atomicshop 2.12.18__py3-none-any.whl → 2.12.20__py3-none-any.whl

atomicshop/__init__.py

@@ -1,4 +1,4 @@
 """Atomic Basic functions and classes to make developer life easier"""
 
 __author__ = "Den Kras"
-__version__ = '2.12.18'
+__version__ = '2.12.20'

atomicshop/file_io/file_io.py

@@ -102,8 +102,10 @@ def write_file(
             content = '\n'.join(content)
         else:
             file_object.writelines(content)
-
-    if isinstance(content, str):
+    elif isinstance(content, str):
+        file_object.write(content)
+    # THis will happen if the content is bytes and the file mode is 'wb'.
+    elif isinstance(content, bytes) and 'b' in file_mode:
         file_object.write(content)
     else:
         raise TypeError(f"Content type is not supported: {type(content)}")

atomicshop/monitor/change_monitor.py

@@ -1,8 +1,6 @@
 from typing import Literal, Union
-from pathlib import Path
 
-from .checks import dns, network, hash, process_running
-from .. import filesystem, scheduling
+from .checks import dns, network, file, url, process_running
 
 
 DNS__DEFAULT_SETTINGS = {
@@ -122,36 +120,31 @@ class ChangeMonitor:
 
         # === Additional variables ========================================
 
-        # self.original_object_directory = None
-        # self.original_object_file_path = None
-
-        # # If 'store_original_object' is True, create directory for original object.
-        # if self.store_original_object:
-        #     # Make path for original object.
-        #     self.original_object_directory = filesystem.add_object_to_path(
-        #         self.input_directory, 'Original')
-        #     # Create directory if it doesn't exist.
-        #     filesystem.create_directory(self.original_object_directory)
-        #
-        # Initialize objects for DNS and Network monitoring.
-
         self.checks_instance = None
         self._setup_object()
 
     def _setup_object(self):
-        if self.object_type == 'file' or 'url_' in self.object_type:
-            self.checks_instance = hash
-        if self.object_type == 'dns':
-            self.checks_instance = dns
+        if self.object_type == 'file':
+            if not self.object_type_settings:
+                self.object_type_settings = FILE__URL__DEFAULT_SETTINGS
 
+            self.checks_instance = file.FileCheck(self)
+        elif self.object_type.startswith('url_'):
+            if not self.object_type_settings:
+                self.object_type_settings = FILE__URL__DEFAULT_SETTINGS
+
+            self.checks_instance = url.UrlCheck(self)
+        elif self.object_type == 'dns':
             if not self.object_type_settings:
                 self.object_type_settings = DNS__DEFAULT_SETTINGS
+
+            self.checks_instance = dns.DnsCheck(self)
         elif self.object_type == 'network':
-            self.checks_instance = network
+            self.checks_instance = network.NetworkCheck(self)
         elif self.object_type == 'process_running':
-            self.checks_instance = process_running
-
-        self.checks_instance.setup_check(self)
+            self.checks_instance = process_running.ProcessRunningCheck(self)
+        else:
+            raise ValueError(f"ERROR: Unknown object type: {self.object_type}")
 
     def check_cycle(self, print_kwargs: dict = None):
         """

atomicshop/monitor/checks/dns.py

@@ -1,128 +1,137 @@
 from pathlib import Path
+from typing import Union
 
 from ...etw.dns_trace import DnsTrace
 from ...print_api import print_api
-from ...diff_check import DiffChecker
+from ...import diff_check
 
 
 INPUT_FILE_DEFAULT_NAME: str = 'known_domains.json'
 INPUT_STATISTICS_FILE_DEFAULT_NAME: str = 'dns_statistics.json'
-FETCH_ENGINE: DnsTrace = DnsTrace(enable_process_poller=True, attrs=['name', 'cmdline', 'domain', 'query_type'])
-SETTINGS = {}
-DIFF_CHECKER_AGGREGATION = DiffChecker(
-    check_object=list(),                            # DNS events will be appended to this list.
-    return_first_cycle=True,
-    operation_type='new_objects'
-)
-DIFF_CHECKER_STATISTICS = DiffChecker(
-    check_object=list(),                            # DNS events will be appended to this list.
-    return_first_cycle=True,
-    operation_type='hit_statistics',
-    hit_statistics_enable_queue=True
-)
 
