Class: URLhausMonitor::Entry

Inherits:

Object

• Object
• URLhausMonitor::Entry

Defined in:

lib/urlhaus_monitor/entry.rb

Instance Attribute Summary

• #asnumber ⇒ Object readonly

  Returns the value of attribute asnumber.

• #country ⇒ Object readonly

  Returns the value of attribute country.

• #date_added ⇒ Object readonly

  Returns the value of attribute date_added.

• #host ⇒ Object readonly

  Returns the value of attribute host.

• #ip_address ⇒ Object readonly

  Returns the value of attribute ip_address.

• #threat ⇒ Object readonly

  Returns the value of attribute threat.

• #url ⇒ Object readonly

  Returns the value of attribute url.

• #url_status ⇒ Object readonly

  Returns the value of attribute url_status.

Instance Method Summary

• #actions ⇒ Object
• #defanged_host ⇒ Object
• #defanged_url ⇒ Object
• #initialize(line) ⇒ Entry constructor

  A new instance of Entry.

• #title ⇒ Object
• #to_attachements ⇒ Object
• #urlhaus_link ⇒ Object
• #urlscan_link ⇒ Object
• #vt_link ⇒ Object

Constructor Details

#initialize(line) ⇒ Entry

Returns a new instance of Entry.

Raises:

• (ArgumentError)

# File 'lib/urlhaus_monitor/entry.rb', line 16

def initialize(line)
  parts = CSV.parse(line.chomp).flatten
  raise ArgumentError, "#{line} is not valid." unless parts.length == 8 || parts.length == 9

  if parts.length == 8
    parse_without_tags parts
  else
    parse_with_tags parts
  end
end

Instance Attribute Details

#asnumber ⇒ Object (readonly)

Returns the value of attribute asnumber.

# File 'lib/urlhaus_monitor/entry.rb', line 13

def asnumber
  @asnumber
end

#country ⇒ Object (readonly)

Returns the value of attribute country.

# File 'lib/urlhaus_monitor/entry.rb', line 14

def country
  @country
end

#date_added ⇒ Object (readonly)

Returns the value of attribute date_added.

# File 'lib/urlhaus_monitor/entry.rb', line 7

def date_added
  @date_added
end

#host ⇒ Object (readonly)

Returns the value of attribute host.

# File 'lib/urlhaus_monitor/entry.rb', line 11

def host
  @host
end

#ip_address ⇒ Object (readonly)

Returns the value of attribute ip_address.

# File 'lib/urlhaus_monitor/entry.rb', line 12

def ip_address
  @ip_address
end

#threat ⇒ Object (readonly)

Returns the value of attribute threat.

# File 'lib/urlhaus_monitor/entry.rb', line 10

def threat
  @threat
end

#url ⇒ Object (readonly)

Returns the value of attribute url.

# File 'lib/urlhaus_monitor/entry.rb', line 8

def url
  @url
end

#url_status ⇒ Object (readonly)

Returns the value of attribute url_status.

# File 'lib/urlhaus_monitor/entry.rb', line 9

def url_status
  @url_status
end

Instance Method Details

#actions ⇒ Object

# File 'lib/urlhaus_monitor/entry.rb', line 69

def actions
  [vt_link, urlscan_link, urlhaus_link].compact
end

#defanged_host ⇒ Object

# File 'lib/urlhaus_monitor/entry.rb', line 31

def defanged_host
  @defanged_host ||= host.gsub(/\./, "[.]")
end

#defanged_url ⇒ Object

# File 'lib/urlhaus_monitor/entry.rb', line 27

def defanged_url
  @defanged_url ||= url.gsub(/\./, "[.]")
end

#title ⇒ Object

# File 'lib/urlhaus_monitor/entry.rb', line 35

def title
  "#{defanged_url} (#{defanged_host} / #{ip_address} / #{date_added}) : #{threat}"
end

#to_attachements ⇒ Object

# File 'lib/urlhaus_monitor/entry.rb', line 73

def to_attachements
  [
    {
      text: defanged_host,
      fallback: "VT & urlscan.io links",
      actions: actions
    }
  ]
end

#urlhaus_link ⇒ Object

# File 'lib/urlhaus_monitor/entry.rb', line 59

def urlhaus_link
  return nil unless _urlhaus_link

  {
    type: "button",
    text: "Lookup on URLhaus",
    url: _urlhaus_link,
  }
end

#urlscan_link ⇒ Object

# File 'lib/urlhaus_monitor/entry.rb', line 49

def urlscan_link
  return nil unless _urlscan_link

  {
    type: "button",
    text: "Lookup on urlscan.io",
    url: _urlscan_link,
  }
end

#vt_link ⇒ Object

# File 'lib/urlhaus_monitor/entry.rb', line 39

def vt_link
  return nil unless _vt_link

  {
    type: "button",
    text: "Lookup on VirusTotal",
    url: _vt_link,
  }
end