Class: Mihari::Analyzers::VirusTotalIntelligence

Inherits:

Base

• Object
• Mihari::Actor
• Base
• Mihari::Analyzers::VirusTotalIntelligence

Defined in:

lib/mihari/analyzers/virustotal_intelligence.rb

Overview

VirusTotal Intelligence analyzer

Constant Summary

Constants included from Concerns::Retriable

Concerns::Retriable::DEFAULT_CONDITION, Concerns::Retriable::RETRIABLE_ERRORS

Instance Attribute Summary

• #api_key ⇒ String^? readonly

Attributes inherited from Base

#query

Attributes inherited from Mihari::Actor

#options

Class Method Summary

• .configuration_keys ⇒ Array<String>
• .key ⇒ String
• .key_aliases ⇒ Array<String>^?

Instance Method Summary

• #artifacts ⇒ Object
• #initialize(query, options: nil, api_key: nil) ⇒ VirusTotalIntelligence constructor

  A new instance of VirusTotalIntelligence.

Methods inherited from Base

#call, from_params, #ignore_error?, inherited, #normalized_artifacts, #pagination_interval, #pagination_limit, #parallel?, #result, #truncated_query

Methods inherited from Mihari::Actor

#call, keys, #result, #retry_exponential_backoff, #retry_interval, #retry_times, #timeout, type, #validate_configuration!

Methods included from Concerns::Retriable

#retry_on_error

Methods included from Concerns::Configurable

#configuration_keys?, #configured?

Constructor Details

#initialize(query, options: nil, api_key: nil) ⇒ VirusTotalIntelligence

Returns a new instance of VirusTotalIntelligence.

Parameters:

• query (String)
• options (Hash, nll) (defaults to: nil)
• api_key (String, nil) (defaults to: nil)

# File 'lib/mihari/analyzers/virustotal_intelligence.rb', line 17

def initialize(query, options: nil, api_key: nil)
  super(query, options:)

  @api_key = api_key || Mihari.config.virustotal_api_key
end

Instance Attribute Details

#api_key ⇒ String^? (readonly)

Returns:

• (String, nil)

# File 'lib/mihari/analyzers/virustotal_intelligence.rb', line 10

def api_key
  @api_key
end

Class Method Details

.configuration_keys ⇒ Array<String>

Returns:

• (Array<String>)

# File 'lib/mihari/analyzers/virustotal_intelligence.rb', line 45

def configuration_keys
  %w[virustotal_api_key]
end

.key ⇒ String

Returns:

• (String)

# File 'lib/mihari/analyzers/virustotal_intelligence.rb', line 31

def key
  "virustotal_intelligence"
end

.key_aliases ⇒ Array<String>^?

Returns:

• (Array<String>, nil)

# File 'lib/mihari/analyzers/virustotal_intelligence.rb', line 38

def key_aliases
  ["vt_intel"]
end

Instance Method Details

#artifacts ⇒ Object

# File 'lib/mihari/analyzers/virustotal_intelligence.rb', line 23

def artifacts
  client.intel_search_with_pagination(query, pagination_limit:).map(&:artifacts).flatten
end