ats 0.1.1 → 0.1.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 29bbe4b63220b3e689fa73ede379cbabc58ee30f0b7542c88ef83458effe9987
4
- data.tar.gz: a631e33f859732b4b764b94f5f1385021ccf46bbfd693800c0e1db5706d40001
3
+ metadata.gz: d41e21d7187b9688539269e222749df47804ed710f2df57ccd5ff421f17ca3a2
4
+ data.tar.gz: 26b879e2ceb8c784e9cb9f0ee20e6c769a01548de0d42bbb201967d107455a31
5
5
  SHA512:
6
- metadata.gz: 439cc4e133ec80740257127c2f2d9dc3e55a485a0db2bd1e9c41ad6f68209f6042ca0d61b757a7c7c2647d8f364b2ba6c3a98f199378103eda61bb18c395b729
7
- data.tar.gz: 3e242d48583ed826965b34186d4226f62cc17e2f76fb4cc59c40b09d50ae2b3e8ceedb6f3da3643ae0cb8940889f58120f2975eed196ca86b2c0adacd35e5b83
6
+ metadata.gz: 6520a062f60f227b570aed015e24ad9132d390a529ee0db138d8cef96b5b92ae78b07695e2f9cc237c6b71186592959625b171052a6657b52d8b91a36873a84e
7
+ data.tar.gz: 95834d1e40db1ee05999ba8da37b0713f0bef9bec5b99f98d828aca4573679093652c31f7f1c4dac1f40d6553ee549690e19267d8ee95dbffa06164913e555fe
data/lib/ats.rb CHANGED
@@ -1,12 +1,18 @@
1
+ require 'base64'
1
2
  require 'json'
2
3
  require 'logger'
3
4
  require 'net/http'
4
5
  require 'yaml'
5
6
 
6
- require 'ats/version'
7
-
8
7
  require 'ats/configuration'
9
8
  require 'ats/http_api'
9
+ require 'ats/version'
10
+
11
+ require 'ats/amp4e/api'
12
+ require 'ats/amp4e/computers'
13
+ require 'ats/amp4e/events'
14
+ require 'ats/amp4e/groups'
15
+ require 'ats/amp4e/policies'
10
16
  require 'ats/threat_grid/api'
11
17
  require 'ats/threat_grid/organizations'
12
18
  require 'ats/threat_grid/samples'
@@ -0,0 +1,67 @@
1
+ module ATS
2
+ module AMP4E
3
+ class API
4
+ HEADERS = {
5
+ 'Content-Type' => 'application/json',
6
+ 'Accept' => 'application/json',
7
+ 'User-Agent' => "RubyGems/ATS #{ATS::VERSION}",
8
+ }.freeze
9
+
10
+ attr_reader :http, :profile, :configuration
11
+
12
+ def initialize(
13
+ api: HttpAPI.new(headers: HEADERS),
14
+ profile: :default,
15
+ configuration: ATS.configuration
16
+ )
17
+ @http = api
18
+ @profile = profile.to_s
19
+ @configuration = configuration
20
+ end
21
+
22
+ def computers
23
+ ATS::AMP4E::Computers.new(self)
24
+ end
25
+
26
+ def events
27
+ ATS::AMP4E::Events.new(self)
28
+ end
29
+
30
+ def groups
31
+ ATS::AMP4E::Groups.new(self)
32
+ end
33
+
34
+ def policies
35
+ ATS::AMP4E::Policies.new(self)
36
+ end
37
+
38
+ def get(url, params: {}, version: 1)
39
+ http.get(build_uri(url, version: version), headers: headers, body: params) do |request, response|
40
+ JSON.parse(response.body, symbolize_names: true)
41
+ end
42
+ end
43
+
44
+ private
45
+
46
+ def build_uri(relative_url, version:)
47
+ URI.parse("#{api_host}/v#{version}/#{relative_url}")
48
+ end
49
+
50
+ def client_id
51
+ configuration[profile]['amp4e']['client_id']
52
+ end
53
+
54
+ def client_secret
55
+ configuration[profile]['amp4e']['client_secret']
56
+ end
57
+
58
+ def api_host
59
+ configuration[profile]['amp4e']['api_host']
60
+ end
61
+
62
+ def headers
63
+ { AUTHORIZATION: "Basic #{Base64.strict_encode64("#{client_id}:#{client_secret}")}" }
64
+ end
65
+ end
66
+ end
67
+ end
@@ -0,0 +1,35 @@
1
+ module ATS
2
+ module AMP4E
3
+ class Computers
4
+ attr_reader :api
