hachi 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a94e022e1b2936129782ed6b1fbe367da78f1b6438473f9f0caa0491eb717dcc
4
- data.tar.gz: 5d676f455886a20254fdb8763be410dcd3dd66c618688a2b9c68d20840b67a1f
3
+ metadata.gz: 87cd25193f5c029ffe10e1c1dffcd423c7fb33ee7b6de160774435e27addf39e
4
+ data.tar.gz: 517b92aa1ad86f6fe91256aa2c1f7ca17aa963c68d39cd0bc0801348e8df6c28
5
5
  SHA512:
6
- metadata.gz: 872f23c2706dab7b0cd866ac36e7f6fd9fe6d9fbcaa2cb773c8c2391aeb354d09fb515056dc81aae47be0461dcc78832e4bf36efb704df0322753c63e4bda6e8
7
- data.tar.gz: 00636aae8a8b8a1eb080bc804a85ffb5ee6584a0932e8508d696a5c46e8644a4193ce2b20bcad6bf1248f4cb1a891af13acf0ef69234ebaa81155d45c6f00fc5
6
+ metadata.gz: 571b2bfe288550645f5158a43a63170a4067c3ef66e2d0e1170d597548548b57fa91b5028476e453008cab0f4083fcf3b1688cacb6c0a570258df9bbd8ae0bcd
7
+ data.tar.gz: 5b55a9c1a62ec128b7ef5b73af436e77331c8bdb44ee40e21fbf228bc1216b63e36407938ba14973445b6f8f6fdc28ffa4404246490b62ca04c91fad3231ba6e
data/README.md CHANGED
@@ -28,6 +28,8 @@ api.alert.list
28
28
  api.artifact.search(data: "1.1.1.1", data_type: "ip")
29
29
  ```
30
30
 
31
+ See `samples` for more.
32
+
31
33
  ## Implemented methods
32
34
 
33
35
  ### Alert
@@ -4,6 +4,7 @@ require "hachi/version"
4
4
 
5
5
  require "hachi/api"
6
6
 
7
+ require "hachi/models/base"
7
8
  require "hachi/models/alert"
8
9
  require "hachi/models/artifact"
9
10
  require "hachi/models/case"
@@ -5,7 +5,7 @@ require "securerandom"
5
5
 
6
6
  module Hachi
7
7
  module Models
8
- class Alert
8
+ class Alert < Base
9
9
  attr_reader :title
10
10
  attr_reader :description
11
11
  attr_reader :severity
@@ -30,13 +30,14 @@ module Hachi
30
30
  @type = type
31
31
  @source = source
32
32
  @source_ref = source_ref || SecureRandom.hex(10)
33
- @artifacts = artifacts
33
+ @artifacts = artifacts.nil? ? nil : artifacts.map { |a| Artifact.new a }
34
34
  @follow = follow
35
35
 
36
36
  validate_date if date
37
37
  validate_severity if severity
38
38
  validate_status if status
39
39
  validate_tlp if tlp
40
+ validate_artifacts if artifacts
40
41
  end
41
42
 
42
43
  def payload
@@ -51,36 +52,22 @@ module Hachi
51
52
  type: type,
52
53
  source: source,
53
54
  sourceRef: source_ref,
54
- artifacts: artifacts,
55
+ artifacts: artifacts&.map(&:payload),
55
56
  follow: follow
56
57
  }.compact
57
58
  end
58
59
 
59
60
  private
60
61
 
61
- def validate_severity
62
- return true if severity >= 1 && severity <= 3
63
-
64
- raise ArgumentError, "severity should be 1 - 3 (1: low; 2: medium; 3: high)."
65
- end
66
-
67
62
  def validate_date
68
63
  DateTime.parse(date)
69
64
  true
70
65
  rescue ArgumentError => _
71
- raise ArgumentError, "date should be Date format."
66
+ raise ArgumentError, "date should be Date format"
72
67
  end
73
68
 
74
- def validate_tlp
75
- return true if tlp >= 0 && severity <= 3
76
-
77
- raise ArgumentError, "tlp should be 0 - 3 (0: white; 1: green; 2: amber; 3: red)."
