class TbInventorySecurityToUserDataMD5Map(Base):
__tablename__ = 'tb_Inventory_Security_To_User_DataMD5Map'
id = Column(BIGINT, primary_key=True, nullable=False)
Data = Column(NVARCHAR(2048))
Data_MD5 = Column(BINARY(16))
DataNormalized_MD5 = Column(BINARY(16))
LastUpdateTime = Column(DATETIME)
class CDSMAgent(Base):
__tablename__ = 'CDSM_Agent'
guid = Column(BINARY(16), primary_key=True, nullable=False)
reg_time = Column(INTEGER)
version = Column(INTEGER)
last_heartbeat = Column(INTEGER)
name = Column(VARCHAR(64))
time_zone = Column(INTEGER)
status = Column(INTEGER)
os_type = Column(INTEGER)
os_version = Column(INTEGER)
cpu_type = Column(SMALLINT)
off_hour = Column(BINARY(12))
token = Column(VARCHAR(1024))
ip = Column(BINARY(256))
fqdn = Column(VARCHAR(80))
code_page = Column(VARCHAR(20))
guid_t = Column(VARCHAR(36))
ri4 = Column(BINARY(40))
reserve = Column(BINARY(64))
generation = Column(INTEGER)
os_type_t = Column(VARCHAR(128))
os_version_t = Column(VARCHAR(32))
version_t = Column(VARCHAR(32))
build_t = Column(VARCHAR(32))
class Tbcascadingjournalentitydata(Base):
__tablename__ = 'tb_cascadingjournalentitydata'
id = Column(INTEGER, primary_key=True, nullable=False)
Guid = Column(CHAR(36))
AgentGuid = Column(CHAR(36))
ParentGuid = Column(CHAR(36))
CMGuid = Column(CHAR(36))
ProductType = Column(INTEGER)
ProductVersion = Column(VARCHAR(19))
MenuVersion = Column(VARCHAR(8))
ProductLanguage = Column(INTEGER)
BuildNumber = Column(VARCHAR(24))
Status = Column(INTEGER)
IconIndex = Column(SMALLINT)
ConfigureURL = Column(VARCHAR(509))
LastRegistrationTime = Column(DATETIME)
LastLogonTime = Column(DATETIME)
ServicePack = Column(VARCHAR(32))
EntityType = Column(INTEGER)
SLF_UpdateAgentType = Column(INTEGER)
SLF_LastStartupTime = Column(DATETIME)
OS_Name = Column(NVARCHAR(64))
OS_Version = Column(VARCHAR(32))
OS_ServicePackVersion = Column(VARCHAR(32))
OS_Language = Column(INTEGER)
OS_CountryCode = Column(VARCHAR(32))
CpuType = Column(SMALLINT)
ComputerName = Column(NVARCHAR(64))
IPAddressList = Column(VARCHAR(2048))
MACAddressList = Column(VARCHAR(2048))
DomainName = Column(NVARCHAR(64))
FQDN = Column(VARCHAR(80))
TimeZone = Column(INTEGER)
DayLightSaving = Column(BINARY(40))
AgentType = Column(SMALLINT)
AgentStatus = Column(INTEGER)
AgentToken = Column(VARCHAR(1024))
PollingFrequency = Column(INTEGER)
HeartbeatFrequency = Column(INTEGER)
LastHeartbeatTime = Column(INTEGER)
Offhour = Column(BINARY(12))
AgentVersion = Column(VARCHAR(32))
AgentBuild = Column(VARCHAR(32))
ClientTreePath = Column(NVARCHAR(1000))
CloudScanMode = Column(SMALLINT)
CloudScanMethod = Column(SMALLINT)
SourceHashes = Column(VARCHAR(1024))
LogReceivedTime = Column(DATETIME)
GroupName = Column(VARCHAR(64))
ADObjectGuid = Column(CHAR(36))
OSType = Column(VARCHAR(16))
PlatformType = Column(VARCHAR(16))
MachineID = Column(CHAR(36))
UserGuid = Column(CHAR(36))
UserAccount = Column(NVARCHAR(32))
UserDomain = Column(NVARCHAR(256))
UserMail = Column(NVARCHAR(450))
SystemModel = Column(SMALLINT)
AD_DomainName = Column(NVARCHAR(64))
class TbInventoryDDESTaskQueue(Base):
__tablename__ = 'tb_Inventory_DDES_TaskQueue'
id = Column(INTEGER, primary_key=True, nullable=False)
ScanCriteria_MD5 = Column(BINARY(16), nullable=False)
ThreatContent_MD5 = Column(BINARY(16), nullable=False)
ThreatType = Column(INTEGER, nullable=False)
IsManual = Column(TINYINT)
IsOutgoing = Column(TINYINT)
class TbDwellTimeInfo(Base):
__tablename__ = 'tb_DwellTimeInfo'
id = Column(INTEGER, primary_key=True, nullable=False)
FileSHA1 = Column(VARCHAR(64), nullable=False)
DetectionName = Column(VARCHAR(64), nullable=False)
EventContent_MD5 = Column(BINARY(16), nullable=False)
EventContentCategory = Column(SMALLINT, nullable=False)
RetroScanData_MD5 = Column(BINARY(16), nullable=False)
Status = Column(SMALLINT, nullable=False)
CreateTime = Column(DATETIME, nullable=False)
LastUpdateTime = Column(DATETIME, nullable=False)
class TbInventoryQuickInvScanMapping(Base):
__tablename__ = 'tb_Inventory_QuickInvScanMapping'
id = Column(BIGINT, primary_key=True, nullable=False)
EventContent_MD5 = Column(BINARY(16), nullable=False)
RetroScanData_MD5 = Column(BINARY(16), nullable=False)
RetroScanCategory = Column(TINYINT, nullable=False)
LastUpdateTime = Column(DATETIME, nullable=False)
@classmethod
def find_by_retroscandata_md5(cls, md5):
return cm_session.query(cls).filter(
cls.RetroScanData_MD5 == md5).first()
class TbADSiteInfoA(Base):
__tablename__ = 'tb_AD_SiteInfo_A'
id = Column(INTEGER, primary_key=True, nullable=False)
SiteID = Column(CHAR(36), nullable=False)
SiteDefaultName = Column(NVARCHAR(1024))
SiteName = Column(NVARCHAR(1024))
Color = Column(NVARCHAR(10))
MergedSiteID = Column(CHAR(36))
Location = Column(NVARCHAR(1024))
Subnet = Column(VARCHAR(43), nullable=False)
IPv6Start = Column(BINARY(16))
IPv6End = Column(BINARY(16))
RootDomain = Column(NVARCHAR(256))
class CDSMEntity(Base):
__tablename__ = 'CDSM_Entity'
id = Column(INTEGER, primary_key=True, nullable=False)
guid = Column(BINARY(16))
agent_guid = Column(BINARY(16))
parent_guid = Column(BINARY(16))
name = Column(VARCHAR(64))
type = Column(INTEGER)
certificate = Column(VARCHAR(80))
folder_id = Column(INTEGER)
reg_time = Column(INTEGER)
update_time = Column(INTEGER)
product_id = Column(VARCHAR(64))
product_version = Column(VARCHAR(20))
menu_version = Column(VARCHAR(20))
status = Column(INTEGER)
tms_no = Column(SMALLINT)
tms = Column(BINARY(132))
token = Column(VARCHAR(1024))
off_hour = Column(BINARY(12))
heartbeat_mode = Column(INTEGER)
heartbeat_freq = Column(INTEGER)
event_list = Column(BINARY(400))
code_page = Column(VARCHAR(20))
icon_name = Column(VARCHAR(127))
guid_t = Column(VARCHAR(36))
agent_guid_t = Column(VARCHAR(36))
parent_guid_t = Column(VARCHAR(36))
ri4 = Column(BINARY(40))
reserve = Column(BINARY(64))
generation = Column(INTEGER)
polling_freq = Column(INTEGER)
icon_index = Column(INTEGER)
class TbADCustomSiteInfo(Base):
__tablename__ = 'tb_AD_CustomSiteInfo'
id = Column(INTEGER, primary_key=True, nullable=False)
SiteID = Column(CHAR(36), nullable=False)
SiteName = Column(NVARCHAR(1024))
Type = Column(SMALLINT, nullable=False)
Color = Column(NVARCHAR(10))
MergedSiteID = Column(CHAR(36))
Location = Column(NVARCHAR(1024))
Subnet = Column(VARCHAR(43))
LastModificationTime = Column(DATETIME)
CreatorGuid = Column(CHAR(36))
IPv6Start = Column(BINARY(16))
IPv6End = Column(BINARY(16))
class TbInventorySecurityToUserEndpoint(Base):
__tablename__ = 'tb_Inventory_Security_To_User_Endpoint'
id = Column(BIGINT, primary_key=True, nullable=False)
MsgLogID = Column(CHAR(36))
LogType = Column(INTEGER)
EventType = Column(SMALLINT)
ProductType = Column(INTEGER)
LogGenLocalTime = Column(DATETIME)
ClientGuid = Column(CHAR(36))
EventContentType = Column(SMALLINT)
EventContent_MD5 = Column(BINARY(16))
EventContentCategory = Column(SMALLINT)
