Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 22:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/doc/scripts/base/protocols/postgresql/main.zeek.rst
Tim Wojtulewicz ded98cd373 Copy docs into Zeek repo directly 
This is based on commit 2731def9159247e6da8a3191783c89683363689c from the
zeek-docs repo.
2025-09-26 02:58:29 +00:00

189 lines
6 KiB
ReStructuredText
Raw Blame History

:tocdepth: 3
base/protocols/postgresql/main.zeek
===================================
.. zeek:namespace:: PostgreSQL
Implements base functionality for PostgreSQL analysis.
:Namespace: PostgreSQL
:Imports: :doc:`base/protocols/conn/removal-hooks.zeek </scripts/base/protocols/conn/removal-hooks.zeek>`, :doc:`base/protocols/postgresql/consts.zeek </scripts/base/protocols/postgresql/consts.zeek>`, :doc:`base/protocols/postgresql/spicy-events.zeek </scripts/base/protocols/postgresql/spicy-events.zeek>`
Summary
~~~~~~~
State Variables
###############
================================================================== =
:zeek:id:`PostgreSQL::ports`: :zeek:type:`set` :zeek:attr:`&redef`
================================================================== =
Types
#####
===================================================== ===============================================================
:zeek:type:`PostgreSQL::Info`: :zeek:type:`record` Record type containing the column fields of the PostgreSQL log.
:zeek:type:`PostgreSQL::State`: :zeek:type:`record`
:zeek:type:`PostgreSQL::Version`: :zeek:type:`record`
===================================================== ===============================================================
Redefinitions
#############
==================================================================== =========================================================================
:zeek:type:`Log::ID`: :zeek:type:`enum` Log stream identifier.
* :zeek:enum:`PostgreSQL::LOG`
:zeek:type:`connection`: :zeek:type:`record`
:New Fields: :zeek:type:`connection`
postgresql: :zeek:type:`PostgreSQL::Info` :zeek:attr:`&optional`
postgresql_state: :zeek:type:`PostgreSQL::State` :zeek:attr:`&optional`
:zeek:id:`likely_server_ports`: :zeek:type:`set` :zeek:attr:`&redef`
==================================================================== =========================================================================
Events
######
========================================================= =====================================
:zeek:id:`PostgreSQL::log_postgresql`: :zeek:type:`event` Default hook into PostgreSQL logging.
========================================================= =====================================
Hooks
#####
========================================================================== =
:zeek:id:`PostgreSQL::finalize_postgresql`: :zeek:type:`Conn::RemovalHook`
========================================================================== =
Detailed Interface
~~~~~~~~~~~~~~~~~~
State Variables
###############
.. zeek:id:: PostgreSQL::ports
:source-code: base/protocols/postgresql/main.zeek 65 65
:Type: :zeek:type:`set` [:zeek:type:`port`]
:Attributes: :zeek:attr:`&redef`
:Default:
::
{
5432/tcp
}
Types
#####
.. zeek:type:: PostgreSQL::Info
:source-code: base/protocols/postgresql/main.zeek 20 49
:Type: :zeek:type:`record`
.. zeek:field:: ts :zeek:type:`time` :zeek:attr:`&log`
Timestamp for when the activity happened.
.. zeek:field:: uid :zeek:type:`string` :zeek:attr:`&log`
Unique ID for the connection.
.. zeek:field:: id :zeek:type:`conn_id` :zeek:attr:`&log`
The connection's 4-tuple of endpoint addresses/ports.
.. zeek:field:: user :zeek:type:`string` :zeek:attr:`&optional` :zeek:attr:`&log`
The user as found in the StartupMessage.
.. zeek:field:: database :zeek:type:`string` :zeek:attr:`&optional` :zeek:attr:`&log`
The database as found in the StartupMessage.
.. zeek:field:: application_name :zeek:type:`string` :zeek:attr:`&optional` :zeek:attr:`&log`
The application name as found in the StartupMessage.
.. zeek:field:: frontend :zeek:type:`string` :zeek:attr:`&optional` :zeek:attr:`&log`
.. zeek:field:: frontend_arg :zeek:type:`string` :zeek:attr:`&optional` :zeek:attr:`&log`
.. zeek:field:: backend :zeek:type:`string` :zeek:attr:`&optional` :zeek:attr:`&log`
.. zeek:field:: backend_arg :zeek:type:`string` :zeek:attr:`&optional` :zeek:attr:`&log`
.. zeek:field:: success :zeek:type:`bool` :zeek:attr:`&optional` :zeek:attr:`&log`
.. zeek:field:: rows :zeek:type:`count` :zeek:attr:`&optional` :zeek:attr:`&log`
Record type containing the column fields of the PostgreSQL log.
.. zeek:type:: PostgreSQL::State
:source-code: base/protocols/postgresql/main.zeek 51 58
:Type: :zeek:type:`record`
.. zeek:field:: version :zeek:type:`PostgreSQL::Version` :zeek:attr:`&optional`
.. zeek:field:: user :zeek:type:`string` :zeek:attr:`&optional`
.. zeek:field:: database :zeek:type:`string` :zeek:attr:`&optional`
.. zeek:field:: application_name :zeek:type:`string` :zeek:attr:`&optional`
.. zeek:field:: rows :zeek:type:`count` :zeek:attr:`&optional`
.. zeek:field:: errors :zeek:type:`vector` of :zeek:type:`string`
.. zeek:type:: PostgreSQL::Version
:source-code: base/protocols/postgresql/main.zeek 14 17
:Type: :zeek:type:`record`
.. zeek:field:: major :zeek:type:`count`
.. zeek:field:: minor :zeek:type:`count`
Events
######
.. zeek:id:: PostgreSQL::log_postgresql
:source-code: base/protocols/postgresql/main.zeek 61 61
:Type: :zeek:type:`event` (rec: :zeek:type:`PostgreSQL::Info`)
Default hook into PostgreSQL logging.
Hooks
#####
.. zeek:id:: PostgreSQL::finalize_postgresql
:source-code: base/protocols/postgresql/main.zeek 248 250
:Type: :zeek:type:`Conn::RemovalHook`
Reference in a new issue View git blame Copy permalink