npm - @panguard-ai/threat-cloud - Versions diffs - 0.1.0 - Mend

@panguard-ai/threat-cloud 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (57) hide show

package/dist/audit-logger.d.ts +46 -0
package/dist/audit-logger.d.ts.map +1 -0
package/dist/audit-logger.js +105 -0
package/dist/audit-logger.js.map +1 -0
package/dist/cli.d.ts +9 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +115 -0
package/dist/cli.js.map +1 -0
package/dist/correlation-engine.d.ts +41 -0
package/dist/correlation-engine.d.ts.map +1 -0
package/dist/correlation-engine.js +313 -0
package/dist/correlation-engine.js.map +1 -0
package/dist/database.d.ts +63 -0
package/dist/database.d.ts.map +1 -0
package/dist/database.js +444 -0
package/dist/database.js.map +1 -0
package/dist/feed-distributor.d.ts +36 -0
package/dist/feed-distributor.d.ts.map +1 -0
package/dist/feed-distributor.js +125 -0
package/dist/feed-distributor.js.map +1 -0
package/dist/index.d.ts +13 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +12 -0
package/dist/index.js.map +1 -0
package/dist/ioc-store.d.ts +83 -0
package/dist/ioc-store.d.ts.map +1 -0
package/dist/ioc-store.js +278 -0
package/dist/ioc-store.js.map +1 -0
package/dist/query-handlers.d.ts +40 -0
package/dist/query-handlers.d.ts.map +1 -0
package/dist/query-handlers.js +211 -0
package/dist/query-handlers.js.map +1 -0
package/dist/reputation-engine.d.ts +44 -0
package/dist/reputation-engine.d.ts.map +1 -0
package/dist/reputation-engine.js +169 -0
package/dist/reputation-engine.js.map +1 -0
package/dist/rule-generator.d.ts +47 -0
package/dist/rule-generator.d.ts.map +1 -0
package/dist/rule-generator.js +238 -0
package/dist/rule-generator.js.map +1 -0
package/dist/scheduler.d.ts +52 -0
package/dist/scheduler.d.ts.map +1 -0
package/dist/scheduler.js +143 -0
package/dist/scheduler.js.map +1 -0
package/dist/server.d.ts +99 -0
package/dist/server.d.ts.map +1 -0
package/dist/server.js +809 -0
package/dist/server.js.map +1 -0
package/dist/sighting-store.d.ts +61 -0
package/dist/sighting-store.d.ts.map +1 -0
package/dist/sighting-store.js +191 -0
package/dist/sighting-store.js.map +1 -0
package/dist/types.d.ts +352 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +6 -0
package/dist/types.js.map +1 -0
package/package.json +37 -0

package/dist/correlation-engine.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"correlation-engine.js","sourceRoot":"","sources":["../src/correlation-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAYzC,4BAA4B;AAC5B,MAAM,cAAc,GAAsB;IACxC,iBAAiB,EAAE,EAAE;IACrB,oBAAoB,EAAE,CAAC;IACvB,wBAAwB,EAAE,CAAC;IAC3B,eAAe,EAAE,EAAE;CACpB,CAAC;AAoBF,2CAA2C;AAC3C,SAAS,aAAa,CAAC,GAAgB;IACrC,OAAO;QACL,UAAU,EAAE,GAAG,CAAC,WAAW;QAC3B,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,YAAY,EAAE,GAAG,CAAC,aAAyC;QAC3D,SAAS,EAAE,GAAG,CAAC,UAAU;QACzB,QAAQ,EAAE,GAAG,CAAC,SAAS;QACvB,UAAU,EAAE,GAAG,CAAC,WAAW;QAC3B,SAAS,EAAE,GAAG,CAAC,UAAU;QACzB,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAa;QACrD,eAAe,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAa;QAC7D,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAa;QAC5C,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,MAAM,EAAE,GAAG,CAAC,MAA4B;QACxC,SAAS,EAAE,GAAG,CAAC,UAAU;QACzB,SAAS,EAAE,GAAG,CAAC,UAAU;KAC1B,CAAC;AACJ,CAAC;AAED,MAAM,OAAO,iBAAiB;IAIT;IAHF,MAAM,CAAoB;IAE3C,YACmB,EAAqB,EACtC,MAAmC;QADlB,OAAE,GAAF,EAAE,CAAmB;QAGtC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;IACrB,CAAC;IAED,4DAA4D;IACpD,WAAW;QACjB,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;KAmBZ,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,gBAAgB;QACd,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,IAAI,YAAY,GAAG,CAAC,CAAC;QACrB,MAAM,gBAAgB,GAAG,CAAC,CAAC;QAC3B,IAAI,gBAAgB,GAAG,CAAC,CAAC;QAEzB,MAAM,SAAS,GAAG,IAAI,IAAI,CACxB,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAC1D,CAAC,WAAW,EAAE,CAAC;QAEhB,+CAA+C;QAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE;aACnB,OAAO,CACN;;;gCAGwB,CACzB;aACA,GAAG,CAAC,SAAS,CAQd,CAAC;QAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,OAAO;gBACL,YAAY,EAAE,CAAC;gBACf,gBAAgB,EAAE,CAAC;gBACnB,gBAAgB,EAAE,CAAC;gBACnB,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;aACjC,CAAC;QACJ,CAAC;QAED,+BAA+B;QAC/B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAyB,CAAC;QAC9C,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;YAChD,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACb,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;QACrC,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;QACtC,MAAM,gBAAgB,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CACtC,0DAA0D,CAC3D,CAAC;QAEF,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE;YACvB,KAAK,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;gBAClC,IAAI,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB;oBAAE,SAAS;gBAEjE,+BAA+B;gBAC/B,MAAM,SAAS,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBACrD,KAAK,MAAM,OAAO,IAAI,SAAS,EAAE,CAAC;oBAChC,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB;wBAAE,SAAS;oBAEhE,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;oBACrE,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;oBACpE,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAa,CAAC,CAAC;oBACzF,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;oBAC/C,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;oBAC3D,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC;oBAC1D,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;oBAEzE,IAAI,CAAC,cAAc,CAAC;wBAClB,UAAU;wBACV,IAAI,EAAE,MAAM,EAAE,KAAK,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;wBAC3C,YAAY,EAAE,YAAY;wBAC1B,SAAS,EAAE,UAAU,CAAC,CAAC,CAAE;wBACzB,QAAQ,EAAE,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAE;wBAC5C,UAAU,EAAE,OAAO,CAAC,MAAM;wBAC1B,SAAS,EAAE,CAAC;wBACZ,WAAW;wBACX,eAAe,EAAE,UAAU;wBAC3B,OAAO;wBACP,QAAQ,EAAE,WAAW;qBACtB,CAAC,CAAC;oBAEH,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;wBACxB,gBAAgB,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;wBACvC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;oBACxB,CAAC;oBACD,YAAY,EAAE,CAAC;oBACf,gBAAgB,IAAI,OAAO,CAAC,MAAM,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,oCAAoC;YACpC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAChE,MAAM,SAAS,GAAG,IAAI,GAAG,EAAyB,CAAC;YACnD,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;gBAC3B,MAAM,UAAU,GAAI,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAc,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACjF,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,WAAW,IAAI,UAAU,EAAE,CAAC;gBAC7C,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBACtC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACb,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,CAAC;YAED,KAAK,MAAM,CAAC,OAAO,EAAE,aAAa,CAAC,IAAI,SAAS,EAAE,CAAC;gBACjD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC;gBAC1E,IAAI,WAAW,CAAC,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,wBAAwB;oBAAE,SAAS;gBAEtE,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC3E,MAAM,CAAC,UAAU,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACxC,MAAM,aAAa,GAAG,aAAa,CAAC,OAAO,CACzC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAa,CAClD,CAAC;gBACF,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;gBAC/C,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBACjE,MAAM,UAAU,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC;gBAChE,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAE/E,IAAI,CAAC,cAAc,CAAC;oBAClB,UAAU;oBACV,IAAI,EAAE,YAAY,UAAU,SAAS,WAAW,CAAC,IAAI,MAAM;oBAC3D,YAAY,EAAE,iBAAiB;oBAC/B,SAAS,EAAE,UAAU,CAAC,CAAC,CAAE;oBACzB,QAAQ,EAAE,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAE;oBAC5C,UAAU,EAAE,aAAa,CAAC,MAAM;oBAChC,SAAS,EAAE,WAAW,CAAC,IAAI;oBAC3B,WAAW,EAAE,CAAC,UAAW,CAAC;oBAC1B,eAAe,EAAE,UAAU;oBAC3B,OAAO;oBACP,QAAQ,EAAE,WAAW;iBACtB,CAAC,CAAC;gBAEH,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;oBAC9B,gBAAgB,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;gBACzC,CAAC;gBACD,YAAY,EAAE,CAAC;gBACf,gBAAgB,IAAI,aAAa,CAAC,MAAM,CAAC;YAC3C,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,OAAO;YACL,YAAY;YACZ,gBAAgB;YAChB,gBAAgB;YAChB,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;SACjC,CAAC;IACJ,CAAC;IAED,uCAAuC;IACvC,WAAW,CAAC,UAAkB;QAC5B,MAAM,GAAG,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,+CAA+C,CAAC,CAAC,GAAG,CAAC,UAAU,CAE9E,CAAC;QACd,OAAO,GAAG,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACzC,CAAC;IAED,oCAAoC;IACpC,aAAa,CAAC,UAA4B,EAAE,MAAe;QACzD,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/C,MAAM,MAAM,GAAc,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,KAAK,CAAC,EAAE,IAAI,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,SAAS,CAAC;QAE9D,MAAM,KAAK,GACT,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,2CAA2C,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAGlF,CAAC,KAAK,CAAC;QAER,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;aACjB,OAAO,CAAC,2BAA2B,KAAK,2CAA2C,CAAC;aACpF,GAAG,CAAC,GAAG,MAAM,EAAE,SAAS,EAAE,MAAM,CAAkB,CAAC;QAEtD,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC;YAC9B,KAAK;YACL,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,KAAK,EAAE,SAAS;YAChB,OAAO,EAAE,MAAM,GAAG,SAAS,GAAG,KAAK;SACpC,CAAC;IACJ,CAAC;IAED,2CAA2C;IAC3C,iBAAiB,CAAC,UAAkB;QAClC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;aACjB,OAAO,CAAC,6EAA6E,CAAC;aACtF,GAAG,CAAC,UAAU,CAAmC,CAAC;QAErD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtB,EAAE,EAAE,CAAC,CAAC,IAAI,CAAW;YACrB,UAAU,EAAE,CAAC,CAAC,aAAa,CAAsC;YACjE,cAAc,EAAE,CAAC,CAAC,kBAAkB,CAAW;YAC/C,UAAU,EAAE,CAAC,CAAC,aAAa,CAAW;YACtC,eAAe,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,kBAAkB,CAAW,CAAa;YACxE,gBAAgB,EAAE,CAAC,CAAC,oBAAoB,CAAW;YACnD,SAAS,EAAE,CAAC,CAAC,WAAW,CAAW;YACnC,QAAQ,EAAE,CAAC,CAAC,UAAU,CAAuB;YAC7C,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAW;YAC7B,UAAU,EAAE,CAAC,CAAC,YAAY,CAAW;YACrC,QAAQ,EAAE,CAAC,CAAC,UAAU,CAAW;YACjC,WAAW,EAAE,CAAC,CAAC,cAAc,CAAuB;YACpD,UAAU,EAAE,CAAC,CAAC,aAAa,CAAuB;YAClD,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAuB;YACzC,KAAK,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAW,CAAc,CAAC,CAAC,CAAC,SAAS;YAC9E,SAAS,EAAE,CAAC,CAAC,YAAY,CAAW;YACpC,UAAU,EAAE,CAAC,CAAC,aAAa,CAAW;YACtC,UAAU,EAAE,CAAC,CAAC,aAAa,CAAuB;SACnD,CAAC,CAAC,CAAC;IACN,CAAC;IAED,yCAAyC;IACzC,gBAAgB;QACd,MAAM,KAAK,GACT,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,yCAAyC,CAAC,CAAC,GAAG,EAC/D,CAAC,KAAK,CAAC;QACR,MAAM,MAAM,GACV,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,iEAAiE,CAAC,CAAC,GAAG,EAGvF,CAAC,KAAK,CAAC;QACR,MAAM,UAAU,GACd,IAAI,CAAC,EAAE;aACJ,OAAO,CAAC,8EAA8E,CAAC;aACvF,GAAG,EACP,CAAC,KAAK,CAAC;QAER,MAAM,QAAQ,GAAG,IAAI,CAAC,EAAE;aACrB,OAAO,CACN;;2DAEmD,CACpD;aACA,GAAG,EAA4C,CAAC;QAEnD,OAAO;YACL,cAAc,EAAE,KAAK;YACrB,eAAe,EAAE,MAAM;YACvB,qBAAqB,EAAE,UAAU;YACjC,cAAc,EAAE,QAAQ;SACzB,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,2BAA2B;IAC3B,4EAA4E;IAE5E,gDAAgD;IACxC,mBAAmB,CAAkC,MAAW;QACtE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,CAAC;QACnC,MAAM,MAAM,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;QAClF,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAiB,GAAG,EAAE,GAAG,IAAI,CAAC;QAC3D,MAAM,QAAQ,GAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC;QAEvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvC,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;YACzD,MAAM,YAAY,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC,CAAC,CAAE,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