feat: published Cloud IDS Service v1 Logging

Google APIs · copybara-github · commit b174c584f7d3 · 2022-09-10T23:51:56.000-07:00
PiperOrigin-RevId: 473541339
diff --git a/google/cloud/ids/logging/v1/BUILD.bazel b/google/cloud/ids/logging/v1/BUILD.bazel
@@ -0,0 +1,177 @@
+# This file was automatically generated by BuildFileGenerator
+
+# This is an API workspace, having public visibility by default makes perfect sense.
+package(default_visibility = ["//visibility:public"])
+
+##############################################################################
+# Common
+##############################################################################
+load("@rules_proto//proto:defs.bzl", "proto_library")
+
+proto_library(
+    name = "logging_proto",
+    srcs = [
+        "logging.proto",
+    ],
+    deps = [
+        "@com_google_protobuf//:duration_proto",
+        "@com_google_protobuf//:timestamp_proto",
+    ],
+)
+
+##############################################################################
+# Java
+##############################################################################
+load(
+    "@com_google_googleapis_imports//:imports.bzl",
+    "java_grpc_library",
+    "java_proto_library",
+)
+
+java_proto_library(
+    name = "logging_java_proto",
+    deps = [":logging_proto"],
+)
+
+java_grpc_library(
+    name = "logging_java_grpc",
+    srcs = [":logging_proto"],
+    deps = [":logging_java_proto"],
+)
+
+##############################################################################
+# Go
+##############################################################################
+load(
+    "@com_google_googleapis_imports//:imports.bzl",
+    "go_proto_library",
+)
+
+go_proto_library(
+    name = "logging_go_proto",
+    compilers = ["@io_bazel_rules_go//proto:go_grpc"],
+    importpath = "google.golang.org/genproto/googleapis/cloud/ids/logging/v1",
+    protos = [":logging_proto"],
+    deps = [
+    ],
+)
+
+##############################################################################
+# Python
+##############################################################################
+load(
+    "@com_google_googleapis_imports//:imports.bzl",
+    "moved_proto_library",
+    "py_grpc_library",
+    "py_proto_library",
+)
+
+moved_proto_library(
+    name = "logging_moved_proto",
+    srcs = [":logging_proto"],
+    deps = [
+        "@com_google_protobuf//:duration_proto",
+        "@com_google_protobuf//:timestamp_proto",
+    ],
+)
+
+py_proto_library(
+    name = "logging_py_proto",
+    deps = [":logging_moved_proto"],
+)
+
+py_grpc_library(
+    name = "logging_py_grpc",
+    srcs = [":logging_moved_proto"],
+    deps = [":logging_py_proto"],
+)
+
+##############################################################################
+# PHP
+##############################################################################
+load(
+    "@com_google_googleapis_imports//:imports.bzl",
+    "php_grpc_library",
+    "php_proto_library",
+)
+
+php_proto_library(
+    name = "logging_php_proto",
+    deps = [":logging_proto"],
+)
+
+php_grpc_library(
+    name = "logging_php_grpc",
+    srcs = [":logging_proto"],
+    deps = [":logging_php_proto"],
+)
+
+##############################################################################
+# Node.js
+##############################################################################
+load(
+    "@com_google_googleapis_imports//:imports.bzl",
+    "nodejs_gapic_assembly_pkg",
+    "nodejs_gapic_library",
+)
+
+##############################################################################
+# Ruby
+##############################################################################
+load(
+    "@com_google_googleapis_imports//:imports.bzl",
+    "ruby_grpc_library",
+    "ruby_proto_library",
+)
+
+ruby_proto_library(
+    name = "logging_ruby_proto",
+    deps = [":logging_proto"],
+)
+
+ruby_grpc_library(
+    name = "logging_ruby_grpc",
+    srcs = [":logging_proto"],
+    deps = [":logging_ruby_proto"],
+)
+
+##############################################################################
+# C#
+##############################################################################
+load(
+    "@com_google_googleapis_imports//:imports.bzl",
+    "csharp_grpc_library",
+    "csharp_proto_library",
+)
+
+csharp_proto_library(
+    name = "logging_csharp_proto",
+    deps = [":logging_proto"],
+)
+
+csharp_grpc_library(
+    name = "logging_csharp_grpc",
+    srcs = [":logging_proto"],
+    deps = [":logging_csharp_proto"],
+)
+
+##############################################################################
+# C++
+##############################################################################
+load(
+    "@com_google_googleapis_imports//:imports.bzl",
+    "cc_grpc_library",
+    "cc_proto_library",
+)
+
+cc_proto_library(
+    name = "logging_cc_proto",
+    deps = [":logging_proto"],
+)
+
+cc_grpc_library(
+    name = "logging_cc_grpc",
+    srcs = [":logging_proto"],
+    grpc_only = True,
+    deps = [":logging_cc_proto"],
+)
diff --git a/google/cloud/ids/logging/v1/logging.proto b/google/cloud/ids/logging/v1/logging.proto
@@ -0,0 +1,158 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.ids.logging.v1;
+
+import "google/protobuf/duration.proto";
+import "google/protobuf/timestamp.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/ids/logging/v1;logging";
+option java_multiple_files = true;
+option java_outer_classname = "LoggingProto";
+option java_package = "com.google.cloud.ids.logging.v1";
+
+// A threat detected by Cloud IDS.
