def alert_count(self): pipeline = [{ "$group": { "_id": "$alert_msg", "count": { "$sum": "$number_observed" } } }, { "$sort": { "count": -1 } }] query = self.collection.aggregate(pipeline) event_list = list(query) event_list_limit = [] if len(event_list) >= 10: for index in range(10): event_list_limit.append(event_list[index]) else: for index in range(len(event_list)): event_list_limit.append(event_list[index]) result = jsonify_stix(event_list_limit) return result
def get_all(self, limit, offset, sort, filt): query = self.collection.find().skip(offset).limit(limit) query_size = self.collection.find() if filt is not None: query = self.collection.find({filt['id']: {'$regex': filt['value']}}).skip(offset).limit(limit) query_size = self.collection.find({filt['id']: {'$regex': filt['value']}}) if sort is not None: query.sort(sort['id'], -1 if sort['desc'] else 1 ) bundle_list = list(query) size = query_size.count() result = jsonify_stix(bundle_list) return result, size
def find(self, id): result = jsonify_stix(self.collection.find_one({'id': id})) return result
def get_all(self, limit, offset, sort, filt): query = self.collection.find().skip(offset).limit(limit) query_size = self.collection.find() if filt is not None: if filt['id'] != "objects.2.dst_port": query = self.collection.find({ filt['id']: { '$regex': filt['value'] } }).skip(offset).limit(limit) else: # Jika filter berdasarkan destination port => INTEGER! # maka harus pake cara BEGO (REGEX) regx = Regex("^" + filt['value'] + ".*") # jika dia disorting maka lakukan sort via aggregate if sort is not None: pipeline = [{ "$addFields": { "stringifyExample": { "$toLower": "$objects.2.dst_port" } } }, { "$match": { "stringifyExample": regx } }, { "$sort": SON([(sort['id'], -1 if sort['desc'] else 1)]) }] else: pipeline = [ { "$addFields": { "stringifyExample": { "$toLower": "$objects.2.dst_port" } } }, { "$match": { "stringifyExample": regx } }, ] query = self.collection.aggregate(pipeline) query_size = self.collection.find( {filt['id']: { '$regex': filt['value'] }}) if sort is not None: # Jika ada filter dan dia cari destination port, SKIP # selain itu sorting! if filt is not None and filt['id'] == "objects.2.dst_port": pass else: query.sort(sort['id'], -1 if sort['desc'] else 1) observed_data_list = list(query) size = query_size.count() result = jsonify_stix(observed_data_list) return result, size