;YAEtF,IAAI,OAAO,GAAG,YAAY,IAAI,QAAQ,EAAE,CAAC;gBACvC,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC;YAClD,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,6DAA6D;IACrD,kBAAkB,CAAC,QAAkB;QAC3C,MAAM,MAAM,GAAG,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACnD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACrF,MAAM,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QACrE,OAAO,KAAK,IAAI,IAAI,IAAI,EAAE,CAAC;IAC7B,CAAC;IAED,0CAA0C;IAClC,eAAe,CAAC,UAAoB;QAC1C,MAAM,KAAK,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;QACpD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAAE,OAAO,CAAC,CAAC;QACvC,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,kCAAkC;IAC1B,cAAc,CAAC,CAAuD;QAC5E,IAAI,CAAC,EAAE;aACJ,OAAO,CACN;;;;;;;;;;;;uCAY+B,CAChC;aACA,GAAG,CACF,CAAC,CAAC,UAAU,EACZ,CAAC,CAAC,IAAI,EACN,CAAC,CAAC,YAAY,EACd,CAAC,CAAC,SAAS,EACX,CAAC,CAAC,QAAQ,EACV,CAAC,CAAC,UAAU,EACZ,CAAC,CAAC,SAAS,EACX,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,EAC7B,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe,CAAC,EACjC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,EACzB,CAAC,CAAC,QAAQ,CACX,CAAC;IACN,CAAC;CACF"}

package/dist/database.d.ts ADDED Viewed

@@ -0,0 +1,63 @@
+/**
+ * SQLite database layer for Threat Cloud
+ * 威脅雲 SQLite 資料庫層
+ *
+ * Stores anonymized threat data, enriched events, IoCs, campaigns, and rules.
+ *
+ * @module @panguard-ai/threat-cloud/database
+ */
+import Database from 'better-sqlite3';
+import type { AnonymizedThreatData, ThreatCloudRule, ThreatStats, EnrichedThreatEvent, TrapIntelligencePayload } from './types.js';
+/**
+ * Threat Cloud database backed by SQLite
+ * 基於 SQLite 的威脅雲資料庫
+ */
+export declare class ThreatCloudDB {
+    private readonly db;
+    constructor(dbPath: string);
+    /** Create a backup of the database / 建立資料庫備份 */
+    backup(destPath: string): void;
+    /** Expose underlying db for sub-modules (IoCStore, etc.) / 暴露底層 DB 給子模組 */
+    getDB(): Database.Database;
+    /** Create original tables if they don't exist / 建立原始資料表 */
+    private initialize;
+    /** Run idempotent schema migrations / 執行冪等 schema 遷移 */
+    private runMigrations;
+    /** Insert anonymized threat data / 插入匿名化威脅數據 */
+    insertThreat(data: AnonymizedThreatData): void;
+    /**
+     * Insert enriched threat event (deduplicates by event_hash).
+     * Returns the row id if inserted, null if duplicate.
+     * 插入豐富化威脅事件（以 event_hash 去重）
+     */
+    insertEnrichedThreat(event: Omit<EnrichedThreatEvent, 'id'>): number | null;
+    /**
+     * Insert trap credential records.
+     * Usernames are hashed (SHA-256, truncated to 16 hex chars) before storage
+     * to avoid storing PII from attacker-attempted credentials.
+     * 插入 Trap 憑證記錄（使用者名稱先雜湊化以避免 PII 洩漏）
+     */
+    insertTrapCredentials(enrichedThreatId: number, credentials: Array<{
+        username: string;
+        count: number;
+    }>): void;
+    /** Get enriched threats count by source type / 依來源類型取得豐富化威脅數量 */
+    getEnrichedThreatCountBySource(): Record<string, number>;
+    /** Count related threats for an IP / 計算某 IP 的相關威脅數量 */
+    countRelatedThreats(ip: string): number;
+    /** Convert AnonymizedThreatData to EnrichedThreatEvent / 轉換 Guard 資料 */
+    static guardToEnriched(data: AnonymizedThreatData): Omit<EnrichedThreatEvent, 'id'>;
+    /** Convert TrapIntelligencePayload to EnrichedThreatEvent / 轉換 Trap 資料 */
+    static trapToEnriched(data: TrapIntelligencePayload): Omit<EnrichedThreatEvent, 'id'>;
+    /** Insert or update a community rule / 插入或更新社群規則 */
+    upsertRule(rule: ThreatCloudRule): void;
+    /** Fetch rules published after a given timestamp / 取得指定時間後發佈的規則 */
+    getRulesSince(since: string): ThreatCloudRule[];
+    /** Fetch all rules / 取得所有規則 */
+    getAllRules(): ThreatCloudRule[];
+    /** Get threat statistics / 取得威脅統計 */
+    getStats(): ThreatStats;
+    /** Close the database / 關閉資料庫 */
+    close(): void;
+}
+//# sourceMappingURL=database.d.ts.map

package/dist/database.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"database.d.ts","sourceRoot":"","sources":["../src/database.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AACtC,OAAO,KAAK,EACV,oBAAoB,EACpB,eAAe,EACf,WAAW,EACX,mBAAmB,EACnB,uBAAuB,EACxB,MAAM,YAAY,CAAC;AAEpB;;;GAGG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAoB;gBAE3B,MAAM,EAAE,MAAM;IAc1B,gDAAgD;IAChD,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAI9B,2EAA2E;IAC3E,KAAK,IAAI,QAAQ,CAAC,QAAQ;IAQ1B,2DAA2D;IAC3D,OAAO,CAAC,UAAU;IAoClB,wDAAwD;IACxD,OAAO,CAAC,aAAa;IAoMrB,gDAAgD;IAChD,YAAY,CAAC,IAAI,EAAE,oBAAoB,GAAG,IAAI;IAoB9C;;;;OAIG;IACH,oBAAoB,CAAC,KAAK,EAAE,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,GAAG,MAAM,GAAG,IAAI;IA4B3E;;;;;OAKG;IACH,qBAAqB,CACnB,gBAAgB,EAAE,MAAM,EACxB,WAAW,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,GACtD,IAAI;IAaP,iEAAiE;IACjE,8BAA8B,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAWxD,uDAAuD;IACvD,mBAAmB,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM;IAYvC,wEAAwE;IACxE,MAAM,CAAC,eAAe,CAAC,IAAI,EAAE,oBAAoB,GAAG,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC;IAoBnF,0EAA0E;IAC1E,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,uBAAuB,GAAG,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC;IA4BrF,oDAAoD;IACpD,UAAU,CAAC,IAAI,EAAE,eAAe,GAAG,IAAI;IAavC,mEAAmE;IACnE,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,eAAe,EAAE;IAU/C,+BAA+B;IAC/B,WAAW,IAAI,eAAe,EAAE;IAahC,qCAAqC;IACrC,QAAQ,IAAI,WAAW;IAiDvB,iCAAiC;IACjC,KAAK,IAAI,IAAI;CAGd"}

package/dist/database.js ADDED Viewed

@@ -0,0 +1,444 @@
+/**
+ * SQLite database layer for Threat Cloud
+ * 威脅雲 SQLite 資料庫層
+ *
+ * Stores anonymized threat data, enriched events, IoCs, campaigns, and rules.
