class Mihari::Emitters::TheHive

Public Instance Methods

emit(title:, description:, artifacts:, tags: [], **_options) click to toggle source
# File lib/mihari/emitters/the_hive.rb, line 14
def emit(title:, description:, artifacts:, tags: [], **_options)
  return if artifacts.empty?

  api.alert.create(
    title: title,
    description: description,
    artifacts: artifacts.map { |artifact| { data: artifact.data, data_type: artifact.data_type, message: description } },
    tags: tags,
    type: "external",
    source: "mihari"
  )
end
valid?() click to toggle source

@return [Boolean]

# File lib/mihari/emitters/the_hive.rb, line 10
def valid?
  api_endpont? && api_key? && ping?
end

Private Instance Methods

api() click to toggle source
# File lib/mihari/emitters/the_hive.rb, line 33
def api
  @api ||= Hachi::API.new(api_endpoint: Mihari.config.thehive_api_endpoint, api_key: Mihari.config.thehive_api_key)
end
api_endpont?() click to toggle source

Check whether an API endpoint is set or not

@return [Boolean]

# File lib/mihari/emitters/the_hive.rb, line 42
def api_endpont?
  !Mihari.config.thehive_api_endpoint.nil?
end
api_key?() click to toggle source

Check whether an API key is set or not

@return [Boolean] ]

# File lib/mihari/emitters/the_hive.rb, line 51
def api_key?
  !Mihari.config.thehive_api_key.nil?
end
configuration_keys() click to toggle source
# File lib/mihari/emitters/the_hive.rb, line 29
def configuration_keys
  %w[thehive_api_endpoint thehive_api_key]
end
ping?() click to toggle source

Check whether an API endpoint is reachable or not

@return [Boolean]

# File lib/mihari/emitters/the_hive.rb, line 60
def ping?
  base_url = Mihari.config.thehive_api_endpoint
  base_url = base_url.end_with?("/") ? base_url[0..-2] : base_url
  url = "#{base_url}/index.html"

  http = Net::Ping::HTTP.new(url)
  http.ping?
end