@Override public SensorEnrichmentConfig readConfig(String sensor) throws Exception { SensorEnrichmentConfig sensorEnrichmentConfig = new SensorEnrichmentConfig(); try { sensorEnrichmentConfig = SensorEnrichmentConfig.fromBytes(ConfigurationsUtils.readSensorEnrichmentConfigBytesFromZookeeper(sensor, client)); }catch (KeeperException.NoNodeException e) { } return sensorEnrichmentConfig; }
@Override public Object apply(List<Object> args, Context context) throws ParseException { ThreatTriageProcessor processor; SensorEnrichmentConfig config = new SensorEnrichmentConfig(); // the user can provide an initial config if(args.size() > 0) { String json = Util.getArg(0, String.class, args); if (json != null) { config = (SensorEnrichmentConfig) ENRICHMENT.deserialize(json); } else { throw new IllegalArgumentException(format("Invalid configuration: unable to deserialize '%s'", json)); } } processor = new ThreatTriageProcessor(config, new ClasspathFunctionResolver(), context); return processor; }
/** * Retrieve the Enrichment configuration. * * @param args The function arguments. * @return The Enrichment configuration as a JSON string. * @throws Exception */ private String getEnrichmentConfig(List<Object> args) throws Exception { // retrieve the enrichment config for the given sensor String sensor = getArg(1, String.class, args); SensorEnrichmentConfig sensorConfig = readSensorEnrichmentConfigFromZookeeper(sensor, zkClient); // provide empty/default config if one is not present? if(sensorConfig == null && emptyIfNotPresent(args)) { sensorConfig = new SensorEnrichmentConfig(); } return toJSON(sensorConfig); }
SensorEnrichmentConfig config = new SensorEnrichmentConfig(); if(arg0 instanceof String) {
if(config == null) { LOG.debug("Unable to find SensorEnrichmentConfig for sourceType: {}", sourceType); config = new SensorEnrichmentConfig();
SensorEnrichmentConfig testSensorConfig = new SensorEnrichmentConfig(); Map<String, Object> enrichmentFieldMap = new HashMap<>(); enrichmentFieldMap.put("enrichmentTest", new ArrayList<String>() {{
0d, new ThreatTriageProcessor( new SensorEnrichmentConfig(), StellarFunctions.FUNCTION_RESOLVER(), Context.EMPTY_CONTEXT()).apply(