ats 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ats.rb +8 -2
- data/lib/ats/amp4e/api.rb +67 -0
- data/lib/ats/amp4e/computers.rb +35 -0
- data/lib/ats/amp4e/events.rb +19 -0
- data/lib/ats/amp4e/groups.rb +19 -0
- data/lib/ats/amp4e/policies.rb +19 -0
- data/lib/ats/cli.rb +9 -0
- data/lib/ats/cli/amp4e/application.rb +21 -0
- data/lib/ats/cli/amp4e/command.rb +26 -0
- data/lib/ats/cli/amp4e/computers.rb +39 -0
- data/lib/ats/cli/amp4e/events.rb +19 -0
- data/lib/ats/cli/amp4e/groups.rb +19 -0
- data/lib/ats/cli/amp4e/policies.rb +19 -0
- data/lib/ats/version.rb +1 -1
- metadata +12 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d41e21d7187b9688539269e222749df47804ed710f2df57ccd5ff421f17ca3a2
|
4
|
+
data.tar.gz: 26b879e2ceb8c784e9cb9f0ee20e6c769a01548de0d42bbb201967d107455a31
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6520a062f60f227b570aed015e24ad9132d390a529ee0db138d8cef96b5b92ae78b07695e2f9cc237c6b71186592959625b171052a6657b52d8b91a36873a84e
|
7
|
+
data.tar.gz: 95834d1e40db1ee05999ba8da37b0713f0bef9bec5b99f98d828aca4573679093652c31f7f1c4dac1f40d6553ee549690e19267d8ee95dbffa06164913e555fe
|
data/lib/ats.rb
CHANGED
@@ -1,12 +1,18 @@
|
|
1
|
+
require 'base64'
|
1
2
|
require 'json'
|
2
3
|
require 'logger'
|
3
4
|
require 'net/http'
|
4
5
|
require 'yaml'
|
5
6
|
|
6
|
-
require 'ats/version'
|
7
|
-
|
8
7
|
require 'ats/configuration'
|
9
8
|
require 'ats/http_api'
|
9
|
+
require 'ats/version'
|
10
|
+
|
11
|
+
require 'ats/amp4e/api'
|
12
|
+
require 'ats/amp4e/computers'
|
13
|
+
require 'ats/amp4e/events'
|
14
|
+
require 'ats/amp4e/groups'
|
15
|
+
require 'ats/amp4e/policies'
|
10
16
|
require 'ats/threat_grid/api'
|
11
17
|
require 'ats/threat_grid/organizations'
|
12
18
|
require 'ats/threat_grid/samples'
|
@@ -0,0 +1,67 @@
|
|
1
|
+
module ATS
|
2
|
+
module AMP4E
|
3
|
+
class API
|
4
|
+
HEADERS = {
|
5
|
+
'Content-Type' => 'application/json',
|
6
|
+
'Accept' => 'application/json',
|
7
|
+
'User-Agent' => "RubyGems/ATS #{ATS::VERSION}",
|
8
|
+
}.freeze
|
9
|
+
|
10
|
+
attr_reader :http, :profile, :configuration
|
11
|
+
|
12
|
+
def initialize(
|
13
|
+
api: HttpAPI.new(headers: HEADERS),
|
14
|
+
profile: :default,
|
15
|
+
configuration: ATS.configuration
|
16
|
+
)
|
17
|
+
@http = api
|
18
|
+
@profile = profile.to_s
|
19
|
+
@configuration = configuration
|
20
|
+
end
|
21
|
+
|
22
|
+
def computers
|
23
|
+
ATS::AMP4E::Computers.new(self)
|
24
|
+
end
|
25
|
+
|
26
|
+
def events
|
27
|
+
ATS::AMP4E::Events.new(self)
|
28
|
+
end
|
29
|
+
|
30
|
+
def groups
|
31
|
+
ATS::AMP4E::Groups.new(self)
|
32
|
+
end
|
33
|
+
|
34
|
+
def policies
|
35
|
+
ATS::AMP4E::Policies.new(self)
|
36
|
+
end
|
37
|
+
|
38
|
+
def get(url, params: {}, version: 1)
|
39
|
+
http.get(build_uri(url, version: version), headers: headers, body: params) do |request, response|
|
40
|
+
JSON.parse(response.body, symbolize_names: true)
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
private
|
45
|
+
|
46
|
+
def build_uri(relative_url, version:)
|
47
|
+
URI.parse("#{api_host}/v#{version}/#{relative_url}")
|
48
|
+
end
|
49
|
+
|
50
|
+
def client_id
|
51
|
+
configuration[profile]['amp4e']['client_id']
|
52
|
+
end
|
53
|
+
|
54
|
+
def client_secret
