Class: By2::Client

Inherits:

Object

• Object
• By2::Client

Includes:

Models

Defined in:

lib/by2/client.rb

Instance Method Summary

• #find_records(options = {}) ⇒ Object

  payload: sid: 1, cid: 5 2149599422 => “128.32.72.190” 2954912804 => “176.32.100.36”.

• #initialize(argv = []) ⇒ Client constructor

  A new instance of Client.

• #run ⇒ Object

Constructor Details

#initialize(argv = []) ⇒ Client

Returns a new instance of Client.

# File 'lib/by2/client.rb', line 5

def initialize(argv=[])
  @opts = Options.parse(argv)

  By2.debug = @opts.delete(:debug)
  By2.db_connect
  By2.debug(@opts.inspect)
end

Instance Method Details

#find_records(options = {}) ⇒ Object

payload: sid: 1, cid: 5 2149599422 => “128.32.72.190” 2954912804 => “176.32.100.36”

# File 'lib/by2/client.rb', line 17

def find_records(options = {})
  @opts = @opts.merge(options)
  tables = %w(iphdr tcphdr udphdr icmphdr payload)

  query = Event.
      includes(*tables).
      references(*tables).
      order("event.timestamp")

  query.
      merge(ip_src_or_dst).
      merge(port_src_or_dst).
      merge(port_src).
      merge(port_dst).
      merge(ip_src).
      merge(ip_dst).
      merge(date).
      merge(date_range)
end

#run ⇒ Object

# File 'lib/by2/client.rb', line 37

def run
  records = find_records

  unless @opts[:count]
    records.each { |r| $stdout.puts(terminal(r)) }
  end

  $stdout.puts(record_separator)
  $stdout.puts(record_count(records.count))
end