# README
goDB Query API
This package exposes methods to query the data stored in goDB.
Example
To access the data captured by goProbe (stored at the default location) from your own application, you can use the following to get started:
func main() {
// set query output(s) redirection (default is os.Stdout). You can use multiple io.Writers here
ctx := context.Background()
outputs := os.Stderr
args := query.NewArgs("sip,dip", "eth0",
query.WithSortAscending(),
query.WithCondition("dport eq 443"),
)
// prepare the statement (e.g. parse args and setup query parameters).
// This example assumes that you are querying against goDB
stmt, err := args.Prepare(output)
if err != nil {
fmt.Fprintf(os.Stderr, "couldn't prepare statement: %s\n", err)
os.Exit(1)
}
// execute statement
err = engine.NewQueryRunner().Run(ctx, stmt)
if err != nil {
fmt.Fprintf(os.Stderr, "query failed: %s\n", err)
os.Exit(1)
}
}
For a more complete overview, please consult the documentation.
# Functions
DefaultArgs creates a basic set of query arguments with only the defaults being set.
NewArgs creates new query arguments with the defaults set.
ParseTimeArgument is the entry point for external calls and converts valid formats to a unix timtestamp.
ParseTimeRange will run ParseTimeArgument for a range and validate if the interval is non-zero.
ParseTimeRangeCollectErrors will run ParseTimeArgument for a range and validate if the interval is non-zero.
PermittedFormats list which formats are supported.
PermittedSortBy lists which sort by methods are supported.
TimeFormatsCustom returns a list of all supported custom time formats.
TimeFormatsDefault returns a list of all supported default time formats.
TimeFormatsRelative returns a list of all supported relative time formats.
WithCaller sets the name of the program/tool calling the query.
WithCondition sets the condition argument.
WithDirectionIn considers the incoming flows.
WithDirectionOut considers the outgoing flows.
WithDirectionSum adds both directions.
WithFirst sets the first timestamp to consider.
WithFormat sets the output format.
WithLast sets the last timestampt to consider.
WithList sets the list parameter (only lists interfaces).
WithMaxMemPct is an advanced parameter to restrict system memory usage to a fixed percentage of the available memory during query processing.
WithNumResults sets how many rows are returned.
WithResolve enables reverse lookups of IPs.
WithResolveRows sets the amount of rows for which lookups should be attempted.
WithResolveTimeout sets the timeout for reverse lookups (in seconds).
WithSortAscending sorts rows ascending.
WithSortBy sets by which parameter should be sorted.
WithVersion sets the version parameter (print version and exit).
# Constants
MaxResults stores the maximum number of rows a query will return.
# Variables
Defaults for query arguments.
Defaults for query arguments.
Defaults for query arguments.
Defaults for query arguments.
Defaults for query arguments.
Defaults for query arguments.
Defaults for query arguments.
Defaults for query arguments.
# Structs
Args bundles the command line/HTTP parameters required to prepare a query statement.
return fmt.Sprintf(str, err.Field, err.Message, errStr)
'}.
DNSResolution contains DNS query / resolution related config arguments / parameters.
Statement bundles all relevant options for running a query and displaying its result.
TimeFormat denotes a time format with an optional verbose name for display.
# Interfaces
Runner specifies the functionality a query runner must provide.
# Type aliases
Option allows to modify an existing Args container.