mihari 3.7.0 → 3.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/lib/mihari/enrichers/base.rb +18 -0
  3. data/lib/mihari/enrichers/ipinfo.rb +12 -1
  4. data/lib/mihari/models/autonomous_system.rb +2 -4
  5. data/lib/mihari/status.rb +7 -2
  6. data/lib/mihari/structs/ipinfo.rb +8 -5
  7. data/lib/mihari/version.rb +1 -1
  8. data/lib/mihari.rb +10 -1
  9. data/mihari.gemspec +1 -0
  10. data/sig/lib/mihari/enrichers/base.rbs +12 -0
  11. data/sig/lib/mihari/enrichers/ipinfo.rbs +2 -0
  12. data/sig/lib/mihari/structs/ipinfo.rbs +1 -1
  13. data/sig/lib/mihari.rbs +2 -0
  14. metadata +18 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f6e9001e10ac0891e2e10d90bccbd165afbdfc3bcd2724a3d5adf521b2be843b
4
- data.tar.gz: 98119fae9302eb4251ceda56c1ddb0ab615fbf36d67505fd8af2ffb08f1dcfaf
3
+ metadata.gz: 50093699c012400a3f870f4bc44e373d8b2bf897ba47026f68f91c0899eaa42a
4
+ data.tar.gz: d690e4c92aa71ed193dfce5576b305698a74d3cf5ca99e0e6b7e696fd502254f
5
5
  SHA512:
6
- metadata.gz: 92ae37318ffb97ab4746cb44c266e63fba5c505a6c81c141be362c11ecf4e399850f1921b2907bf511f6b0a4ea5884642282f319962af1628fc8bf9e69503fa8
7
- data.tar.gz: 45f2a2a748bb362a0daa7f9c3c7da5329cb7bab002f1ddcec4a56d111102d311471b3904b2d77f50f406e05f43deeacbd8f235e5ff4ae2dd2a0096a4dd98074d
6
+ metadata.gz: 27d489befd3a96dd8da1a8c5117f148500cd76acd66124c2d9111d15aecbb92e52ac5432edb1f7af1a69d4241ed90698aba615a802a89f2d20f2caf17154752e
7
+ data.tar.gz: 1f1cf73cb2eabb643d6be55786aa2e4e598c19d2e6de0c6467ea49667c04596e4366a8c301efb189f125429e05ba2e96e8ba8c79baf775e474ed0869705d1048
data/lib/mihari/enrichers/base.rb ADDED
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Mihari
4
+ module Enrichers
5
+ class Base
6
+ include Mixins::Configurable
7
+
8
+ def self.inherited(child)
9
+ Mihari.enrichers << child
10
+ end
11
+
12
+ # @return [Boolean]
13
+ def valid?
14
+ raise NotImplementedError, "You must implement #{self.class}##{__method__}"
15
+ end
16
+ end
17
+ end
18
+ end
data/lib/mihari/enrichers/ipinfo.rb CHANGED
@@ -4,7 +4,18 @@ require "memist"
4
4
 
5
5
  module Mihari
6
6
  module Enrichers
7
- class IPInfo
7
+ class IPInfo < Base
8
+ # @return [Boolean]
9
+ def valid?
10
+ Mihari.config.ipinfo_api_key.nil?
11
+ end
12
+
13
+ private
14
+
15
+ def configuration_keys
16
+ %w[ipinfo_api_key]
17
+ end
18
+
8
19
  class << self
9
20
  include Memist::Memoizable
10
21
 
data/lib/mihari/models/autonomous_system.rb CHANGED
@@ -17,11 +17,9 @@ module Mihari
17
17
  def build_by_ip(ip)
18
18
  res = Enrichers::IPInfo.query(ip)
19
19
 
20
- unless res.nil?
21
- return new(asn: res.asn)
22
- end
20
+ return nil if res.nil? || res.asn.nil?
23
21
 
24
- nil
22
+ new(asn: res.asn)
25
23
  end
26
24
  end
27
25
  end
data/lib/mihari/status.rb CHANGED
@@ -18,7 +18,7 @@ module Mihari
18
18
  # @return [Array<Hash>]
19
19
  #
20
20
  def statuses
21
- (Mihari.analyzers + Mihari.emitters).map do |klass|
21
+ (Mihari.analyzers + Mihari.emitters + Mihari.enrichers).map do |klass|
22
22
  name = klass.to_s.split("::").last.to_s
23
23
 