 
-def setup_check(change_monitor_instance):
-    global SETTINGS
-    SETTINGS = change_monitor_instance.object_type_settings
-
-    if SETTINGS['alert_always'] and SETTINGS['alert_about_missing_entries_after_learning']:
-        raise ValueError(
-            "ERROR: [alert_always] and [alert_about_missing_entries_after_learning] cannot be True at the same time.")
-
-    if not change_monitor_instance.input_file_name:
-        change_monitor_instance.input_file_name = INPUT_FILE_DEFAULT_NAME
-    input_file_path = (
-        str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
-
-    if not change_monitor_instance.input_statistics_file_name:
-        change_monitor_instance.input_statistics_file_name = INPUT_STATISTICS_FILE_DEFAULT_NAME
-    input_statistic_file_path = (
-        str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_statistics_file_name)))
-
-    if SETTINGS['learning_mode_create_unique_entries_list']:
-        DIFF_CHECKER_AGGREGATION.input_file_write_only = change_monitor_instance.input_file_write_only
-        DIFF_CHECKER_AGGREGATION.check_object_display_name = \
-            f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
-        DIFF_CHECKER_AGGREGATION.input_file_path = input_file_path
-        DIFF_CHECKER_AGGREGATION.new_objects_hours_then_difference = SETTINGS['learning_hours']
-        DIFF_CHECKER_AGGREGATION.initiate_before_action()
-
-    if SETTINGS['create_alert_statistics']:
-        DIFF_CHECKER_STATISTICS.input_file_write_only = change_monitor_instance.input_file_write_only
-        DIFF_CHECKER_STATISTICS.check_object_display_name = \
-            f'{change_monitor_instance.input_statistics_file_name}|{change_monitor_instance.object_type}'
-        DIFF_CHECKER_STATISTICS.input_file_path = input_statistic_file_path
-        DIFF_CHECKER_STATISTICS.hit_statistics_input_file_rotation_cycle_hours = SETTINGS['statistics_rotation_hours']
-        DIFF_CHECKER_STATISTICS.initiate_before_action()
-
-    # Start DNS monitoring.
-    FETCH_ENGINE.start()
-
-
-def execute_cycle(print_kwargs: dict = None) -> list:
+class DnsCheck:
     """
-    This function executes the cycle of the change monitor: dns.
-    The function is blocking so while using it, the script will wait for the next DNS event.
-    No need to use 'time.sleep()'.
-
-    :param print_kwargs: print_api kwargs.
-    :return: List of dictionaries with the results of the cycle.
+    Class for DNS monitoring.
     """
-
-    # 'emit()' method is blocking (it uses 'get' of queue instance)
-    # will return a dict with current DNS trace event.
-    event_dict = FETCH_ENGINE.emit()
-
-    return_list = list()
-    if SETTINGS['learning_mode_create_unique_entries_list']:
-        _aggregation_process(event_dict, return_list, print_kwargs)
-
-    if SETTINGS['create_alert_statistics'] and SETTINGS['alert_always']:
-        _statistics_process(event_dict, return_list, print_kwargs)
-
-    return return_list
-
-
-def _aggregation_process(event_dict: dict, return_list: list, print_kwargs: dict = None):
-    DIFF_CHECKER_AGGREGATION.check_object = [event_dict]
-
-    # Check if 'known_domains' list was updated from previous cycle.
-    result, message = DIFF_CHECKER_AGGREGATION.check_list_of_dicts(
-        sort_by_keys=['cmdline', 'name'], print_kwargs=print_kwargs)
-
-    if result:
-        # Check if 'updated' key is in the result. This means that this is a regular cycle.
-        if 'updated' in result:
-            if not result['time_passed']:
-                # Get list of new connections only.
-                # new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
-
-                for connection in result['updated']:
-                    message = \
-                        f"[Learning] New Domain Added: {connection['name']} | " \
-                        f"{connection['domain']} | {connection['query_type']} | " \
-                        f"{connection['cmdline']}"
-                    print_api(message, color='yellow', **(print_kwargs or {}))
-
-                    return_list.append(message)
-
-        # Check if learning time passed, so we can alert the new entries.
-        if 'time_passed' in result:
-            if result['time_passed']:
-                _statistics_process(result['updated'], return_list, print_kwargs)
-
-
-def _statistics_process(event_dict: dict, return_list: list, print_kwargs: dict = None):
-    DIFF_CHECKER_STATISTICS.check_object = [event_dict]
-
-    # Check if 'known_domains' list was updated from previous cycle.
-    result, message = DIFF_CHECKER_STATISTICS.check_list_of_dicts(
-        sort_by_keys=['cmdline', 'name'], print_kwargs=print_kwargs)
-
-    if result:
-        if 'count' in result:
-            message = f"[Alert] DNS Request: {result['entry']} | Times hit: {result['count']}"
-            print_api(message, color='yellow', **(print_kwargs or {}))
-
-            return_list.append(message)
+    
+    def __init__(self, change_monitor_instance):
+        self.change_monitor_instance = change_monitor_instance
+        self.diff_checker_aggregation: Union[diff_check.DiffChecker, None] = None
+        self.diff_checker_statistics: Union[diff_check.DiffChecker, None] = None
+        self.settings: dict = change_monitor_instance.object_type_settings
+        self.fetch_engine: DnsTrace = (
+            DnsTrace(enable_process_poller=True, attrs=['name', 'cmdline', 'domain', 'query_type']))
+
+        if self.settings['alert_always'] and self.settings['alert_about_missing_entries_after_learning']:
