def oiocCreate(self, iocname, ioc, username):
with self._lock:
return self._db.table("openioc").insert(
{
"ioc_id": str(secure_uuid4()),
"iocname": str(iocname),
"username": str(username),
"ioc": str(ioc),
"create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
}
)
def taskProfileAdd(self, name, actor, params):
with self._lock:
return self._db.table("taskprofiles").insert(
{
"taskprofile_id": str(secure_uuid4()),
"name": str(name),
"actor": str(actor),
"params": params,
"create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
}
)
def scriptCreate(self, scriptname, script, username):
with self._lock:
return self._db.table("scripts").insert(
{
"script_id": str(secure_uuid4()),
"scriptname": str(scriptname),
"username": str(username),
"script": str(script),
"create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
}
)
def oiocCreate(self, iocname, ioc, username):
return self._db_openioc.insert_one({
"ioc_id":
str(secure_uuid4()),
"iocname":
str(iocname),
"username":
str(username),
"ioc":
str(ioc),
"create_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
"update_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
})
def scriptCreate(self, scriptname, script, username):
return self._db_scripts.insert_one({
"script_id":
str(secure_uuid4()),
"scriptname":
str(scriptname),
"username":
str(username),
"script":
str(script),
"create_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
"update_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
})
def transform(element):
if dict_key in element[dict_name]:
del element[dict_name][dict_key]
if update_timestamp and "update_timestamp" in element:
element["update_timestamp"] = HXAPI.dt_to_str(
datetime.datetime.utcnow()
)
def multiFileCreate(
self,
username,
profile_id,
display_name=None,
file_listing_id=None,
api_mode=False,
):
with self._lock:
ts = HXAPI.dt_to_str(datetime.datetime.utcnow())
r = None
try:
return self._db.table("multi_file").insert(
{
"display_name": display_name or "Unnamed File Request",
"username": username,
"profile_id": profile_id,
"files": [],
"stopped": False,
"api_mode": api_mode,
"create_timestamp": ts,
"update_timestamp": ts,
"file_listing_id": file_listing_id,
}
)
except:
# TODO: Not sure if the value returns that we'd ever see an exception
if r:
self._db.table("multi_file").remove(doc_ids=[r])
raise
return None
def sessionCreate(self, session_id):
return self._db_session.insert_one({
"session_id":
session_id,
"session_data": {},
"update_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
})
def transform(element):
for i in element[list_name]:
if i[query_key] == query_value:
i[k] = v
break
if update_timestamp and "update_timestamp" in element:
element["update_timestamp"] = HXAPI.dt_to_str(
datetime.datetime.utcnow()
)
def sessionUpdate(self, session_id, session_data):
with self._lock:
return self._db.table("session").update(
{
"session_data": session_data,
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
},
(tinydb.Query()["session_id"] == session_id),
)
def sessionCreate(self, session_id):
with self._lock:
return self._db.table("session").insert(
{
"session_id": session_id,
"session_data": {},
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
}
)
def stackJobStop(self, stack_job_eid):
with self._lock:
return self._db.table("stacking").update(
{
"stopped": True,
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
},
doc_ids=[int(stack_job_eid)],
)
def multiFileStop(self, multi_file_id):
with self._lock:
return self._db.table("multi_file").update(
{
"stopped": True,
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
},
doc_ids=[int(multi_file_id)],
)
def fileListingStop(self, file_listing_id):
with self._lock:
return self._db.table("file_listing").update(
{
"stopped": True,
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
},
doc_ids=[int(file_listing_id)],
)
def transform(element):
if type(value) is list:
element[list_name].extend(value)
else:
element[list_name].append(value)
if update_timestamp and "update_timestamp" in element:
element["update_timestamp"] = HXAPI.dt_to_str(
datetime.datetime.utcnow()
)
def stackJobUpdateGroupBy(self, profile_id, bulk_download_eid, last_groupby):
with self._lock:
return self._db.table("stacking").update(
{
"last_groupby": last_groupby,
"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
},
(tinydb.Query()["profile_id"] == profile_id)
& (tinydb.Query()["bulk_download_eid"] == int(bulk_download_eid)),
)
def sessionUpdate(self, session_id, session_data):
return self._db_session.replace_one(
{"session_id": session_id},
{
"session_id": session_id,
"session_data": dict(session_data),
"update_timestamp": HXAPI.dt_to_str(
datetime.datetime.utcnow()),
},
)
def transform(element):
if not dict_key in element[dict_name]:
element[dict_name][dict_key] = dict_values
else:
if type(dict_values) is dict:
element[dict_name][dict_key].update(dict_values)
else:
element[dict_name][dict_key] = dict_values
if update_timestamp and "update_timestamp" in element:
