diff --git a/lib/mihari.rb b/lib/mihari.rb index 27c56e3e..45080086 100644 --- a/lib/mihari.rb +++ b/lib/mihari.rb @@ -79,7 +79,7 @@ def emitters # def emitter_to_class @emitter_to_class ||= emitters.flat_map do |klass| - klass.class_keys.map { |key| [key, klass] } + klass.keys.map { |key| [key, klass] } end.to_h end @@ -96,7 +96,7 @@ def analyzers # def analyzer_to_class @analyzer_to_class ||= analyzers.flat_map do |klass| - klass.class_keys.map { |key| [key, klass] } + klass.keys.map { |key| [key, klass] } end.to_h end @@ -113,7 +113,7 @@ def enrichers # def enricher_to_class @enricher_to_class ||= enrichers.flat_map do |klass| - klass.class_keys.map { |key| [key, klass] } + klass.keys.map { |key| [key, klass] } end.to_h end diff --git a/lib/mihari/actor.rb b/lib/mihari/actor.rb index 085d66d2..4aa74dc9 100644 --- a/lib/mihari/actor.rb +++ b/lib/mihari/actor.rb @@ -55,7 +55,7 @@ def validate_configuration! joined = self.class.configuration_keys.join(", ") be = (self.class.configuration_keys.length > 1) ? "are" : "is" - message = "#{self.class.class_key} is not configured correctly. #{joined} #{be} missing." + message = "#{self.class.key} is not configured correctly. #{joined} #{be} missing." raise ConfigurationError, message end @@ -75,22 +75,22 @@ class << self # # @return [String] # - def class_key + def key to_s.split("::").last.downcase end # # @return [Array, nil] # - def class_key_aliases + def key_aliases nil end # # @return [Array] # - def class_keys - ([class_key] + [class_key_aliases]).flatten.compact.map(&:downcase) + def keys + ([key] + [key_aliases]).flatten.compact.map(&:downcase) end end end diff --git a/lib/mihari/analyzers/base.rb b/lib/mihari/analyzers/base.rb index 026034b1..d8a2637f 100644 --- a/lib/mihari/analyzers/base.rb +++ b/lib/mihari/analyzers/base.rb @@ -65,7 +65,7 @@ def normalized_artifacts # It is set automatically in #initialize artifact = artifact.is_a?(Models::Artifact) ? artifact : Models::Artifact.new(data: artifact) - artifact.source = self.class.class_key + artifact.source = self.class.key artifact.query = query artifact @@ -93,11 +93,11 @@ def result(...) return result if result.success? # Wrap failure with AnalyzerError to explicitly name a failed analyzer - error = AnalyzerError.new(result.failure.message, self.class.class_key, cause: result.failure) + error = AnalyzerError.new(result.failure.message, self.class.key, cause: result.failure) return Failure(error) unless ignore_error? # Return Success if ignore_error? is true with logging - Mihari.logger.warn("Analyzer:#{self.class.class_key} failed - #{result.failure}") + Mihari.logger.warn("Analyzer:#{self.class.key} failed - #{result.failure}") Success([]) end diff --git a/lib/mihari/analyzers/passivetotal.rb b/lib/mihari/analyzers/passivetotal.rb index 53e093c7..bc848b6e 100644 --- a/lib/mihari/analyzers/passivetotal.rb +++ b/lib/mihari/analyzers/passivetotal.rb @@ -57,7 +57,7 @@ def configuration_keys # # @return [Array, nil] # - def class_key_aliases + def key_aliases ["pt"] end end diff --git a/lib/mihari/analyzers/securitytrails.rb b/lib/mihari/analyzers/securitytrails.rb index 80c2af03..c32cd72e 100644 --- a/lib/mihari/analyzers/securitytrails.rb +++ b/lib/mihari/analyzers/securitytrails.rb @@ -51,7 +51,7 @@ def configuration_keys # # @return [Array, nil] # - def class_key_aliases + def key_aliases ["st"] end end diff --git a/lib/mihari/analyzers/virustotal.rb b/lib/mihari/analyzers/virustotal.rb index