New returns a new Client, ready for use.

NewRuleWatcher builds a RuleWatcher which will use the Client provided in the args to poll the API every HowOften, and will call the provided Callback with any new or updated rules.

NewWithClient returns a new Client which uses the given client.

Client provides an easy to use Go client to the Rules API.

GetRulesForEventArguments is the parameters for GetRulesForEvent.

Rule is a named container for filters with some metadata.

RuleEventData represents a single field in an event returned when testing rules.

RuleFilter is a regular expression which should be applied to an event field.

RedQLFilter is a redql query string that is applied to events.

RedQLFilterTest is key/value pair used to validate redql filters.

RuleReference refers to an exploit or security threat associated with this rule.

RuleSampleEvent is an event that was found when testing a rule that represents the kind of event the rule matches.

RuleTermCount is used for filters which are supposed to count the number of matches.

RuleTestMatchStep is a step in the evaluation of a rule which corresponds to a filter and shows how many total events were filtered into the matched events and also provides the duration of time the filter operation took as well as some sample events to show the sort of events that matched.

RuleWatcher will watch the API for rule changes and notify a callback with modified rules.

RuleWatcherArgs represents the arguments needed when running RuleWatcher.

GetChangesSinceClient represents things that implement the GetChangesSince method, which would normally be the Client.

The comparison operator used for counting filters.

The possible platforms a rule can apply to.

The type of event a rule is intended to filter.

The type of rule; old rules are regex, new rules are redql.

The visibility of global rules.

RuleWatchCallback is a callback function which will get called when some modified rules have been found by the RuleWatcher.