RubyGems - mihari - Versions diffs - 6.3.0 → 7.0.1 - Mend

mihari 6.3.0 → 7.0.1

Files changed (161) hide show

checksums.yaml +4 -4
data/.gitignore +4 -10
data/.rubocop.yml +2 -0
data/Dockerfile +14 -0
data/config.ru +5 -3
data/docker-compose.yml +61 -0
data/exe/mihari +2 -1
data/lefthook.yml +8 -0
data/lib/mihari/actor.rb +4 -4
data/lib/mihari/analyzers/base.rb +16 -0
data/lib/mihari/analyzers/binaryedge.rb +4 -2
data/lib/mihari/analyzers/censys.rb +7 -5
data/lib/mihari/analyzers/circl.rb +5 -3
data/lib/mihari/analyzers/crtsh.rb +10 -2
data/lib/mihari/analyzers/dnstwister.rb +1 -1
data/lib/mihari/analyzers/feed.rb +12 -20
data/lib/mihari/analyzers/fofa.rb +6 -8
data/lib/mihari/analyzers/greynoise.rb +4 -2
data/lib/mihari/analyzers/hunterhow.rb +4 -2
data/lib/mihari/analyzers/onyphe.rb +4 -2
data/lib/mihari/analyzers/otx.rb +5 -3
data/lib/mihari/analyzers/passivetotal.rb +29 -12
data/lib/mihari/analyzers/pulsedive.rb +5 -3
data/lib/mihari/analyzers/securitytrails.rb +32 -8
data/lib/mihari/analyzers/shodan.rb +4 -2
data/lib/mihari/analyzers/urlscan.rb +4 -2
data/lib/mihari/analyzers/virustotal.rb +5 -5
data/lib/mihari/analyzers/virustotal_intelligence.rb +4 -2
data/lib/mihari/analyzers/zoomeye.rb +4 -2
data/lib/mihari/cli/{main.rb → application.rb} +17 -5
data/lib/mihari/cli/artifact.rb +14 -0
data/lib/mihari/cli/config.rb +14 -0
data/lib/mihari/cli/rule.rb +1 -0
data/lib/mihari/cli/tag.rb +14 -0
data/lib/mihari/clients/base.rb +2 -2
data/lib/mihari/clients/binaryedge.rb +2 -2
data/lib/mihari/clients/crtsh.rb +3 -10
data/lib/mihari/clients/fofa.rb +1 -1
data/lib/mihari/clients/hunterhow.rb +1 -1
data/lib/mihari/clients/mmdb.rb +28 -0
data/lib/mihari/clients/passivetotal.rb +7 -20
data/lib/mihari/clients/securitytrails.rb +19 -43
data/lib/mihari/clients/shodan_internet_db.rb +28 -0
data/lib/mihari/clients/the_hive.rb +7 -5
data/lib/mihari/commands/alert.rb +53 -11
data/lib/mihari/commands/artifact.rb +66 -0
data/lib/mihari/commands/config.rb +23 -0
data/lib/mihari/commands/database.rb +1 -1
data/lib/mihari/commands/rule.rb +40 -27
data/lib/mihari/commands/search.rb +10 -11
data/lib/mihari/commands/sidekiq.rb +31 -0
data/lib/mihari/commands/tag.rb +46 -0
data/lib/mihari/commands/web.rb +6 -7
data/lib/mihari/{mixins/autonomous_system.rb → concerns/autonomous_system_normalizable.rb} +5 -3
data/lib/mihari/concerns/configurable.rb +72 -0
data/lib/mihari/concerns/database_connectable.rb +16 -0
data/lib/mihari/{mixins/unwrap_error.rb → concerns/error_unwrappable.rb} +5 -3
data/lib/mihari/{mixins/falsepositive.rb → concerns/falsepositive_validatable.rb} +5 -3
data/lib/mihari/{mixins/refang.rb → concerns/refangable.rb} +5 -3
data/lib/mihari/{mixins → concerns}/retriable.rb +4 -2
data/lib/mihari/config.rb +13 -12
data/lib/mihari/database.rb +30 -42
data/lib/mihari/emitters/database.rb +5 -6
data/lib/mihari/emitters/misp.rb +4 -11
data/lib/mihari/emitters/slack.rb +7 -5
data/lib/mihari/emitters/the_hive.rb +8 -58
data/lib/mihari/emitters/webhook.rb +6 -6
data/lib/mihari/enrichers/google_public_dns.rb +1 -1
data/lib/mihari/enrichers/mmdb.rb +28 -0
data/lib/mihari/enrichers/shodan.rb +3 -5
data/lib/mihari/enrichers/whois.rb +3 -3
data/lib/mihari/entities/alert.rb +3 -10
data/lib/mihari/entities/artifact.rb +6 -14
data/lib/mihari/entities/config.rb +2 -2
data/lib/mihari/entities/cpe.rb +1 -0
data/lib/mihari/entities/dns.rb +1 -0
data/lib/mihari/entities/geolocation.rb +1 -0
data/lib/mihari/entities/ip_address.rb +1 -3
data/lib/mihari/entities/messages.rb +17 -0
data/lib/mihari/entities/pagination.rb +11 -0
