otx_ruby 0.6.2 → 0.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f8a5524961dd54e7dda4bdf414b9fb1af7b8c5b0
-  data.tar.gz: 1b59ff6cb89c73bb62eff52a95034cf01bc6a636
+  metadata.gz: 59f7c70b2d3ead15a343ec6309d290e02810c7f9
+  data.tar.gz: 7f0473fda29c689cabf291493acbf838e476a5d0
 SHA512:
-  metadata.gz: ad9142c94d4f181bb08a32d63390dc9630d7f9f6833ee4f7b3328020d74637079b5963f9c6eab2ad0dace4cbb87cfcc3ba39371c39eabb2ccb427e52f5613ee9
-  data.tar.gz: 06ad1a4367d511ffcafdc2b1e624f90074ccef29169092d0e4ac6acbe7ebf771c01e810c4290a5348e11d7a970bc45e7af6c02b003401d8683c3b79d68c4c491
+  metadata.gz: 6e639869d6db18a78e9d3215ec64586f2d9544592d56ff9bc69ad1a299a4339b67fe5591c0c3f7116a7c484f910fadb634401678ed4973a79f59e6269e1937f1
+  data.tar.gz: a1968a159ec1d5d0f214dcb49462c9a4313d79b256f4787d92f1c9507b78cda2608d07fc0b7e5747e2aeb9b64163fdd6ba1cb53b47d1813ae3d1b99df94ca058

data/lib/otx_ruby/base.rb

@@ -56,6 +56,7 @@ module OTX
     #
     class Base
       attr_writer :modified, :created
+      attr_accessor :id
 
       def created
         return @created.nil? ? nil : DateTime.parse(@created)

data/lib/otx_ruby/reputation.rb

@@ -0,0 +1,23 @@
+module OTX
+  #
+  # Retrieve and parse into the appropriate object the reputation for an IP Address from the OTX System
+  #
+  class Reputation < OTX::Base
+    #
+    # Download an individually identified IP Address Reputation and parse the output
+    #
+    # @param ip [String] The ip address to check the reputation
+    # @param type [Symbol] Type of address, IPv6 or IPv4
+    # @return [OTX::Pulse] Parsed Pulse
+    #
+    def get_reputation(ip, type=:ipv4)
+      uri = "api/v1/indicators/#{type == :ipv6 ? "IPv6" : "IPv4"}/#{ip}/reputation"
+
+      json_data = get(uri)
+
+      reputation = OTX::Indicator::IP::Reputation.new(json_data["reputation"])
+
+      return reputation
+    end
+  end
+end

data/lib/otx_ruby/types/activity.rb

@@ -0,0 +1,19 @@
+module OTX
+  module Indicator
+    class Activity < OTX::Type::Base
+      attr_accessor :domain, :name, :visible, :url, :data,
+      :source, :vt, :file, :data_key, :md5, :status, :first_date, :data_key,
+      :last_date
+
+      def initialize(attributes={})
+        attributes.each do |key, value|
+          if key != 'data'
+            send("#{key.downcase}=", value)
+          else
+            @data = OTX::Indicator::Data.new(value)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/otx_ruby/types/data.rb

@@ -0,0 +1,7 @@
+module OTX
+  module Indicator
+    class Data < OTX::Type::Base
+      attr_accessor :url, :domain, :vt, :file, :md5
+    end
+  end
+end

data/lib/otx_ruby/types/event.rb

@@ -9,6 +9,6 @@ module OTX
   # @attr [String] object_id ID value for the object the event is created for
   #
   class Event < OTX::Type::Base
-    attr_accessor :id, :action, :object_type, :object_id
+    attr_accessor :action, :object_type, :object_id
   end
 end