RetroScanCategory = Column(SMALLINT)
SLF_CCCA_DetectionSource = Column(SMALLINT)
Action = Column(SMALLINT)
RetroScanData_MD5 = Column(BINARY(16))
Description_MD5 = Column(BINARY(16))
CE_FilterID = Column(VARCHAR(35))
Channel = Column(SMALLINT)
class TbEntityIPAddress(Base):
__tablename__ = 'tb_EntityIPAddress'
EntityID = Column(CHAR(36), primary_key=True, nullable=False)
IPAddress = Column(VARCHAR(256), primary_key=True)
FirstOctet = Column(TINYINT)
SecondOctet = Column(TINYINT)
ThirdOctet = Column(TINYINT)
FourthOctet = Column(TINYINT)
IPv4INT = Column(BIGINT)
IPv6Bin = Column(BINARY(16))
class TbInfoHost(Base):
__tablename__ = 'tb_Info_Host'
id = Column(INTEGER, primary_key=True, nullable=False)
Guid = Column(CHAR(36), nullable=False)
ComputerName = Column(NVARCHAR(64))
IPAddressList = Column(VARCHAR(1024))
MACAddressList = Column(VARCHAR(256))
DomainName = Column(NVARCHAR(64))
FQDN = Column(VARCHAR(80))
TimeZone = Column(INTEGER)
DayLightSaving = Column(BINARY(40))
class TbInfoAgent(Base):
__tablename__ = 'tb_Info_Agent'
id = Column(INTEGER, primary_key=True, nullable=False)
AgentGuid = Column(CHAR(36), nullable=False)
AgentType = Column(SMALLINT)
Status = Column(INTEGER)
AgentToken = Column(VARCHAR(1024))
PollingFrequency = Column(INTEGER)
HeartbeatFrequency = Column(INTEGER)
LastHeartbeatTime = Column(INTEGER)
Offhour = Column(BINARY(12))
AgentVersion = Column(VARCHAR(32))
AgentBuild = Column(VARCHAR(32))
class TbGlobalRetroScanTask(Base):
__tablename__ = 'tb_GlobalRetroScanTask'
id = Column(INTEGER, primary_key=True, nullable=False)
RetroScanContent = Column(NVARCHAR(2048), nullable=False)
EventContentMD5 = Column(BINARY(16), nullable=False)
RetroScanCategory = Column(SMALLINT, nullable=False)
ProgressState = Column(SMALLINT, nullable=False)
LatestHttpResponseCode = Column(INTEGER)
ReportID = Column(VARCHAR(64))
ResultCode = Column(SMALLINT)
InitiateTime = Column(DATETIME)
ReportSubmitTime = Column(DATETIME)
ReportReceiveTime = Column(DATETIME)
class TbLogGlobalRetroScanDetection(Base):
__tablename__ = 'tb_LogGlobalRetroScanDetection'
id = Column(INTEGER, primary_key=True, nullable=False)
DetectionKey = Column(VARCHAR(64), nullable=False)
RetroScanContent = Column(NVARCHAR(2048), nullable=False)
EventContentMD5 = Column(BINARY(16), nullable=False)
RetroScanCategory = Column(SMALLINT, nullable=False)
SLF_URLCorrelationKey = Column(VARCHAR(64))
ClientIP = Column(VARCHAR(256))
CallbackTime = Column(DATETIME, nullable=False)
ServerGUID = Column(VARCHAR(64))
LastUpdateTime = Column(DATETIME, nullable=False)
ReportID = Column(VARCHAR(64), nullable=False)
class TbInventorySecurityToUserSummaryEndpoint(Base):
__tablename__ = 'tb_Inventory_Security_To_User_Summary_Endpoint'
id = Column(BIGINT, primary_key=True, nullable=False)
EventType = Column(SMALLINT)
LogGenLocalDate = Column(DATETIME)
ClientGuid = Column(CHAR(36))
EventContentType = Column(SMALLINT)
EventContent_MD5 = Column(BINARY(16))
RetroScanCategory = Column(SMALLINT)
EventContentCategory = Column(SMALLINT)
CE_FilterID = Column(VARCHAR(35))
Count = Column(INTEGER)
RequireActionCount = Column(INTEGER)
ResolvedCount = Column(INTEGER)
class TbDDESScanResultInventory(Base):
__tablename__ = 'tb_DDES_ScanResult_Inventory'
id = Column(INTEGER, primary_key=True, nullable=False)
TaskGUID = Column(CHAR(36))
MachineGUID = Column(CHAR(36))
ClientGUID = Column(CHAR(36))
ServerGUID = Column(CHAR(36))
