class TbInventorySecurityToUserDataMD5Map(Base):
    __tablename__ = 'tb_Inventory_Security_To_User_DataMD5Map'
    id = Column(BIGINT, primary_key=True, nullable=False)
    Data = Column(NVARCHAR(2048))
    Data_MD5 = Column(BINARY(16))
    DataNormalized_MD5 = Column(BINARY(16))
    LastUpdateTime = Column(DATETIME)
Ejemplo n.º 2
0
class CDSMAgent(Base):
    __tablename__ = 'CDSM_Agent'
    guid = Column(BINARY(16), primary_key=True, nullable=False)
    reg_time = Column(INTEGER)
    version = Column(INTEGER)
    last_heartbeat = Column(INTEGER)
    name = Column(VARCHAR(64))
    time_zone = Column(INTEGER)
    status = Column(INTEGER)
    os_type = Column(INTEGER)
    os_version = Column(INTEGER)
    cpu_type = Column(SMALLINT)
    off_hour = Column(BINARY(12))
    token = Column(VARCHAR(1024))
    ip = Column(BINARY(256))
    fqdn = Column(VARCHAR(80))
    code_page = Column(VARCHAR(20))
    guid_t = Column(VARCHAR(36))
    ri4 = Column(BINARY(40))
    reserve = Column(BINARY(64))
    generation = Column(INTEGER)
    os_type_t = Column(VARCHAR(128))
    os_version_t = Column(VARCHAR(32))
    version_t = Column(VARCHAR(32))
    build_t = Column(VARCHAR(32))
class Tbcascadingjournalentitydata(Base):
    __tablename__ = 'tb_cascadingjournalentitydata'
    id = Column(INTEGER, primary_key=True, nullable=False)
    Guid = Column(CHAR(36))
    AgentGuid = Column(CHAR(36))
    ParentGuid = Column(CHAR(36))
    CMGuid = Column(CHAR(36))
    ProductType = Column(INTEGER)
    ProductVersion = Column(VARCHAR(19))
    MenuVersion = Column(VARCHAR(8))
    ProductLanguage = Column(INTEGER)
    BuildNumber = Column(VARCHAR(24))
    Status = Column(INTEGER)
    IconIndex = Column(SMALLINT)
    ConfigureURL = Column(VARCHAR(509))
    LastRegistrationTime = Column(DATETIME)
    LastLogonTime = Column(DATETIME)
    ServicePack = Column(VARCHAR(32))
    EntityType = Column(INTEGER)
    SLF_UpdateAgentType = Column(INTEGER)
    SLF_LastStartupTime = Column(DATETIME)
    OS_Name = Column(NVARCHAR(64))
    OS_Version = Column(VARCHAR(32))
    OS_ServicePackVersion = Column(VARCHAR(32))
    OS_Language = Column(INTEGER)
    OS_CountryCode = Column(VARCHAR(32))
    CpuType = Column(SMALLINT)
    ComputerName = Column(NVARCHAR(64))
    IPAddressList = Column(VARCHAR(2048))
    MACAddressList = Column(VARCHAR(2048))
    DomainName = Column(NVARCHAR(64))
    FQDN = Column(VARCHAR(80))
    TimeZone = Column(INTEGER)
    DayLightSaving = Column(BINARY(40))
    AgentType = Column(SMALLINT)
    AgentStatus = Column(INTEGER)
    AgentToken = Column(VARCHAR(1024))
    PollingFrequency = Column(INTEGER)
    HeartbeatFrequency = Column(INTEGER)
    LastHeartbeatTime = Column(INTEGER)
    Offhour = Column(BINARY(12))
    AgentVersion = Column(VARCHAR(32))
    AgentBuild = Column(VARCHAR(32))
    ClientTreePath = Column(NVARCHAR(1000))
    CloudScanMode = Column(SMALLINT)
    CloudScanMethod = Column(SMALLINT)
    SourceHashes = Column(VARCHAR(1024))
    LogReceivedTime = Column(DATETIME)
    GroupName = Column(VARCHAR(64))
    ADObjectGuid = Column(CHAR(36))