5
+
6
+ def initialize(api)
7
+ @api = api
8
+ end
9
+
10
+ def list
11
+ api.get("computers")
12
+ end
13
+
14
+ def show(id)
15
+ api.get("computers/#{id}")
16
+ end
17
+
18
+ def trajectory(id)
19
+ api.get("computers/#{id}/trajectory")
20
+ end
21
+
22
+ def user_activity(query)
23
+ api.get("computers/user_activity", params: { q: query })
24
+ end
25
+
26
+ def user_trajectory(id, query)
27
+ api.get("computers/#{id}/user_trajectory", params: { q: query })
28
+ end
29
+
30
+ def activity(query)
31
+ api.get("computers/activity", params: { q: query })
32
+ end
33
+ end
34
+ end
35
+ end
@@ -0,0 +1,19 @@
1
+ module ATS
2
+ module AMP4E
3
+ class Events
4
+ attr_reader :api
5
+
6
+ def initialize(api)
7
+ @api = api
8
+ end
9
+
10
+ def list
11
+ api.get("events")
12
+ end
13
+
14
+ def types
15
+ api.get("event_types")
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,19 @@
1
+ module ATS
2
+ module AMP4E
3
+ class Groups
4
+ attr_reader :api
5
+
6
+ def initialize(api)
7
+ @api = api
8
+ end
9
+
10
+ def list
11
+ api.get("groups")
12
+ end
13
+
14
+ def show(id)
15
+ api.get("groups/#{id}")
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,19 @@
1
+ module ATS
2
+ module AMP4E
3
+ class Policies
4
+ attr_reader :api
5
+
6
+ def initialize(api)
7
+ @api = api
8
+ end
9
+
10
+ def list
11
+ api.get("policies")
12
+ end
13
+
14
+ def show(id)
15
+ api.get("policies/#{id}")
16
+ end
17
+ end
18
+ end
19
+ end
data/lib/ats/cli.rb CHANGED
@@ -2,6 +2,12 @@ require 'ats'
2
2
 
3
3
  require 'thor'
4
4
  require 'ats/cli/threat_grid'
5
+ require 'ats/cli/amp4e/command'
6
+ require 'ats/cli/amp4e/computers'
7
+ require 'ats/cli/amp4e/events'
8
+ require 'ats/cli/amp4e/groups'
9
+ require 'ats/cli/amp4e/policies'
10
+ require 'ats/cli/amp4e/application'
5
11
 
6
12
  module ATS
7
13
  module CLI
@@ -11,6 +17,9 @@ module ATS
11
17
  desc 'threatgrid SUBCOMMAND ...ARGS', 'interact with the Threat Grid API'
12
18
  subcommand 'threatgrid', ThreatGrid::Application
13
19
 
20
+ desc 'amp4e SUBCOMMAND ...ARGS', 'interact with the AMP for Endpoints API'
21
+ subcommand 'amp4e', AMP4E::Application
22
+
14
23
  desc 'version', 'Display the current version'
15
24
  def version
16
25
  say ATS::VERSION
@@ -0,0 +1,21 @@
1
+ module ATS
2
+ module CLI
3
+ module AMP4E
4
+ class Application < Thor
5
+ class_option :profile, default: :default, required: false
6
+
7
+ desc 'computers SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
8
+ subcommand :computers, ATS::CLI::AMP4E::Computers
9
+
10
+ desc 'events SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
11
+ subcommand :events, ATS::CLI::AMP4E::Events
12
+
13
+ desc 'groups SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
14
+ subcommand :groups, ATS::CLI::AMP4E::Groups
15
+
16
+ desc 'policies SUBCOMMAND ...ARGS', 'interact with the AMP4E API'
17
+ subcommand :policies, ATS::CLI::AMP4E::Policies
18
+ end
19
+ end
20
+ end
21
+ end
@@ -0,0 +1,26 @@
1
+ module ATS
2
+ module CLI
3
+ module AMP4E
4
+ class Command < Thor
5
+ class_option :profile, default: :default, required: false
6
+
7
+ def self.printable_commands(*args)
8
+ super.map do |x|
9
