Class: Mihari::Analyzers::BinaryEdge
- Defined in:
- lib/mihari/analyzers/binaryedge.rb
Instance Attribute Summary collapse
-
#description ⇒ Object
readonly
Returns the value of attribute description.
-
#query ⇒ Object
readonly
Returns the value of attribute query.
-
#tags ⇒ Object
readonly
Returns the value of attribute tags.
-
#title ⇒ Object
readonly
Returns the value of attribute title.
Instance Method Summary collapse
- #artifacts ⇒ Object
-
#initialize(query, title: nil, description: nil, tags: []) ⇒ BinaryEdge
constructor
A new instance of BinaryEdge.
Methods inherited from Base
Methods included from Retriable
Methods included from Configurable
#configuration_status, #configured?
Constructor Details
#initialize(query, title: nil, description: nil, tags: []) ⇒ BinaryEdge
Returns a new instance of BinaryEdge.
13 14 15 16 17 18 19 20 |
# File 'lib/mihari/analyzers/binaryedge.rb', line 13 def initialize(query, title: nil, description: nil, tags: []) super() @query = query @title = title || "BinaryEdge lookup" @description = description || "query = #{query}" @tags = end |
Instance Attribute Details
#description ⇒ Object (readonly)
Returns the value of attribute description.
9 10 11 |
# File 'lib/mihari/analyzers/binaryedge.rb', line 9 def description @description end |
#query ⇒ Object (readonly)
Returns the value of attribute query.
10 11 12 |
# File 'lib/mihari/analyzers/binaryedge.rb', line 10 def query @query end |
#tags ⇒ Object (readonly)
Returns the value of attribute tags.
11 12 13 |
# File 'lib/mihari/analyzers/binaryedge.rb', line 11 def @tags end |
#title ⇒ Object (readonly)
Returns the value of attribute title.
8 9 10 |
# File 'lib/mihari/analyzers/binaryedge.rb', line 8 def title @title end |
Instance Method Details
#artifacts ⇒ Object
22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/mihari/analyzers/binaryedge.rb', line 22 def artifacts results = search return [] unless results || results.empty? results.map do |result| events = result.dig("events") || [] events.map do |event| event.dig "origin", "ip" end.compact end.flatten.compact.uniq end |