usiem/components/
command_types.rs1use serde::{Deserialize, Serialize};
2
3use crate::events::ip::SiemIp;
4
5use super::{
6 common::UserRole,
7 mitre::{MitreTactics, MitreTechniques},
8};
9
10#[derive(Serialize, Deserialize, Debug, Clone)]
11pub struct ParserDefinition {
12 pub name: String,
13 pub description: String,
14}
15#[derive(Serialize, Deserialize, Debug, Clone)]
16pub struct TaskDefinition {
17 pub name: String,
18 pub description: String,
19}
20#[derive(Serialize, Deserialize, Debug, Clone)]
21pub struct RuleDefinition {
22 pub name: String,
23 pub description: String,
24 pub mitre: (Vec<MitreTactics>, Vec<MitreTechniques>),
25 pub service: String,
26}
27#[derive(Serialize, Deserialize, Debug, Clone)]
28pub struct FilterEmail {
29 pub email: String,
30 pub comment: String,
31}
32
33#[derive(Serialize, Deserialize, Debug, Clone)]
34pub struct FilterDomain {
35 pub domain: String,
36 pub comment: String,
37}
38
39#[derive(Serialize, Deserialize, Debug, Clone)]
40pub struct FilterIp {
41 pub ip: SiemIp,
42 pub comment: String,
43}
44
45#[derive(Serialize, Deserialize, Debug, Clone)]
46pub struct IsolateEndpoint {
47 pub hostname: String,
48 pub comment: String,
49}
50#[derive(Serialize, Deserialize, Debug, Clone)]
51pub struct IsolateIp {
52 pub ip: SiemIp,
53 pub comment: String,
54}
55#[derive(Serialize, Deserialize, Debug, Clone)]
56pub struct UseCaseDefinition {
57 pub name: String,
59 pub description: String,
61 pub case_logic: String,
63 pub limitations: String,
65 pub requirements: (Option<String>, Option<String>, Option<String>),
67 pub rule: String,
69}
70
71#[derive(Serialize, Deserialize, Debug, Clone)]
72#[non_exhaustive]
73pub enum LoginUser {
74 Password(LoginUserPass),
75 ApiKey(String),
76}
77
78#[derive(Serialize, Deserialize, Debug, Clone)]
79pub struct LoginUserPass {
80 pub username: String,
81 pub password: String,
82}
83
84#[derive(Serialize, Deserialize, Debug, Clone)]
85pub struct LoggedOnUser {
86 pub username: String,
87 pub role: UserRole,
88}