78
- end
79
-
80
- def validate_status
81
- return true if %w(New Updated Ignored Imported).include?(status)
82
-
83
- raise ArgumentError, "status should be New, Updated, Ignored or Imported"
69
+ def validate_artifacts
70
+ artifacts.each(&:validate_for_creation)
84
71
  end
85
72
  end
86
73
  end
@@ -2,7 +2,7 @@
2
2
 
3
3
  module Hachi
4
4
  module Models
5
- class Artifact
5
+ class Artifact < Base
6
6
  DATA_TYPES = %w(filename file fqdn hash uri_path ip domain mail autonomous-system registry mail_subject regexp user-agent other url).freeze
7
7
 
8
8
  attr_reader :data
@@ -21,7 +21,9 @@ module Hachi
21
21
  raise(ArgumentError, "data is required") unless data
22
22
  raise(ArgumentError, "data_type is required") unless data_type
23
23
  raise(ArgumentError, "invalid data type") unless DATA_TYPES.include?(data_type)
24
- raise(ArgumentError, "tags should be an array") unless tags.nil? || tags.is_a?(Array)
24
+
25
+ validate_tags if tags
26
+ validate_tlp if tlp
25
27
  end
26
28
 
27
29
  def payload
@@ -33,6 +35,10 @@ module Hachi
33
35
  tags: tags
34
36
  }.compact
35
37
  end
38
+
39
+ def validate_for_creation
40
+ raise(ArgumentError, "message or tags is requried for artifact creation") unless message || tags
41
+ end
36
42
  end
37
43
  end
38
44
  end
@@ -0,0 +1,32 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Hachi
4
+ module Models
5
+ class Base
6
+ private
7
+
8
+ def validate_severity
9
+ return true if severity >= 1 && severity <= 3
10
+
11
+ raise ArgumentError, "severity should be 1 - 3 (1: low; 2: medium; 3: high)"
12
+ end
13
+
14
+ def validate_tlp
15
+ return true if tlp >= 0 && tlp <= 3
16
+
17
+ raise ArgumentError, "tlp should be 0 - 3 (0: white; 1: green; 2: amber; 3: red)"
18
+ end
19
+
20
+ def validate_status
21
+ return true if %w(New Updated Ignored Imported).include?(status)
22
+
23
+ raise ArgumentError, "status should be New, Updated, Ignored or Imported"
24
+ end
25
+
26
+
27
+ def validate_tags
28
+ raise ArgumentError, "tags should be an array" unless tags.is_a?(Array)
29
+ end
30
+ end
31
+ end
32
+ end
@@ -2,7 +2,7 @@
2
2
 
3
3
  module Hachi
4
4
  module Models
5
- class Case
5
+ class Case < Base
6
6
  attr_reader :title
7
7
  attr_reader :description
8
8
  attr_reader :severity
@@ -25,6 +25,7 @@ module Hachi
25
25
  validate_flag if flag
26
26
  validate_severity if severity
27
27
  validate_start_date if start_date
28
+ validate_tags if tags
28
29
  validate_tlp if tlp
29
30
  end
30
31
 
@@ -43,29 +44,17 @@ module Hachi
43
44
 
44
45
  private
45
46
 
46
- def validate_severity
47
- return true if severity >= 1 && severity <= 3
48
-
49
- raise ArgumentError, "severity should be 1 - 3 (1: low; 2: medium; 3: high)."
50
- end
51
-
52
47
  def validate_start_date
53
48
  DateTime.parse(start_date)
54
49
  true
55
50
  rescue ArgumentError => _
56
- raise ArgumentError, "date should be Date format."
57
- end
58
-
59
- def validate_tlp
60
- return true if tlp >= 0 && severity <= 3
61
-
62
- raise ArgumentError, "tlp should be 0 - 3 (0: white; 1: green; 2: amber; 3: red)."
51
+ raise ArgumentError, "date should be Date format"
63
52
  end
64
53
 
65
54
  def validate_flag
66
55
  return true if [true, false].include?(flag)
67
56
 
68
- raise ArgumentError, "flag should be true or false."
57
+ raise ArgumentError, "flag should be true or false"
69
58
  end
70
59
  end
71
60
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Hachi
4
- VERSION = "0.1.0"
4
+ VERSION = "0.1.1"
5
5
  end
@@ -0,0 +1,17 @@
1
+ # frozen_string_literal: true
2
+
3
+ $LOAD_PATH.unshift("#{__dir__}/../lib")
4
+
5
+ require "hachi"
6
+
7
+ api = Hachi::API.new
8
+
9
+ # create a simple alert
10
+ api.alert.create(title: "test", description: "test", type: "test", source: "test")
11
+
12
+ # create an alert with artifacts
13
+ artifacts = [
14
+ { data: "1.1.1.1", data_type: "ip", message: "test" },
15
+ { data: "github.com", data_type: "domain", tags: ["test"] }
16
+ ]
17
+ api.alert.create(title: "test", description: "test", type: "test", source: "test", artifacts: artifacts)
@@ -0,0 +1,16 @@
1
+ # frozen_string_literal: true
2
+
3
+ $LOAD_PATH.unshift("#{__dir__}/../lib")
4
+
5
+ require "hachi"
6
+
7
+ api = Hachi::API.new
8
+
9
+ # search artifacts
10
+ results = api.artifact.search(data: "1.1.1.1", data_type: "ip")
11
+ ids = results.map { |result| result.dig("id") }
12
+
13
+ ids.each do |id|
14
+ artifact = api.artifact.get_by_id(id)
15
+ p artifact
16
+ end
@@ -0,0 +1,16 @@
1
+ # frozen_string_literal: true
2
+
3
+ $LOAD_PATH.unshift("#{__dir__}/../lib")
4
+
5
+ require "hachi"
6
+
7
+ api = Hachi::API.new
8
+
9
+ # list up cases
10
+ results = api.case.list
11
+ ids = results.map { |result| result.dig("id") }
12
+
13
+ ids.each do |id|
14
+ kase = api.case.get_by_id(id)
15
+ p kase
16
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hachi
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Manabu Niseki
@@ -119,8 +119,12 @@ files:
119
119
  - lib/hachi/clients/case.rb
120
120
  - lib/hachi/models/alert.rb
121
121
  - lib/hachi/models/artifact.rb
122
+ - lib/hachi/models/base.rb
122
123
  - lib/hachi/models/case.rb
123
124
  - lib/hachi/version.rb
125
+ - samples/01_create_an_alert.rb
126
+ - samples/02_search_artifacts.rb
127
+ - samples/03_list_cases.rb
124
128
  homepage: https://github.com/ninoseki/hachi
125
129
  licenses:
126
130
  - MIT