Class: Mihari::Clients::OTX
Overview
OTX API client
Instance Attribute Summary
Attributes inherited from Base
#base_url, #headers, #pagination_interval, #timeout
Instance Method Summary collapse
-
#domain_search(query) ⇒ Array<String>
Domain search.
-
#initialize(base_url = "https://otx.alienvault.com", api_key:, headers: {}, timeout: nil) ⇒ OTX
constructor
A new instance of OTX.
-
#ip_search(query) ⇒ Array<String>
IP search.
- #query_by_domain(domain) ⇒ Hash
- #query_by_ip(ip) ⇒ Hash
Constructor Details
#initialize(base_url = "https://otx.alienvault.com", api_key:, headers: {}, timeout: nil) ⇒ OTX
Returns a new instance of OTX.
15 16 17 18 19 20 |
# File 'lib/mihari/clients/otx.rb', line 15 def initialize(base_url = "https://otx.alienvault.com", api_key:, headers: {}, timeout: nil) raise(ArgumentError, "api_key is required") unless api_key headers["x-otx-api-key"] = api_key super(base_url, headers:, timeout:) end |
Instance Method Details
#domain_search(query) ⇒ Array<String>
Domain search
29 30 31 32 33 34 35 36 37 38 39 40 |
# File 'lib/mihari/clients/otx.rb', line 29 def domain_search(query) res = query_by_domain(query) return [] if res.nil? records = res["passive_dns"] || [] records.filter_map do |record| record_type = record["record_type"] address = record["address"] address if record_type == "A" end.uniq end |
#ip_search(query) ⇒ Array<String>
IP search
49 50 51 52 53 54 55 56 57 58 59 60 |
# File 'lib/mihari/clients/otx.rb', line 49 def ip_search(query) res = query_by_ip(query) return [] if res.nil? records = res["passive_dns"] || [] records.filter_map do |record| record_type = record["record_type"] hostname = record["hostname"] hostname if record_type == "A" end.uniq end |
#query_by_domain(domain) ⇒ Hash
76 77 78 |
# File 'lib/mihari/clients/otx.rb', line 76 def query_by_domain(domain) get_json "/api/v1/indicators/domain/#{domain}/passive_dns" end |
#query_by_ip(ip) ⇒ Hash
67 68 69 |
# File 'lib/mihari/clients/otx.rb', line 67 def query_by_ip(ip) get_json "/api/v1/indicators/IPv4/#{ip}/passive_dns" end |