xbase-util 0.3.7__tar.gz → 0.3.9__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {xbase_util-0.3.7 → xbase_util-0.3.9}/PKG-INFO +1 -1
- {xbase_util-0.3.7 → xbase_util-0.3.9}/setup.py +1 -1
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/xbase_util.py +22 -16
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util.egg-info/PKG-INFO +1 -1
- {xbase_util-0.3.7 → xbase_util-0.3.9}/README.md +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/setup.cfg +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/__init__.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/add_column_util.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/__init__.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/bean/ConfigBean.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/bean/CurrentConfigBean.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/bean/FlowBean.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/bean/TaskTemplateBean.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/bean/__init__.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/dao/ConfigDao.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/dao/CurrentConfigDao.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/dao/FlowDao.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/dao/TaskTemplateDao.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/dao/__init__.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/db/initsqlite3.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/es_db_util.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/esreq.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/geo_util.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/handle_features_util.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/pcap_util.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util/xbase_constant.py +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util.egg-info/SOURCES.txt +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util.egg-info/dependency_links.txt +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util.egg-info/not-zip-safe +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util.egg-info/top_level.txt +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util_assets/GeoLite2-City.mmdb +0 -0
- {xbase_util-0.3.7 → xbase_util-0.3.9}/xbase_util_assets/arkimeparse.js +0 -0
|
@@ -118,17 +118,24 @@ def split_process(subsection, process_count):
|
|
|
118
118
|
return lengths
|
|
119
119
|
|
|
120
120
|
|
|
121
|
-
def build_es_expression(size, arkime_expression,start_time
|
|
121
|
+
def build_es_expression(size, arkime_expression, start_time, end_time, bounded_type="bounded"):
|
|
122
122
|
expression = {"query": {"bool": {"filter": []}}}
|
|
123
123
|
try:
|
|
124
124
|
if size:
|
|
125
125
|
expression['size'] = size
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
126
|
+
|
|
127
|
+
if bounded_type == "bounded":
|
|
128
|
+
if start_time:
|
|
129
|
+
expression['query']['bool']['filter'].append(
|
|
130
|
+
{"range": {"firstPacket": {"gte": round(start_time.timestamp() * 1000)}}})
|
|
131
|
+
if end_time:
|
|
132
|
+
expression['query']['bool']['filter'].append(
|
|
133
|
+
{"range": {"lastPacket": {"lte": round(end_time.timestamp() * 1000)}}})
|
|
134
|
+
elif bounded_type == "last" and start_time and end_time:
|
|
130
135
|
expression['query']['bool']['filter'].append(
|
|
131
|
-
{"range": {"lastPacket": {"
|
|
136
|
+
{"range": {"lastPacket": {"gte": round(start_time.timestamp() * 1000),
|
|
137
|
+
"lte": round(end_time.timestamp() * 1000)}}})
|
|
138
|
+
|
|
132
139
|
arkime_2_es = parse_expression(arkime_expression)
|
|
133
140
|
if arkime_2_es:
|
|
134
141
|
expression['query']['bool']['filter'].append(arkime_2_es)
|
|
@@ -395,16 +402,15 @@ def get_uri_filename_length(uri):
|
|
|
395
402
|
return 0
|
|
396
403
|
|
|
397
404
|
|
|
398
|
-
def get_dns_domain_suffix(domain
|
|
399
|
-
|
|
400
|
-
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
return ""
|
|
405
|
+
def get_dns_domain_suffix(domain):
|
|
406
|
+
try:
|
|
407
|
+
for tmp_suffix in dns_domain_list:
|
|
408
|
+
if tmp_suffix in domain:
|
|
409
|
+
return tmp_suffix
|
|
410
|
+
extracted = tldextract.extract(domain)
|
|
411
|
+
return extracted.suffix
|
|
412
|
+
except Exception as e:
|
|
413
|
+
return ""
|
|
408
414
|
|
|
409
415
|
|
|
410
416
|
def check_path(file_path: str):
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|