+ *
+ * @module @panguard-ai/threat-cloud/database
+ */
+import { createHash } from 'node:crypto';
+import Database from 'better-sqlite3';
+/**
+ * Threat Cloud database backed by SQLite
+ * 基於 SQLite 的威脅雲資料庫
+ */
+export class ThreatCloudDB {
+    db;
+    constructor(dbPath) {
+        this.db = new Database(dbPath);
+        this.db.pragma('journal_mode = WAL');
+        this.db.pragma('foreign_keys = ON');
+        this.db.pragma('busy_timeout = 15000');
+        this.db.pragma('synchronous = NORMAL');
+        this.db.pragma('cache_size = -64000');
+        this.db.pragma('temp_store = MEMORY');
+        this.db.pragma('wal_autocheckpoint = 1000');
+        this.db.pragma('journal_size_limit = 104857600');
+        this.initialize();
+        this.runMigrations();
+    }
+    /** Create a backup of the database / 建立資料庫備份 */
+    backup(destPath) {
+        this.db.backup(destPath);
+    }
+    /** Expose underlying db for sub-modules (IoCStore, etc.) / 暴露底層 DB 給子模組 */
+    getDB() {
+        return this.db;
+    }
+    // -------------------------------------------------------------------------
+    // Schema initialization / 資料表初始化
+    // -------------------------------------------------------------------------
+    /** Create original tables if they don't exist / 建立原始資料表 */
+    initialize() {
+        this.db.exec(`
+      CREATE TABLE IF NOT EXISTS threats (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        attack_source_ip TEXT NOT NULL,
+        attack_type TEXT NOT NULL,
+        mitre_technique TEXT NOT NULL,
+        sigma_rule_matched TEXT NOT NULL,
+        timestamp TEXT NOT NULL,
+        industry TEXT,
+        region TEXT NOT NULL,
+        received_at TEXT NOT NULL DEFAULT (datetime('now'))
+      );
+      CREATE TABLE IF NOT EXISTS rules (
+        rule_id TEXT PRIMARY KEY,
+        rule_content TEXT NOT NULL,
+        published_at TEXT NOT NULL,
+        source TEXT NOT NULL,
+        created_at TEXT NOT NULL DEFAULT (datetime('now')),
+        updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+      );
+      CREATE INDEX IF NOT EXISTS idx_threats_timestamp ON threats(timestamp);
+      CREATE INDEX IF NOT EXISTS idx_threats_attack_type ON threats(attack_type);
+      CREATE INDEX IF NOT EXISTS idx_threats_mitre ON threats(mitre_technique);
+      CREATE INDEX IF NOT EXISTS idx_rules_published ON rules(published_at);
+      CREATE TABLE IF NOT EXISTS schema_migrations (
+        version INTEGER PRIMARY KEY,
+        name TEXT NOT NULL,
+        applied_at TEXT NOT NULL DEFAULT (datetime('now'))
+      );
+    `);
+    }
+    /** Run idempotent schema migrations / 執行冪等 schema 遷移 */
+    runMigrations() {
+        const applied = new Set(this.db.prepare('SELECT version FROM schema_migrations').all().map((r) => r.version));
+        const migrations = [
+            {
+                version: 1,
+                name: 'create_iocs_table',
+                sql: `
+          CREATE TABLE IF NOT EXISTS iocs (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            type TEXT NOT NULL CHECK(type IN ('ip','domain','url','hash_md5','hash_sha1','hash_sha256')),
+            value TEXT NOT NULL,
+            normalized_value TEXT NOT NULL,
+            threat_type TEXT NOT NULL,
+            source TEXT NOT NULL,
+            confidence INTEGER NOT NULL DEFAULT 50 CHECK(confidence BETWEEN 0 AND 100),
+            reputation_score INTEGER NOT NULL DEFAULT 50 CHECK(reputation_score BETWEEN 0 AND 100),
+            first_seen TEXT NOT NULL,
+            last_seen TEXT NOT NULL,
+            sightings INTEGER NOT NULL DEFAULT 1,
+            status TEXT NOT NULL DEFAULT 'active' CHECK(status IN ('active','expired','revoked','under_review')),
+            tags TEXT NOT NULL DEFAULT '[]',
+            metadata TEXT NOT NULL DEFAULT '{}',
+            created_at TEXT NOT NULL DEFAULT (datetime('now')),
+            updated_at TEXT NOT NULL DEFAULT (datetime('now')),
+            UNIQUE(type, normalized_value)
+          );
+          CREATE INDEX IF NOT EXISTS idx_iocs_type ON iocs(type);
+          CREATE INDEX IF NOT EXISTS idx_iocs_normalized ON iocs(normalized_value);
+          CREATE INDEX IF NOT EXISTS idx_iocs_reputation ON iocs(reputation_score DESC);
+          CREATE INDEX IF NOT EXISTS idx_iocs_last_seen ON iocs(last_seen);
+          CREATE INDEX IF NOT EXISTS idx_iocs_status ON iocs(status);
+          CREATE INDEX IF NOT EXISTS idx_iocs_source ON iocs(source);
+        `,
+            },
+            {
+                version: 2,
+                name: 'create_enriched_threats_table',
+                sql: `
+          CREATE TABLE IF NOT EXISTS enriched_threats (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            source_type TEXT NOT NULL CHECK(source_type IN ('guard','trap','external_feed')),
+            attack_source_ip TEXT NOT NULL,
+            attack_type TEXT NOT NULL,
+            mitre_techniques TEXT NOT NULL DEFAULT '[]',
+            sigma_rule_matched TEXT NOT NULL DEFAULT '',
+            timestamp TEXT NOT NULL,
+            industry TEXT,
+            region TEXT NOT NULL DEFAULT 'unknown',
+            confidence INTEGER NOT NULL DEFAULT 50,
+            severity TEXT NOT NULL DEFAULT 'medium',
+            service_type TEXT,
+            skill_level TEXT,
+            intent TEXT,
+            tools TEXT,
+            event_hash TEXT NOT NULL UNIQUE,
+            received_at TEXT NOT NULL DEFAULT (datetime('now')),
+            campaign_id TEXT
+          );
+          CREATE INDEX IF NOT EXISTS idx_enriched_timestamp ON enriched_threats(timestamp);
+          CREATE INDEX IF NOT EXISTS idx_enriched_attack_type ON enriched_threats(attack_type);
+          CREATE INDEX IF NOT EXISTS idx_enriched_ip ON enriched_threats(attack_source_ip);
+          CREATE INDEX IF NOT EXISTS idx_enriched_campaign ON enriched_threats(campaign_id);
+          CREATE INDEX IF NOT EXISTS idx_enriched_source_type ON enriched_threats(source_type);
