MCPcopy
hub / github.com/crowdsecurity/crowdsec / detectStaticField

Function detectStaticField

cmd/crowdsec-cli/clilapi/context.go:284–315  ·  view source on GitHub ↗
(grokStatics []parser.Static)

Source from the content-addressed store, hash-verified

282}
283
284func detectStaticField(grokStatics []parser.Static) []string {
285 ret := make([]string, 0)
286
287 for _, static := range grokStatics {
288 if static.Parsed != "" {
289 fieldName := "evt.Parsed." + static.Parsed
290 if !slices.Contains(ret, fieldName) {
291 ret = append(ret, fieldName)
292 }
293 }
294
295 if static.Meta != "" {
296 fieldName := "evt.Meta." + static.Meta
297 if !slices.Contains(ret, fieldName) {
298 ret = append(ret, fieldName)
299 }
300 }
301
302 if static.TargetByName != "" {
303 fieldName := static.TargetByName
304 if !strings.HasPrefix(fieldName, "evt.") {
305 fieldName = "evt." + fieldName
306 }
307
308 if !slices.Contains(ret, fieldName) {
309 ret = append(ret, fieldName)
310 }
311 }
312 }
313
314 return ret
315}
316
317func detectNode(node parser.Node, parserCTX parser.UnixParserCtx) []string {
318 ret := make([]string, 0)

Callers 2

detectNodeFunction · 0.85
detectSubNodeFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…