data/lib/mihari/entities/port.rb +1 -0
data/lib/mihari/entities/reverse_dns.rb +1 -0
data/lib/mihari/entities/rule.rb +2 -20
data/lib/mihari/entities/tag.rb +2 -2
data/lib/mihari/entities/whois.rb +1 -0
data/lib/mihari/errors.rb +2 -4
data/lib/mihari/http.rb +4 -0
data/lib/mihari/models/alert.rb +21 -53
data/lib/mihari/models/artifact.rb +61 -97
data/lib/mihari/models/autonomous_system.rb +0 -24
data/lib/mihari/models/concerns/searchable.rb +50 -0
data/lib/mihari/models/cpe.rb +0 -23
data/lib/mihari/models/dns.rb +0 -20
data/lib/mihari/models/geolocation.rb +0 -24
data/lib/mihari/models/port.rb +3 -10
data/lib/mihari/models/reverse_dns.rb +0 -23
data/lib/mihari/models/rule.rb +16 -57
data/lib/mihari/models/tag.rb +17 -1
data/lib/mihari/models/tagging.rb +1 -1
data/lib/mihari/models/whois.rb +0 -17
data/lib/mihari/rule.rb +35 -24
data/lib/mihari/schemas/alert.rb +1 -0
data/lib/mihari/schemas/analyzer.rb +3 -2
data/lib/mihari/schemas/concerns/orrable.rb +24 -0
data/lib/mihari/schemas/emitter.rb +1 -2
data/lib/mihari/schemas/enricher.rb +3 -4
data/lib/mihari/schemas/macros.rb +1 -1
data/lib/mihari/schemas/options.rb +0 -2
data/lib/mihari/schemas/rule.rb +1 -2
data/lib/mihari/services/builders.rb +158 -0
data/lib/mihari/services/creators.rb +22 -0
data/lib/mihari/services/destroyers.rb +41 -0
data/lib/mihari/services/enrichers.rb +25 -0
data/lib/mihari/services/feed.rb +107 -0
data/lib/mihari/services/getters.rb +58 -0
data/lib/mihari/services/initializers.rb +22 -0
data/lib/mihari/services/{alert_builder.rb → proxies.rb} +10 -40
data/lib/mihari/services/searchers.rb +91 -0
data/lib/mihari/sidekiq/application.rb +13 -0
data/lib/mihari/sidekiq/jobs.rb +36 -0
data/lib/mihari/structs/censys.rb +1 -1
data/lib/mihari/structs/config.rb +10 -10
data/lib/mihari/structs/filters.rb +12 -130
data/lib/mihari/structs/google_public_dns.rb +1 -1
data/lib/mihari/structs/greynoise.rb +1 -1
data/lib/mihari/structs/mmdb.rb +115 -0
data/lib/mihari/structs/onyphe.rb +1 -1
data/lib/mihari/structs/shodan.rb +2 -2
data/lib/mihari/version.rb +1 -1
data/lib/mihari/web/{app.rb → application.rb} +28 -15
data/lib/mihari/web/endpoints/alerts.rb +34 -73
data/lib/mihari/web/endpoints/artifacts.rb +27 -111
data/lib/mihari/web/endpoints/configs.rb +3 -5
data/lib/mihari/web/endpoints/ip_addresses.rb +14 -15
data/lib/mihari/web/endpoints/rules.rb +58 -130
data/lib/mihari/web/endpoints/tags.rb +21 -17
data/lib/mihari/web/middleware/capture_exceptions.rb +25 -0
data/lib/mihari/web/middleware/{connection_adapter.rb → connection.rb} +4 -2
data/lib/mihari/web/public/assets/index-cQUcyII5.js +1766 -0
data/lib/mihari/web/public/assets/index-dVaNxqTC.css +1 -0
data/lib/mihari/web/public/index.html +2 -2
data/lib/mihari/web/public/redoc-static.html +385 -385
data/lib/mihari.rb +56 -28
data/mihari.gemspec +12 -4
data/mkdocs.yml +5 -2
data/requirements.txt +1 -1
metadata +164 -34
data/lib/mihari/commands/mixins.rb +0 -11
data/lib/mihari/enrichers/ipinfo.rb +0 -52
data/lib/mihari/entities/message.rb +0 -9
data/lib/mihari/feed/parser.rb +0 -38
data/lib/mihari/feed/reader.rb +0 -111
data/lib/mihari/mixins/configurable.rb +0 -68
data/lib/mihari/schemas/mixins.rb +0 -20
data/lib/mihari/services/alert_runner.rb +0 -20
data/lib/mihari/services/rule_builder.rb +0 -46
data/lib/mihari/structs/ipinfo.rb +0 -53
data/lib/mihari/web/endpoints/exports.rb +0 -0
data/lib/mihari/web/middleware/error_notification_adapter.rb +0 -35
data/lib/mihari/web/public/assets/index-81613_nX.js +0 -1763
data/lib/mihari/web/public/assets/index-Wv6xUrTI.css +0 -1