ff7fec8e..1c95df76 100644 --- a/lib/mihari/analyzers/virustotal.rb +++ b/lib/mihari/analyzers/virustotal.rb @@ -46,7 +46,7 @@ def configuration_keys # # @return [Array, nil] # - def class_key_aliases + def key_aliases ["vt"] end end diff --git a/lib/mihari/analyzers/virustotal_intelligence.rb b/lib/mihari/analyzers/virustotal_intelligence.rb index abb01a87..65fc6890 100644 --- a/lib/mihari/analyzers/virustotal_intelligence.rb +++ b/lib/mihari/analyzers/virustotal_intelligence.rb @@ -34,14 +34,14 @@ class << self # # @return [String] # - def class_key + def key "virustotal_intelligence" end # # @return [Array, nil] # - def class_key_aliases + def key_aliases ["vt_intel"] end end diff --git a/lib/mihari/constants.rb b/lib/mihari/constants.rb index 6c97868b..8e1a92d8 100644 --- a/lib/mihari/constants.rb +++ b/lib/mihari/constants.rb @@ -5,7 +5,7 @@ module Mihari DEFAULT_DATA_TYPES = Types::DataTypes.values.freeze # @return [Array] - DEFAULT_EMITTERS = Emitters::Database.class_keys.map { |name| { emitter: name.downcase } }.freeze + DEFAULT_EMITTERS = Emitters::Database.keys.map { |name| { emitter: name.downcase } }.freeze # @return [Array] DEFAULT_ENRICHERS = Mihari.enricher_to_class.keys.map { |name| { enricher: name.downcase } }.freeze diff --git a/lib/mihari/emitters/base.rb b/lib/mihari/emitters/base.rb index bf1407f1..9d2998c7 100644 --- a/lib/mihari/emitters/base.rb +++ b/lib/mihari/emitters/base.rb @@ -38,7 +38,7 @@ def result(artifacts) ) { call(artifacts) } end.to_result - Mihari.logger.warn("Emitter:#{self.class.class_key} failed - #{result.failure}") if result.failure? + Mihari.logger.warn("Emitter:#{self.class.key} failed - #{result.failure}") if result.failure? result end diff --git a/lib/mihari/enrichers/base.rb b/lib/mihari/enrichers/base.rb index 17549ef1..a1478c5c 100644 --- a/lib/mihari/enrichers/base.rb +++ b/lib/mihari/enrichers/base.rb @@ -33,7 +33,7 @@ def result(value) ) { call value } end.to_result - Mihari.logger.warn("Enricher:#{self.class.class_key} failed: #{result.failure}") if result.failure? + Mihari.logger.warn("Enricher:#{self.class.key} failed: #{result.failure}") if result.failure? result end diff --git a/lib/mihari/enrichers/google_public_dns.rb b/lib/mihari/enrichers/google_public_dns.rb index 03283e9d..5ad4128d 100644 --- a/lib/mihari/enrichers/google_public_dns.rb +++ b/lib/mihari/enrichers/google_public_dns.rb @@ -21,7 +21,7 @@ class << self # # @return [String] # - def class_key + def key "google_public_dns" end end diff --git a/lib/mihari/schemas/analyzer.rb b/lib/mihari/schemas/analyzer.rb index 5b7c68dd..407cbfb6 100644 --- a/lib/mihari/schemas/analyzer.rb +++ b/lib/mihari/schemas/analyzer.rb @@ -10,12 +10,12 @@ module Analyzers # Analyzer with API key and pagination [ - Mihari::Analyzers::BinaryEdge.class_keys, - Mihari::Analyzers::GreyNoise.class_keys, - Mihari::Analyzers::Onyphe.class_keys, - Mihari::Analyzers::Shodan.class_keys, - Mihari::Analyzers::Urlscan.class_keys, - Mihari::Analyzers::VirusTotalIntelligence.class_keys + Mihari::Analyzers::BinaryEdge.keys, + Mihari::Analyzers::GreyNoise.keys, + Mihari::Analyzers::Onyphe.keys, + Mihari::Analyzers::Shodan.keys, + Mihari::Analyzers::Urlscan.keys, + Mihari::Analyzers::VirusTotalIntelligence.keys ].each do |keys| key = keys.first const_set(key.upcase, Dry::Schema.Params do @@ -28,10 +28,10 @@ module Analyzers # Analyzer with API key [ - Mihari::Analyzers::OTX.class_keys, - Mihari::Analyzers::Pulsedive.class_keys, - Mihari::Analyzers::VirusTotal.class_keys, - Mihari::Analyzers::SecurityTrails.class_keys + Mihari::Analyzers::OTX.keys, + Mihari::Analyzers::Pulsedive.keys, + Mihari::Analyzers::VirusTotal.keys, + Mihari::Analyzers::SecurityTrails.keys ].each do |keys| key = keys.first const_set(key.upcase, Dry::Schema.Params do @@ -43,13 +43,13 @@ module Analyzers end DNSTwister = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::DNSTwister.