def oiocCreate(self, iocname, ioc, username): with self._lock: return self._db.table("openioc").insert( { "ioc_id": str(secure_uuid4()), "iocname": str(iocname), "username": str(username), "ioc": str(ioc), "create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), } )
def taskProfileAdd(self, name, actor, params): with self._lock: return self._db.table("taskprofiles").insert( { "taskprofile_id": str(secure_uuid4()), "name": str(name), "actor": str(actor), "params": params, "create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), } )
def scriptCreate(self, scriptname, script, username): with self._lock: return self._db.table("scripts").insert( { "script_id": str(secure_uuid4()), "scriptname": str(scriptname), "username": str(username), "script": str(script), "create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), } )
def oiocCreate(self, iocname, ioc, username): return self._db_openioc.insert_one({ "ioc_id": str(secure_uuid4()), "iocname": str(iocname), "username": str(username), "ioc": str(ioc), "create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), })
def scriptCreate(self, scriptname, script, username): return self._db_scripts.insert_one({ "script_id": str(secure_uuid4()), "scriptname": str(scriptname), "username": str(username), "script": str(script), "create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), })
def transform(element): if dict_key in element[dict_name]: del element[dict_name][dict_key] if update_timestamp and "update_timestamp" in element: element["update_timestamp"] = HXAPI.dt_to_str( datetime.datetime.utcnow() )
def multiFileCreate( self, username, profile_id, display_name=None, file_listing_id=None, api_mode=False, ): with self._lock: ts = HXAPI.dt_to_str(datetime.datetime.utcnow()) r = None try: return self._db.table("multi_file").insert( { "display_name": display_name or "Unnamed File Request", "username": username, "profile_id": profile_id, "files": [], "stopped": False, "api_mode": api_mode, "create_timestamp": ts, "update_timestamp": ts, "file_listing_id": file_listing_id, } ) except: # TODO: Not sure if the value returns that we'd ever see an exception if r: self._db.table("multi_file").remove(doc_ids=[r]) raise return None
def sessionCreate(self, session_id): return self._db_session.insert_one({ "session_id": session_id, "session_data": {}, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), })
def transform(element): for i in element[list_name]: if i[query_key] == query_value: i[k] = v break if update_timestamp and "update_timestamp" in element: element["update_timestamp"] = HXAPI.dt_to_str( datetime.datetime.utcnow() )
def sessionUpdate(self, session_id, session_data): with self._lock: return self._db.table("session").update( { "session_data": session_data, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), }, (tinydb.Query()["session_id"] == session_id), )
def sessionCreate(self, session_id): with self._lock: return self._db.table("session").insert( { "session_id": session_id, "session_data": {}, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), } )
def stackJobStop(self, stack_job_eid): with self._lock: return self._db.table("stacking").update( { "stopped": True, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), }, doc_ids=[int(stack_job_eid)], )
def multiFileStop(self, multi_file_id): with self._lock: return self._db.table("multi_file").update( { "stopped": True, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), }, doc_ids=[int(multi_file_id)], )
def fileListingStop(self, file_listing_id): with self._lock: return self._db.table("file_listing").update( { "stopped": True, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), }, doc_ids=[int(file_listing_id)], )
def transform(element): if type(value) is list: element[list_name].extend(value) else: element[list_name].append(value) if update_timestamp and "update_timestamp" in element: element["update_timestamp"] = HXAPI.dt_to_str( datetime.datetime.utcnow() )
def stackJobUpdateGroupBy(self, profile_id, bulk_download_eid, last_groupby): with self._lock: return self._db.table("stacking").update( { "last_groupby": last_groupby, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), }, (tinydb.Query()["profile_id"] == profile_id) & (tinydb.Query()["bulk_download_eid"] == int(bulk_download_eid)), )
def sessionUpdate(self, session_id, session_data): return self._db_session.replace_one( {"session_id": session_id}, { "session_id": session_id, "session_data": dict(session_data), "update_timestamp": HXAPI.dt_to_str( datetime.datetime.utcnow()), }, )
def transform(element): if not dict_key in element[dict_name]: element[dict_name][dict_key] = dict_values else: if type(dict_values) is dict: element[dict_name][dict_key].update(dict_values) else: element[dict_name][dict_key] = dict_values if update_timestamp and "update_timestamp" in element: element["update_timestamp"] = HXAPI.dt_to_str( datetime.datetime.utcnow() )
