def default_network_connection_properties(): return { "src_ip_address": PropType(PropPrimitive.Str, False), "src_port": PropType(PropPrimitive.Int, False), "dst_ip_address": PropType(PropPrimitive.Str, False), "dst_port": PropType(PropPrimitive.Int, False), "created_timestamp": PropType(PropPrimitive.Int, False), "terminated_timestamp": PropType(PropPrimitive.Int, False), "last_seen_timestamp": PropType(PropPrimitive.Int, False), }
def meta_into_property(predicate_meta): is_set = predicate_meta.get("list") type_name = predicate_meta["type"] primitive = None if type_name == "string": primitive = PropPrimitive.Str if type_name == "int": primitive = PropPrimitive.Int if type_name == "bool": primitive = PropPrimitive.Bool return PropType(primitive, is_set, index=predicate_meta.get("index", []))
def default_process_properties() -> Dict[str, PropType]: return { "process_name": PropType(PropPrimitive.Str, False), "image_name": PropType(PropPrimitive.Str, False), "process_id": PropType(PropPrimitive.Int, False), "created_timestamp": PropType(PropPrimitive.Int, False), "terminate_time": PropType(PropPrimitive.Int, False), "arguments": PropType(PropPrimitive.Str, False), }
def default_process_outbound_connection_properties(): return { "created_timestamp": PropType(PropPrimitive.Int, False), "terminated_timestamp": PropType(PropPrimitive.Int, False), "last_seen_timestamp": PropType(PropPrimitive.Int, False), "port": PropType(PropPrimitive.Int, False), "ip_address": PropType(PropPrimitive.Str, False), "protocol": PropType(PropPrimitive.Str, False), }
def default_lens_properties() -> Dict[str, PropType]: return { "lens_name": PropType(PropPrimitive.Str, False), "score": PropType(PropPrimitive.Int, False), }
def default_risk_properties() -> Dict[str, PropType]: return { "analyzer_name": PropType(PropPrimitive.Str, False), "risk_score": PropType(PropPrimitive.Int, False), }
def default_properties() -> Dict[str, "PropType"]: return { "uid": PropType(PropPrimitive.Str, False), "dgraph.type": PropType(PropPrimitive.Str, True), }
def default_ip_address_properties() -> Dict[str, "PropType"]: return { "first_seen_timestamp": PropType(PropPrimitive.Int, False), "last_seen_timestamp": PropType(PropPrimitive.Int, False), "ip_address": PropType(PropPrimitive.Str, False), }
def default_file_properties() -> Dict[str, PropType]: return { "file_path": PropType(PropPrimitive.Str, False), "file_extension": PropType(PropPrimitive.Str, False), "file_mime_type": PropType(PropPrimitive.Str, False), "file_version": PropType(PropPrimitive.Str, False), "file_description": PropType(PropPrimitive.Str, False), "file_product": PropType(PropPrimitive.Str, False), "file_company": PropType(PropPrimitive.Str, False), "file_directory": PropType(PropPrimitive.Str, False), "file_hard_links": PropType(PropPrimitive.Str, False), "signed": PropType(PropPrimitive.Str, False), "signed_status": PropType(PropPrimitive.Str, False), "md5_hash": PropType(PropPrimitive.Str, False), "sha1_hash": PropType(PropPrimitive.Str, False), "sha256_hash": PropType(PropPrimitive.Str, False), "file_inode": PropType(PropPrimitive.Int, False), "file_size": PropType(PropPrimitive.Int, False), }