Sha256: e79dda478adf5feba68c63416dd6f9aa39ad2c7404ebebe64680b1146643cf83
Contents?: true
Size: 1.27 KB
Versions: 2
Compression:
Stored size: 1.27 KB
Contents
# frozen_string_literal: true
require "net/ping"
require "uri"
module Mihari
class TheHive
# @return [true, false]
def api_endpont?
ENV.key? "THEHIVE_API_ENDPOINT"
end
# @return [true, false]
def api_key?
ENV.key? "THEHIVE_API_KEY"
end
# @return [true, false]
def valid?
api_endpont? && api_key? && ping?
end
# @return [Hachi::API]
def api
@api ||= Hachi::API.new
end
# @return [Hash]
def search(data:, data_type:, range: "all")
api.artifact.search(data: data, data_type: data_type, range: range)
end
# @return [true, false]
def exists?(data:, data_type:)
res = search(data: data, data_type: data_type, range: "0-1")
!res.empty?
end
# @return [Hash]
def create_alert(title:, description:, artifacts:, tags: [])
api.alert.create(
title: title,
description: description,
artifacts: artifacts,
tags: tags,
type: "external",
source: "mihari"
)
end
private
def ping?
base_url = ENV.fetch("THEHIVE_API_ENDPOINT")
base_url = base_url.end_with?("/") ? base_url[0..-2] : base_url
url = "#{base_url}/index.html"
http = Net::Ping::HTTP.new(url)
http.ping?
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| mihari-0.4.0 | lib/mihari/the_hive.rb |
| mihari-0.3.0 | lib/mihari/the_hive.rb |