    OSType = Column(VARCHAR(16))
    PlatformType = Column(VARCHAR(16))
    MachineID = Column(CHAR(36))
    UserGuid = Column(CHAR(36))
    UserAccount = Column(NVARCHAR(32))
    UserDomain = Column(NVARCHAR(256))
    UserMail = Column(NVARCHAR(450))
    SystemModel = Column(SMALLINT)
    AD_DomainName = Column(NVARCHAR(64))
class TbInventoryDDESTaskQueue(Base):
    __tablename__ = 'tb_Inventory_DDES_TaskQueue'
    id = Column(INTEGER, primary_key=True, nullable=False)
    ScanCriteria_MD5 = Column(BINARY(16), nullable=False)
    ThreatContent_MD5 = Column(BINARY(16), nullable=False)
    ThreatType = Column(INTEGER, nullable=False)
    IsManual = Column(TINYINT)
    IsOutgoing = Column(TINYINT)
Ejemplo n.º 5
0
class TbDwellTimeInfo(Base):
    __tablename__ = 'tb_DwellTimeInfo'
    id = Column(INTEGER, primary_key=True, nullable=False)
    FileSHA1 = Column(VARCHAR(64), nullable=False)
    DetectionName = Column(VARCHAR(64), nullable=False)
    EventContent_MD5 = Column(BINARY(16), nullable=False)
    EventContentCategory = Column(SMALLINT, nullable=False)
    RetroScanData_MD5 = Column(BINARY(16), nullable=False)
    Status = Column(SMALLINT, nullable=False)
    CreateTime = Column(DATETIME, nullable=False)
    LastUpdateTime = Column(DATETIME, nullable=False)
Ejemplo n.º 6
0
class TbInventoryQuickInvScanMapping(Base):
    __tablename__ = 'tb_Inventory_QuickInvScanMapping'
    id = Column(BIGINT, primary_key=True, nullable=False)
    EventContent_MD5 = Column(BINARY(16), nullable=False)
    RetroScanData_MD5 = Column(BINARY(16), nullable=False)
    RetroScanCategory = Column(TINYINT, nullable=False)
    LastUpdateTime = Column(DATETIME, nullable=False)

    @classmethod
    def find_by_retroscandata_md5(cls, md5):
        return cm_session.query(cls).filter(
            cls.RetroScanData_MD5 == md5).first()
Ejemplo n.º 7
0
class TbADSiteInfoA(Base):
    __tablename__ = 'tb_AD_SiteInfo_A'
    id = Column(INTEGER, primary_key=True, nullable=False)
    SiteID = Column(CHAR(36), nullable=False)
    SiteDefaultName = Column(NVARCHAR(1024))
    SiteName = Column(NVARCHAR(1024))
    Color = Column(NVARCHAR(10))
    MergedSiteID = Column(CHAR(36))
    Location = Column(NVARCHAR(1024))
    Subnet = Column(VARCHAR(43), nullable=False)
    IPv6Start = Column(BINARY(16))
    IPv6End = Column(BINARY(16))
    RootDomain = Column(NVARCHAR(256))
Ejemplo n.º 8
0
class CDSMEntity(Base):
    __tablename__ = 'CDSM_Entity'
    id = Column(INTEGER, primary_key=True, nullable=False)
    guid = Column(BINARY(16))
    agent_guid = Column(BINARY(16))
    parent_guid = Column(BINARY(16))
    name = Column(VARCHAR(64))
    type = Column(INTEGER)
    certificate = Column(VARCHAR(80))
    folder_id = Column(INTEGER)
    reg_time = Column(INTEGER)
    update_time = Column(INTEGER)
    product_id = Column(VARCHAR(64))
    product_version = Column(VARCHAR(20))
    menu_version = Column(VARCHAR(20))
    status = Column(INTEGER)
    tms_no = Column(SMALLINT)
    tms = Column(BINARY(132))
    token = Column(VARCHAR(1024))
