Module: Mihari::Schemas

Defined in:: lib/mihari/schemas/rule.rb,
lib/mihari/schemas/alert.rb,
lib/mihari/schemas/emitter.rb,
lib/mihari/schemas/options.rb,
lib/mihari/schemas/analyzer.rb,
lib/mihari/schemas/enricher.rb,
lib/mihari/schemas/concerns/orrable.rb

Defined Under Namespace

Modules: Analyzers, Concerns, Emitters, Enrichers Classes: AlertContract, RuleContract

Constant Summary collapse

Rule =

Dry::Schema.Params do
  required(:id).value(:string)
  required(:title).value(:string)
  required(:description).value(:string)

  optional(:tags).value(array[:string]).default([])

  optional(:author).value(:string)
  optional(:references).value(array[:string])
  optional(:related).value(array[:string])
  optional(:status).value(:string)

  optional(:created_on).value(:date)
  optional(:updated_on).value(:date)

  required(:queries).value(:array).each { Analyzer } # rubocop:disable Lint/Void

  optional(:emitters).value(:array).each { Emitter }.default(DEFAULT_EMITTERS) # rubocop:disable Lint/Void
  optional(:enrichers).value(:array).each { Enricher }.default(DEFAULT_ENRICHERS) # rubocop:disable Lint/Void

  optional(:data_types).value(array[Types::DataTypes]).default(Mihari::Types::DataTypes.values)
  optional(:falsepositives).value(array[:string]).default([])

  optional(:artifact_ttl).value(:integer)
end

Alert =

Dry::Schema.Params do
  required(:rule_id).value(:string)
  required(:artifacts).value(array[:string])
  optional(:source).value(:string)
end

Emitter =

Schemas::Emitters.get_or_composition

Options =

Dry::Schema.Params do
  optional(:retry_times).value(:integer).default(Mihari.config.retry_times)
  optional(:retry_interval).value(:integer).default(Mihari.config.retry_interval)
  optional(:retry_exponential_backoff).value(:bool).default(Mihari.config.retry_exponential_backoff)
  optional(:timeout).value(:integer)
end

IgnoreErrorOptions =

Dry::Schema.Params do
  optional(:ignore_error).value(:bool).default(Mihari.config.ignore_error)
end

ParallelOptions =

Dry::Schema.Params do
  optional(:parallel).value(:bool).default(Mihari.config.parallel)
end

AnalyzerOptions =

Options | IgnoreErrorOptions | ParallelOptions

PaginationOptions =

Dry::Schema.Params do
  optional(:pagination_interval).value(:integer).default(Mihari.config.pagination_interval)
  optional(:pagination_limit).value(:integer).default(Mihari.config.pagination_limit)
end

AnalyzerPaginationOptions =

AnalyzerOptions | PaginationOptions

Analyzer =

Schemas::Analyzers.get_or_composition

Enricher =

Schemas::Enrichers.get_or_composition