|
55
|
+
configuration[profile]['amp4e']['client_secret']
|
56
|
+
end
|
57
|
+
|
58
|
+
def api_host
|
59
|
+
configuration[profile]['amp4e']['api_host']
|
60
|
+
end
|
61
|
+
|
62
|
+
def headers
|
63
|
+
{ AUTHORIZATION: "Basic #{Base64.strict_encode64("#{client_id}:#{client_secret}")}" }
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
module ATS
|
2
|
+
module AMP4E
|
3
|
+
class Computers
|
4
|
+
attr_reader :api
|
5
|
+
|
6
|
+
def initialize(api)
|
7
|
+
@api = api
|
8
|
+
end
|
9
|
+
|
10
|
+
def list
|
11
|
+
api.get("computers")
|
12
|
+
end
|
13
|
+
|
14
|
+
def show(id)
|
15
|
+
api.get("computers/#{id}")
|
16
|
+
end
|
17
|
+
|
18
|
+
def trajectory(id)
|
19
|
+
api.get("computers/#{id}/trajectory")
|
20
|
+
end
|
21
|
+
|
22
|
+
def user_activity(query)
|
23
|
+
api.get("computers/user_activity", params: { q: query })
|
24
|
+
end
|
25
|
+
|
26
|
+
def user_trajectory(id, query)
|
27
|
+
api.get("computers/#{id}/user_trajectory", params: { q: query })
|
28
|
+
end
|
29
|
+
|
30
|
+
def activity(query)
|
31
|
+
api.get("computers/activity", params: { q: query })
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
data/lib/ats/cli.rb
CHANGED
@@ -2,6 +2,12 @@ require 'ats'
|
|
2
2
|
|
3
3
|
require 'thor'
|
4
4
|
require 'ats/cli/threat_grid'
|
5
|
+
require 'ats/cli/amp4e/command'
|
6
|
+
require 'ats/cli/amp4e/computers'
|
7
|
+
require 'ats/cli/amp4e/events'
|
8
|
+
require 'ats/cli/amp4e/groups'
|
9
|
+
require 'ats/cli/amp4e/policies'
|
10
|
+
require 'ats/cli/amp4e/application'
|
5
11
|
|
6
12
|
module ATS
|
7
13
|
module CLI
|
@@ -11,6 +17,9 @@ module ATS
|
|
11
17
|
desc 'threatgrid SUBCOMMAND ...ARGS', 'interact with the Threat Grid API'
|
12
18
|
subcommand 'threatgrid', ThreatGrid::Application
|
13
19
|
|
20
|
+
desc 'amp4e SUBCOMMAND ...ARGS', 'interact with the AMP for Endpoints API'
|
21
|
+
subcommand 'amp4e', AMP4E::Application
|
22
|
+
|
14
23
|
desc 'version', 'Display the current version'
|
15
24
|
def version
|
16
25
|
say ATS::VERSION
|
@@ -0,0 +1,21 @@
|
|
1
|
+
module ATS
|
2
|
+
module CLI
|
3
|
+
module AMP4E
|
4
|
+
class Application < Thor
|
5
|
+
class_option :profile, default: :default, required: false
|
6
|
+
|
7
|
+
desc 'computers SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
|
8
|
+
subcommand :computers, ATS::CLI::AMP4E::Computers
|
9
|
+
|
10
|
+
desc 'events SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
|
11
|
+
subcommand :events, ATS::CLI::AMP4E::Events
|
12
|
+
|
13
|
+
desc 'groups SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
|
14
|
+
subcommand :groups, ATS::CLI::AMP4E::Groups
|
15
|
+
|
16
|
+
desc 'policies SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
|
17
|
+
subcommand :policies, ATS::CLI::AMP4E::Policies
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
module ATS
|
2
|
+
module CLI
|
3
|
+
module AMP4E
|
4
|
+
class Command < Thor
|
5
|
+
class_option :profile, default: :default, required: false
|
6
|
+
|
7
|
+
def self.printable_commands(*args)
|
8
|
+
super.map do |x|
|
9
|
+
x[0] = x[0].gsub(/^ats/, 'ats amp4e')
|
10
|
+
x
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
protected
|
15
|
+
|
16
|
+
def api
|
17
|
+
ATS::AMP4E::API.new(profile: options['profile'])