    off_hour = Column(BINARY(12))
    heartbeat_mode = Column(INTEGER)
    heartbeat_freq = Column(INTEGER)
    event_list = Column(BINARY(400))
    code_page = Column(VARCHAR(20))
    icon_name = Column(VARCHAR(127))
    guid_t = Column(VARCHAR(36))
    agent_guid_t = Column(VARCHAR(36))
    parent_guid_t = Column(VARCHAR(36))
    ri4 = Column(BINARY(40))
    reserve = Column(BINARY(64))
    generation = Column(INTEGER)
    polling_freq = Column(INTEGER)
    icon_index = Column(INTEGER)
class TbADCustomSiteInfo(Base):
    __tablename__ = 'tb_AD_CustomSiteInfo'
    id = Column(INTEGER, primary_key=True, nullable=False)
    SiteID = Column(CHAR(36), nullable=False)
    SiteName = Column(NVARCHAR(1024))
    Type = Column(SMALLINT, nullable=False)
    Color = Column(NVARCHAR(10))
    MergedSiteID = Column(CHAR(36))
    Location = Column(NVARCHAR(1024))
    Subnet = Column(VARCHAR(43))
    LastModificationTime = Column(DATETIME)
    CreatorGuid = Column(CHAR(36))
    IPv6Start = Column(BINARY(16))
    IPv6End = Column(BINARY(16))
class TbInventorySecurityToUserEndpoint(Base):
    __tablename__ = 'tb_Inventory_Security_To_User_Endpoint'
    id = Column(BIGINT, primary_key=True, nullable=False)
    MsgLogID = Column(CHAR(36))
    LogType = Column(INTEGER)
    EventType = Column(SMALLINT)
    ProductType = Column(INTEGER)
    LogGenLocalTime = Column(DATETIME)
    ClientGuid = Column(CHAR(36))
    EventContentType = Column(SMALLINT)
    EventContent_MD5 = Column(BINARY(16))
    EventContentCategory = Column(SMALLINT)
    RetroScanCategory = Column(SMALLINT)
    SLF_CCCA_DetectionSource = Column(SMALLINT)
    Action = Column(SMALLINT)
    RetroScanData_MD5 = Column(BINARY(16))
    Description_MD5 = Column(BINARY(16))
    CE_FilterID = Column(VARCHAR(35))
    Channel = Column(SMALLINT)
Ejemplo n.º 11
0
class TbEntityIPAddress(Base):
    __tablename__ = 'tb_EntityIPAddress'
    EntityID = Column(CHAR(36), primary_key=True, nullable=False)
    IPAddress = Column(VARCHAR(256), primary_key=True)
    FirstOctet = Column(TINYINT)
    SecondOctet = Column(TINYINT)
    ThirdOctet = Column(TINYINT)
    FourthOctet = Column(TINYINT)
    IPv4INT = Column(BIGINT)
    IPv6Bin = Column(BINARY(16))
Ejemplo n.º 12
0
class TbInfoHost(Base):
    __tablename__ = 'tb_Info_Host'
    id = Column(INTEGER, primary_key=True, nullable=False)
    Guid = Column(CHAR(36), nullable=False)
    ComputerName = Column(NVARCHAR(64))
    IPAddressList = Column(VARCHAR(1024))
    MACAddressList = Column(VARCHAR(256))
    DomainName = Column(NVARCHAR(64))
    FQDN = Column(VARCHAR(80))
    TimeZone = Column(INTEGER)
    DayLightSaving = Column(BINARY(40))
Ejemplo n.º 13
0
class TbInfoAgent(Base):
    __tablename__ = 'tb_Info_Agent'
    id = Column(INTEGER, primary_key=True, nullable=False)
    AgentGuid = Column(CHAR(36), nullable=False)
    AgentType = Column(SMALLINT)
    Status = Column(INTEGER)
    AgentToken = Column(VARCHAR(1024))
    PollingFrequency = Column(INTEGER)
    HeartbeatFrequency = Column(INTEGER)
    LastHeartbeatTime = Column(INTEGER)
    Offhour = Column(BINARY(12))
