ats 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 29bbe4b63220b3e689fa73ede379cbabc58ee30f0b7542c88ef83458effe9987
-  data.tar.gz: a631e33f859732b4b764b94f5f1385021ccf46bbfd693800c0e1db5706d40001
+  metadata.gz: d41e21d7187b9688539269e222749df47804ed710f2df57ccd5ff421f17ca3a2
+  data.tar.gz: 26b879e2ceb8c784e9cb9f0ee20e6c769a01548de0d42bbb201967d107455a31
 SHA512:
-  metadata.gz: 439cc4e133ec80740257127c2f2d9dc3e55a485a0db2bd1e9c41ad6f68209f6042ca0d61b757a7c7c2647d8f364b2ba6c3a98f199378103eda61bb18c395b729
-  data.tar.gz: 3e242d48583ed826965b34186d4226f62cc17e2f76fb4cc59c40b09d50ae2b3e8ceedb6f3da3643ae0cb8940889f58120f2975eed196ca86b2c0adacd35e5b83
+  metadata.gz: 6520a062f60f227b570aed015e24ad9132d390a529ee0db138d8cef96b5b92ae78b07695e2f9cc237c6b71186592959625b171052a6657b52d8b91a36873a84e
+  data.tar.gz: 95834d1e40db1ee05999ba8da37b0713f0bef9bec5b99f98d828aca4573679093652c31f7f1c4dac1f40d6553ee549690e19267d8ee95dbffa06164913e555fe

data/lib/ats.rb

@@ -1,12 +1,18 @@
+require 'base64'
 require 'json'
 require 'logger'
 require 'net/http'
 require 'yaml'
 
-require 'ats/version'
-
 require 'ats/configuration'
 require 'ats/http_api'
+require 'ats/version'
+
+require 'ats/amp4e/api'
+require 'ats/amp4e/computers'
+require 'ats/amp4e/events'
+require 'ats/amp4e/groups'
+require 'ats/amp4e/policies'
 require 'ats/threat_grid/api'
 require 'ats/threat_grid/organizations'
 require 'ats/threat_grid/samples'

data/lib/ats/amp4e/api.rb

@@ -0,0 +1,67 @@
+module ATS
+  module AMP4E
+    class API
+      HEADERS = {
+        'Content-Type' => 'application/json',
+        'Accept' => 'application/json',
+        'User-Agent' => "RubyGems/ATS #{ATS::VERSION}",
+      }.freeze
+
+      attr_reader :http, :profile, :configuration
+
+      def initialize(
+        api: HttpAPI.new(headers: HEADERS),
+        profile: :default,
+        configuration: ATS.configuration
+      )
+        @http = api
+        @profile = profile.to_s
+        @configuration = configuration
+      end
+
+      def computers
+        ATS::AMP4E::Computers.new(self)
+      end
+
+      def events
+        ATS::AMP4E::Events.new(self)
+      end
+
+      def groups
+        ATS::AMP4E::Groups.new(self)
+      end
+
+      def policies
+        ATS::AMP4E::Policies.new(self)
+      end
+
+      def get(url, params: {}, version: 1)
+        http.get(build_uri(url, version: version), headers: headers, body: params) do |request, response|
+          JSON.parse(response.body, symbolize_names: true)
+        end
+      end
+
+      private
+
+      def build_uri(relative_url, version:)
+        URI.parse("#{api_host}/v#{version}/#{relative_url}")
+      end
+
+      def client_id
+        configuration[profile]['amp4e']['client_id']
+      end
+
+      def client_secret
+        configuration[profile]['amp4e']['client_secret']
+      end
+
+      def api_host
+        configuration[profile]['amp4e']['api_host']
+      end
+
+      def headers
+        { AUTHORIZATION: "Basic #{Base64.strict_encode64("#{client_id}:#{client_secret}")}" }
+      end
+    end
+  end
+end

data/lib/ats/amp4e/computers.rb

@@ -0,0 +1,35 @@
+module ATS
+  module AMP4E
+    class Computers
+      attr_reader :api
+
+      def initialize(api)
+        @api = api
+      end
+
+      def list
+        api.get("computers")
+      end
+
+      def show(id)
+        api.get("computers/#{id}")
+      end
+
+      def trajectory(id)
+        api.get("computers/#{id}/trajectory")
+      end
+
+      def user_activity(query)
+        api.get("computers/user_activity", params: { q: query })
+      end
+
+      def user_trajectory(id, query)
+        api.get("computers/#{id}/user_trajectory", params: { q: query })
+      end
+
+      def activity(query)
+        api.get("computers/activity", params: { q: query })
+      end
+    end
+  end
+end

data/lib/ats/amp4e/events.rb

@@ -0,0 +1,19 @@
+module ATS
+  module AMP4E
+    class Events
+      attr_reader :api
+
+      def initialize(api)
+        @api = api
+      end
+
+      def list
+        api.get("events")
+      end
+
+      def types
+        api.get("event_types")
+      end
+    end
+  end
+end

data/lib/ats/amp4e/groups.rb

@@ -0,0 +1,19 @@
+module ATS
+  module AMP4E
+    class Groups
+      attr_reader :api
+
+      def initialize(api)
+        @api = api
+      end
+
+      def list
+        api.get("groups")
+      end
+
+      def show(id)
+        api.get("groups/#{id}")
+      end
+    end
+  end
+end

data/lib/ats/amp4e/policies.rb

@@ -0,0 +1,19 @@
+module ATS
+  module AMP4E
+    class Policies
+      attr_reader :api
+
+      def initialize(api)
+        @api = api
+      end
+
+      def list
+        api.get("policies")
+      end
+
+      def show(id)
+        api.get("policies/#{id}")
+      end
+    end
+  end
+end

data/lib/ats/cli.rb

@@ -2,6 +2,12 @@ require 'ats'
 
 require 'thor'
 require 'ats/cli/threat_grid'
+require 'ats/cli/amp4e/command'
+require 'ats/cli/amp4e/computers'
+require 'ats/cli/amp4e/events'
+require 'ats/cli/amp4e/groups'
+require 'ats/cli/amp4e/policies'
+require 'ats/cli/amp4e/application'
 
 module ATS
   module CLI
@@ -11,6 +17,9 @@ module ATS
       desc 'threatgrid SUBCOMMAND ...ARGS', 'interact with the Threat Grid API'
       subcommand 'threatgrid', ThreatGrid::Application
 