|
18
|
+
end
|
19
|
+
|
20
|
+
def print_json(json)
|
21
|
+
say JSON.pretty_generate(json), :green
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
module ATS
|
2
|
+
module CLI
|
3
|
+
module AMP4E
|
4
|
+
class Computers < Command
|
5
|
+
class_option :profile, default: :default, required: false
|
6
|
+
|
7
|
+
desc 'list', 'list'
|
8
|
+
def list
|
9
|
+
print_json api.computers.list
|
10
|
+
end
|
11
|
+
|
12
|
+
desc 'show <UUID>', 'list'
|
13
|
+
def show(id)
|
14
|
+
print_json api.computers.show(id)
|
15
|
+
end
|
16
|
+
|
17
|
+
desc 'trajectory <UUID>', 'list'
|
18
|
+
def trajectory(id)
|
19
|
+
print_json api.computers.trajectory(id)
|
20
|
+
end
|
21
|
+
|
22
|
+
desc 'user-activity <query>', 'list'
|
23
|
+
def user_activity(query)
|
24
|
+
print_json api.computers.user_activity(query)
|
25
|
+
end
|
26
|
+
|
27
|
+
desc 'user-trajectory <UUID> <query>', 'list'
|
28
|
+
def user_trajectory(id, query)
|
29
|
+
print_json api.computers.user_trajectory(id, query)
|
30
|
+
end
|
31
|
+
|
32
|
+
desc 'activity <query>', 'list'
|
33
|
+
def activity(query)
|
34
|
+
print_json api.computers.activity(query)
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module ATS
|
2
|
+
module CLI
|
3
|
+
module AMP4E
|
4
|
+
class Events < Command
|
5
|
+
class_option :profile, default: :default, required: false
|
6
|
+
|
7
|
+
desc 'list', 'list'
|
8
|
+
def list
|
9
|
+
print_json api.events.list
|
10
|
+
end
|
11
|
+
|
12
|
+
desc 'types', 'list'
|
13
|
+
def types
|
14
|
+
print_json api.events.types
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module ATS
|
2
|
+
module CLI
|
3
|
+
module AMP4E
|
4
|
+
class Groups < Command
|
5
|
+
class_option :profile, default: :default, required: false
|
6
|
+
|
7
|
+
desc 'list', 'list'
|
8
|
+
def list
|
9
|
+
print_json api.groups.list
|
10
|
+
end
|
11
|
+
|
12
|
+
desc 'show <UUID>', 'list'
|
13
|
+
def show(id)
|
14
|
+
print_json api.groups.show(id)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module ATS
|
2
|
+
module CLI
|
3
|
+
module AMP4E
|
4
|
+
class Policies < Command
|
5
|
+
class_option :profile, default: :default, required: false
|
6
|
+
|
7
|
+
desc 'list', 'list'
|
8
|
+
def list
|
9
|
+
print_json api.policies.list
|
10
|
+
end
|
11
|
+
|
12
|
+
desc 'show <UUID>', 'list'
|
13
|
+
def show(id)
|
14
|
+
print_json api.policies.show(id)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
data/lib/ats/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ats
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- mokha
|
@@ -81,7 +81,18 @@ files:
|
|
81
81
|
- ats-cli.gemspec
|
82
82
|
- exe/ats
|
83
83
|
- lib/ats.rb
|
84
|
+
- lib/ats/amp4e/api.rb
|
85
|
+
- lib/ats/amp4e/computers.rb
|
86
|
+
- lib/ats/amp4e/events.rb
|
87
|
+
- lib/ats/amp4e/groups.rb
|
88
|
+
- lib/ats/amp4e/policies.rb
|
84
89
|
- lib/ats/cli.rb
|
90
|
+
- lib/ats/cli/amp4e/application.rb
|
91
|
+
- lib/ats/cli/amp4e/command.rb
|
92
|
+
- lib/ats/cli/amp4e/computers.rb
|
93
|
+
- lib/ats/cli/amp4e/events.rb
|
94
|
+
- lib/ats/cli/amp4e/groups.rb
|
95
|
+
- lib/ats/cli/amp4e/policies.rb
|
85
96
|
- lib/ats/cli/threat_grid.rb
|
86
97
|
- lib/ats/cli/threat_grid/application.rb
|
87
98
|
- lib/ats/cli/threat_grid/command.rb
|