Merge pull request #27 from NextronSystems/feat/no-summary

feat: remove summary

Author: secDre4mer

object.go

@@ -1,9 +1,8 @@
 package jsonlog
 
 // Object is the interface that all log objects must implement.
-// Each log object has a `type` and `summary` field in its JSON representation.
-// The type field is used to identify the object type, and the summary field is
-// a human-readable summary of the object's contents.
+// Each log object has a `type` field in its JSON representation
+// that is used to identify the object type.
 type Object interface {
 	// EmbeddedHeader returns the header of the log object.
 	EmbeddedHeader() ObjectHeader
@@ -13,8 +12,6 @@ type Object interface {
 
 // ObjectHeader is the header of a log object. It must be embedded in all log objects.
 type ObjectHeader struct {
-	// Summary is a human-readable summary of the object's contents.
-	Summary string `json:"summary"`
 	// Type is the type of the object. It should be unique across all log objects
 	// and can be used to identify the object type that has embedded this header.
 	Type string `json:"type"`

textlog_test.go

@@ -30,8 +30,7 @@ type SimpleSubstruct struct {
 func TestToDetails(t *testing.T) {
 	var test = TestObject{
 		ObjectHeader: ObjectHeader{
-			Summary: "TestObject",
-			Type:    "testobject",
+			Type: "testobject",
 		},
 		Element1:   "element1",
 		Element2:   "element2",

thorlog/jsonschema/generateschema.go

@@ -67,7 +67,6 @@ func makeObjectSchema() (mainEntry string, defs map[string]*jsonschema.Schema) {
 	var logObjectSchema = &jsonschema.Schema{
 		Properties: orderedmap.New[string, *jsonschema.Schema](),
 	}
-	logObjectSchema.Properties.Set("summary", &jsonschema.Schema{Type: "string"})
 	logObjectSchema.Properties.Set("type", &jsonschema.Schema{
 		Type: "string",
 		Enum: logObjectTypes,

thorlog/v3/antivirus.go

@@ -22,8 +22,7 @@ func init() { AddLogObjectType(typeAntiVirusProduct, &AntiVirusProduct{}) }
 func NewAntiVirusProduct(name string) *AntiVirusProduct {
 	return &AntiVirusProduct{
 		LogObjectHeader: jsonlog.ObjectHeader{
-			Type:    typeAntiVirusProduct,
-			Summary: name,
+			Type: typeAntiVirusProduct,
 		},
 		Name: name,
 	}
@@ -45,8 +44,7 @@ func init() { AddLogObjectType(typeAntiVirusExclude, &AntiVirusExclude{}) }
 func NewAntiVirusExclude(exclusionType string, exclusion string) *AntiVirusExclude {
 	return &AntiVirusExclude{
 		LogObjectHeader: jsonlog.ObjectHeader{
-			Type:    typeAntiVirusExclude,
-			Summary: exclusionType + " " + exclusion,
+			Type: typeAntiVirusExclude,
 		},
 		Type:      exclusionType,
 		Exclusion: exclusion,

thorlog/v3/beaconwatcher.go

@@ -1,7 +1,6 @@
 package thorlog
 
 import (
-	"fmt"
 	"time"
 
 	"github.com/NextronSystems/jsonlog"
@@ -26,8 +25,7 @@ func (NetworkConnectingThread) reportable() {}
 func NewNetworkConnectingThread(threadId uint32, process *Process) *NetworkConnectingThread {
 	return &NetworkConnectingThread{
 		ObjectHeader: jsonlog.ObjectHeader{
-			Summary: fmt.Sprintf("Thread %d connected to remote servers regularly", threadId),
-			Type:    typeNetworkConnectingThread,
+			Type: typeNetworkConnectingThread,
 		},
 		ThreadId: threadId,
 		Process:  process,

thorlog/v3/dnscache.go

@@ -15,8 +15,7 @@ func init() { AddLogObjectType(typeDnsCacheEntry, &DnsCacheEntry{}) }
 func NewDnsCacheEntry(host string, ip string) *DnsCacheEntry {
 	return &DnsCacheEntry{
 		LogObjectHeader: LogObjectHeader{
-			Type:    typeDnsCacheEntry,
-			Summary: host,
+			Type: typeDnsCacheEntry,
 		},
 		Host: host,
 		IP:   ip,

thorlog/v3/doublepulsar.go

@@ -1,9 +1,5 @@
 package thorlog
 
-import (
-	"fmt"
-)
-
 type DoublePulsarHandshake struct {
 	LogObjectHeader
 
@@ -20,8 +16,7 @@ func init() { AddLogObjectType(typeDoublePulsarHandshake, &DoublePulsarHandshake
 func NewDoublePulsarHandshake(handshakeType string, key uint64) *DoublePulsarHandshake {
 	return &DoublePulsarHandshake{
 		LogObjectHeader: LogObjectHeader{
-			Type:    typeDoublePulsarHandshake,
-			Summary: fmt.Sprintf("DoublePulsar Handshake via %s succeeded", handshakeType),
+			Type: typeDoublePulsarHandshake,
 		},
 		Key:  HexNumber(key),
 		Type: handshakeType,

