A bit of cleanup

core/unifi/events.go

@@ -69,9 +69,6 @@ func (u *Unifi) GetSiteEvents(site *Site, hours time.Duration) ([]*Event, error)
 	return event.Data, nil
 }
 
-// Events satisfied the sort.Interface.
-type events []*Event
-
 // Event describes a UniFi Event.
 // API Path: /api/s/default/stat/event.
 type Event struct {
@@ -143,11 +140,6 @@ type Event struct {
 // IPGeo is part of the UniFi Event data. Each event may have up to three of these.
 // One for source, one for dest and one for the USG location.
 type IPGeo struct {
-	GeoIP
-}
-
-// GeoIP is a struct in a struct to deal with weird UniFi output.
-type GeoIP struct {
 	Asn           int64   `json:"asn"`
 	Latitude      float64 `json:"latitude"`
 	Longitude     float64 `json:"longitude"`
@@ -158,6 +150,9 @@ type GeoIP struct {
 	Organization  string  `json:"organization"`
 }
 
+// Events satisfied the sort.Interface.
+type events []*Event
+
 // Len satisfies sort.Interface.
 func (e events) Len() int {
 	return len(e)
@@ -180,5 +175,26 @@ func (v *IPGeo) UnmarshalJSON(data []byte) error {
 		return nil // it's empty
 	}
 
-	return json.Unmarshal(data, &v.GeoIP)
+	g := struct {
+		Asn           int64   `json:"asn"`
+		Latitude      float64 `json:"latitude"`
+		Longitude     float64 `json:"longitude"`
+		City          string  `json:"city"`
+		ContinentCode string  `json:"continent_code"`
+		CountryCode   string  `json:"country_code"`
+		CountryName   string  `json:"country_name"`
+		Organization  string  `json:"organization"`
+	}{}
+
+	err := json.Unmarshal(data, &g)
+	v.Asn = g.Asn
+	v.Latitude = g.Latitude
+	v.Longitude = g.Longitude
+	v.City = g.City
+	v.ContinentCode = g.ContinentCode
+	v.CountryCode = g.CountryCode
+	v.CountryName = g.CountryName
+	v.Organization = g.Organization
+
+	return err
 }

core/unifi/ids.go

@@ -7,19 +7,16 @@ import (
 	"time"
 )
 
-type idsList []*IDS
-
 // IDS holds an Intrusion Prevention System Event.
 type IDS struct {
 	Archived              FlexBool  `json:"archived"`
-	DstIPCountry          FlexBool  `json:"dstipCountry"`
 	DestPort              int       `json:"dest_port,omitempty"`
 	SrcPort               int       `json:"src_port,omitempty"`
+	FlowID                int64     `json:"flow_id"`
 	InnerAlertRev         int64     `json:"inner_alert_rev"`
 	InnerAlertSeverity    int64     `json:"inner_alert_severity"`
 	InnerAlertGID         int64     `json:"inner_alert_gid"`
 	InnerAlertSignatureID int64     `json:"inner_alert_signature_id"`
-	FlowID                int64     `json:"flow_id"`
 	Time                  int64     `json:"time"`
 	Timestamp             int64     `json:"timestamp"`
 	Datetime              time.Time `json:"datetime"`
@@ -28,6 +25,7 @@ type IDS struct {
 	DestIP                string    `json:"dest_ip"`
 	DstMAC                string    `json:"dst_mac"`
 	DstIPASN              string    `json:"dstipASN"`
+	DstIPCountry          string    `json:"dstipCountry"`
 	EventType             string    `json:"event_type"`
 	Host                  string    `json:"host"`
 	ID                    string    `json:"_id"`
@@ -42,9 +40,9 @@ type IDS struct {
 	SiteName              string    `json:"-"`
 	SourceName            string    `json:"-"`
 	SrcIP                 string    `json:"src_ip"`
-	SrcMAC                string    `json:"src_mac"`
 	SrcIPASN              string    `json:"srcipASN"`
 	SrcIPCountry          string    `json:"srcipCountry"`
+	SrcMAC                string    `json:"src_mac"`
 	Subsystem             string    `json:"subsystem"`
 	UniqueAlertID         string    `json:"unique_alertid"`
 	USGIP                 string    `json:"usgip"`
@@ -55,21 +53,6 @@ type IDS struct {
 	USGIPGeo              IPGeo     `json:"usgipGeo"`
 }
 
-// Len satisfies sort.Interface.
-func (e idsList) Len() int {
-	return len(e)
-}
-
-// Swap satisfies sort.Interface.
-func (e idsList) Swap(i, j int) {
-	e[i], e[j] = e[j], e[i]
-}
-
-// Less satisfies sort.Interface. Sort our list by Datetime.
-func (e idsList) Less(i, j int) bool {
-	return e[i].Datetime.Before(e[j].Datetime)
-}
-
 // GetIDS returns Intrusion Detection Systems events for a list of Sites.
 // timeRange may have a length of 0, 1 or 2. The first time is Start, the second is End.
 // Events between start and end are returned. End defaults to time.Now().
@@ -150,3 +133,20 @@ func makeEventParams(timeRange ...time.Time) (string, error) {
 
 	return string(params), err
 }
+
+type idsList []*IDS
+
+// Len satisfies sort.Interface.
+func (e idsList) Len() int {
+	return len(e)
+}
+
+// Swap satisfies sort.Interface.
+func (e idsList) Swap(i, j int) {
+	e[i], e[j] = e[j], e[i]
+}
+
+// Less satisfies sort.Interface. Sort our list by Datetime.
+func (e idsList) Less(i, j int) bool {
+	return e[i].Datetime.Before(e[j].Datetime)
+}

core/unifi/types.go

@@ -37,8 +37,12 @@ const (
 	APILoginPathNew string = "/api/auth/login"
 	// APIEventPathIDS returns Intrusion Detection/Prevention Systems Events
 	APIEventPathIDS string = "/api/s/%s/stat/ips/event"
+	// APIEventPathAlarms contains the site alarms.
+	APIEventPathAlarms string = "/api/s/%s/list/alarm"
 	// APIPrefixNew is the prefix added to the new API paths; except login. duh.
 	APIPrefixNew string = "/proxy/network"
+	// APIAnomaliesPath returns site anomalies.
+	APIAnomaliesPath string = "/api/s/%s/stat/anomalies"
 )
 
 // path returns the correct api path based on the new variable.