Examples with StixExtractor org.apache.metron.dataloads.extractor.stix.StixExtractor used on opensource projects

Search in sources :

Example 1 with StixExtractor

use of org.apache.metron.dataloads.extractor.stix.StixExtractor in project metron by apache.

the class TaxiiIntegrationTest method testTaxii.

@Test
public void testTaxii() throws Exception {
    final MockHBaseTableProvider provider = new MockHBaseTableProvider();
    final Configuration config = HBaseConfiguration.create();
    Extractor extractor = new TransformFilterExtractorDecorator(new StixExtractor());
    TaxiiHandler handler = new TaxiiHandler(TaxiiConnectionConfig.load(taxiiConnectionConfig), extractor, config) {

        @Override
        protected synchronized Table createHTable(String tableInfo) throws IOException {
            return provider.addToCache("threat_intel", "cf");
        }
    };
    // UnitTestHelper.verboseLogging();
    handler.run();
    Set<String> maliciousDomains;
    {
        MockHTable table = (MockHTable) provider.getTable(config, "threat_intel");
        maliciousDomains = getIndicators("domainname:FQDN", table.getPutLog(), "cf");
    }
    assertTrue(maliciousDomains.contains("www.office-112.com"));
    assertEquals(numStringsMatch(MockTaxiiService.pollMsg, "DomainNameObj:Value condition=\"Equals\""), maliciousDomains.size());
    Set<String> maliciousAddresses;
    {
        MockHTable table = (MockHTable) provider.getTable(config, "threat_intel");
        maliciousAddresses = getIndicators("address:IPV_4_ADDR", table.getPutLog(), "cf");
    }
    assertTrue(maliciousAddresses.contains("94.102.53.142"));
    assertEquals(numStringsMatch(MockTaxiiService.pollMsg, "AddressObj:Address_Value condition=\"Equal\""), maliciousAddresses.size());
    MockHBaseTableProvider.clear();
    // Ensure that the handler can be run multiple times without connection issues.
    handler.run();
}
Also used : TransformFilterExtractorDecorator(org.apache.metron.dataloads.extractor.TransformFilterExtractorDecorator) StixExtractor(org.apache.metron.dataloads.extractor.stix.StixExtractor) Configuration(org.apache.hadoop.conf.Configuration) HBaseConfiguration(org.apache.hadoop.hbase.HBaseConfiguration) MockHBaseTableProvider(org.apache.metron.hbase.mock.MockHBaseTableProvider) StixExtractor(org.apache.metron.dataloads.extractor.stix.StixExtractor) Extractor(org.apache.metron.dataloads.extractor.Extractor) MockHTable(org.apache.metron.hbase.mock.MockHTable) Test(org.junit.jupiter.api.Test)

Aggregations

Configuration (org.apache.hadoop.conf.Configuration)1 HBaseConfiguration (org.apache.hadoop.hbase.HBaseConfiguration)1 Extractor (org.apache.metron.dataloads.extractor.Extractor)1 TransformFilterExtractorDecorator (org.apache.metron.dataloads.extractor.TransformFilterExtractorDecorator)1 StixExtractor (org.apache.metron.dataloads.extractor.stix.StixExtractor)1 MockHBaseTableProvider (org.apache.metron.hbase.mock.MockHBaseTableProvider)1 MockHTable (org.apache.metron.hbase.mock.MockHTable)1 Test (org.junit.jupiter.api.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial