xbase-util 0.3.0__tar.gz → 0.3.2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {xbase_util-0.3.0 → xbase_util-0.3.2}/PKG-INFO +1 -1
- {xbase_util-0.3.0 → xbase_util-0.3.2}/setup.py +1 -1
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/geo_util.py +3 -1
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/xbase_util.py +6 -7
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util.egg-info/PKG-INFO +1 -1
- {xbase_util-0.3.0 → xbase_util-0.3.2}/README.md +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/setup.cfg +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/__init__.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/__init__.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/bean/ConfigBean.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/bean/CurrentConfigBean.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/bean/FlowBean.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/bean/TaskTemplateBean.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/bean/__init__.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/dao/ConfigDao.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/dao/CurrentConfigDao.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/dao/FlowDao.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/dao/TaskTemplateDao.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/dao/__init__.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/db/initsqlite3.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/es_db_util.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/esreq.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/handle_features_util.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/pcap_util.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util/xbase_constant.py +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util.egg-info/SOURCES.txt +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util.egg-info/dependency_links.txt +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util.egg-info/not-zip-safe +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util.egg-info/top_level.txt +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util_assets/GeoLite2-City.mmdb +0 -0
- {xbase_util-0.3.0 → xbase_util-0.3.2}/xbase_util_assets/arkimeparse.js +0 -0
|
@@ -35,7 +35,7 @@ class GeoUtil:
|
|
|
35
35
|
if value == "" or value is None:
|
|
36
36
|
return "IP_GEO_EMPTY"
|
|
37
37
|
else:
|
|
38
|
-
return value
|
|
38
|
+
return f"{value}"
|
|
39
39
|
|
|
40
40
|
def get_geo_by_ip(self, geo_map):
|
|
41
41
|
source_ip = geo_map["source.ip"]
|
|
@@ -63,6 +63,7 @@ class GeoUtil:
|
|
|
63
63
|
geo_map['source.ip_Location_Latitude'] = "IP_GEO_EMPTY"
|
|
64
64
|
geo_map["source.ip_Location_Longitude"] = "IP_GEO_EMPTY"
|
|
65
65
|
else:
|
|
66
|
+
source_ip_name=f"{source_ip_name}"
|
|
66
67
|
geo_map["source.ip_Country_IsoCode"] = source_ip_name
|
|
67
68
|
geo_map['source.ip_Country_Name'] = source_ip_name
|
|
68
69
|
geo_map["source.ip_Country_SpecificName"] = source_ip_name
|
|
@@ -96,6 +97,7 @@ class GeoUtil:
|
|
|
96
97
|
geo_map['destination.ip_Location_Latitude'] = "IP_GEO_EMPTY"
|
|
97
98
|
geo_map["destination.ip_Location_Longitude"] = "IP_GEO_EMPTY"
|
|
98
99
|
else:
|
|
100
|
+
destination_ip_name=f"{destination_ip_name}"
|
|
99
101
|
geo_map["destination.ip_Country_IsoCode"] = destination_ip_name
|
|
100
102
|
geo_map['destination.ip_Country_Name'] = destination_ip_name
|
|
101
103
|
geo_map["destination.ip_Country_SpecificName"] = destination_ip_name
|
|
@@ -225,22 +225,21 @@ def get_statistic_fields(packets):
|
|
|
225
225
|
return field_map
|
|
226
226
|
|
|
227
227
|
|
|
228
|
-
def
|
|
229
|
-
|
|
228
|
+
def get_dns_domains(packets):
|
|
229
|
+
domain_names = []
|
|
230
230
|
for packet_item in packets:
|
|
231
231
|
if DNS in packet_item:
|
|
232
232
|
dns_layer = packet_item[DNS]
|
|
233
233
|
if dns_layer.qd:
|
|
234
234
|
try:
|
|
235
235
|
domain_name = dns_layer.qd.qname.decode('utf-8')
|
|
236
|
-
# print(f"dns域名:{domain_name}")
|
|
237
236
|
except Exception:
|
|
238
237
|
domain_name = str(dns_layer.qd.qname)
|
|
239
238
|
print(f"dns域名编码失败的字符串:{domain_name}")
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
return
|
|
239
|
+
if domain_name.endswith("."):
|
|
240
|
+
domain_name = domain_name[:-1]
|
|
241
|
+
domain_names.append(domain_name)
|
|
242
|
+
return domain_names
|
|
244
243
|
|
|
245
244
|
|
|
246
245
|
def extract_session_fields(origin_list, geoUtil):
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|