-
Notifications
You must be signed in to change notification settings - Fork 13
Expand file tree
/
Copy pathcommon.go
More file actions
28 lines (25 loc) · 803 Bytes
/
common.go
File metadata and controls
28 lines (25 loc) · 803 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
// Modified by DefenseStation on 2024-06-06
// Changes: Updated ElasticSearch client to OpenSearch client, changed package name to 'osquery',
// updated references to OpenSearch documentation, and modified examples accordingly.
package osquery
// Source represents the "_source" option which is commonly accepted in OS
// queries. Currently, only the "includes" option is supported.
type Source struct {
includes []string
excludes []string
disabled bool
}
// Map returns a map representation of the Source object.
func (source Source) Map() map[string]interface{} {
m := make(map[string]interface{})
if len(source.includes) > 0 {
m["includes"] = source.includes
}
if len(source.excludes) > 0 {
m["excludes"] = source.excludes
}
if source.disabled {
m["enabled"] = false
}
return m
}