+          CREATE INDEX IF NOT EXISTS idx_enriched_region ON enriched_threats(region);
+          CREATE INDEX IF NOT EXISTS idx_enriched_severity ON enriched_threats(severity);
+          CREATE INDEX IF NOT EXISTS idx_enriched_received ON enriched_threats(received_at);
+        `,
+            },
+            {
+                version: 3,
+                name: 'create_trap_credentials_table',
+                sql: `
+          CREATE TABLE IF NOT EXISTS trap_credentials (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            enriched_threat_id INTEGER NOT NULL REFERENCES enriched_threats(id) ON DELETE CASCADE,
+            username TEXT NOT NULL,
+            attempt_count INTEGER NOT NULL DEFAULT 1,
+            created_at TEXT NOT NULL DEFAULT (datetime('now'))
+          );
+          CREATE INDEX IF NOT EXISTS idx_trap_creds_threat ON trap_credentials(enriched_threat_id);
+          CREATE INDEX IF NOT EXISTS idx_trap_creds_username ON trap_credentials(username);
+        `,
+            },
+            {
+                version: 4,
+                name: 'create_generated_patterns_table',
+                sql: `
+          CREATE TABLE IF NOT EXISTS generated_patterns (
+            pattern_hash TEXT PRIMARY KEY,
+            attack_type TEXT NOT NULL,
+            mitre_techniques TEXT NOT NULL,
+            rule_id TEXT NOT NULL REFERENCES rules(rule_id) ON DELETE CASCADE,
+            occurrences INTEGER NOT NULL,
+            distinct_ips INTEGER NOT NULL,
+            first_seen TEXT NOT NULL,
+            last_seen TEXT NOT NULL,
+            created_at TEXT NOT NULL DEFAULT (datetime('now')),
+            updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+          );
+          CREATE INDEX IF NOT EXISTS idx_gen_patterns_attack ON generated_patterns(attack_type);
+          CREATE INDEX IF NOT EXISTS idx_gen_patterns_rule ON generated_patterns(rule_id);
+        `,
+            },
+            {
+                version: 5,
+                name: 'create_daily_aggregates_table',
+                sql: `
+          CREATE TABLE IF NOT EXISTS daily_aggregates (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            date TEXT NOT NULL,
+            attack_type TEXT NOT NULL,
+            region TEXT NOT NULL,
+            source_type TEXT NOT NULL,
+            event_count INTEGER NOT NULL,
+            unique_ips INTEGER NOT NULL,
+            avg_confidence REAL NOT NULL,
+            severity_distribution TEXT NOT NULL DEFAULT '{}',
+            created_at TEXT NOT NULL DEFAULT (datetime('now')),
+            UNIQUE(date, attack_type, region, source_type)
+          );
+          CREATE INDEX IF NOT EXISTS idx_daily_agg_date ON daily_aggregates(date);
+          CREATE INDEX IF NOT EXISTS idx_daily_agg_type ON daily_aggregates(attack_type);
+        `,
+            },
+            {
+                version: 6,
+                name: 'create_sightings_table',
+                sql: `
+          CREATE TABLE IF NOT EXISTS sightings (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            ioc_id INTEGER NOT NULL REFERENCES iocs(id) ON DELETE CASCADE,
+            type TEXT NOT NULL CHECK(type IN ('positive','negative','false_positive')),
+            source TEXT NOT NULL,
+            confidence INTEGER NOT NULL DEFAULT 50 CHECK(confidence BETWEEN 0 AND 100),
+            details TEXT NOT NULL DEFAULT '',
+            actor_hash TEXT NOT NULL DEFAULT '',
+            created_at TEXT NOT NULL DEFAULT (datetime('now'))
+          );
+          CREATE INDEX IF NOT EXISTS idx_sightings_ioc ON sightings(ioc_id);
+          CREATE INDEX IF NOT EXISTS idx_sightings_type ON sightings(type);
+          CREATE INDEX IF NOT EXISTS idx_sightings_created ON sightings(created_at);
+        `,
+            },
+            {
+                version: 7,
+                name: 'create_audit_log_table',
+                sql: `
+          CREATE TABLE IF NOT EXISTS audit_log (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            action TEXT NOT NULL,
+            entity_type TEXT NOT NULL,
+            entity_id TEXT NOT NULL,
+            actor_hash TEXT NOT NULL DEFAULT '',
+            ip_address TEXT NOT NULL DEFAULT '',
+            details TEXT NOT NULL DEFAULT '{}',
+            created_at TEXT NOT NULL DEFAULT (datetime('now'))
+          );
+          CREATE INDEX IF NOT EXISTS idx_audit_action ON audit_log(action);
+          CREATE INDEX IF NOT EXISTS idx_audit_entity ON audit_log(entity_type, entity_id);
+          CREATE INDEX IF NOT EXISTS idx_audit_created ON audit_log(created_at);
+          CREATE INDEX IF NOT EXISTS idx_audit_actor ON audit_log(actor_hash);
+        `,
+            },
+            {
+                version: 8,
+                name: 'add_source_reliability_to_iocs',
+                sql: `
+          ALTER TABLE iocs ADD COLUMN source_reliability TEXT NOT NULL DEFAULT 'F'
+            CHECK(source_reliability IN ('A','B','C','D','E','F'));
+        `,
+            },
+        ];
+        const insertMigration = this.db.prepare('INSERT INTO schema_migrations (version, name) VALUES (?, ?)');
+        for (const m of migrations) {
+            if (!applied.has(m.version)) {
+                this.db.transaction(() => {
+                    this.db.exec(m.sql);
+                    insertMigration.run(m.version, m.name);
+                })();
+            }
+        }
+    }
+    // -------------------------------------------------------------------------
+    // Legacy threat operations (backward compatible) / 原始威脅操作
+    // -------------------------------------------------------------------------
+    /** Insert anonymized threat data / 插入匿名化威脅數據 */
+    insertThreat(data) {
+        const stmt = this.db.prepare(`
+      INSERT INTO threats (attack_source_ip, attack_type, mitre_technique, sigma_rule_matched, timestamp, industry, region)
+      VALUES (?, ?, ?, ?, ?, ?, ?)