data/lib/mihari/analyzers/virustotal.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module Mihari
     # VirusTotal analyzer
     #
     class VirusTotal < Base
-      include Mixins::Refang
+      include Concerns::Refangable
       # @return [String]
       attr_reader :type
@@ -38,11 +38,11 @@ module Mihari
         end
       end
-      def configuration_keys
-        %w[virustotal_api_key]
-      end
       class << self
+        def configuration_keys
+          %w[virustotal_api_key]
+        end
         #
         # @return [Array<String>, nil]
         #

data/lib/mihari/analyzers/virustotal_intelligence.rb CHANGED Viewed

@@ -24,8 +24,10 @@ module Mihari
         client.intel_search_with_pagination(query, pagination_limit: pagination_limit).map(&:artifacts).flatten
       end
-      def configuration_keys
-        %w[virustotal_api_key]
+      class << self
+        def configuration_keys
+          %w[virustotal_api_key]
+        end
       end
       class << self

data/lib/mihari/analyzers/zoomeye.rb CHANGED Viewed

@@ -40,8 +40,10 @@ module Mihari
         end
       end
-      def configuration_keys
-        %w[zoomeye_api_key]
+      class << self
+        def configuration_keys
+          %w[zoomeye_api_key]
+        end
       end
       private

data/lib/mihari/cli/{main.rb → application.rb} RENAMED Viewed

@@ -4,11 +4,10 @@ require "thor"
 require "thor/hollaback"
 # Commands
-require "mihari/commands/mixins"
 require "mihari/commands/alert"
 require "mihari/commands/database"
 require "mihari/commands/search"
+require "mihari/commands/sidekiq"
 require "mihari/commands/version"
 require "mihari/commands/web"
@@ -16,23 +15,27 @@ require "mihari/commands/web"
 require "mihari/cli/base"
 require "mihari/cli/alert"
+require "mihari/cli/artifact"
+require "mihari/cli/config"
 require "mihari/cli/database"
 require "mihari/cli/rule"
+require "mihari/cli/tag"
 module Mihari
   module CLI
     #
     # Main CLI class
     #
-    class Main < Base
-      class_option :debug, desc: "Sets up debug mode", aliases: ["-d"], type: :boolean
+    class App < Base
+      class_option :debug, desc: "Set up debug mode", aliases: ["-d"], type: :boolean
       class_around :safe_execute
       include Mihari::Commands::Search
+      include Mihari::Commands::Sidekiq
       include Mihari::Commands::Version
       include Mihari::Commands::Web
-      include Mihari::Mixins::UnwrapError
+      include Concerns::ErrorUnwrappable
       no_commands do
         def safe_execute
@@ -62,6 +65,15 @@ module Mihari
       desc "alert", "Sub commands for alert"
       subcommand "alert", Alert
+      desc "artifact", "Sub commands for artifact"
+      subcommand "artifact", Artifact
+      desc "tag", "Sub commands for tag"
+      subcommand "tag", Tag
+      desc "config", "Sub commands for config"
+      subcommand "config", Config
     end
   end
 end