+      desc 'amp4e SUBCOMMAND ...ARGS', 'interact with the AMP for Endpoints API'
+      subcommand 'amp4e', AMP4E::Application
+
       desc 'version', 'Display the current version'
       def version
         say ATS::VERSION

data/lib/ats/cli/amp4e/application.rb

@@ -0,0 +1,21 @@
+module ATS
+  module CLI
+    module AMP4E
+      class Application < Thor
+        class_option :profile, default: :default, required: false
+
+        desc 'computers SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
+        subcommand :computers, ATS::CLI::AMP4E::Computers
+
+        desc 'events SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
+        subcommand :events, ATS::CLI::AMP4E::Events
+
+        desc 'groups SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
+        subcommand :groups, ATS::CLI::AMP4E::Groups
+
+        desc 'policies SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
+        subcommand :policies, ATS::CLI::AMP4E::Policies
+      end
+    end
+  end
+end

data/lib/ats/cli/amp4e/command.rb

@@ -0,0 +1,26 @@
+module ATS
+  module CLI
+    module AMP4E
+      class Command < Thor
+        class_option :profile, default: :default, required: false
+
+        def self.printable_commands(*args)
+          super.map do |x|
+            x[0] = x[0].gsub(/^ats/, 'ats amp4e')
+            x
+          end
+        end
+
+        protected
+
+        def api
+          ATS::AMP4E::API.new(profile: options['profile'])
+        end
+
+        def print_json(json)
+          say JSON.pretty_generate(json), :green
+        end
+      end
+    end
+  end
+end

data/lib/ats/cli/amp4e/computers.rb

@@ -0,0 +1,39 @@
+module ATS
+  module CLI
+    module AMP4E
+      class Computers < Command
+        class_option :profile, default: :default, required: false
+
+        desc 'list', 'list'
+        def list
+          print_json api.computers.list
+        end
+
+        desc 'show <UUID>', 'list'
+        def show(id)
+          print_json api.computers.show(id)
+        end
+
+        desc 'trajectory <UUID>', 'list'
+        def trajectory(id)
+          print_json api.computers.trajectory(id)
+        end
+
+        desc 'user-activity <query>', 'list'
+        def user_activity(query)
+          print_json api.computers.user_activity(query)
+        end
+
+        desc 'user-trajectory <UUID> <query>', 'list'
+        def user_trajectory(id, query)
+          print_json api.computers.user_trajectory(id, query)
+        end
+
+        desc 'activity <query>', 'list'
+        def activity(query)
+          print_json api.computers.activity(query)
+        end
+      end
+    end
+  end
+end

data/lib/ats/cli/amp4e/events.rb

@@ -0,0 +1,19 @@
+module ATS
+  module CLI
+    module AMP4E
+      class Events < Command
+        class_option :profile, default: :default, required: false
+
+        desc 'list', 'list'
+        def list
+          print_json api.events.list
+        end
+
+        desc 'types', 'list'
+        def types
+          print_json api.events.types
+        end
+      end
+    end
+  end
+end

data/lib/ats/cli/amp4e/groups.rb

@@ -0,0 +1,19 @@
+module ATS
+  module CLI
+    module AMP4E
+      class Groups < Command
+        class_option :profile, default: :default, required: false
+
+        desc 'list', 'list'
+        def list
+          print_json api.groups.list
+        end
+
+        desc 'show <UUID>', 'list'
+        def show(id)
+          print_json api.groups.show(id)
+        end
+      end
+    end
+  end
+end

data/lib/ats/cli/amp4e/policies.rb

@@ -0,0 +1,19 @@
+module ATS
+  module CLI
+    module AMP4E
+      class Policies < Command
+        class_option :profile, default: :default, required: false
+
+        desc 'list', 'list'
+        def list
+          print_json api.policies.list
+        end
+
+        desc 'show <UUID>', 'list'
+        def show(id)
+          print_json api.policies.show(id)
+        end
+      end
+    end
+  end
+end

data/lib/ats/version.rb

@@ -1,3 +1,3 @@
 module ATS
-  VERSION = "0.1.1"
+  VERSION = "0.1.2"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ats
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - mokha
@@ -81,7 +81,18 @@ files:
 - ats-cli.gemspec
 - exe/ats
 - lib/ats.rb
+- lib/ats/amp4e/api.rb
+- lib/ats/amp4e/computers.rb
+- lib/ats/amp4e/events.rb
+- lib/ats/amp4e/groups.rb
+- lib/ats/amp4e/policies.rb
 - lib/ats/cli.rb
+- lib/ats/cli/amp4e/application.rb
+- lib/ats/cli/amp4e/command.rb
+- lib/ats/cli/amp4e/computers.rb
+- lib/ats/cli/amp4e/events.rb
+- lib/ats/cli/amp4e/groups.rb
+- lib/ats/cli/amp4e/policies.rb
 - lib/ats/cli/threat_grid.rb
 - lib/ats/cli/threat_grid/application.rb
 - lib/ats/cli/threat_grid/command.rb