+message ThreatLog {
+  // Describes the type of severity of the threat.
+  enum Severity {
+    // Default value - should never be used.
+    SEVERITY_UNSPECIFIED = 0;
+
+    LOW = 2;
+
+    MEDIUM = 3;
+
+    HIGH = 4;
+
+    CRITICAL = 5;
+
+    INFORMATIONAL = 6;
+  }
+
+  enum Direction {
+    // Default value - permitted since Direction is optional.
+    DIRECTION_UNDEFINED = 0;
+
+    // Ingress traffic.
+    CLIENT_TO_SERVER = 1;
+
+    // Egress traffic.
+    SERVER_TO_CLIENT = 2;
+  }
+
+  // Name of the threat, e,g. "Suspicious HTTP Evasion"
+  string name = 1;
+
+  // Unique ID of the threat.
+  string threat_id = 13;
+
+  // The time of the alert.
+  google.protobuf.Timestamp alert_time = 2;
+
+  // Severity of threat.
+  Severity alert_severity = 19;
+
+  // The type of the threat, e.g. "Spyware".
+  string type = 4;
+
+  // Category (sub-type) of the threat, e.g. "code-execution".
+  string category = 18;
+
+  // The source IP Address of the packet, e.g. "35.191.8.79"
+  string source_ip_address = 5;
+
+  // The source port of the packet, e.g. 8080
+  int32 source_port = 6;
+
+  // The destination IP Address of the packet, e.g. "192.168.100.2"
+  string destination_ip_address = 7;
+
+  // The destination port of the packet, e.g. 100
+  int32 destination_port = 8;
+
+  // The IP protocol of the packet, e.g. "TCP".
+  string ip_protocol = 9;
+
+  // The direction of the packet - an optional field.
+  Direction direction = 10;
+
+  // ID of the Layer 4 session of the threat.
+  string session_id = 14;
+
+  // Number of sessions with same source IP, destination IP, application, and
+  // type seen within 5 seconds.
+  string repeat_count = 15;
+
+  // Application associated with the session.
+  string application = 16;
+
+  // Variable field. URI or filename of the relevant threat, if applicable.
+  string uri_or_filename = 17;
+
+  // CVE IDs of the threat.
+  repeated string cves = 20;
+
+  // Details of the threat reported by the IDS VM
+  string details = 11;
+
+  // The network associated with the IDS Endpoint.
+  string network = 12;
+}
+
+// Traffic detected by Cloud IDS.
+// Fields taken from:
+// https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/traffic-log-fields.html.
+message TrafficLog {
+  // Time of session start.
+  google.protobuf.Timestamp start_time = 1;
+
+  // Elapsed time of the session.
+  google.protobuf.Duration elapsed_time = 2;
+
+  // The network associated with the IDS Endpoint.
+  string network = 3;
+
+  // The source IP Address of the packet, e.g. "35.191.8.79"
+  string source_ip_address = 4;
+
+  // The source port of the packet, e.g. 8080
+  int32 source_port = 5;
+
+  // The destination IP Address of the packet, e.g. "192.168.100.2"
+  string destination_ip_address = 6;
+
+  // The destination port of the packet, e.g. 100
+  int32 destination_port = 7;
+
+  // The IP protocol of the packet, e.g. "TCP".
+  string ip_protocol = 8;
+
+  // Application associated with the session.
+  string application = 9;
+
+  // The direction of the packet.
+  string session_id = 12;
+
+  // Number of sessions with same source IP, destination IP, application, and
+  // type seen within 5 seconds.
+  string repeat_count = 13;
+
+  // Total number of bytes transferred in the session.
+  int64 total_bytes = 14;
+
+  // Total number of packets transferred in the session.
+  int64 total_packets = 15;
+}
