def parse_probe(dtg, addr, ssid):
device = get_device(addr)
recent = Device.objects(Q(events__timestamp__gte=datetime.utcnow() - timedelta(minutes=10)) | Q(events__ssid__ne=ssid), mac=addr)
if len(recent) == 0:
event = Probe()
event.ssid = ssid
event.timestamp = datetime.utcnow()
device.events.append(event)
device.save()
dev = selector.select('Device', mac=addr).first()
if dev == None:
dev = Node('Device', mac=addr, last_seen=str(datetime.utcnow()), vendor=device.vendor)
graph.create(dev)
ss = selector.select('SSID', ssid=ssid).first()
if ss == None:
ss = Node('SSID', ssid=ssid, timestamp=str(datetime.utcnow()))
graph.create(ss)
if len(list(graph.match(start_node=dev, rel_type='probe', end_node=ss))) == 0:
rel = Relationship(dev, 'probe', ss)
graph.create(rel)
print("%s[+] (%s) Probe: %s (%s) -> '%s'" % (Term.CYAN, dtg, addr, device.vendor, ssid))