IOC_GUID = Column(CHAR(36))
MatchObj_Type = Column(VARCHAR(32))
MatchObj_Data = Column(NVARCHAR(2048))
ScanCriteria_MD5 = Column(BINARY(16))
FileFullPathName = Column(NVARCHAR(261))
FileCreationUTCTime = Column(DATETIME)
FirstObsUTCTime = Column(DATETIME)
LastUpdateTime = Column(DATETIME)
class TbCTDNotMitigatedRankTmp(Base):
__tablename__ = 'tb_CTD_NotMitigatedRank_Tmp'
id = Column(INTEGER, primary_key=True, nullable=False)
Rank = Column(INTEGER)
MaxEndpointID = Column(INTEGER)
MaxMachineID = Column(INTEGER)
RetroScanMD5 = Column(BINARY(16))
RetroScanCategory = Column(SMALLINT)
SuspiciousObject = Column(NVARCHAR(2048))
SLF_Key = Column(VARCHAR(256))
SLF_RiskLevel = Column(SMALLINT)
SampleData = Column(NVARCHAR)
Submitter = Column(NVARCHAR(64))
ImportantRequiredActionEndpointCounts = Column(INTEGER)
OtherRequiredActionEndpointCounts = Column(INTEGER)
ImportantSuccessActionEndpointCounts = Column(INTEGER)
OtherSuccessActionEndpointCounts = Column(INTEGER)
class TbCDSMEntityCascading(Base):
__tablename__ = 'tb_CDSM_Entity_Cascading'
guid = Column(CHAR(36), primary_key=True, nullable=False)
parent_guid = Column(CHAR(36))
dm_guid = Column(CHAR(36))
name = Column(VARCHAR(64))
type = Column(INTEGER)
folder_id = Column(INTEGER)
product_id = Column(VARCHAR(64))
product_version = Column(VARCHAR(20))
menu_version = Column(VARCHAR(20))
status = Column(INTEGER)
code_page = Column(VARCHAR(20))
icon_name = Column(VARCHAR(127))
ri4 = Column(BINARY(40))
cm_guid = Column(CHAR(36))
type_in_tree = Column(INTEGER)
name_in_tree = Column(NVARCHAR(64))
parent_guid_in_tree = Column(CHAR(36))
class TbQuickInvMatchObjectInfo(Base):
__tablename__ = 'tb_QuickInv_MatchObjectInfo'
id = Column(BIGINT, primary_key=True, nullable=False)
AgentID = Column(CHAR(36), nullable=False)
SLF_Key = Column(VARCHAR(256), nullable=False)
RetroScanData_MD5 = Column(BINARY(16), nullable=False)
RetroScanCategory = Column(TINYINT, nullable=False)
MetaValue = Column(NVARCHAR(2048))
MetaCategory = Column(SMALLINT)
FirstSeenUTCTime = Column(DATETIME)
RCAScanID = Column(CHAR(36))
FileFullPath = Column(NVARCHAR(512))
FileCreationUTCTime = Column(DATETIME)
LastUpdateTime = Column(DATETIME)
@classmethod
def find_by_slf_key_and_agent(cls, key, agent):
agent_guid = TbEntityInfo.find_by_machine_name(agent).EI_EntityID
return cm_session.query(cls).filter(
and_(cls.SLF_Key == key, cls.AgentID == agent_guid)).first()
class TbQuickInvTask(Base):
__tablename__ = 'tb_QuickInv_Task'
id = Column(BIGINT, primary_key=True, nullable=False)
TaskID = Column(CHAR(36))
HasMore = Column(BIT)
LastContentID = Column(NVARCHAR(2048))
Criteria = Column(NVARCHAR(2048))
CriteriaType = Column(SMALLINT)
RetroScanData_MD5 = Column(BINARY(16))
RetroScanCategory = Column(TINYINT)
SLF_Key = Column(VARCHAR(256))
IsManual = Column(BIT)
CreationTime = Column(DATETIME)
LastUpdateTime = Column(DATETIME)
IsTimeout = Column(BIT)
@classmethod
def find_by_criteria(cls, criteria):
return cm_session.query(cls).filter(cls.Criteria == criteria).first()
@classmethod
def get_distinct_taskid(cls):
return cm_session.query(cls).distinct(cls.TaskID).count()
class TbInventoryDDESRetroScanMapping(Base):
__tablename__ = 'tb_Inventory_DDESRetroScanMapping'
id = Column(INTEGER, primary_key=True, nullable=False)
EventContent_MD5 = Column(BINARY(16), nullable=False)
RetroScanData_MD5 = Column(BINARY(16), nullable=False)
LastUpdateTime = Column(DATETIME, nullable=False)