data/lib/otx_ruby/types/indicators.rb

@@ -12,7 +12,6 @@ module OTX
   # @attr [String] is_active value 0 or 1 if active
   # @attr [String] role
   # @attr [String] observations
-  # @attr [String] created Date record was created
   # @attr [String] expiration
   # @attr [Array] access_groups
   # @attr [String] access_reason
@@ -37,7 +36,7 @@ module OTX
   #   CVE - Common Vulnerability and Exposure (CVE) entry describing a software vulnerability that can be exploited to engage in malicious activity.
   #
   class Indicators < OTX::Type::Base
-    attr_accessor :id, :_id, :indicator, :type, :description, :title, :content, :is_active, :access_reason, :access_type, :access_groups,
-    :expiration, :observations, :role, :created
+    attr_accessor :_id, :indicator, :type, :description, :title, :content, :is_active, :access_reason, :access_type, :access_groups,
+    :expiration, :observations, :role
   end
 end

data/lib/otx_ruby/types/ip_reputation.rb

@@ -0,0 +1,31 @@
+module OTX
+  module Indicator
+    module IP
+      class Reputation < OTX::Type::Base
+        #
+        # Needs details for attributes
+        #
+        attr_accessor :as, :threat_score, :first_seen, :city, :allow_ping, :reputation_rel_checked, :counts,
+        :lon, :status, :last_seen, :state, :activities, :server_type, :matched_bl, :address, :lat, :date_added,
+        :country, :up, :reputation_rel, :matched_wl, :domains, :reputation_val_checked, :reputation_val, :id
+
+        def _id=(id)
+          @id = id['$id']
+        end
+
+        def initialize(attributes={})
+          attributes.each do |key, value|
+            if key != 'activities'
+              send("#{key.downcase}=", value)
+            else
+              @activities = []
+              value.each do |activity|
+                @activities << OTX::Indicator::Activity.new(activity)
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/otx_ruby/types/pulse.rb

@@ -22,10 +22,10 @@ module OTX
   # @attr [Array<String>] industries
   #
   class Pulse < OTX::Type::Base
-    attr_accessor :id, :name, :description, :author_name,
+    attr_accessor :name, :description, :author_name,
       :tags, :references, :revision, :indicators, :tlp, :public, :in_group,
       :group_id, :group_name, :groups, :adversary, :targeted_countries,
-      :industries, :modified, :created
+      :industries
 
     def initialize(attributes={})
       attributes.each do |key, value|

data/lib/otx_ruby/version.rb

@@ -1,4 +1,4 @@
 module OTX
   # Library Version Number
-  VERSION = "0.6.2"
+  VERSION = "0.7.1"
 end

data/lib/otx_ruby.rb

@@ -2,12 +2,17 @@ require 'faraday'
 require 'oj'
 
 require "otx_ruby/version"
-require "otx_ruby/base.rb"
-require "otx_ruby/subscribed.rb"
-require "otx_ruby/events.rb"
-require "otx_ruby/pulses.rb"
-require "otx_ruby/types/pulse.rb"
-require "otx_ruby/types/indicators.rb"
+require "otx_ruby/base"
+require "otx_ruby/subscribed"
+require "otx_ruby/events"
+require "otx_ruby/pulses"
+require "otx_ruby/reputation"
+require "otx_ruby/types/pulse"
+require "otx_ruby/types/event"
+require "otx_ruby/types/indicators"
+require "otx_ruby/types/ip_reputation"
+require "otx_ruby/types/activity"
+require "otx_ruby/types/data"
 
 #
 # Base AlienVault OTX Module

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: otx_ruby
 version: !ruby/object:Gem::Version
-  version: 0.6.2
+  version: 0.7.1
 platform: ruby
 authors:
 - Stephen Kapp
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-01-11 00:00:00.000000000 Z
+date: 2017-02-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -127,9 +127,13 @@ files:
 - lib/otx_ruby/base.rb
 - lib/otx_ruby/events.rb
 - lib/otx_ruby/pulses.rb
+- lib/otx_ruby/reputation.rb
 - lib/otx_ruby/subscribed.rb
+- lib/otx_ruby/types/activity.rb
+- lib/otx_ruby/types/data.rb
 - lib/otx_ruby/types/event.rb
 - lib/otx_ruby/types/indicators.rb
+- lib/otx_ruby/types/ip_reputation.rb
 - lib/otx_ruby/types/pulse.rb
 - lib/otx_ruby/version.rb
 - otx_ruby.gemspec