+ x[0] = x[0].gsub(/^ats/, 'ats amp4e')
10
+ x
11
+ end
12
+ end
13
+
14
+ protected
15
+
16
+ def api
17
+ ATS::AMP4E::API.new(profile: options['profile'])
18
+ end
19
+
20
+ def print_json(json)
21
+ say JSON.pretty_generate(json), :green
22
+ end
23
+ end
24
+ end
25
+ end
26
+ end
@@ -0,0 +1,39 @@
1
+ module ATS
2
+ module CLI
3
+ module AMP4E
4
+ class Computers < Command
5
+ class_option :profile, default: :default, required: false
6
+
7
+ desc 'list', 'list'
8
+ def list
9
+ print_json api.computers.list
10
+ end
11
+
12
+ desc 'show <UUID>', 'list'
13
+ def show(id)
14
+ print_json api.computers.show(id)
15
+ end
16
+
17
+ desc 'trajectory <UUID>', 'list'
18
+ def trajectory(id)
19
+ print_json api.computers.trajectory(id)
20
+ end
21
+
22
+ desc 'user-activity <query>', 'list'
23
+ def user_activity(query)
24
+ print_json api.computers.user_activity(query)
25
+ end
26
+
27
+ desc 'user-trajectory <UUID> <query>', 'list'
28
+ def user_trajectory(id, query)
29
+ print_json api.computers.user_trajectory(id, query)
30
+ end
31
+
32
+ desc 'activity <query>', 'list'
33
+ def activity(query)
34
+ print_json api.computers.activity(query)
35
+ end
36
+ end
37
+ end
38
+ end
39
+ end
@@ -0,0 +1,19 @@
1
+ module ATS
2
+ module CLI
3
+ module AMP4E
4
+ class Events < Command
5
+ class_option :profile, default: :default, required: false
6
+
7
+ desc 'list', 'list'
8
+ def list
9
+ print_json api.events.list
10
+ end
11
+
12
+ desc 'types', 'list'
13
+ def types
14
+ print_json api.events.types
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,19 @@
1
+ module ATS
2
+ module CLI
3
+ module AMP4E
4
+ class Groups < Command
5
+ class_option :profile, default: :default, required: false
6
+
7
+ desc 'list', 'list'
8
+ def list
9
+ print_json api.groups.list
10
+ end
11
+
12
+ desc 'show <UUID>', 'list'
13
+ def show(id)
14
+ print_json api.groups.show(id)
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,19 @@
1
+ module ATS
2
+ module CLI
3
+ module AMP4E
4
+ class Policies < Command
5
+ class_option :profile, default: :default, required: false
6
+
7
+ desc 'list', 'list'
8
+ def list
9
+ print_json api.policies.list
10
+ end
11
+
12
+ desc 'show <UUID>', 'list'
13
+ def show(id)
14
+ print_json api.policies.show(id)
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
data/lib/ats/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ATS
2
- VERSION = "0.1.1"
2
+ VERSION = "0.1.2"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ats
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - mokha
@@ -81,7 +81,18 @@ files:
81
81
  - ats-cli.gemspec
82
82
  - exe/ats
83
83
  - lib/ats.rb
84
+ - lib/ats/amp4e/api.rb
85
+ - lib/ats/amp4e/computers.rb
86
+ - lib/ats/amp4e/events.rb
87
+ - lib/ats/amp4e/groups.rb
88
+ - lib/ats/amp4e/policies.rb
84
89
  - lib/ats/cli.rb
90
+ - lib/ats/cli/amp4e/application.rb
91
+ - lib/ats/cli/amp4e/command.rb
92
+ - lib/ats/cli/amp4e/computers.rb
93
+ - lib/ats/cli/amp4e/events.rb
94
+ - lib/ats/cli/amp4e/groups.rb
95
+ - lib/ats/cli/amp4e/policies.rb
85
96
  - lib/ats/cli/threat_grid.rb
86
97
  - lib/ats/cli/threat_grid/application.rb
87
98
  - lib/ats/cli/threat_grid/command.rb