuditType |
| Event
Represents a high level event after being processed by a
Parser. |
| EventFilter
Event filtering and matching
|
| EventFilterPayload
Can be associated with
EventFilterRule for payload matching |
| EventFilterPayload.IntegerProperty
Properties match integers from various payload event types
|
| EventFilterPayload.StringProperty
Properties match strings from various payload event types
|
| EventFilterPayloadInterface
Interface representing a payload filter
|
| EventFilterPayloadOr
A special class of payload filter that supports applying OR logic to matching.
|
| EventFilterPayloadRange
Numeric range comparison for use in
EventFilter |
| EventFilterRule
Rule within an event filter
|
| FxaAuth.EventSummary
Event summary is determined based on source event fields
|
| FxaContent.RequestType
Type of server.request.route event based on path
|
| GeoIP.GeoIPData.GeoResolutionMode
The resolution mode for GeoIP attributes.
|
| Mozlog
Mozlog event encapsulation
|
| Normalized
Normalized event data
|
| Normalized.StatusTag
Status tags is used to track processing state, for example if an event needs additional
analysis after the parsing step
|
| Normalized.Type
Normalized event types
|
| Parser.EventTooOldException
Indicates the extracted event timestamp was too old
|
| ParserCfg
Represents configuration data used to configure an instance of a
Parser |
ParserDoFn
DoFn applying simple event parsing operations |
| Payload.PayloadType
Type of payload data stored
|
| PayloadBase
Base class for payloads
|
| PrivateRelay.EventType
Log event type
|
| SourcePayloadBase
Extension of
PayloadBase that unifies source address field handling |
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
| Class and Description |
|---|
| Event
Represents a high level event after being processed by a
Parser. |
Copyright © 2022. All rights reserved.