Enum usiem::components::dataset::SiemDataset

source · 
#[non_exhaustive]
pub enum SiemDataset {

Show 26 variants    GeoIp(GeoIpSynDataset),
    IpMac(IpMapSynDataset),
    IpDNS(IpMapListSynDataset),
    MacHost(TextMapSynDataset),
    HostUser(TextMapSynDataset),
    BlockIp(IpSetSynDataset),
    BlockDomain(TextSetSynDataset),
    BlockEmailSender(TextSetSynDataset),
    BlockCountry(TextSetSynDataset),
    HostVulnerable(TextMapListSynDataset),
    UserTag(TextMapListSynDataset),
    AssetTag(TextMapListSynDataset),
    IpCloudService(IpNetSynDataset),
    IpCloudProvider(IpNetSynDataset),
    UserHeadquarters(TextMapSynDataset),
    IpHeadquarters(IpNetSynDataset),
    HeadquartersWorkingHours,
    CustomMapIpNet((Cow<'static, str>, IpNetSynDataset)),
    CustomMapText((Cow<'static, str>, TextMapSynDataset)),
    CustomMapTextList((Cow<'static, str>, TextMapListSynDataset)),
    CustomIpList((Cow<'static, str>, IpSetSynDataset)),
    CustomIpMap((Cow<'static, str>, IpMapSynDataset)),
    CustomTextList((Cow<'static, str>, TextSetSynDataset)),
    MantainceCalendar(CalendarSynDataset),
    Configuration(TextMapSynDataset),
    Secrets((Cow<'static, str>, TextMapSynDataset)),

}
Expand description

Common work datasets that allow a rapid development of rules and that the information of some logs allows enriching others. Other datasets like the ones associated with headquarters is controlled by the CMDB

The custom datasets are associated with the name of the dataset

Variants (Non-exhaustive)

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

GeoIp(GeoIpSynDataset)

Map IP to country, city, latitude and longitude

IpMac(IpMapSynDataset)

IP associated with a MAC address

IpDNS(IpMapListSynDataset)

IP associated with a resolved domain

MacHost(TextMapSynDataset)

MAC address associated with a Hostname

HostUser(TextMapSynDataset)

Hostname associated with a username

BlockIp(IpSetSynDataset)

List of IPs in the block list

BlockDomain(TextSetSynDataset)

List of domain in the block list

BlockEmailSender(TextSetSynDataset)

List of email senders in the block list

BlockCountry(TextSetSynDataset)

List of countries in the block list

HostVulnerable(TextMapListSynDataset)

Association of hostname with a vulnerability.

UserTag(TextMapListSynDataset)

Tag each user with roles => user.roles = [vip, admin, extern, guest, director, super_user, local_user]

AssetTag(TextMapListSynDataset)

Tag each host with categories => [web_server, sec_related, critical, ad_related, net_related]

IpCloudService(IpNetSynDataset)

Cloud service => Office 365, G Suit …

IpCloudProvider(IpNetSynDataset)

Cloud Provider => Azure, Google Cloud, AWS

UserHeadquarters(TextMapSynDataset)

User associated with a headquarter

IpHeadquarters(IpNetSynDataset)

IP net associated with a headquarter

HeadquartersWorkingHours

Working hours of each headquarter

CustomMapIpNet((Cow<'static, str>, IpNetSynDataset))

User custom dataset IP_NET => Text

CustomMapText((Cow<'static, str>, TextMapSynDataset))

User custom dataset Text => Text

CustomMapTextList((Cow<'static, str>, TextMapListSynDataset))

User custom dataset Text => Text

CustomIpList((Cow<'static, str>, IpSetSynDataset))

User custom dataset IP list

CustomIpMap((Cow<'static, str>, IpMapSynDataset))

User custom dataset IP list

CustomTextList((Cow<'static, str>, TextSetSynDataset))

User custom dataset Text list

MantainceCalendar(CalendarSynDataset)

Mantaince Calendar

Configuration(TextMapSynDataset)

Configuration of components. Allows modifications of component parameters in real time.

Secrets((Cow<'static, str>, TextMapSynDataset))

Secret store. A component will only be able to access his own secrets.

Implementations

Trait Implementations

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
Formats the value using the given formatter. Read more
This method returns an Ordering between self and other. Read more
Compares and returns the maximum of two values. Read more
Compares and returns the minimum of two values. Read more
Restrict a value to a certain interval. Read more
This method tests for self and other values to be equal, and is used by ==. Read more
This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason. Read more
This method returns an ordering between self and other values if one exists. Read more
This method tests less than (for self and other) and is used by the < operator. Read more
This method tests less than or equal to (for self and other) and is used by the <= operator. Read more
This method tests greater than (for self and other) and is used by the > operator. Read more
This method tests greater than or equal to (for self and other) and is used by the >= operator. Read more
Serialize this value into the given Serde serializer. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more
source

fn __clone_box(&self, _: Private) -> *mut ()

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
Converts the given value to a String. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.