data/lib/mihari/cli/artifact.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+require "mihari/commands/artifact"
+module Mihari
+  module CLI
+    #
+    # Artifact CLI class (mihari artifact ...)
+    #
+    class Artifact < Base
+      include Mihari::Commands::Artifact
+    end
+  end
+end

data/lib/mihari/cli/config.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+require "mihari/commands/config"
+module Mihari
+  module CLI
+    #
+    # Config CLI class (mihari config ...)
+    #
+    class Config < Base
+      include Mihari::Commands::Config
+    end
+  end
+end

data/lib/mihari/cli/rule.rb CHANGED Viewed

@@ -9,6 +9,7 @@ module Mihari
     #
     class Rule < Base
       include Mihari::Commands::Rule
+      include Mihari::Commands::Search
     end
   end
 end

data/lib/mihari/cli/tag.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+require "mihari/commands/tag"
+module Mihari
+  module CLI
+    #
+    # Tag CLI class (mihari tag ...)
+    #
+    class Tag < Base
+      include Mihari::Commands::Tag
+    end
+  end
+end

data/lib/mihari/clients/base.rb CHANGED Viewed

@@ -47,10 +47,10 @@ module Mihari
       #
       # @param [String] path
       #
-      # @return [String]
+      # @return [URI]
       #
       def url_for(path)
-        base_url + path
+        URI.join base_url, path
       end
       #

data/lib/mihari/clients/binaryedge.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module Mihari
       # @param [Integer] pagination_interval
       #
       def initialize(
-        base_url = "https://api.binaryedge.io/v2",
+        base_url = "https://api.binaryedge.io",
         api_key:,
         headers: {},
         pagination_interval: Mihari.config.pagination_interval,
@@ -38,7 +38,7 @@ module Mihari
           page: page,
           only_ips: only_ips
         }.compact
-        Structs::BinaryEdge::Response.from_dynamic! get_json("/query/search", params: params)
+        Structs::BinaryEdge::Response.from_dynamic! get_json("/v2/query/search", params: params)
       end
       #

data/lib/mihari/clients/crtsh.rb CHANGED Viewed

@@ -19,20 +19,13 @@ module Mihari
       # Search crt.sh by a given identity
       #
       # @param [String] identity
-      # @param [String, nil] match "=", "ILIKE", "LIKE", "single", "any" or nil
+      # @param [String, nil] match "=", "ILIKE", "LIKE", "single", "any", "FTS" or nil
       # @param [String, nil] exclude "expired" or nil
       #
-      # @return [Array<Mihari::Models::Artifact>]
+      # @return [Array<Hash>]
       #
       def search(identity, match: nil, exclude: nil)
-        params = { identity: identity, match: match, exclude: exclude, output: "json" }.compact
-        # @type [Array[Hash]]
-        parsed = get_json("/", params: params)
-        parsed.map do |result|
-          values = result["name_value"].to_s.lines.map(&:chomp)
-          values.map { |value| Models::Artifact.new(data: value, metadata: result) }
-        end.flatten
+        get_json("/", params: { identity: identity, match: match, exclude: exclude, output: "json" }.compact)
       end
     end
   end

data/lib/mihari/clients/fofa.rb CHANGED Viewed

@@ -26,7 +26,7 @@ module Mihari
       #
       # @param [Object] email
       def initialize(
-        base_url = "https://fofa.info/",
+        base_url = "https://fofa.info",
         api_key:,
         email:,
         headers: {},

