public static EnrichmentConfig getConfig(SensorEnrichmentConfig sensorConfig, Type type) { EnrichmentConfig enrichmentConfig = null; switch(type) { case ENRICHMENT: enrichmentConfig = sensorConfig.getEnrichment(); break; case THREAT_INTEL: case THREATINTEL: enrichmentConfig = sensorConfig.getThreatIntel(); } return enrichmentConfig; }
@Override public EnrichmentConfig getUnderlyingConfig(SensorEnrichmentConfig config) { return config.getThreatIntel(); }
@Override public EnrichmentConfig getUnderlyingConfig(SensorEnrichmentConfig config) { return config.getEnrichment(); }
@Override public int hashCode() { int result = getEnrichment() != null ? getEnrichment().hashCode() : 0; result = 31 * result + (getEnrichment() != null ? getEnrichment().hashCode() : 0); result = 31 * result + (getThreatIntel() != null ? getThreatIntel().hashCode() : 0); result = 31 * result + (getConfiguration() != null ? getConfiguration().hashCode() : 0); return result; }
@Override public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; SensorEnrichmentConfig that = (SensorEnrichmentConfig) o; if (getEnrichment() != null ? !getEnrichment().equals(that.getEnrichment()) : that.getEnrichment() != null) return false; if (getThreatIntel() != null ? !getThreatIntel().equals(that.getThreatIntel()) : that.getThreatIntel() != null) return false; return getConfiguration() != null ? getConfiguration().equals(that.getConfiguration()) : that.getConfiguration() == null; }
@Override public int hashCode() { int result = getFieldMap() != null ? getFieldMap().hashCode() : 0; result = 31 * result + (getFieldToTypeMap() != null ? getFieldToTypeMap().hashCode() : 0); result = 31 * result + (getConfig() != null ? getConfig().hashCode() : 0); return result; } }
public ThreatTriageProcessor( SensorEnrichmentConfig config , FunctionResolver functionResolver , Context context ) { this.threatIntelConfig = config.getThreatIntel(); this.sensorConfig = config; this.threatTriageConfig = config.getThreatIntel().getTriageConfig(); this.functionResolver = functionResolver; this.context = context; }
public Map<String, Object> getFieldMap(String sourceType) { if(sourceType != null) { SensorEnrichmentConfig config = getConfigurations().getSensorEnrichmentConfig(sourceType); if (config != null && config.getEnrichment() != null) { return config.getEnrichment().getFieldMap(); } else { LOG.debug("Unable to retrieve a sensor enrichment config of {}", sourceType); } } else { LOG.error("Trying to retrieve a field map with source type of null"); } return null; } }
@Override public SensorEnrichmentConfig readConfig(String sensor) throws Exception { SensorEnrichmentConfig sensorEnrichmentConfig = new SensorEnrichmentConfig(); try { sensorEnrichmentConfig = SensorEnrichmentConfig.fromBytes(ConfigurationsUtils.readSensorEnrichmentConfigBytesFromZookeeper(sensor, client)); }catch (KeeperException.NoNodeException e) { } return sensorEnrichmentConfig; }
protected Map<String, ConfigHandler> getFieldToHandlerMap(String sensorType) { if(sensorType != null) { SensorEnrichmentConfig config = getConfigurations().getSensorEnrichmentConfig(sensorType); if (config != null) { return config.getEnrichment().getEnrichmentConfigs(); } else { LOG.debug("Unable to retrieve a sensor enrichment config of {}", sensorType); } } else { LOG.error("Trying to retrieve a field map with sensor type of null"); } return new HashMap<>(); }
@Override public int hashCode() { int result = super.hashCode(); result = 31 * result + (getTriageConfig() != null ? getTriageConfig().hashCode() : 0); return result; }
public void updateSensorConfigs( ) throws Exception { CuratorFramework client = ConfigurationsUtils.getClient(getZkQuorum()); try { client.start(); updateSensorConfigs(new ZKSourceConfigHandler(client), sensorToFieldList); } finally { client.close(); } }
private static SensorEnrichmentConfig findConfigBySensorType(SourceConfigHandler scHandler, Map<String, SensorEnrichmentConfig> sourceConfigsChanged, String key) throws Exception { SensorEnrichmentConfig config = sourceConfigsChanged.get(key); if(config == null) { config = scHandler.readConfig(key); if(LOG.isDebugEnabled()) { LOG.debug(config.toJSON()); } } return config; }
@Override public Map<String, Object> getSensorConfig(String sensorName) { return config.orElse(new EnrichmentConfigurations()).getSensorEnrichmentConfig(sensorName) .getConfiguration(); }
@Override public void persistConfig(String sensor, SensorEnrichmentConfig config) throws Exception { ConfigurationsUtils.writeSensorEnrichmentConfigToZookeeper(sensor, config.toJSON().getBytes(), client); } }
@Override public int hashCode() { int result = getField() != null ? getField().hashCode() : 0; result = 31 * result + (getValue() != null ? getValue().hashCode() : 0); result = 31 * result + (config != null ? config.hashCode() : 0); return result; } }
@Override public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; CacheKey cacheKey = (CacheKey) o; if (getField() != null ? !getField().equals(cacheKey.getField()) : cacheKey.getField() != null) return false; if (getValue() != null ? !getValue().equals(cacheKey.getValue()) : cacheKey.getValue() != null) return false; return config != null ? config.equals(cacheKey.config) : cacheKey.config == null; }
@Override public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; EnrichmentConfig that = (EnrichmentConfig) o; if (getFieldMap() != null ? !getFieldMap().equals(that.getFieldMap()) : that.getFieldMap() != null) return false; if (getFieldToTypeMap() != null ? !getFieldToTypeMap().equals(that.getFieldToTypeMap()) : that.getFieldToTypeMap() != null) return false; return getConfig() != null ? getConfig().equals(that.getConfig()) : that.getConfig() == null; }
protected Map<String, Object > getFieldMap(String sensorType) { if(sensorType != null) { SensorEnrichmentConfig config = getConfigurations().getSensorEnrichmentConfig(sensorType); if (config != null) { return config.getEnrichment().getFieldMap(); } else { LOG.debug("Unable to retrieve a sensor enrichment config of {}", sensorType); } } else { LOG.error("Trying to retrieve a field map with sensor type of null"); } return new HashMap<>(); }
protected Map<String, ConfigHandler> getFieldToHandlerMap(String sensorType) { if(sensorType != null) { SensorEnrichmentConfig config = getConfigurations().getSensorEnrichmentConfig(sensorType); if (config != null) { return config.getEnrichment().getEnrichmentConfigs(); } else { LOG.debug("Unable to retrieve a sensor enrichment config of {}", sensorType); } } else { LOG.error("Trying to retrieve a field map with sensor type of null"); } return new HashMap<>(); } protected Map<String, Object > getFieldMap(String sensorType) {