auditd-plugin-clickhouse/auditd-clickhouse-datatypes.json
2019-12-17 14:33:31 +03:00

235 lines
6.0 KiB
JSON

{
"datatypes": [
{ "acct": "string" },
{ "acl": "string" },
{ "action": "integer" },
{ "added": "integer" },
{ "addr": "string" },
{ "apparmor": "string" },
{ "arch": "integer" },
{ "argc": "integer" },
{ "audit_backlog_limit": "integer" },
{ "audit_backlog_wait_time": "integer" },
{ "audit_enabled": "integer" },
{ "audit_failure": "integer" },
{ "auid": "integer" },
{ "banners": "string" },
{ "bool": "string" },
{ "bus": "string" },
{ "capability": "integer" },
{ "cap_fe": "integer" },
{ "cap_fi": "integer" },
{ "cap_fp": "integer" },
{ "cap_fver": "integer" },
{ "cap_pa": "integer" },
{ "cap_pe": "integer" },
{ "cap_pi": "integer" },
{ "cap_pp": "integer" },
{ "category": "string" },
{ "cgroup": "string" },
{ "changed": "integer" },
{ "cipher": "string" },
{ "class": "string" },
{ "cmd": "string" },
{ "code": "integer" },
{ "comm": "string" },
{ "compat": "integer" },
{ "cwd": "string" },
{ "daddr": "string" },
{ "data": "string" },
{ "default-context": "string" },
{ "dev": "string" },
{ "device": "string" },
{ "dir": "string" },
{ "direction": "string" },
{ "dmac": "integer" },
{ "dport": "integer" },
{ "egid": "integer" },
{ "enforcing": "integer" },
{ "entries": "integer" },
{ "euid": "integer" },
{ "exe": "string" },
{ "exit": "integer" },
{ "fam": "string" },
{ "family": "integer" },
{ "fd": "integer" },
{ "file": "string" },
{ "flags": "integer" },
{ "fe": "integer" },
{ "feature": "string" },
{ "fi": "integer" },
{ "fp": "string" },
{ "format": "string" },
{ "fsgid": "integer" },
{ "fsuid": "integer" },
{ "fver": "integer" },
{ "gid": "integer" },
{ "grantors": "string" },
{ "grp": "string" },
{ "hook": "integer" },
{ "hostname": "string" },
{ "icmp_type": "integer" },
{ "id": "integer" },
{ "igid": "integer" },
{ "img-ctx": "string" },
{ "inif": "integer" },
{ "ip": "string" },
{ "ipid": "integer" },
{ "ino": "integer" },
{ "inode": "integer" },
{ "inode_gid": "integer" },
{ "inode_uid": "integer" },
{ "invalid_context": "string" },
{ "ioctlcmd": "integer" },
{ "ipx-net": "integer" },
{ "item": "integer" },
{ "items": "integer" },
{ "iuid": "integer" },
{ "kernel": "string" },
{ "key": "string" },
{ "kind": "string" },
{ "ksize": "integer" },
{ "laddr": "string" },
{ "len": "integer" },
{ "lport": "string" },
{ "list": "integer" },
{ "mac": "string" },
{ "macproto": "integer" },
{ "maj": "integer" },
{ "major": "integer" },
{ "minor": "integer" },
{ "mode": "integer" },
{ "model": "string" },
{ "msg": "string" },
{ "nargs": "integer" },
{ "name": "string" },
{ "nametype": "string" },
{ "net": "string" },
{ "new": "integer" },
{ "new-chardev": "string" },
{ "new-disk": "string" },
{ "new-enabled": "integer" },
{ "new-fs": "string" },
{ "new_gid": "integer" },
{ "new-level": "string" },
{ "new_lock": "integer" },
{ "new-log_passwd": "integer" },
{ "new-mem": "integer" },
{ "new-net": "string" },
{ "new_pe": "integer" },
{ "new_pi": "integer" },
{ "new_pp": "integer" },
{ "new-range": "string" },
{ "new-rng": "string" },
{ "new-role": "string" },
{ "new-seuser": "string" },
{ "new-vcpu": "integer" },
{ "nlnk-fam": "integer" },
{ "nlnk-grp": "integer" },
{ "nlnk-pid": "integer" },
{ "oauid": "integer" },
{ "obj": "string" },
{ "obj_gid": "integer" },
{ "obj_uid": "integer" },
{ "oflag": "integer" },
{ "ogid": "integer" },
{ "ocomm": "string" },
{ "old": "integer" },
{ "old-auid": "integer" },
{ "old-chardev": "string" },
{ "old-disk": "string" },
{ "old-enabled": "integer" },
{ "old_enforcing": "integer" },
{ "old-fs": "string" },
{ "old-level": "string" },
{ "old_lock": "integer" },
{ "old-log_passwd": "integer" },
{ "old-mem": "integer" },
{ "old-net": "string" },
{ "old_pa": "integer" },
{ "old_pe": "integer" },
{ "old_pi": "integer" },
{ "old_pp": "integer" },
{ "old_prom": "integer" },
{ "old-range": "string" },
{ "old-rng": "string" },
{ "old-role": "string" },
{ "old-ses": "integer" },
{ "old-seuser": "string" },
{ "old_val": "integer" },
{ "old-vcpu": "integer" },
{ "op": "string" },
{ "opid": "integer" },
{ "oses": "integer" },
{ "ouid": "integer" },
{ "outif": "integer" },
{ "pa": "integer" },
{ "pe": "integer" },
{ "pi": "integer" },
{ "pp": "integer" },
{ "parent": "integer" },
{ "path": "string" },
{ "per": "integer" },
{ "perm": "integer" },
{ "perm_mask": "integer" },
{ "permissive": "integer" },
{ "pfs": "string" },
{ "pid": "integer" },
{ "ppid": "integer" },
{ "printer": "string" },
{ "prom": "integer" },
{ "proctitle": "string" },
{ "proto": "integer" },
{ "qbytes": "integer" },
{ "range": "string" },
{ "rdev": "integer" },
{ "reason": "string" },
{ "removed": "integer" },
{ "res": "string" },
{ "resrc": "string" },
{ "result": "string" },
{ "role": "string" },
{ "rport": "integer" },
{ "saddr": "string" },
{ "sauid": "integer" },
{ "scontext": "string" },
{ "selected-context": "string" },
{ "seperm": "string" },
{ "seresult": "string" },
{ "ses": "integer" },
{ "seuser": "string" },
{ "sgid": "integer" },
{ "sig": "integer" },
{ "sigev_signo": "integer" },
{ "smac": "integer" },
{ "spid": "integer" },
{ "sport": "integer" },
{ "state": "string" },
{ "subj": "string" },
{ "success": "string" },
{ "suid": "integer" },
{ "syscall": "integer" },
{ "table": "string" },
{ "tclass": "string" },
{ "tcontext": "string" },
{ "terminal": "string" },
{ "tty": "string" },
{ "type": "string" },
{ "uid": "integer" },
{ "unit": "string" },
{ "uri": "string" },
{ "user": "string" },
{ "uuid": "string" },
{ "val": "string" },
{ "ver": "integer" },
{ "virt": "string" },
{ "vm": "string" },
{ "vm-ctx": "string" },
{ "vm-pid": "integer" },
{ "watch": "string" }
],
"datatypes_arrays": [
{ "^a\\d+$": { "type": "string", "dbname": "arg_a" } },
]
}