24
24
  [name, build_status(klass)]
@@ -36,11 +36,16 @@ module Mihari
36
36
  return nil if klass == Mihari::Analyzers::Rule
37
37
 
38
38
  is_analyzer = klass.ancestors.include?(Mihari::Analyzers::Base)
39
+ is_emitter = klass.ancestors.include?(Mihari::Emitters::Base)
40
+ is_enricher = klass.ancestors.include?(Mihari::Enrichers::Base)
39
41
 
40
42
  instance = is_analyzer ? klass.new("dummy") : klass.new
41
43
  is_configured = instance.configured?
42
44
  values = instance.configuration_values
43
- type = is_analyzer ? "Analyzer" : "Emitter"
45
+
46
+ type = "Analyzer"
47
+ type = "Emitter" if is_emitter
48
+ type = "Enricher" if is_enricher
44
49
 
45
50
  values ? { is_configured: is_configured, values: values, type: type } : nil
46
51
  rescue ArgumentError => _e
data/lib/mihari/structs/ipinfo.rb CHANGED
@@ -9,7 +9,7 @@ module Mihari
9
9
  attribute :hostname, Types::String.optional
10
10
  attribute :loc, Types::String
11
11
  attribute :country_code, Types::String
12
- attribute :asn, Types::Integer
12
+ attribute :asn, Types::Integer.optional
13
13
 
14
14
  class << self
15
15
  include Mixins::AutonomousSystem
@@ -17,9 +17,12 @@ module Mihari
17
17
  def from_dynamic!(d)
18
18
  d = Types::Hash[d]
19
19
 
20
- org = d.fetch("org")
21
- asn = org.split.first
22
- asn = normalize_asn(asn)
20
+ asn = nil
21
+ org = d["org"]
22
+ unless org.nil?
23
+ asn = org.split.first
24
+ asn = normalize_asn(asn)
25
+ end
23
26
 
24
27
  new(
25
28
  ip: d.fetch("ip"),
@@ -29,7 +32,7 @@ module Mihari
29
32
  asn: asn
30
33
  )
31
34
  end
32
- end
35
+ end
33
36
  end
34
37
  end
35
38
  end
data/lib/mihari/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Mihari
4
- VERSION = "3.7.0"
4
+ VERSION = "3.7.1"
5
5
  end
data/lib/mihari.rb CHANGED
@@ -6,6 +6,9 @@ require "dry/files"
6
6
  require "mem"
7
7
  require "yaml"
8
8
 
9
+ # Load .env
10
+ require "dotenv/load"
11
+
9
12
  # Mixins
10
13
  require "mihari/mixins/autonomous_system"
11
14
  require "mihari/mixins/configurable"
@@ -32,7 +35,7 @@ module Mihari
32
35
  setting :censys_secret, ENV["CENSYS_SECRET"]
33
36
  setting :circl_passive_password, ENV["CIRCL_PASSIVE_PASSWORD"]
34
37
  setting :circl_passive_username, ENV["CIRCL_PASSIVE_USERNAME"]
35
- setting :ipinfo_api_key, ENV["ipinfo_api_key"]
38
+ setting :ipinfo_api_key, ENV["IPINFO_API_KEY"]
36
39
  setting :misp_api_endpoint, ENV["MISP_API_ENDPOINT"]
37
40
  setting :misp_api_key, ENV["MISP_API_KEY"]
38
41
  setting :onyphe_api_key, ENV["ONYPHE_API_KEY"]
@@ -67,6 +70,11 @@ module Mihari
67
70
  end
68
71
  memoize :analyzers
69
72
 
73
+ def enrichers
74
+ []
75
+ end
76
+ memoize :enrichers
77
+
70
78
  #
71
79
  # Load configuration from YAML file
72
80
  #
@@ -111,6 +119,7 @@ require "mihari/schemas/configuration"
111
119
  require "mihari/schemas/rule"
112
120
 
113
121
  # Enrichers
122
+ require "mihari/enrichers/base"
114
123
  require "mihari/enrichers/ipinfo"
115
124
 