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::DNSTwister.keys)) required(:query).value(:string) optional(:options).hash(AnalyzerOptions) end Censys = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Censys.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Censys.keys)) required(:query).value(:string) optional(:id).value(:string) optional(:secret).value(:string) @@ -57,7 +57,7 @@ module Analyzers end CIRCL = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::CIRCL.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::CIRCL.keys)) required(:query).value(:string) optional(:username).value(:string) optional(:password).value(:string) @@ -65,7 +65,7 @@ module Analyzers end Fofa = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Fofa.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Fofa.keys)) required(:query).value(:string) optional(:api_key).value(:string) optional(:email).value(:string) @@ -73,7 +73,7 @@ module Analyzers end PassiveTotal = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::PassiveTotal.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::PassiveTotal.keys)) required(:query).value(:string) optional(:username).value(:string) optional(:api_key).value(:string) @@ -81,14 +81,14 @@ module Analyzers end ZoomEye = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::ZoomEye.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::ZoomEye.keys)) required(:query).value(:string) required(:type).value(Types::String.enum("host", "web")) optional(:options).hash(AnalyzerPaginationOptions) end Crtsh = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Crtsh.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Crtsh.keys)) required(:query).value(:string) optional(:exclude_expired).value(:bool).default(true) optional(:match).value(Types::String.enum("=", "ILIKE", "LIKE", "single", "any", "FTS")).default(nil) @@ -96,7 +96,7 @@ module Analyzers end HunterHow = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::HunterHow.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::HunterHow.keys)) required(:query).value(:string) required(:start_time).value(:date) required(:end_time).value(:date) @@ -105,7 +105,7 @@ module Analyzers end Feed = Dry::Schema.Params do - required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Feed.class_keys)) + required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Feed.keys)) required(:query).value(:string) required(:selector).value(:string) optional(:method).value(Types::HTTPRequestMethods).default("GET") diff --git a/lib/mihari/schemas/emitter.rb b/lib/mihari/schemas/emitter.rb index 67cb44be..5636733c 100644 --- a/lib/mihari/schemas/emitter.rb +++ b/lib/mihari/schemas/emitter.rb @@ -9,33 +9,33 @@ module Emitters extend Concerns::Orrable Database = Dry::Schema.Params do - required(:emitter).value(Types::String.enum(*Mihari::Emitters::Database.class_keys)) + required(:emitter).value(Types::String.enum(*Mihari::Emitters::Database.keys)) optional(:options).hash(Options) end MISP = Dry::Schema.Params do - required(:emitter).value(Types::String.enum(*Mihari::Emitters::MISP.class_keys)) + required(:emitter).value(Types::String.enum(*Mihari::Emitters::MISP.keys)) optional(:url).value(:string) optional(:api_key).value(:string) optional(:options).hash(Options) end TheHive = Dry::Schema.Params do - required(:emitter).value(Types::String.enum(*Mihari::Emitters::TheHive.class_keys)) + required(:emitter).value(Types::String.enum(*Mihari::Emitters::TheHive.keys)) optional(:url).value(:string) optional(:api_key).value(:string) optional(:options).hash(Options) end Slack = Dry::Schema.Params do - required(:emitter).value(Types::String.enum(*Mihari::Emitters::Slack.class_keys)) + required(:emitter).value(Types::String.enum(*Mihari::Emitters::Slack.keys)) optional(:webhook_url).value(:string) optional(:channel).value(:string) optional(:options).hash(Options) end Webhook = Dry::Schema.Params do - required(:emitter).value(Types::String.enum(*Mihari::Emitters::Webhook.class_keys)) + required(:emitter).value(Types::String.enum(*Mihari::Emitters::Webhook.keys)) required(:url).value(:string) optional(:method).value(Types::HTTPRequestMethods).default("POST") optional(:headers).value(:hash).default({}) diff --git a/lib/mihari/schemas/enricher.rb b/lib/mihari/schemas/enricher.rb index cd278300..9deebdca 100644 --- a/lib/mihari/schemas/enricher.rb +++ b/lib/mihari/schemas/enricher.rb @@ -9,22 +9,22 @@ module Enrichers extend Concerns::Orrable MMDB = Dry::Schema.Params do - required(:enricher).value(Types::String.enum(*Mihari::Enrichers::MMDB.class_keys)) + required(:enricher).value(Types::String.enum(*Mihari::Enrichers::MMDB.keys)) optional(:options).hash(Options) end Whois = Dry::Schema.Params do - required(:enricher).value(Types::String.enum(*Mihari::Enrichers::Whois.class_keys)) + required(:enricher).value(Types::String.enum(*Mihari::Enrichers::Whois.keys)) optional(:options).hash(Options) end Shodan = Dry::Schema.Params do - required(:enricher).value(Types::String.enum(*Mihari::Enrichers::Shodan.class_keys)) + required(:enricher).value(Types::String.enum(*Mihari::Enrichers::Shodan.keys)) optional(:options).hash(Options) end GooglePublicDNS = Dry::Schema.Params do - required(:enricher).value(Types::String.enum(*Mihari::Enrichers::GooglePublicDNS.class_keys)) + required(:enricher).value(Types::String.enum(*Mihari::Enrichers::GooglePublicDNS.keys)) optional(:options).hash(Options) end end diff --git a/lib/mihari/structs/config.rb b/lib/mihari/structs/config.rb index bd99e672..6cc550a6 100644 --- a/lib/mihari/structs/config.rb +++ b/lib/mihari/structs/config.rb @@ -68,7 +68,7 @@ def from_class(klass) begin instance = get_dummy(klass) new( - name: klass.class_key, + name: klass.key, items: klass.configuration_items, configured: instance.configured?, type: type diff --git a/spec/analyzers/analyzer_spec.rb b/spec/analyzers/analyzer_spec.rb index 36d27f84..b72f4677 100644 --- a/spec/analyzers/analyzer_spec.rb +++ b/spec/analyzers/analyzer_spec.rb @@ -14,7 +14,7 @@ def artifacts end class << self - def class_keys + def keys # NOTE: returns an empty array to prevent adding this class in Mihari#analyzer_to_class [] end diff --git a/spec/schemas/rule_spec.rb b/spec/schemas/rule_spec.rb index f0c67c48..f7820262 100644 --- a/spec/schemas/rule_spec.rb +++ b/spec/schemas/rule_spec.rb @@ -32,7 +32,7 @@ title: title, queries: [{ analyzer: analyzer, query: "foo" }] ) - expect(result.errors.empty?).to be true + expect(result.errors.empty?).to eq true end end end