    AgentVersion = Column(VARCHAR(32))
    AgentBuild = Column(VARCHAR(32))
Ejemplo n.º 14
0
class TbGlobalRetroScanTask(Base):
    __tablename__ = 'tb_GlobalRetroScanTask'
    id = Column(INTEGER, primary_key=True, nullable=False)
    RetroScanContent = Column(NVARCHAR(2048), nullable=False)
    EventContentMD5 = Column(BINARY(16), nullable=False)
    RetroScanCategory = Column(SMALLINT, nullable=False)
    ProgressState = Column(SMALLINT, nullable=False)
    LatestHttpResponseCode = Column(INTEGER)
    ReportID = Column(VARCHAR(64))
    ResultCode = Column(SMALLINT)
    InitiateTime = Column(DATETIME)
    ReportSubmitTime = Column(DATETIME)
    ReportReceiveTime = Column(DATETIME)
class TbLogGlobalRetroScanDetection(Base):
    __tablename__ = 'tb_LogGlobalRetroScanDetection'
    id = Column(INTEGER, primary_key=True, nullable=False)
    DetectionKey = Column(VARCHAR(64), nullable=False)
    RetroScanContent = Column(NVARCHAR(2048), nullable=False)
    EventContentMD5 = Column(BINARY(16), nullable=False)
    RetroScanCategory = Column(SMALLINT, nullable=False)
    SLF_URLCorrelationKey = Column(VARCHAR(64))
    ClientIP = Column(VARCHAR(256))
    CallbackTime = Column(DATETIME, nullable=False)
    ServerGUID = Column(VARCHAR(64))
    LastUpdateTime = Column(DATETIME, nullable=False)
    ReportID = Column(VARCHAR(64), nullable=False)
Ejemplo n.º 16
0
class TbInventorySecurityToUserSummaryEndpoint(Base):
    __tablename__ = 'tb_Inventory_Security_To_User_Summary_Endpoint'
    id = Column(BIGINT, primary_key=True, nullable=False)
    EventType = Column(SMALLINT)
    LogGenLocalDate = Column(DATETIME)
    ClientGuid = Column(CHAR(36))
    EventContentType = Column(SMALLINT)
    EventContent_MD5 = Column(BINARY(16))
    RetroScanCategory = Column(SMALLINT)
    EventContentCategory = Column(SMALLINT)
    CE_FilterID = Column(VARCHAR(35))
    Count = Column(INTEGER)
    RequireActionCount = Column(INTEGER)
    ResolvedCount = Column(INTEGER)
Ejemplo n.º 17
0
class TbDDESScanResultInventory(Base):
    __tablename__ = 'tb_DDES_ScanResult_Inventory'
    id = Column(INTEGER, primary_key=True, nullable=False)
    TaskGUID = Column(CHAR(36))
    MachineGUID = Column(CHAR(36))
    ClientGUID = Column(CHAR(36))
    ServerGUID = Column(CHAR(36))
    IOC_GUID = Column(CHAR(36))
    MatchObj_Type = Column(VARCHAR(32))
    MatchObj_Data = Column(NVARCHAR(2048))
    ScanCriteria_MD5 = Column(BINARY(16))
    FileFullPathName = Column(NVARCHAR(261))
    FileCreationUTCTime = Column(DATETIME)
    FirstObsUTCTime = Column(DATETIME)
    LastUpdateTime = Column(DATETIME)
class TbCTDNotMitigatedRankTmp(Base):
    __tablename__ = 'tb_CTD_NotMitigatedRank_Tmp'
    id = Column(INTEGER, primary_key=True, nullable=False)
    Rank = Column(INTEGER)
    MaxEndpointID = Column(INTEGER)
    MaxMachineID = Column(INTEGER)
    RetroScanMD5 = Column(BINARY(16))
    RetroScanCategory = Column(SMALLINT)
    SuspiciousObject = Column(NVARCHAR(2048))
    SLF_Key = Column(VARCHAR(256))
    SLF_RiskLevel = Column(SMALLINT)
    SampleData = Column(NVARCHAR)