+            raise ValueError(
+                "ERROR: [alert_always] and [alert_about_missing_entries_after_learning] "
+                "cannot be True at the same time.")
+    
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = INPUT_FILE_DEFAULT_NAME
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+    
+        if not change_monitor_instance.input_statistics_file_name:
+            change_monitor_instance.input_statistics_file_name = INPUT_STATISTICS_FILE_DEFAULT_NAME
+        input_statistic_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_statistics_file_name)))
+    
+        if self.settings['learning_mode_create_unique_entries_list']:
+            aggregation_display_name = \
+                f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+            self.diff_checker_aggregation = diff_check.DiffChecker(
+                check_object=list(),                            # DNS events will be appended to this list.
+                return_first_cycle=True,
+                operation_type='new_objects',
+                input_file_write_only=change_monitor_instance.input_file_write_only,
+                check_object_display_name=aggregation_display_name,
+                input_file_path=input_file_path,
+                new_objects_hours_then_difference=self.settings['learning_hours']
+            )
+            self.diff_checker_aggregation.initiate_before_action()
+
+        if self.settings['create_alert_statistics']:
+            statistics_display_name = \
+                f'{change_monitor_instance.input_statistics_file_name}|{change_monitor_instance.object_type}'
+
+            self.diff_checker_statistics = diff_check.DiffChecker(
+                check_object=list(),  # DNS events will be appended to this list.
+                return_first_cycle=True,
+                operation_type='hit_statistics',
+                hit_statistics_enable_queue=True,
+                input_file_write_only=change_monitor_instance.input_file_write_only,
+                check_object_display_name=statistics_display_name,
+                input_file_path=input_statistic_file_path,
+                hit_statistics_input_file_rotation_cycle_hours=self.settings['statistics_rotation_hours']
+            )
+            self.diff_checker_statistics.initiate_before_action()
+    
+        # Start DNS monitoring.
+        self.fetch_engine.start()
+
+    def execute_cycle(self, print_kwargs: dict = None) -> list:
+        """
+        This function executes the cycle of the change monitor: dns.
+        The function is blocking so while using it, the script will wait for the next DNS event.
+        No need to use 'time.sleep()'.
+    
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+    
+        # 'emit()' method is blocking (it uses 'get' of queue instance)
+        # will return a dict with current DNS trace event.
+        event_dict = self.fetch_engine.emit()
+    
+        return_list = list()
+        if self.settings['learning_mode_create_unique_entries_list']:
+            self._aggregation_process(event_dict, return_list, print_kwargs)
+    
+        if self.settings['create_alert_statistics'] and self.settings['alert_always']:
+            self._statistics_process(event_dict, return_list, print_kwargs)
+    
+        return return_list
+
+    def _aggregation_process(self, event_dict: dict, return_list: list, print_kwargs: dict = None):
+        self.diff_checker_aggregation.check_object = [event_dict]
+    
+        # Check if 'known_domains' list was updated from previous cycle.
+        result, message = self.diff_checker_aggregation.check_list_of_dicts(
+            sort_by_keys=['cmdline', 'name'], print_kwargs=print_kwargs)
+    
+        if result:
+            # Check if 'updated' key is in the result. This means that this is a regular cycle.
+            if 'updated' in result:
+                if not result['time_passed']:
+                    # Get list of new connections only.
+                    # new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
+    
+                    for connection in result['updated']:
+                        message = \
+                            f"[Learning] New Domain Added: {connection['name']} | " \
+                            f"{connection['domain']} | {connection['query_type']} | " \
+                            f"{connection['cmdline']}"
+                        print_api(message, color='yellow', **(print_kwargs or {}))
+    
+                        return_list.append(message)
+    
+            # Check if learning time passed, so we can alert the new entries.
+            if 'time_passed' in result:
+                if result['time_passed']:
+                    self._statistics_process(result['updated'], return_list, print_kwargs)
+    
+    def _statistics_process(self, event_dict: dict, return_list: list, print_kwargs: dict = None):
+        self.diff_checker_statistics.check_object = [event_dict]
+    
+        # Check if 'known_domains' list was updated from previous cycle.
+        result, message = self.diff_checker_statistics.check_list_of_dicts(
+            sort_by_keys=['cmdline', 'name'], print_kwargs=print_kwargs)
+    
+        if result:
+            if 'count' in result:
+                message = f"[Alert] DNS Request: {result['entry']} | Times hit: {result['count']}"
+                print_api(message, color='yellow', **(print_kwargs or {}))
+    
+                return_list.append(message)