+    `);
+        stmt.run(data.attackSourceIP, data.attackType, data.mitreTechnique, data.sigmaRuleMatched, data.timestamp, data.industry ?? null, data.region);
+    }
+    // -------------------------------------------------------------------------
+    // Enriched threat operations / 豐富化威脅操作
+    // -------------------------------------------------------------------------
+    /**
+     * Insert enriched threat event (deduplicates by event_hash).
+     * Returns the row id if inserted, null if duplicate.
+     * 插入豐富化威脅事件（以 event_hash 去重）
+     */
+    insertEnrichedThreat(event) {
+        const stmt = this.db.prepare(`
+      INSERT OR IGNORE INTO enriched_threats
+        (source_type, attack_source_ip, attack_type, mitre_techniques, sigma_rule_matched,
+         timestamp, industry, region, confidence, severity, service_type, skill_level,
+         intent, tools, event_hash)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+    `);
+        const result = stmt.run(event.sourceType, event.attackSourceIP, event.attackType, JSON.stringify(event.mitreTechniques), event.sigmaRuleMatched, event.timestamp, event.industry ?? null, event.region, event.confidence, event.severity, event.serviceType ?? null, event.skillLevel ?? null, event.intent ?? null, event.tools ? JSON.stringify(event.tools) : null, event.eventHash);
+        return result.changes > 0 ? Number(result.lastInsertRowid) : null;
+    }
+    /**
+     * Insert trap credential records.
+     * Usernames are hashed (SHA-256, truncated to 16 hex chars) before storage
+     * to avoid storing PII from attacker-attempted credentials.
+     * 插入 Trap 憑證記錄（使用者名稱先雜湊化以避免 PII 洩漏）
+     */
+    insertTrapCredentials(enrichedThreatId, credentials) {
+        const stmt = this.db.prepare('INSERT INTO trap_credentials (enriched_threat_id, username, attempt_count) VALUES (?, ?, ?)');
+        const insertAll = this.db.transaction((creds) => {
+            for (const c of creds) {
+                const hashedUsername = createHash('sha256').update(c.username).digest('hex').slice(0, 16);
+                stmt.run(enrichedThreatId, hashedUsername, c.count);
+            }
+        });
+        insertAll(credentials);
+    }
+    /** Get enriched threats count by source type / 依來源類型取得豐富化威脅數量 */
+    getEnrichedThreatCountBySource() {
+        const rows = this.db
+            .prepare('SELECT source_type, COUNT(*) as count FROM enriched_threats GROUP BY source_type')
+            .all();
+        const result = {};
+        for (const r of rows) {
+            result[r.source_type] = r.count;
+        }
+        return result;
+    }
+    /** Count related threats for an IP / 計算某 IP 的相關威脅數量 */
+    countRelatedThreats(ip) {
+        return this.db
+            .prepare('SELECT COUNT(*) as count FROM enriched_threats WHERE attack_source_ip = ?')
+            .get(ip).count;
+    }
+    // -------------------------------------------------------------------------
+    // Conversion helpers / 轉換輔助函式
+    // -------------------------------------------------------------------------
+    /** Convert AnonymizedThreatData to EnrichedThreatEvent / 轉換 Guard 資料 */
+    static guardToEnriched(data) {
+        const hashInput = `${data.attackSourceIP}|${data.attackType}|${data.mitreTechnique}|${data.timestamp}`;
+        const eventHash = createHash('sha256').update(hashInput).digest('hex');
+        return {
+            sourceType: 'guard',
+            attackSourceIP: data.attackSourceIP,
+            attackType: data.attackType,
+            mitreTechniques: [data.mitreTechnique],
+            sigmaRuleMatched: data.sigmaRuleMatched,
+            timestamp: data.timestamp,
+            industry: data.industry,
+            region: data.region,
+            confidence: 50,
+            severity: 'medium',
+            eventHash,
+            receivedAt: new Date().toISOString(),
+        };
+    }
+    /** Convert TrapIntelligencePayload to EnrichedThreatEvent / 轉換 Trap 資料 */
+    static trapToEnriched(data) {
+        const techniques = data.mitreTechniques ?? [];
+        const hashInput = `${data.sourceIP}|${data.attackType}|${techniques.join(',')}|${data.timestamp}`;
+        const eventHash = createHash('sha256').update(hashInput).digest('hex');
+        return {
+            sourceType: 'trap',
+            attackSourceIP: data.sourceIP,
+            attackType: data.attackType,
+            mitreTechniques: techniques,
+            sigmaRuleMatched: '',
+            timestamp: data.timestamp,
+            region: data.region ?? 'unknown',
+            confidence: 60,
+            severity: data.skillLevel === 'apt' || data.skillLevel === 'advanced' ? 'high' : 'medium',
+            serviceType: data.serviceType,
+            skillLevel: data.skillLevel,
+            intent: data.intent,
+            tools: data.tools,
+            eventHash,
+            receivedAt: new Date().toISOString(),
+        };
+    }
+    // -------------------------------------------------------------------------
+    // Rules / 規則
+    // -------------------------------------------------------------------------
+    /** Insert or update a community rule / 插入或更新社群規則 */
+    upsertRule(rule) {
+        const stmt = this.db.prepare(`
+      INSERT INTO rules (rule_id, rule_content, published_at, source)
+      VALUES (?, ?, ?, ?)
+      ON CONFLICT(rule_id) DO UPDATE SET
+        rule_content = excluded.rule_content,
+        published_at = excluded.published_at,
+        source = excluded.source,
+        updated_at = datetime('now')
+    `);
+        stmt.run(rule.ruleId, rule.ruleContent, rule.publishedAt, rule.source);
+    }
+    /** Fetch rules published after a given timestamp / 取得指定時間後發佈的規則 */
+    getRulesSince(since) {
+        const stmt = this.db.prepare(`
+      SELECT rule_id as ruleId, rule_content as ruleContent, published_at as publishedAt, source
+      FROM rules
+      WHERE published_at > ?
