Moved process to code 42 only

BenB196 · Oct 6, 2020 · 945b20d · 945b20d
1 parent 1e50f63
commit 945b20d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 23 deletions.
diff --git a/eventOutput/fileHandler.go b/eventOutput/fileHandler.go
@@ -39,7 +39,7 @@ type Code42 struct {
 	CloudDriveId                string                `json:"cloud_drive_id,omitempty"`
 	DetectionSourceAlias        string                `json:"detection_source_alias,omitempty"`
 	Exposure                    []string              `json:"exposure,omitempty"`
-	Process                     *Process              `json:"process,omitempty"`
+	Process                     *Code42Process        `json:"process,omitempty"`
 	Tab                         *Code42Tab            `json:"tab,omitempty"`
 	RemovableMedia              *Code42RemovableMedia `json:"removable_media,omitempty"`
 	SyncDestination             string                `json:"sync_destination,omitempty"`
@@ -122,7 +122,6 @@ type ElasticFileEvent struct {
 	Timestamp *time.Time `json:"@timestamp,omitempty"`
 	File      *File      `json:"file,omitempty"`
 	Host      *Host      `json:"host,omitempty"`
-	Process   *Process   `json:"process,omitempty"`
 	Code42    *Code42    `json:"code_42,omitempty"`
 }
 
@@ -181,25 +180,16 @@ type User struct {
 	Domain string `json:"domain,omitempty"`
 }
 
-type Organization struct {
-	Name string `json:"name,omitempty"`
-}
-
-type AS struct {
-	Organization *Organization `json:"organization,omitempty"`
-}
-
 type Host struct {
 	Id       string   `json:"id,omitempty"`
 	Name     string   `json:"name,omitempty"`
 	Hostname string   `json:"hostname,omitempty"`
 	User     *User    `json:"user,omitempty"`
 	IP       []string `json:"ip,omitempty"`
 	Geo      *Geo     `json:"geo,omitempty"`
-	AS       *AS      `json:"as,omitempty"`
 }
 
-type Process struct {
+type Code42Process struct {
 	Owner string `json:"owner,omitempty"`
 	Name  string `json:"name,omitempty"`
 }

diff --git a/ffsEvent/ffsFetcher.go b/ffsEvent/ffsFetcher.go
@@ -227,7 +227,6 @@ func queryFetcher(query config.FFSQuery, inProgressQueries *[]eventOutput.InProg
 					ips = append(ips, ffsEvent.PublicIpAddress)
 
 					var geo *eventOutput.Geo
-					var as *eventOutput.AS
 					if location != nil {
 						geo = &eventOutput.Geo{
 							Status:        location.Status,
@@ -264,12 +263,6 @@ func queryFetcher(query config.FFSQuery, inProgressQueries *[]eventOutput.InProg
 						} else {
 							geo.Location = nil
 						}
-
-						if geo.ISP != "" {
-							as = &eventOutput.AS{Organization: &eventOutput.Organization{Name: geo.ISP}}
-						} else {
-							as = nil
-						}
 					} else {
 						geo = nil
 					}
@@ -281,15 +274,14 @@ func queryFetcher(query config.FFSQuery, inProgressQueries *[]eventOutput.InProg
 						User:     user,
 						IP:       ips,
 						Geo:      geo,
-						AS:       as,
 					}
 
-					process := &eventOutput.Process{
+					process := &eventOutput.Code42Process{
 						Owner: ffsEvent.ProcessOwner,
 						Name:  ffsEvent.ProcessName,
 					}
 
-					if *process == (eventOutput.Process{}) {
+					if *process == (eventOutput.Code42Process{}) {
 						process = nil
 					}
 
@@ -386,7 +378,6 @@ func queryFetcher(query config.FFSQuery, inProgressQueries *[]eventOutput.InProg
 						Timestamp: timestamp,
 						File:      file,
 						Host:      host,
-						Process:   process,
 						Code42:    code42,
 					}