atomicshop/monitor/checks/file.py

@@ -0,0 +1,77 @@
+from pathlib import Path
+
+from ... import filesystem, hashing
+from ... import diff_check
+from ...print_api import print_api
+
+
+class FileCheck:
+    """
+    Class for file monitoring.
+    """
+    def __init__(self, change_monitor_instance):
+        self.diff_checker = None
+        self.change_monitor_instance = None
+        self.store_original_file_path = None
+
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = Path(change_monitor_instance.check_object).name
+            change_monitor_instance.input_file_name = change_monitor_instance.input_file_name.lower()
+            change_monitor_instance.input_file_name = (
+                change_monitor_instance.input_file_name.replace(' ', '_').replace('.', '_'))
+            change_monitor_instance.input_file_name = f'{change_monitor_instance.input_file_name}.txt'
+
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+
+        # If 'store_original_object' is True, create filename for the store original object.
+        if change_monitor_instance.object_type_settings['store_original_object']:
+            store_original_file_name: str = f'ORIGINAL_{Path(change_monitor_instance.check_object).name}'
+            self.store_original_file_path = str(Path(change_monitor_instance.input_directory, store_original_file_name))
+
+        self.diff_checker = diff_check.DiffChecker(
+            return_first_cycle=False,
+            operation_type='single_object',
+            input_file_path=input_file_path,
+            check_object_display_name=f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+        )
+        self.diff_checker.initiate_before_action()
+        self.change_monitor_instance = change_monitor_instance
+
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: hash.
+
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+
+        return_list = list()
+
+        self._get_hash()
+
+        # Check if the object was updated.
+        result, message = self.diff_checker.check_string(
+            print_kwargs=print_kwargs)
+
+        # If the object was updated, print the message in yellow color, otherwise print in green color.
+        if result:
+            print_api(message, color='yellow', **print_kwargs)
+            # create_message_file(message, self.__class__.__name__, logger=self.logger)
+
+            return_list.append(message)
+        else:
+            print_api(message, color='green', **print_kwargs)
+
+        return return_list
+
+    def _get_hash(self):
+        # Copy the file to the original object directory.
+        if self.store_original_file_path:
+            filesystem.copy_file(self.change_monitor_instance.check_object, self.store_original_file_path)
+
+        # Get hash of the file.
+        hash_string = hashing.hash_file(self.change_monitor_instance.check_object)
+
+        # Set the hash string to the 'check_object' variable.
+        self.diff_checker.check_object = hash_string

atomicshop/monitor/checks/hash.py

@@ -1,18 +1,17 @@
+from ... import diff_check
 from ...print_api import print_api
 from .hash_checks import file, url
 