+      ORDER BY published_at ASC
+    `);
+        return stmt.all(since);
+    }
+    /** Fetch all rules / 取得所有規則 */
+    getAllRules() {
+        const stmt = this.db.prepare(`
+      SELECT rule_id as ruleId, rule_content as ruleContent, published_at as publishedAt, source
+      FROM rules
+      ORDER BY published_at DESC
+    `);
+        return stmt.all();
+    }
+    // -------------------------------------------------------------------------
+    // Statistics / 統計
+    // -------------------------------------------------------------------------
+    /** Get threat statistics / 取得威脅統計 */
+    getStats() {
+        const totalThreats = this.db.prepare('SELECT COUNT(*) as count FROM threats').get().count;
+        const totalRules = this.db.prepare('SELECT COUNT(*) as count FROM rules').get().count;
+        const last24h = this.db
+            .prepare("SELECT COUNT(*) as count FROM threats WHERE received_at > datetime('now', '-1 day')")
+            .get().count;
+        const topAttackTypes = this.db
+            .prepare(`
+      SELECT attack_type as type, COUNT(*) as count
+      FROM threats
+      GROUP BY attack_type
+      ORDER BY count DESC
+      LIMIT 10
+    `)
+            .all();
+        const topMitreTechniques = this.db
+            .prepare(`
+      SELECT mitre_technique as technique, COUNT(*) as count
+      FROM threats
+      GROUP BY mitre_technique
+      ORDER BY count DESC
+      LIMIT 10
+    `)
+            .all();
+        return {
+            totalThreats,
+            totalRules,
+            topAttackTypes,
+            topMitreTechniques,
+            last24hThreats: last24h,
+        };
+    }
+    /** Close the database / 關閉資料庫 */
+    close() {
+        this.db.close();
+    }
+}
+//# sourceMappingURL=database.js.map

package/dist/database.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"database.js","sourceRoot":"","sources":["../src/database.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AAStC;;;GAGG;AACH,MAAM,OAAO,aAAa;IACP,EAAE,CAAoB;IAEvC,YAAY,MAAc;QACxB,IAAI,CAAC,EAAE,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC/B,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;QACrC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC;QACpC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;QACvC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;QACvC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;QACtC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;QACtC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,2BAA2B,CAAC,CAAC;QAC5C,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,gCAAgC,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;QAClB,IAAI,CAAC,aAAa,EAAE,CAAC;IACvB,CAAC;IAED,gDAAgD;IAChD,MAAM,CAAC,QAAgB;QACrB,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC3B,CAAC;IAED,2EAA2E;IAC3E,KAAK;QACH,OAAO,IAAI,CAAC,EAAE,CAAC;IACjB,CAAC;IAED,4EAA4E;IAC5E,iCAAiC;IACjC,4EAA4E;IAE5E,2DAA2D;IACnD,UAAU;QAChB,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAgCZ,CAAC,CAAC;IACL,CAAC;IAED,wDAAwD;IAChD,aAAa;QACnB,MAAM,OAAO,GAAG,IAAI,GAAG,CAEnB,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC,GAAG,EAC7D,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CACxB,CAAC;QAEF,MAAM,UAAU,GAA0D;YACxE;gBACE,OAAO,EAAE,CAAC;gBACV,IAAI,EAAE,mBAAmB;gBACzB,GAAG,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;SA0BJ;aACF;YACD;gBACE,OAAO,EAAE,CAAC;gBACV,IAAI,EAAE,+BAA+B;gBACrC,GAAG,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;SA6BJ;aACF;YACD;gBACE,OAAO,EAAE,CAAC;gBACV,IAAI,EAAE,+BAA+B;gBACrC,GAAG,EAAE;;;;;;;;;;SAUJ;aACF;YACD;gBACE,OAAO,EAAE,CAAC;gBACV,IAAI,EAAE,iCAAiC;gBACvC,GAAG,EAAE;;;;;;;;;;;;;;;SAeJ;aACF;YACD;gBACE,OAAO,EAAE,CAAC;gBACV,IAAI,EAAE,+BAA+B;gBACrC,GAAG,EAAE;;;;;;;;;;;;;;;;SAgBJ;aACF;YACD;gBACE,OAAO,EAAE,CAAC;gBACV,IAAI,EAAE,wBAAwB;gBAC9B,GAAG,EAAE;;;;;;;;;;;;;;SAcJ;aACF;YACD;gBACE,OAAO,EAAE,CAAC;gBACV,IAAI,EAAE,wBAAwB;gBAC9B,GAAG,EAAE;;;;;;;;;;;;;;;SAeJ;aACF;YACD;gBACE,OAAO,EAAE,CAAC;gBACV,IAAI,EAAE,gCAAgC;gBACtC,GAAG,EAAE;;;SAGJ;aACF;SACF,CAAC;QAEF,MAAM,eAAe,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CACrC,6DAA6D,CAC9D,CAAC;QAEF,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;YAC3B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5B,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE;oBACvB,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;oBACpB,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;gBACzC,CAAC,CAAC,EAAE,CAAC;YACP,CAAC;QACH,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,0DAA0D;IAC1D,4EAA4E;IAE5E,gDAAgD;IAChD,YAAY,CAAC,IAA0B;QACrC,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;KAG5B,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CACN,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,gBAAgB,EACrB,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,QAAQ,IAAI,IAAI,EACrB,IAAI,CAAC,MAAM,CACZ,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,uCAAuC;IACvC,4EAA4E;IAE5E;;;;OAIG;IACH,oBAAoB,CAAC,KAAsC;QACzD,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;;;KAM5B,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CACrB,KAAK,CAAC,UAAU,EAChB,KAAK,CAAC,cAAc,EACpB,KAAK,CAAC,UAAU,EAChB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,eAAe,CAAC,EACrC,KAAK,CAAC,gBAAgB,EACtB,KAAK,CAAC,SAAS,EACf,KAAK,CAAC,QAAQ,IAAI,IAAI,EACtB,KAAK,CAAC,MAAM,EACZ,KAAK,CAAC,UAAU,EAChB,KAAK,CAAC,QAAQ,EACd,KAAK,CAAC,WAAW,IAAI,IAAI,EACzB,KAAK,CAAC,UAAU,IAAI,IAAI,EACxB,KAAK,CAAC,MAAM,IAAI,IAAI,EACpB,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAChD,KAAK,CAAC,SAAS,CAChB,CAAC;QACF,OAAO,MAAM,