element["update_timestamp"] = HXAPI.dt_to_str(
datetime.datetime.utcnow()
)
def stackJobStop(self, stack_job_eid):
return self._db_stacking.update_one(
{"_id": ObjectId(stack_job_eid)},
{
"$set": {
"stopped":
True,
"update_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
}
},
)
def fileListingStop(self, file_listing_id):
return self._db_file_listing.update_one(
{"_id": ObjectId(file_listing_id)},
{
"$set": {
"stopped":
True,
"update_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
}
},
)
def multiFileStop(self, multi_file_id):
return self.mongoStripKeys(
self._db_multi_file.update_one(
{"_id": ObjectId(multi_file_id)},
{
"$set": {
"stopped":
True,
"update_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
}
},
))
def stackJobCreate(self, profile_id, bulk_download_eid, stack_type):
ts = HXAPI.dt_to_str(datetime.datetime.utcnow())
r = self._db_stacking.insert_one({
"profile_id": profile_id,
"bulk_download_eid": bulk_download_eid,
"stopped": False,
"stack_type": stack_type,
"hosts": [],
"results": [],
"last_index": None,
"last_groupby": [],
"create_timestamp": ts,
"update_timestamp": ts,
})
return r.inserted_id
def alertAddAnnotation(
self, profile_id, hx_alert_id, annotation, state, create_user
):
with self._lock:
return self._db.table("alert").update(
self._db_append_to_list(
"annotations",
{
"annotation": annotation,
"state": int(state),
"create_user": create_user,
"create_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow()),
},
),
(tinydb.Query()["profile_id"] == profile_id)
& (tinydb.Query()["hx_alert_id"] == int(hx_alert_id)),
)
def bulkDownloadCreate(self,
profile_id,
hostset_name=None,
hostset_id=None,
task_profile=None):
r = None
ts = HXAPI.dt_to_str(datetime.datetime.utcnow())
r = self._db_bulk_download.insert_one({
"profile_id": profile_id,
"hostset_id": int(hostset_id),
"hostset_name": hostset_name,
"hosts": {},
"task_profile": task_profile,
"stopped": False,
"complete": False,
"create_timestamp": ts,
"update_timestamp": ts,
})
return r.inserted_id
def multiFileCreate(
self,
username,
profile_id,
display_name=None,
file_listing_id=None,
api_mode=False,
):
ts = HXAPI.dt_to_str(datetime.datetime.utcnow())
r = self._db_multi_file.insert_one({
"display_name": display_name or "Unnamed File Request",
"username": username,
"profile_id": profile_id,
"files": [],
"stopped": False,
"api_mode": api_mode,
"create_timestamp": ts,
"update_timestamp": ts,
"file_listing_id": file_listing_id,
})
return r.inserted_id
def bulkDownloadUpdate(
self,
bulk_download_eid,
bulk_acquisition_id=None,
hosts=None,
stopped=None,
complete=None,
):
d = {"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow())}
if bulk_acquisition_id is not None:
d["bulk_acquisition_id"] = bulk_acquisition_id
if hosts is not None:
d["hosts"] = hosts
if stopped is not None:
d["stopped"] = stopped
if complete is not None:
d["complete"] = complete
return self._db_bulk_download.update_one(
{"_id": ObjectId(bulk_download_eid)}, {"$set": d})
def alertAddAnnotation(self, profile_id, hx_alert_id, annotation, state,
create_user):
return self._db_alerts.update_one(
{
"profile_id": profile_id,
"hx_alert_id": int(hx_alert_id)
},
{
"$push": {
"annotations": {
"annotation":
annotation,
"state":
int(state),
"create_user":
create_user,
"create_timestamp":
HXAPI.dt_to_str(datetime.datetime.utcnow()),
}
}
},
)
def stackJobCreate(self, profile_id, bulk_download_eid, stack_type):
r = None
with self._lock:
ts = HXAPI.dt_to_str(datetime.datetime.utcnow())
try:
r = self._db.table("stacking").insert(
{
"profile_id": profile_id,
"bulk_download_eid": int(bulk_download_eid),
"stopped": False,
"stack_type": stack_type,
"hosts": [],
"results": [],
"last_index": None,
"last_groupby": [],
"create_timestamp": ts,
"update_timestamp": ts,
}
)
except:
self._db.table("stacking").remove(doc_ids=[r])
raise
return r
def bulkDownloadUpdate(
self,
bulk_download_eid,
bulk_acquisition_id=None,
hosts=None,
stopped=None,
complete=None,
):
d = {"update_timestamp": HXAPI.dt_to_str(datetime.datetime.utcnow())}
if bulk_acquisition_id is not None:
d["bulk_acquisition_id"] = bulk_acquisition_id
if hosts is not None:
d["hosts"] = hosts
if stopped is not None:
d["stopped"] = stopped
if complete is not None:
d["complete"] = complete
with self._lock:
return self._db.table("bulk_download").update(
d, doc_ids=[int(bulk_download_eid)]
)
def fileListingCreate(
self,
profile_id,
username,
bulk_download_eid,
path,
regex,
depth,
display_name,
api_mode=False,
):
r = None
with self._lock:
ts = HXAPI.dt_to_str(datetime.datetime.utcnow())
try:
r = self._db.table("file_listing").insert(
{
"profile_id": profile_id,
"display_name": display_name,
"bulk_download_eid": int(bulk_download_eid),
"username": username,
"stopped": False,
"files": [],
"cfg": {
"path": path,
"regex": regex,
"depth": depth,
"api_mode": api_mode,
},
"create_timestamp": ts,
"update_timestamp": ts,
}
)
except:
self._db.table("file_listing").remove(doc_ids=[r])
raise
return r
