This repository has been archived by the owner on Feb 26, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 106
/
structures.go
184 lines (159 loc) · 5.71 KB
/
structures.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
package main
import (
"time"
)
// RawIndicators is a structure for a raw indicator for insertion in the pre_processing collection of the DB.
type RawIndicators struct {
Guid string `json:"guid"`
Date string `json:"date"`
Indicator string `json:"indicator"`
Ind_type string `json:"type"`
Source string `json:"source"`
Context string `json:"context"`
Tags []string `json:"tags"`
OrkaTracker []string `json:"orka"`
}
// ProcessedIndicator is a structure for a processed indicator for insertion in the processed collection of the DB.
type ProcessedIndicator struct {
Guid string `json:"guid"`
Date string `json:"date"`
Indicator string `json:"indicator"`
Ind_type string `json:"type"`
Source string `json:"source"`
Context string `json:"context"`
Tags []string `json:"tags"`
}
// Source is a structure created from parsing the specified sources which is used for retrieving the resource.
type Source struct {
Name string `json:"name"`
Url string `json:"url"`
Parser string `json:"parser"`
CronTime string `json:"crontime"`
CSVIndicatorColumn string `json:"csvindicatorcolumn"`
CSVContextColumn string `json:"csvcontextcolumn"`
}
//FeedArray is a structure for passing an array of sources.
type FeedArray struct {
Feeds []Source `json:"feeds"`
}
// Dump is a structure for to receive the requested format and records to be dumped.
type Dump struct {
Format string `json:"format"`
Records []RecordToDump `json:"records"`
}
// AdHoc is a structure to receive the parameters for an ad-hoc resource consumption.
type AdHoc struct {
Resource string `json:"resource"`
TextToParse string `json:"texttoparse"`
Context string `json:"context"`
}
// VTURL is a structure to receive the parameters for a VT URL API call.
type VTURL struct {
Resource string `json:"resource"`
Key string `json:"key"`
}
// RecordToDump is a structure for an individual record to be dumped.
type RecordToDump struct {
Guid string `json:"guid"`
}
// AllResults is a structure for the JSON API response containing all indicators contained in a collection.
type AllResults struct {
Results []RawIndicators `json:"data"`
}
// AllResultsPost is a structure for the JSON API response containing all indicators contained in the post-processing collection.
type AllResultsPost struct {
Results []ProcessedIndicator `json:"data"`
}
type CommentResponse struct {
ResponseCode int `json:"response_code"`
VerboseMessage string `json:"verbose_message"`
Resource string `json:"resource"`
Comments []Comment `json:"comments"`
}
type Comment struct {
Date string `json:"date"`
Comment string `json:"comment"`
}
// APIResponse is a generic struct to use for an API call status return.
type APIResponse struct {
Message string `json:"message"`
}
// Playbook entry for Orka to use.
type PlaybookEntry struct {
Guid string `json:"guid"`
Source string `json:"source"`
Operators []string `json:"operators"`
Dest string `json:"dest"`
ID string `json:"id"`
}
// Settings structure for the framework.
type Settings struct {
MongoIP string `json:"-"`
TwitterUsers []string `json:"twitterusers"`
TwitterConsumerKey string `json:"twitterconsumerkey"`
TwitterConsumerSecret string `json:"twitterconsumersecret"`
TwitterAccessToken string `json:"twitteraccesstoken"`
TwitterAccessSecret string `json:"twitteraccesssecret"`
VTKey string `json:"vtkey"`
VTIntel string `json:"vtintel"`
OpenDNSKey string `json:"opendnskey"`
CRITsKey string `json:"critskey"`
CRITsUser string `json:"critsuser"`
CRITsServer string `json:"critsserver"`
CRITsSource string `json:"critssource"`
AlienvaultKey string `json:"alienvault"`
AlexaDomains []string `json:"alexadomains"`
WhiteListDomains []string `json:"whitelistdomains"`
WhitelistISP []string `json:"whitelistisp"`
}
// OTXResponse is a structure to return the Alienvault OTX API to.
type OTXResponse struct {
NextPage string `json:"next"`
Results []AlienvaultIndicators `json:"results"`
}
// AlienvaultIndicators is a structure to hold an Alienvault OTX pulse in.
type AlienvaultIndicators struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Indicators []struct {
ID string `json:"_id"`
Indicator string `json:"indicator"`
Type string `json:"type"`
Description string `json:"description"`
} `json:"indicators"`
}
// OTXSeen is a struct used to hold information for tracking Alienvault pulse IDs that have already been ingested.
type OTXSeen struct {
Seen []string
}
// ReceipesConfigured is a struct to hold all the configured recipes in for an API response.
type RecipesConfigured struct {
Recipes []PlaybookEntry `json:"recipes"`
}
// Hash is a struct to hold and track parsed hashes.
type Hash struct {
hashtype string
sum string
}
// Metrics structure for the framework.
type Metrics struct {
PerDay []Count `json:"perday,omitempty"`
PerType []MetricType `json:"pertype,omitempty"`
PerSource []MetricSource `json:"persource,omitempty"`
}
// Count is a struct used for the Metrics struct.
type Count struct {
Date time.Time `json:"date"`
Number int `json:"number"`
}
// MetricSource is a struct used for the Metrics struct.
type MetricSource struct {
Source string `json:"source"`
Number int `json:"number"`
}
// MetricType is a struct used for the Metrics struct.
type MetricType struct {
Type string `json:"type"`
Number int `json:"number"`
}