Examples with StringObjectPropertyType - org.mitre.cybox.common

Example 1 with StringObjectPropertyType

use of org.mitre.cybox.common_2.StringObjectPropertyType in project metron by apache.

the class AddressHandler method extract.

@Override
public Iterable<LookupKV> extract(final Address type, Map<String, Object> config) throws IOException {
    List<LookupKV> ret = new ArrayList<>();
    final CategoryTypeEnum category = type.getCategory();
    if (!SUPPORTED_CATEGORIES.contains(category)) {
        return ret;
    }
    String typeStr = getType();
    if (config != null) {
        if (config.containsKey(SPECIFIC_CATEGORY_CONFIG)) {
            List<CategoryTypeEnum> categories = new ArrayList<>();
            for (String c : Splitter.on(",").split(config.get(SPECIFIC_CATEGORY_CONFIG).toString())) {
                categories.add(CategoryTypeEnum.valueOf(c));
            }
            EnumSet<CategoryTypeEnum> specificCategories = EnumSet.copyOf(categories);
            if (!specificCategories.contains(category)) {
                return ret;
            }
        }
        if (config.containsKey(TYPE_CONFIG)) {
            typeStr = config.get(TYPE_CONFIG).toString();
        }
    }
    StringObjectPropertyType value = type.getAddressValue();
    for (String token : StixExtractor.split(value)) {
        final String indicatorType = typeStr + ":" + category;
        LookupKV results = new LookupKV(new EnrichmentKey(indicatorType, token), new EnrichmentValue(new HashMap<String, Object>() {

            {
                put("source-type", "STIX");
                put("indicator-type", indicatorType);
                put("source", type.toXMLString());
            }
        }));
        ret.add(results);
    }
    return ret;
}

Also used : LookupKV(org.apache.metron.enrichment.lookup.LookupKV) StringObjectPropertyType(org.mitre.cybox.common_2.StringObjectPropertyType) CategoryTypeEnum(org.mitre.cybox.objects.CategoryTypeEnum) EnrichmentKey(org.apache.metron.enrichment.converter.EnrichmentKey) EnrichmentValue(org.apache.metron.enrichment.converter.EnrichmentValue)

Example 2 with StringObjectPropertyType

use of org.mitre.cybox.common_2.StringObjectPropertyType in project metron by apache.

the class DomainHandler method extract.

@Override
public Iterable<LookupKV> extract(final DomainName type, Map<String, Object> config) throws IOException {
    List<LookupKV> ret = new ArrayList<>();
    String typeStr = getType();
    if (config != null) {
        Object o = config.get(TYPE_CONFIG);
        if (o != null) {
            typeStr = o.toString();
        }
    }
    final DomainNameTypeEnum domainType = type.getType();
    if (domainType == null || SUPPORTED_TYPES.contains(domainType)) {
        StringObjectPropertyType value = type.getValue();
        for (String token : StixExtractor.split(value)) {
            final String indicatorType = typeStr + ":" + DomainNameTypeEnum.FQDN;
            LookupKV results = new LookupKV(new EnrichmentKey(indicatorType, token), new EnrichmentValue(new HashMap<String, Object>() {

                {
                    put("source-type", "STIX");
                    put("indicator-type", indicatorType);
                    put("source", type.toXMLString());
                }
            }));
            ret.add(results);
        }
    }
    return ret;
}

Also used : DomainNameTypeEnum(org.mitre.cybox.objects.DomainNameTypeEnum) LookupKV(org.apache.metron.enrichment.lookup.LookupKV) StringObjectPropertyType(org.mitre.cybox.common_2.StringObjectPropertyType) EnrichmentKey(org.apache.metron.enrichment.converter.EnrichmentKey) EnrichmentValue(org.apache.metron.enrichment.converter.EnrichmentValue)

Example 3 with StringObjectPropertyType

use of org.mitre.cybox.common_2.StringObjectPropertyType in project metron by apache.

the class HostnameHandler method extract.

@Override
public Iterable<LookupKV> extract(final Hostname type, Map<String, Object> config) throws IOException {
    StringObjectPropertyType value = type.getHostnameValue();
    String typeStr = getType();
    if (config != null) {
        Object o = config.get(TYPE_CONFIG);
        if (o != null) {
            typeStr = o.toString();
        }
    }
    List<LookupKV> ret = new ArrayList<>();
    for (String token : StixExtractor.split(value)) {
        final String indicatorType = typeStr;
        LookupKV results = new LookupKV(new EnrichmentKey(indicatorType, token), new EnrichmentValue(new HashMap<String, Object>() {

            {
                put("source-type", "STIX");
                put("indicator-type", indicatorType);
                put("source", type.toXMLString());
            }
        }));
        ret.add(results);
    }
    return ret;
}

Also used : LookupKV(org.apache.metron.enrichment.lookup.LookupKV) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) StringObjectPropertyType(org.mitre.cybox.common_2.StringObjectPropertyType) EnrichmentKey(org.apache.metron.enrichment.converter.EnrichmentKey) EnrichmentValue(org.apache.metron.enrichment.converter.EnrichmentValue)

Aggregations

EnrichmentKey (org.apache.metron.enrichment.converter.EnrichmentKey)3 EnrichmentValue (org.apache.metron.enrichment.converter.EnrichmentValue)3 LookupKV (org.apache.metron.enrichment.lookup.LookupKV)3 StringObjectPropertyType (org.mitre.cybox.common_2.StringObjectPropertyType)3 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 CategoryTypeEnum (org.mitre.cybox.objects.CategoryTypeEnum)1 DomainNameTypeEnum (org.mitre.cybox.objects.DomainNameTypeEnum)1