Class: ActiveStix::ObservedDatum

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• ActiveStix::ObservedDatum

Defined in:

app/models/active_stix/observed_datum.rb

Class Method Summary

• .create_new_observed_data(object) ⇒ Object
• .update_observed_data(object) ⇒ Object
• .wrap_object(object) ⇒ Object

Instance Method Summary

• #as_stix ⇒ Object
• #mail_server ⇒ Object
• #number_observed ⇒ Object
• #type ⇒ Object

Class Method Details

.create_new_observed_data(object) ⇒ Object

# File 'app/models/active_stix/observed_datum.rb', line 37

def self.create_new_observed_data(object)
  current_time = DateTime.now
  od = ActiveStix::ObservedDatum.create(
      first_observed: current_time,
      last_observed: current_time
  )
  ActiveStix::CyberObservable.create(observed_datum: od, cyber_observable_object: object)
end

.update_observed_data(object) ⇒ Object

# File 'app/models/active_stix/observed_datum.rb', line 27

def self.update_observed_data(object)
  object.observed_data.each do |od|
    od.update_attribute('last_observed', DateTime.now)
  end
end

.wrap_object(object) ⇒ Object

# File 'app/models/active_stix/observed_datum.rb', line 19

def self.wrap_object(object)
  if object.observed_data.count > 0
    update_observed_data(object)
  else
    create_new_observed_data(object)
  end
end

Instance Method Details

#as_stix ⇒ Object

# File 'app/models/active_stix/observed_datum.rb', line 47

def as_stix
  as_json(only: []).tap do |hash|
    hash["id"] = stix_id
    hash["type"] = type
    hash["created"] = created_at.rfc3339(3)
    hash["modified"] = updated_at.rfc3339(3)
    object_dict = {}
    cyber_observables.each_with_index {|co, i|
      object_dict[i.to_s] = co.cyber_observable_object.as_stix
    }

    hash["first_observed"] = cyber_observables.order("created_at ASC").limit(1).first.created_at.rfc3339(3)
    hash["last_observed"] = cyber_observables.order("created_at DESC").limit(1).last.created_at.rfc3339(3)
    hash["number_observed"] = cyber_observables.count

    hash["objects"] = object_dict
    hash["spec_version"] = "2.0"
  end
end

#mail_server ⇒ Object

# File 'app/models/active_stix/observed_datum.rb', line 15

def mail_server
  cyber_observables.first.mail_server
end

#number_observed ⇒ Object

# File 'app/models/active_stix/observed_datum.rb', line 33

def number_observed
  self.cyber_observables.count
end

#type ⇒ Object

# File 'app/models/active_stix/observed_datum.rb', line 11

def type
  'observed-data'
end