 
-def setup_check(change_monitor_instance):
-    # if store_original_object and not (input_directory or input_file_path):
-    #     raise ValueError(
-    #         'ERROR: if [store_original_object] is True, either '
-    #         '[input_directory] or [input_file_path] must be specified .')
+DIFF_CHECKER = diff_check.DiffChecker(
+    return_first_cycle=False,
+    operation_type='single_object'
+)
 
 
+def setup_check(change_monitor_instance):
     change_monitor_instance.set_input_file_path()
 
-    change_monitor_instance.diff_checker.operation_type = 'single_object'
-
     if change_monitor_instance.object_type == 'file':
         file.setup_check(change_monitor_instance, change_monitor_instance.check_object)
     elif 'url_' in change_monitor_instance.object_type:

atomicshop/monitor/checks/network.py

@@ -1,91 +1,91 @@
+from pathlib import Path
+from typing import Union
+
 from ...wrappers.psutilw import psutilw
 from ...basics import list_of_dicts
 from ...print_api import print_api
+from ... import diff_check
 
 
-def setup_check(change_monitor_instance):
-    original_name: str = str()
-
-    # Initialize objects for network monitoring.
-    change_monitor_instance.fetch_engine = psutilw.PsutilConnections()
-
-    # Change settings for the DiffChecker object.
-    change_monitor_instance.diff_checker.return_first_cycle = True
-
-    if change_monitor_instance.generate_input_file_name:
-        original_name = 'known_connections'
-        # Make path for 'input_file_name'.
-        change_monitor_instance.input_file_name = f'{original_name}.txt'
-
-    change_monitor_instance.diff_checker.check_object_display_name = \
-        f'{original_name}|{change_monitor_instance.object_type}'
-
-    # Set the 'check_object' to empty list, since we will append the list of DNS events.
-    change_monitor_instance.diff_checker.check_object = list()
-
-    change_monitor_instance.diff_checker.operation_type = 'single_object'
-
-
-def execute_cycle(change_monitor_instance, print_kwargs: dict = None):
-    """
-    This function executes the cycle of the change monitor: network.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-    :param print_kwargs: print_api kwargs.
-
-    :return: List of dictionaries with the results of the cycle.
-    """
-
-    if print_kwargs is None:
-        print_kwargs = dict()
-
-    return_list = list()
-
-    _get_list(change_monitor_instance)
-
-    change_monitor_instance._set_input_file_path()
-
-    # Check if 'known_domains' list was updated from previous cycle.
-    result, message = change_monitor_instance.diff_checker.check_list_of_dicts(print_kwargs=print_kwargs)
+INPUT_FILE_DEFAULT_NAME: str = 'known_connections.txt'
 
-    if result:
-        # Get list of new connections only.
-        new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
 
-        for connection in new_connections_only:
-            message = \
-                f"New connection: {connection['name']} | " \
-                f"{connection['dst_ip']}:{connection['dst_port']} | " \
-                f"{connection['family']} | {connection['type']} | {connection['cmdline']}"
-            # f"{connection['src_ip']}:{connection['src_port']} -> " \
-            print_api(message, color='yellow', **print_kwargs)
-
-            return_list.append(message)
-
-    return return_list
-
-
-def _get_list(change_monitor_instance):
+class NetworkCheck:
     """
-    The function will get the list of opened network sockets and return only the new ones.
-
-    :param change_monitor_instance: Instance of the ChangeMonitor class.
-
-    :return: list of dicts, of new network sockets.
+    Class for network monitoring.
     """
 