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACpE,CAAC;IAED;;;;;OAKG;IACH,qBAAqB,CACnB,gBAAwB,EACxB,WAAuD;QAEvD,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAC1B,6FAA6F,CAC9F,CAAC;QACF,MAAM,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,KAAyB,EAAE,EAAE;YAClE,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;gBACtB,MAAM,cAAc,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC1F,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,cAAc,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;YACtD,CAAC;QACH,CAAC,CAAC,CAAC;QACH,SAAS,CAAC,WAAW,CAAC,CAAC;IACzB,CAAC;IAED,iEAAiE;IACjE,8BAA8B;QAC5B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;aACjB,OAAO,CAAC,kFAAkF,CAAC;aAC3F,GAAG,EAAmD,CAAC;QAC1D,MAAM,MAAM,GAA2B,EAAE,CAAC;QAC1C,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;YACrB,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC;QAClC,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,uDAAuD;IACvD,mBAAmB,CAAC,EAAU;QAC5B,OACE,IAAI,CAAC,EAAE;aACJ,OAAO,CAAC,2EAA2E,CAAC;aACpF,GAAG,CAAC,EAAE,CACV,CAAC,KAAK,CAAC;IACV,CAAC;IAED,4EAA4E;IAC5E,8BAA8B;IAC9B,4EAA4E;IAE5E,wEAAwE;IACxE,MAAM,CAAC,eAAe,CAAC,IAA0B;QAC/C,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACvG,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAEvE,OAAO;YACL,UAAU,EAAE,OAAO;YACnB,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,eAAe,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC;YACtC,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE,QAAQ;YAClB,SAAS;YACT,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,MAAM,CAAC,cAAc,CAAC,IAA6B;QACjD,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,IAAI,EAAE,CAAC;QAC9C,MAAM,SAAS,GAAG,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QAClG,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAEvE,OAAO;YACL,UAAU,EAAE,MAAM;YAClB,cAAc,EAAE,IAAI,CAAC,QAAQ;YAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,eAAe,EAAE,UAAU;YAC3B,gBAAgB,EAAE,EAAE;YACpB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,SAAS;YAChC,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE,IAAI,CAAC,UAAU,KAAK,KAAK,IAAI,IAAI,CAAC,UAAU,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;YACzF,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,SAAS;YACT,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACrC,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,aAAa;IACb,4EAA4E;IAE5E,oDAAoD;IACpD,UAAU,CAAC,IAAqB;QAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;;;;;KAQ5B,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACzE,CAAC;IAED,mEAAmE;IACnE,aAAa,CAAC,KAAa;QACzB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;;KAK5B,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAsB,CAAC;IAC9C,CAAC;IAED,+BAA+B;IAC/B,WAAW;QACT,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;KAI5B,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,GAAG,EAAuB,CAAC;IACzC,CAAC;IAED,4EAA4E;IAC5E,kBAAkB;IAClB,4EAA4E;IAE5E,qCAAqC;IACrC,QAAQ;QACN,MAAM,YAAY,GAChB,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC,GAAG,EAC7D,CAAC,KAAK,CAAC;QACR,MAAM,UAAU,GACd,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,qCAAqC,CAAC,CAAC,GAAG,EAC3D,CAAC,KAAK,CAAC;QAER,MAAM,OAAO,GACX,IAAI,CAAC,EAAE;aACJ,OAAO,CACN,qFAAqF,CACtF;aACA,GAAG,EACP,CAAC,KAAK,CAAC;QAER,MAAM,cAAc,GAAG,IAAI,CAAC,EAAE;aAC3B,OAAO,CACN;;;;;;KAMH,CACE;aACA,GAAG,EAA4C,CAAC;QAEnD,MAAM,kBAAkB,GAAG,IAAI,CAAC,EAAE;aAC/B,OAAO,CACN;;;;;;KAMH,CACE;aACA,GAAG,EAAiD,CAAC;QAExD,OAAO;YACL,YAAY;YACZ,UAAU;YACV,cAAc;YACd,kBAAkB;YAClB,cAAc,EAAE,OAAO;SACxB,CAAC;IACJ,CAAC;IAED,iCAAiC;IACjC,KAAK;QACH,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IAClB,CAAC;CACF"}

package/dist/feed-distributor.d.ts ADDED Viewed

@@ -0,0 +1,36 @@
+/**
+ * Feed Distributor
+ * 情報分發模組
+ *
+ * Generates blocklists, IoC feeds, and agent update packages.
+ *
+ * @module @panguard-ai/threat-cloud/feed-distributor
+ */
+import type Database from 'better-sqlite3';
+import type { IoCFeedResponse, AgentUpdatePackage } from './types.js';
+export declare class FeedDistributor {
+    private readonly db;
+    constructor(db: Database.Database);
+    /**
+     * Generate IP blocklist as plain text (one IP per line).
+     * Only includes redistributable IoCs to comply with feed licenses.
+     * 產生 IP 封鎖清單（僅包含可轉散佈的 IoC，遵守授權）
+     */
+    getIPBlocklist(minReputation?: number): string;
+    /**
+     * Generate domain blocklist as plain text.
+     * 產生 Domain 封鎖清單
+     */
+    getDomainBlocklist(minReputation?: number): string;
+    /**
+     * Generate JSON IoC feed.
+     * 產生 JSON IoC feed
+     */
+    getIoCFeed(minReputation?: number, limit?: number, since?: string): IoCFeedResponse;
+    /**
+     * Generate agent update package (rules + IoCs since a given timestamp).
+     * 產生 Agent 更新包
+     */
+    getAgentUpdate(since?: string): AgentUpdatePackage;
+}
+//# sourceMappingURL=feed-distributor.d.ts.map

package/dist/feed-distributor.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"feed-distributor.d.ts","sourceRoot":"","sources":["../src/feed-distributor.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAC3C,OAAO,KAAK,EAEV,eAAe,EACf,kBAAkB,EAEnB,MAAM,YAAY,CAAC;AAEpB,qBAAa,eAAe;IACd,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAAF,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAElD;;;;OAIG;IACH,cAAc,CAAC,aAAa,GAAE,MAAW,GAAG,MAAM;IAgBlD;;;OAGG;IACH,kBAAkB,CAAC,aAAa,GAAE,MAAW,GAAG,MAAM;IAgBtD;;;OAGG;IACH,UAAU,CAAC,aAAa,GAAE,MAAW,EAAE,KAAK,GAAE,MAAa,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,eAAe;IA+C7F;;;OAGG;IACH,cAAc,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,kBAAkB;CA2DnD"}