116
125
  # Models
data/mihari.gemspec CHANGED
@@ -54,6 +54,7 @@ Gem::Specification.new do |spec|
54
54
  spec.add_dependency "cymbal", "~> 2.0"
55
55
  spec.add_dependency "dnpedia", "~> 0.1"
56
56
  spec.add_dependency "dnstwister", "~> 0.1"
57
+ spec.add_dependency "dotenv", "~> 2.7"
57
58
  spec.add_dependency "dry-configurable", "~> 0.12"
58
59
  spec.add_dependency "dry-files", "~> 0.1"
59
60
  spec.add_dependency "dry-initializer", "~> 3.0"
data/sig/lib/mihari/enrichers/base.rbs ADDED
@@ -0,0 +1,12 @@
1
+ module Mihari
2
+ module Enrichers
3
+ class Base
4
+ include Mixins::Configurable
5
+
6
+ def self.inherited: (untyped child) -> untyped
7
+
8
+ # @return [Boolean]
9
+ def valid?: () -> bool
10
+ end
11
+ end
12
+ end
data/sig/lib/mihari/enrichers/ipinfo.rbs CHANGED
@@ -1,6 +1,8 @@
1
1
  module Mihari
2
2
  module Enrichers
3
3
  class IPInfo
4
+ def valid?: () -> bool
5
+
4
6
  #
5
7
  # Query IPInfo
6
8
  #
data/sig/lib/mihari/structs/ipinfo.rbs CHANGED
@@ -6,7 +6,7 @@ module Mihari
6
6
  attr_reader hostname: String?
7
7
  attr_reader loc: String
8
8
  attr_reader country_code: String
9
- attr_reader asn: String
9
+ attr_reader asn: Integer?
10
10
 
11
11
  def self.from_dynamic!: (Hash[(String | Symbol), untyped] d) -> Mihari::Structs::IPInfo::Response
12
12
 
data/sig/lib/mihari.rbs CHANGED
@@ -42,6 +42,8 @@ module Mihari
42
42
 
43
43
  def self.analyzers: () -> ::Array[singleton(Mihari::Analyzers::Base)]
44
44
 
45
+ def self.enrichers: () -> ::Array[singleton(Mihari::Enrichers::Base)]
46
+
45
47
  #
46
48
  # Load configuration from YAML file
47
49
  #
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mihari
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.7.0
4
+ version: 3.7.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Manabu Niseki
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-09-03 00:00:00.000000000 Z
11
+ date: 2021-09-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -402,6 +402,20 @@ dependencies:
402
402
  - - "~>"
403
403
  - !ruby/object:Gem::Version
404
404
  version: '0.1'
405
+ - !ruby/object:Gem::Dependency
406
+ name: dotenv
407
+ requirement: !ruby/object:Gem::Requirement
408
+ requirements:
409
+ - - "~>"
410
+ - !ruby/object:Gem::Version
411
+ version: '2.7'
412
+ type: :runtime
413
+ prerelease: false
414
+ version_requirements: !ruby/object:Gem::Requirement
415
+ requirements:
416
+ - - "~>"
417
+ - !ruby/object:Gem::Version
418
+ version: '2.7'
405
419
  - !ruby/object:Gem::Dependency
406
420
  name: dry-configurable
407
421
  requirement: !ruby/object:Gem::Requirement
@@ -1069,6 +1083,7 @@ files:
1069
1083
  - lib/mihari/emitters/stdout.rb
1070
1084
  - lib/mihari/emitters/the_hive.rb
1071
1085
  - lib/mihari/emitters/webhook.rb
1086
+ - lib/mihari/enrichers/base.rb
1072
1087
  - lib/mihari/enrichers/ipinfo.rb
1073
1088
  - lib/mihari/errors.rb
1074
1089
  - lib/mihari/mixins/autonomous_system.rb
@@ -1226,6 +1241,7 @@ files:
1226
1241
  - sig/lib/mihari/emitters/stdout.rbs
1227
1242
  - sig/lib/mihari/emitters/the_hive.rbs
1228
1243
  - sig/lib/mihari/emitters/webhook.rbs
1244
+ - sig/lib/mihari/enrichers/base.rbs
1229
1245
  - sig/lib/mihari/enrichers/ipinfo.rbs
1230
1246
  - sig/lib/mihari/errors.rbs
1231
1247
  - sig/lib/mihari/mixins/autonomous_system.rbs