    Submitter = Column(NVARCHAR(64))
    ImportantRequiredActionEndpointCounts = Column(INTEGER)
    OtherRequiredActionEndpointCounts = Column(INTEGER)
    ImportantSuccessActionEndpointCounts = Column(INTEGER)
    OtherSuccessActionEndpointCounts = Column(INTEGER)
Ejemplo n.º 19
0
class TbCDSMEntityCascading(Base):
    __tablename__ = 'tb_CDSM_Entity_Cascading'
    guid = Column(CHAR(36), primary_key=True, nullable=False)
    parent_guid = Column(CHAR(36))
    dm_guid = Column(CHAR(36))
    name = Column(VARCHAR(64))
    type = Column(INTEGER)
    folder_id = Column(INTEGER)
    product_id = Column(VARCHAR(64))
    product_version = Column(VARCHAR(20))
    menu_version = Column(VARCHAR(20))
    status = Column(INTEGER)
    code_page = Column(VARCHAR(20))
    icon_name = Column(VARCHAR(127))
    ri4 = Column(BINARY(40))
    cm_guid = Column(CHAR(36))
    type_in_tree = Column(INTEGER)
    name_in_tree = Column(NVARCHAR(64))
    parent_guid_in_tree = Column(CHAR(36))
Ejemplo n.º 20
0
class TbQuickInvMatchObjectInfo(Base):
    __tablename__ = 'tb_QuickInv_MatchObjectInfo'
    id = Column(BIGINT, primary_key=True, nullable=False)
    AgentID = Column(CHAR(36), nullable=False)
    SLF_Key = Column(VARCHAR(256), nullable=False)
    RetroScanData_MD5 = Column(BINARY(16), nullable=False)
    RetroScanCategory = Column(TINYINT, nullable=False)
    MetaValue = Column(NVARCHAR(2048))
    MetaCategory = Column(SMALLINT)
    FirstSeenUTCTime = Column(DATETIME)
    RCAScanID = Column(CHAR(36))
    FileFullPath = Column(NVARCHAR(512))
    FileCreationUTCTime = Column(DATETIME)
    LastUpdateTime = Column(DATETIME)

    @classmethod
    def find_by_slf_key_and_agent(cls, key, agent):
        agent_guid = TbEntityInfo.find_by_machine_name(agent).EI_EntityID
        return cm_session.query(cls).filter(
            and_(cls.SLF_Key == key, cls.AgentID == agent_guid)).first()
Ejemplo n.º 21
0
class TbQuickInvTask(Base):
    __tablename__ = 'tb_QuickInv_Task'
    id = Column(BIGINT, primary_key=True, nullable=False)
    TaskID = Column(CHAR(36))
    HasMore = Column(BIT)
    LastContentID = Column(NVARCHAR(2048))
    Criteria = Column(NVARCHAR(2048))
    CriteriaType = Column(SMALLINT)
    RetroScanData_MD5 = Column(BINARY(16))
    RetroScanCategory = Column(TINYINT)
    SLF_Key = Column(VARCHAR(256))
    IsManual = Column(BIT)
    CreationTime = Column(DATETIME)
    LastUpdateTime = Column(DATETIME)
    IsTimeout = Column(BIT)

    @classmethod
    def find_by_criteria(cls, criteria):
        return cm_session.query(cls).filter(cls.Criteria == criteria).first()

    @classmethod
    def get_distinct_taskid(cls):
        return cm_session.query(cls).distinct(cls.TaskID).count()
Ejemplo n.º 22
0
class TbInventoryDDESRetroScanMapping(Base):
    __tablename__ = 'tb_Inventory_DDESRetroScanMapping'
    id = Column(INTEGER, primary_key=True, nullable=False)
    EventContent_MD5 = Column(BINARY(16), nullable=False)
    RetroScanData_MD5 = Column(BINARY(16), nullable=False)
    LastUpdateTime = Column(DATETIME, nullable=False)