def stackJobStop(self, stack_job_eid): return self._db_stacking.update_one( {"_id": ObjectId(stack_job_eid)}, { "$set": { "stopped": True, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), } }, )
def fileListingStop(self, file_listing_id): return self._db_file_listing.update_one( {"_id": ObjectId(file_listing_id)}, { "$set": { "stopped": True, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), } }, )
def multiFileStop(self, multi_file_id): return self.mongoStripKeys( self._db_multi_file.update_one( {"_id": ObjectId(multi_file_id)}, { "$set": { "stopped": True, "update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), } }, ))
def stackJobCreate(self, profile_id, bulk_download_eid, stack_type): ts = HXAPI.dt_to_str(datetime.datetime.utcnow()) r = self._db_stacking.insert_one({ "profile_id": profile_id, "bulk_download_eid": bulk_download_eid, "stopped": False, "stack_type": stack_type, "hosts": [], "results": [], "last_index": None, "last_groupby": [], "create_timestamp": ts, "update_timestamp": ts, }) return r.inserted_id
def alertAddAnnotation( self, profile_id, hx_alert_id, annotation, state, create_user ): with self._lock: return self._db.table("alert").update( self._db_append_to_list( "annotations", { "annotation": annotation, "state": int(state), "create_user": create_user, "create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), }, ), (tinydb.Query()["profile_id"] == profile_id) & (tinydb.Query()["hx_alert_id"] == int(hx_alert_id)), )
def bulkDownloadCreate(self, profile_id, hostset_name=None, hostset_id=None, task_profile=None): r = None ts = HXAPI.dt_to_str(datetime.datetime.utcnow()) r = self._db_bulk_download.insert_one({ "profile_id": profile_id, "hostset_id": int(hostset_id), "hostset_name": hostset_name, "hosts": {}, "task_profile": task_profile, "stopped": False, "complete": False, "create_timestamp": ts, "update_timestamp": ts, }) return r.inserted_id
def multiFileCreate( self, username, profile_id, display_name=None, file_listing_id=None, api_mode=False, ): ts = HXAPI.dt_to_str(datetime.datetime.utcnow()) r = self._db_multi_file.insert_one({ "display_name": display_name or "Unnamed File Request", "username": username, "profile_id": profile_id, "files": [], "stopped": False, "api_mode": api_mode, "create_timestamp": ts, "update_timestamp": ts, "file_listing_id": file_listing_id, }) return r.inserted_id
def bulkDownloadUpdate( self, bulk_download_eid, bulk_acquisition_id=None, hosts=None, stopped=None, complete=None, ): d = {"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow())} if bulk_acquisition_id is not None: d["bulk_acquisition_id"] = bulk_acquisition_id if hosts is not None: d["hosts"] = hosts if stopped is not None: d["stopped"] = stopped if complete is not None: d["complete"] = complete return self._db_bulk_download.update_one( {"_id": ObjectId(bulk_download_eid)}, {"$set": d})
def alertAddAnnotation(self, profile_id, hx_alert_id, annotation, state, create_user): return self._db_alerts.update_one( { "profile_id": profile_id, "hx_alert_id": int(hx_alert_id) }, { "$push": { "annotations": { "annotation": annotation, "state": int(state), "create_user": create_user, "create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()), } } }, )
def stackJobCreate(self, profile_id, bulk_download_eid, stack_type): r = None with self._lock: ts = HXAPI.dt_to_str(datetime.datetime.utcnow()) try: r = self._db.table("stacking").insert( { "profile_id": profile_id, "bulk_download_eid": int(bulk_download_eid), "stopped": False, "stack_type": stack_type, "hosts": [], "results": [], "last_index": None, "last_groupby": [], "create_timestamp": ts, "update_timestamp": ts, } ) except: self._db.table("stacking").remove(doc_ids=[r]) raise return r
def bulkDownloadUpdate( self, bulk_download_eid, bulk_acquisition_id=None, hosts=None, stopped=None, complete=None, ): d = {"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow())} if bulk_acquisition_id is not None: d["bulk_acquisition_id"] = bulk_acquisition_id if hosts is not None: d["hosts"] = hosts if stopped is not None: d["stopped"] = stopped if complete is not None: d["complete"] = complete with self._lock: return self._db.table("bulk_download").update( d, doc_ids=[int(bulk_download_eid)] )
def fileListingCreate( self, profile_id, username, bulk_download_eid, path, regex, depth, display_name, api_mode=False, ): r = None with self._lock: ts = HXAPI.dt_to_str(datetime.datetime.utcnow()) try: r = self._db.table("file_listing").insert( { "profile_id": profile_id, "display_name": display_name, "bulk_download_eid": int(bulk_download_eid), "username": username, "stopped": False, "files": [], "cfg": { "path": path, "regex": regex, "depth": depth, "api_mode": api_mode, }, "create_timestamp": ts, "update_timestamp": ts, } ) except: self._db.table("file_listing").remove(doc_ids=[r]) raise return r