csle_collector.ossec_ids_manager.dao package

Submodules

csle_collector.ossec_ids_manager.dao.ossec_ids_alert module

class csle_collector.ossec_ids_manager.dao.ossec_ids_alert.OSSECIDSAlert(timestamp: float, groups: Optional[List[str]] = None, host: str = '', ip: str = '', rule_id: str = '', level: int = 1, descr: str = '', src: str = '', user: str = '')[source]

Bases: csle_base.json_serializable.JSONSerializable

DTO representing an OSSECIDS alert

copy() → csle_collector.ossec_ids_manager.dao.ossec_ids_alert.OSSECIDSAlert[source]

Returns: a copy of the DTO

static from_dict(d: Dict[str, Any]) → csle_collector.ossec_ids_manager.dao.ossec_ids_alert.OSSECIDSAlert[source]

Converts a dict representaion of the object into an instance

Parameters: d – the dict to convert
Returns: the DTO

static from_json_file(json_file_path: str) → csle_collector.ossec_ids_manager.dao.ossec_ids_alert.OSSECIDSAlert[source]

Reads a json file and converts it to a DTO

Parameters: json_file_path – the json file path
Returns: the converted DTO

get_group_id(group: str) → int[source]

Get the id of a group

Parameters: group – the group to get the id of
Returns: the id

to_dict() → Dict[str, Any][source]

Converts the object to a dict representation

Returns: a dict representation of the object

csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters module

class csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters[source]

Bases: csle_base.grpc_serializable.GRPCSerializable, csle_base.kafka_serializable.KafkaSerializable, csle_base.json_serializable.JSONSerializable

DTO containing statistics from the OSSEC log

add(alert_counters: csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters) → None[source]

Adds another alert counters object to this one

Parameters: alert_counters – the counters to add
Returns: None

copy() → csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters[source]

Returns: a copy of the object

count(alerts: List[csle_collector.ossec_ids_manager.dao.ossec_ids_alert.OSSECIDSAlert]) → None[source]

Counts the list of alerts

Parameters: alerts – list of alerts from the log
Returns: None

static from_dict(d: Dict[str, Any]) → csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters[source]

Converts a dict representation of the object into an instance

Parameters: d – the dict to convert
Returns: the DTO

static from_grpc_object(obj: ossec_ids_manager_pb2.OSSECIdsLogDTO) → csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters[source]

Instantiate the object from a GRPC object

Parameters: obj – the object to instantiate from
Returns: the instantiated grpc object

static from_json_file(json_file_path: str) → csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters[source]

Reads a json file and converts it to a DTO

Parameters: json_file_path – the json file path
Returns: the converted DTO

static from_kafka_record(record: str) → csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters[source]

Converts a kafka record to a DTO

Parameters: record – the kafka record to convert
Returns: the DTO

get_deltas(counters_prime: csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters) → Tuple[List[int], List[str]][source]

Get the deltas between two counters objects

Parameters: counters_prime – the counters object to compare with
Returns: the deltas and the labels

num_attributes() → int[source]

Returns: The number of attributes of the DTO

static schema() → csle_collector.ossec_ids_manager.dao.ossec_ids_alert_counters.OSSECIdsAlertCounters[source]

Returns: get the schema of the DTO

to_dict() → Dict[str, Any][source]

Converts the object to a dict representation

Returns: a dict representation of the object

to_grpc_object() → ossec_ids_manager_pb2.OSSECIdsLogDTO[source]

Converts the object into a gRPC DTO for serialization

Returns: A csle_collector.snort_ids_manager.snort_ids_manager_pb2.IdsLogDTOb

to_kafka_record(ip: str) → str[source]

Converts the DTO into a kafka record

Parameters: ip – the ip to add to the record in addition to the IDS statistics
Returns: a comma-separated string representing the kafka record

update_with_kafka_record(record: str) → None[source]

Updates the DTO with a kafka record

Parameters: record – the kafka record to use for updating
Returns: None

Module contents