data/lib/mihari/clients/hunterhow.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Mihari
       # @param [Integer, nil] timeout
       #
       def initialize(
-        base_url = "https://api.hunter.how/",
+        base_url = "https://api.hunter.how",
         api_key:,
         headers: {},
         pagination_interval: Mihari.config.pagination_interval,

data/lib/mihari/clients/mmdb.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+module Mihari
+  module Clients
+    #
+    # MMDB API client
+    #
+    class MMDB < Base
+      #
+      # @param [String] base_url
+      # @param [Hash] headers
+      # @param [Integer, nil] timeout
+      #
+      def initialize(base_url = "https://ip.circl.lu", headers: {}, timeout: nil)
+        super(base_url, headers: headers, timeout: timeout)
+      end
+      #
+      # @param [String] ip
+      #
+      # @return [Mihari::Structs::MMDB::Response]
+      #
+      def query(ip)
+        Structs::MMDB::Response.from_dynamic! get_json("/geolookup/#{ip}")
+      end
+    end
+  end
+end

data/lib/mihari/clients/passivetotal.rb CHANGED Viewed

@@ -29,12 +29,11 @@ module Mihari
       #
       # @param [String] query
       #
-      # @return [Array<String>]
+      # @return [Hash]
       #
       def passive_dns_search(query)
         params = { query: query }
-        res = get_json("/v2/dns/passive/unique", params: params)
-        res["results"] || []
+        get_json("/v2/dns/passive/unique", params: params)
       end
       #
@@ -42,19 +41,13 @@ module Mihari
       #
       # @param [String] query
       #
-      # @return [Array<Mihari::Models::Artifact>]
+      # @return [Hash]
       #
       def reverse_whois_search(query)
-        params = {
+        get_json("/v2/whois/search", params: {
           query: query,
           field: "email"
-        }.compact
-        res = get_json("/v2/whois/search", params: params)
-        results = res["results"] || []
-        results.map do |result|
-          data = result["domain"]
-          Models::Artifact.new(data: data, metadata: result)
-        end.flatten
+        }.compact)
       end
       #
@@ -62,16 +55,10 @@ module Mihari
       #
       # @param [String] query
       #
-      # @return [Array<Mihari::Models::Artifact>]
+      # @return [Hash]
       #
       def ssl_search(query)
-        params = { query: query }
-        res = get_json("/v2/ssl-certificate/history", params: params)
-        results = res["results"] || []
-        results.map do |result|
-          data = result["ipAddresses"]
-          data.map { |d| Models::Artifact.new(data: d, metadata: result) }
-        end.flatten
+        get_json("/v2/ssl-certificate/history", params: { query: query })
       end
     end
   end