thorlog/v3/envvar.go

@@ -19,8 +19,7 @@ func init() { AddLogObjectType(typeEnvironmentVariable, &EnvironmentVariable{})
 func NewEnvironmentVariable(variable string, value string) *EnvironmentVariable {
 	return &EnvironmentVariable{
 		LogObjectHeader: LogObjectHeader{
-			Type:    typeEnvironmentVariable,
-			Summary: variable + "=" + value,
+			Type: typeEnvironmentVariable,
 		},
 		Variable: variable,
 		Value:    value,

thorlog/v3/event.go

@@ -16,6 +16,7 @@ import (
 type Finding struct {
 	jsonlog.ObjectHeader
 	Meta         LogEventMetadata `json:"meta" textlog:",expand"`
+	Text         string           `json:"message" textlog:"-"`
 	Subject      ReportableObject `json:"subject" textlog:",expand"`
 	Score        int64            `json:"score" textlog:"score"`
 	Reasons      []Reason         `json:"reasons" textlog:",expand"`
@@ -31,7 +32,7 @@ type ReportableObject interface {
 }
 
 func (f *Finding) Message() string {
-	return f.Summary
+	return f.Text
 }
 
 func (f *Finding) Version() common.Version {
@@ -43,29 +44,20 @@ func (f *Finding) Metadata() *LogEventMetadata {
 }
 
 func (f *Finding) UnmarshalJSON(data []byte) error {
+	type plainFinding Finding
 	var rawFinding struct {
-		jsonlog.ObjectHeader
-		Meta         LogEventMetadata `json:"meta"`
-		Subject      EmbeddedObject   `json:"subject"`
-		Score        int64            `json:"score"`
-		Reasons      []Reason         `json:"reasons"`
-		EventContext Context          `json:"context"`
-		LogVersion   common.Version   `json:"log_version"`
+		plainFinding                // Embed without unmarshal method to avoid infinite recursion
+		Subject      EmbeddedObject `json:"subject"` // EmbeddedObject is used to allow unmarshalling of the subject as a ReportableObject
 	}
 	if err := json.Unmarshal(data, &rawFinding); err != nil {
 		return err
 	}
-	f.ObjectHeader = rawFinding.ObjectHeader
-	f.Meta = rawFinding.Meta
 	subject, ok := rawFinding.Subject.Object.(ReportableObject)
 	if !ok {
 		return fmt.Errorf("subject must implement the reportable interface")
 	}
+	*f = Finding(rawFinding.plainFinding) // Copy the fields from rawFinding to f
 	f.Subject = subject
-	f.Score = rawFinding.Score
-	f.Reasons = rawFinding.Reasons
-	f.EventContext = rawFinding.EventContext
-	f.LogVersion = rawFinding.LogVersion
 
 	// Resolve all references
 	// When the event is unmarshalled, the references are not resolved yet and only contain the JSON pointers.
@@ -163,9 +155,9 @@ func init() { AddLogObjectType(typeFinding, &Finding{}) }
 func NewFinding(subject ReportableObject, message string) *Finding {
 	return &Finding{
 		ObjectHeader: LogObjectHeader{
-			Type:    typeFinding,
-			Summary: message,
+			Type: typeFinding,
 		},
+		Text:       message,
 		Subject:    subject,
 		LogVersion: currentVersion,
 	}
@@ -174,12 +166,13 @@ func NewFinding(subject ReportableObject, message string) *Finding {
 type Message struct {
 	jsonlog.ObjectHeader
 	Meta       LogEventMetadata `json:"meta" textlog:",expand"`
+	Text       string           `json:"message" textlog:"-"`
 	Fields     MessageFields    `json:"fields" textlog:",expand" jsonschema:"nullable"`
 	LogVersion common.Version   `json:"log_version"`
 }
 
 func (m *Message) Message() string {
-	return m.Summary
+	return m.Text
 }
 
 func (m *Message) Version() common.Version {
@@ -199,9 +192,9 @@ func init() { AddLogObjectType(typeMessage, &Message{}) }
 func NewMessage(meta LogEventMetadata, message string, kvs ...any) *Message {
 	msg := &Message{
 		ObjectHeader: LogObjectHeader{
-			Type:    typeMessage,
-			Summary: message,
+			Type: typeMessage,
 		},
+		Text:       message,
 		Meta:       meta,
 		LogVersion: currentVersion,
 	}

thorlog/v3/event_test.go

@@ -92,14 +92,15 @@ func concatEntry(entry jsonlog.TextlogEntry) string {
 func TestFinding_UnmarshalJSON(t *testing.T) {
 	for i, finding := range []*Finding{
 		{
-			ObjectHeader: LogObjectHeader{Type: typeFinding, Summary: "message"},
+			ObjectHeader: LogObjectHeader{Type: typeFinding},
 			Meta: LogEventMetadata{
 				Lvl:    common.Alert,
 				Mod:    "Test",
 				ScanID: "abdc",
 				GenID:  "abdas",
 				Source: "aserarsd",
 			},
+			Text:    "This is a test finding",
 			Subject: NewFile("path/to/file"),
 			EventContext: Context{
 				{