// Send a vulnerability event to MozDef
func sendVulnerability(item gozdef.VulnEvent) (err error) {
ac := gozdef.ApiConf{Url: conf.MozDef.URL}
pub, err := gozdef.InitApi(ac)
if err != nil {
return
}
err = pub.Send(item)
return
}
func sendAlert(d genericAlert) (err error) {
defer func() {
if e := recover(); e != nil {
err = fmt.Errorf("sendAlert() -> %v", e)
}
}()
hname, err := os.Hostname()
if err != nil {
panic(err)
}
ac := gozdef.ApiConf{Url: cfg.MozDef.MozDefURL}
pub, err := gozdef.InitApi(ac)
if err != nil {
panic(err)
}
newev := gozdef.Event{}
newev.Notice()
newev.Timestamp = time.Now().UTC()
newev.Category = "geomodelnotice"
newev.ProcessName = os.Args[0]
newev.ProcessID = float64(os.Getpid())
newev.Hostname = hname
newev.Source = "geomodel"
newev.Tags = append(newev.Tags, "geomodel")
newev.Details = d
newev.Summary, err = d.makeSummary()
if err != nil {
panic(err)
}
err = pub.Send(newev)
if err != nil {
panic(err)
}
return nil
}
// Send a compliance item to MozDef
func sendItem(item gozdef.ComplianceItem) (err error) {
ev, err := gozdef.NewEvent()
if err != nil {
return
}
ev.Category = "complianceitems"
ev.Source = "mig"
cverb := "fails"
if item.Compliance {
cverb = "passes"
}
ev.Summary = fmt.Sprintf("%s %s compliance with %s", item.Target, cverb, item.Check.Ref)
ev.Tags = append(ev.Tags, "mig")
ev.Tags = append(ev.Tags, "compliance")
ev.Info()
ev.Details = item
ac := gozdef.ApiConf{Url: conf.MozDef.URL}
pub, err := gozdef.InitApi(ac)
if err != nil {
return
}
err = pub.Send(ev)
return
}