data/lib/mihari/clients/securitytrails.rb CHANGED Viewed

@@ -20,33 +20,15 @@ module Mihari
         super(base_url, headers: headers, timeout: timeout)
       end
-      #
-      # Domain search
-      #
-      # @param [String] query
-      #
-      # @return [Array<String>]
-      #
-      def domain_search(query)
-        records = get_all_dns_history(query, type: "a")
-        records.map do |record|
-          (record["values"] || []).map { |value| value["ip"] }
-        end.flatten.compact.uniq
-      end
       #
       # IP search
       #
       # @param [String] query
       #
-      # @return [Array<Mihari::Models::Artifact>]
+      # @return [Hash]
       #
       def ip_search(query)
-        records = search_by_ip(query)
-        records.filter_map do |record|
-          data = record["hostname"]
-          Models::Artifact.new(data: data, metadata: record)
-        end
+        search_by_ip(query)
       end
       #
@@ -54,54 +36,48 @@ module Mihari
       #
       # @param [String] query
       #
-      # @return [Array<String>]
+      # @return [Hash]
       #
       def mail_search(query)
-        records = search_by_mail(query)
-        records.filter_map do |record|
-          data = record["hostname"]
-          Models::Artifact.new(data: data, metadata: record)
-        end
+        search_by_mail(query)
       end
       #
       # @param [String] mail
       #
-      # @return [Array<Hash>]
+      # @return [Hash]
       #
       def search_by_mail(mail)
-        res = post_json "/v1/domains/list", json: { filter: { whois_email: mail } }
-        res["records"] || []
+        post_json "/v1/domains/list", json: { filter: { whois_email: mail } }
       end
       #
       # @param [String] ip
       #
-      # @return [Array<Hash>]
+      # @return [Hash]
       #
       def search_by_ip(ip)
-        res = post_json "/v1/domains/list", json: { filter: { ipv4: ip } }
-        res["records"] || []
+        post_json "/v1/domains/list", json: { filter: { ipv4: ip } }
       end
       #
       # @param [String] domain
       # @param [String] type
+      # @param [Integer] page
       #
-      # @return [Array<Hash>]
+      # @return [Enumerable<Hash>]
       #
-      def get_all_dns_history(domain, type:)
-        first_page = get_dns_history(domain, type: type, page: 1)
+      def get_all_dns_history(domain, type:, page: 1)
+        Enumerator.new do |y|
+          res = get_dns_history(domain, type: type, page: page)
+          y.yield res
-        pages = first_page["pages"].to_i
-        records = first_page["records"] || []
+          pages = res["pages"].to_i
-        (2..pages).each do |page_idx|
-          next_page = get_dns_history(domain, type: type, page: page_idx)
-          records << next_page["records"]
+          (page + 1..pages).each do |page|
+            y.yield get_dns_history(domain, type: type, page: page)
+          end
         end
-        records.flatten
       end
       private
@@ -111,7 +87,7 @@ module Mihari
       # @param [String] type
       # @param [Integer] page
       #
-      # @return [Array<Hash>]
+      # @return [Hash]
       #
       def get_dns_history(domain, type:, page:)
         get_json "/v1/history/#{domain}/dns/#{type}", params: { page: page }

data/lib/mihari/clients/shodan_internet_db.rb ADDED Viewed

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+module Mihari
+  module Clients
+    #
+    # Shodan Internet DB API client
+    #
+    class ShodanInternetDB < Base
+      #
+      # @param [String] base_url
+      # @param [Hash] headers
+      # @param [Integer, nil] timeout
+      #
+      def initialize(base_url = "https://internetdb.shodan.io", headers: {}, timeout: nil)
+        super(base_url, headers: headers, timeout: timeout)
+      end
+      #
+      # @param [String] ip
+      #
+      # @return [Mihari::Structs::Shodan::InternetDBResponse]
+      #
+      def query(ip)
+        Structs::Shodan::InternetDBResponse.from_dynamic! get_json("/#{ip}")
+      end
+    end
+  end
+end

data/lib/mihari/clients/the_hive.rb CHANGED Viewed

@@ -6,20 +6,22 @@ module Mihari
     # TheHive API client
     #
     class TheHive < Base
+      attr_reader :api_version
       #
       # @param [String] base_url
       # @param [String, nil] api_key
-      # @param [String, nil] api_version
+      # @param [String] api_version
       # @param [Hash] headers
       # @param [Integer, nil] timeout
       #
-      def initialize(base_url, api_key:, api_version:, headers: {}, timeout: nil)
+      def initialize(base_url, api_key:, api_version: "v1", headers: {}, timeout: nil)
         raise(ArgumentError, "api_key is required") unless api_key
-        base_url += "/#{api_version}" unless api_version.nil?
         headers["authorization"] = "Bearer #{api_key}"
         super(base_url, headers: headers, timeout: timeout)
+        @api_version = api_version
       end
       #
@@ -29,7 +31,7 @@ module Mihari
       #
       def alert(json)
         json = json.to_camelback_keys.compact
-        post_json("/alert", json: json)
+        post_json("/api/#{api_version}/alert", json: json)
       end
     end
   end