-    # Get all connections (list of dicts), including process name and cmdline.
-    connections_list_of_dicts: list = \
-        change_monitor_instance.fetch_engine.get_connections_with_process_as_list_of_dicts(
-            attrs=['name', 'cmdline', 'family', 'type', 'dst_ip', 'dst_port'], skip_empty_dst=True,
-            cmdline_to_string=True, remove_duplicates=True)
-
-    # Get list of connections that are not in 'known_connections' list.
-    missing_connections_from_cycle: list = list_of_dicts.get_difference(
-        change_monitor_instance.diff_checker.check_object, connections_list_of_dicts)
-    # Add missing new connections to 'known_connections' list.
-    change_monitor_instance.diff_checker.check_object.extend(missing_connections_from_cycle)
-
-    # Sort list of dicts by process name and then by process cmdline.
-    change_monitor_instance.diff_checker.check_object = list_of_dicts.sort_by_keys(
-        change_monitor_instance.diff_checker.check_object, key_list=['cmdline', 'name'], case_insensitive=True)
+    def __init__(self, change_monitor_instance):
+        self.change_monitor_instance = change_monitor_instance
+        self.diff_checker: Union[diff_check.DiffChecker, None] = None
+        self.fetch_engine = psutilw.PsutilConnections()
+
+        if not change_monitor_instance.input_file_name:
+            change_monitor_instance.input_file_name = INPUT_FILE_DEFAULT_NAME
+        input_file_path = (
+            str(Path(change_monitor_instance.input_directory, change_monitor_instance.input_file_name)))
+
+        diff_checker_display_name = \
+            f'{change_monitor_instance.input_file_name}|{change_monitor_instance.object_type}'
+        self.diff_checker = diff_check.DiffChecker(
+            check_object=list(),  # we will append the list of connection events.
+            return_first_cycle=True,
+            operation_type='single_object',
+            check_object_display_name=diff_checker_display_name,
+            input_file_path=input_file_path
+        )
+        self.diff_checker.initiate_before_action()
+
+    def execute_cycle(self, print_kwargs: dict = None):
+        """
+        This function executes the cycle of the change monitor: network.
+
+        :param print_kwargs: print_api kwargs.
+        :return: List of dictionaries with the results of the cycle.
+        """
+
+        return_list = list()
+
+        self._get_list()
+
+        # Check if 'known_domains' list was updated from previous cycle.
+        result, message = self.diff_checker.check_list_of_dicts(print_kwargs=print_kwargs)
+
+        if result:
+            # Get list of new connections only.
+            new_connections_only: list = list_of_dicts.get_difference(result['old'], result['updated'])
+
+            for connection in new_connections_only:
+                message = \
+                    f"New connection: {connection['name']} | " \
+                    f"{connection['dst_ip']}:{connection['dst_port']} | " \
+                    f"{connection['family']} | {connection['type']} | {connection['cmdline']}"
+                # f"{connection['src_ip']}:{connection['src_port']} -> " \
+                print_api(message, color='yellow', **(print_kwargs or {}))
+
+                return_list.append(message)
+
+        return return_list
+
+    def _get_list(self):
+        """
+        The function will get the list of opened network sockets and return only the new ones.
+
+        :return: list of dicts, of new network sockets.
+        """
+
+        # Get all connections (list of dicts), including process name and cmdline.
+        connections_list_of_dicts: list = \
+            self.fetch_engine.get_connections_with_process_as_list_of_dicts(
+                attrs=['name', 'cmdline', 'family', 'type', 'dst_ip', 'dst_port'], skip_empty_dst=True,
+                cmdline_to_string=True, remove_duplicates=True)
+
+        # Get list of connections that are not in 'known_connections' list.
+        missing_connections_from_cycle: list = list_of_dicts.get_difference(
+            self.diff_checker.check_object, connections_list_of_dicts)
+        # Add missing new connections to 'known_connections' list.
+        self.diff_checker.check_object.extend(missing_connections_from_cycle)
+
+        # Sort list of dicts by process name and then by process cmdline.
+        self.diff_checker.check_object = list_of_dicts.sort_by_keys(
+            self.diff_checker.check_object, key_list=['cmdline', 'name'], case_insensitive=True)