Beispiel #1
0
    def runStormStats(self, core):

        tufo = s_tufo.ephem('stat:sum', 'inet:ipv4', valu=0x80020305)
        self.sorteq(core.eval('stat(sum,inet:ipv4)'), [tufo])

        tufo = s_tufo.ephem('stat:min', 'inet:ipv4', valu=0)
        self.sorteq(core.eval('stat(min,inet:ipv4)'), [tufo])

        tufo = s_tufo.ephem('stat:max', 'inet:ipv4', valu=0x7f000001)
        self.sorteq(core.eval('stat(max,inet:ipv4)'), [tufo])

        tufo = s_tufo.ephem('stat:mean', 'inet:ipv4', valu=715871831)
        self.sorteq(core.eval('stat(mean,inet:ipv4)'), [tufo])

        tufo = s_tufo.ephem('stat:count', 'inet:ipv4', valu=3)
        self.sorteq(core.eval('stat(count,inet:ipv4)'), [tufo])
Beispiel #2
0
    def _stormOperGetTasks(self, query, oper):

        core = self.getStormCore()
        tasks = core.getCoreTasks()

        for task in tasks:
            node = s_tufo.ephem('task', task)
            query.add(node)
Beispiel #3
0
    def _stormOperGetOpers(self, query, oper):
        '''
        Get a list of the storm operators available to the current cortex.

        Args:
            query (s_storm.Query): Query object
            oper ((str, dict)): Operator tufo

        Returns:
            None
        '''
        for oper, func in self.operfuncs.items():
            funcs = '%s.%s' % (func.__module__, func.__qualname__)
            node = s_tufo.ephem('oper', oper, func=funcs)
            query.add(node)