data/lib/mihari/commands/alert.rb CHANGED Viewed

@@ -7,30 +7,72 @@ module Mihari
     #
     module Alert
       class << self
+        # rubocop:disable Metrics/AbcSize
         def included(thor)
           thor.class_eval do
-            include Dry::Monads[:result, :try]
-            include Mixins
+            include Concerns::DatabaseConnectable
-            desc "add [PATH]", "Add an alert"
+            desc "create [PATH]", "Create an alert"
             around :with_db_connection
             #
             # @param [String] path
             #
-            def add(path)
-              result = Dry::Monads::Try[StandardError] do
-                # @type [Mihari::Services::AlertProxy]
-                proxy = Mihari::Services::AlertBuilder.call(path)
-                Mihari::Services::AlertRunner.call proxy
-              end.to_result
+            def create(path)
               # @type [Mihari::Models::Alert]
-              alert = result.value!
+              alert = Dry::Monads::Try[StandardError] do
+                raise ArgumentError, "#{path} not found" unless Pathname(path).exist?
+                params = YAML.safe_load(
+                  ERB.new(File.read(path)).result,
+                  permitted_classes: [Date, Symbol]
+                )
+                Services::AlertCreator.call params
+              end.value!
               data = Entities::Alert.represent(alert)
               puts JSON.pretty_generate(data.as_json)
             end
+            desc "list [QUERY]", "List/search alerts"
+            around :with_db_connection
+            method_option :page, type: :numeric, default: 1
+            method_option :limit, type: :numeric, default: 10
+            #
+            # @param [String] q
+            #
+            def list(q = "")
+              filter = Structs::Filters::Search.new(q: q, page: options["page"], limit: options["limit"])
+              value = Services::AlertSearcher.result(filter).value!
+              data = Entities::AlertsWithPagination.represent(
+                results: value.results,
+                total: value.total,
+                current_page: value.filter[:page].to_i,
+                page_size: value.filter[:limit].to_i
+              )
+              puts JSON.pretty_generate(data.as_json)
+            end
+            desc "get [ID]", "Get an alert"
+            around :with_db_connection
+            #
+            # @param [Integer] id
+            #
+            def get(id)
+              value = Services::AlertGetter.result(id).value!
+              data = Entities::Alert.represent(value)
+              puts JSON.pretty_generate(data.as_json)
+            end
+            desc "delete [ID]", "Delete an alert"
+            around :with_db_connection
+            #
+            # @param [Integer] id
+            #
+            def delete(id)
+              Services::AlertDestroyer.result(id).value!
+            end
           end
         end
+        # rubocop:enable Metrics/AbcSize
       end
     end
   end

data/lib/mihari/commands/artifact.rb ADDED Viewed

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+module Mihari
+  module Commands
+    #
+    # Artifact sub-commands
+    #
+    module Artifact
+      class << self
+        def included(thor)
+          thor.class_eval do
+            include Concerns::DatabaseConnectable
+            desc "list [QUERY]", "List/search artifacts"
+            around :with_db_connection
+            method_option :page, type: :numeric, default: 1
+            method_option :limit, type: :numeric, default: 10
+            #
+            # @param [String] q
+            #
+            def list(q = "")
+              filter = Structs::Filters::Search.new(q: q, page: options["page"], limit: options["limit"])
+              value = Services::ArtifactSearcher.result(filter).value!
+              data = Entities::ArtifactsWithPagination.represent(
+                results: value.results,
+                total: value.total,
+                current_page: value.filter[:page].to_i,
+                page_size: value.filter[:limit].to_i
+              )
+              puts JSON.pretty_generate(data.as_json)
+            end
+            desc "get [ID]", "Get an artifact"
+            around :with_db_connection
+            #
+            # @param [Integer] id
+            #
+            def get(id)
+              value = Services::ArtifactGetter.result(id).value!
+              data = Entities::Artifact.represent(value)
+              puts JSON.pretty_generate(data.as_json)
+            end
+            desc "enrich [ID]", "Enrich an artifact"
+            around :with_db_connection
+            #
+            # @param [Integer] id
+            #
+            def enrich(id)
+              Services::ArtifactEnricher.result(id).value!
+            end
+            desc "delete [ID]", "Delete an artifact"
+            around :with_db_connection
+            #
+            # @param [Integer] id
+            #
+            def delete(id)
+              Services::ArtifactDestroyer.result(id).value!
+            end
+          end
+        end
+      end
+    end
+  end
+end