sqlite3

package
v0.6.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 21, 2021 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Overview

Package sqlite3 implements the SQLite 3 datastore for TAXII 2.

Index

Constants

View Source 
const (
	DB_TABLE_STIX_BASE_OBJECT           = "s_base_object"
	DB_TABLE_STIX_ATTACK_PATTERN        = "s_attack_pattern"
	DB_TABLE_STIX_CAMPAIGN              = "s_campaign"
	DB_TABLE_STIX_COURSE_OF_ACTION      = "s_course_of_action"
	DB_TABLE_STIX_IDENTITY              = "s_identity"
	DB_TABLE_STIX_IDENTITY_SECTORS      = "s_identity_sectors"
	DB_TABLE_STIX_INDICATOR             = "s_indicator"
	DB_TABLE_STIX_INDICATOR_TYPES       = "s_indicator_types"
	DB_TABLE_STIX_INTRUSION_SET         = "s_intrusion_set"
	DB_TABLE_STIX_LOCATION              = "s_location"
	DB_TABLE_STIX_MALWARE               = "s_malware"
	DB_TABLE_STIX_NOTE                  = "s_note"
	DB_TABLE_STIX_OBSERVED_DATA         = "s_observed_data"
	DB_TABLE_STIX_OPINION               = "s_opinion"
	DB_TABLE_STIX_REPORT                = "s_report"
	DB_TABLE_STIX_THREAT_ACTOR          = "s_threat_actor"
	DB_TABLE_STIX_THREAT_ACTOR_ROLES    = "s_threat_actor_roles"
	DB_TABLE_STIX_TOOL                  = "s_tool"
	DB_TABLE_STIX_VULNERABILITY         = "s_vulnerability"
	DB_TABLE_STIX_ALIASES               = "s_aliases"
	DB_TABLE_STIX_AUTHORS               = "s_authors"
	DB_TABLE_STIX_EXTERNAL_REFERENCES   = "s_external_references"
	DB_TABLE_STIX_GOALS                 = "s_goals"
	DB_TABLE_STIX_HASHES                = "s_hashes"
	DB_TABLE_STIX_KILL_CHAIN_PHASES     = "s_kill_chain_phases"
	DB_TABLE_STIX_LABELS                = "s_labels"
	DB_TABLE_STIX_OBJECT_MARKING_REFS   = "s_object_marking_refs"
	DB_TABLE_STIX_OBJECT_REFS           = "s_object_refs"
	DB_TABLE_STIX_SECONDARY_MOTIVATIONS = "s_secondary_motivations"
	DB_TABLE_STIX_PERSONAL_MOTIVATIONS  = "s_personal_motivations"

	DB_TABLE_VOCAB_ATTACK_MOTIVATIONS          = "v_attack_motivation"
	DB_TABLE_VOCAB_ATTACK_RESOURCE_LEVEL       = "v_attack_resource_level"
	DB_TABLE_VOCAB_IDENTITY_CLASS              = "v_identity_class"
	DB_TABLE_VOCAB_INDICATOR_LABEL             = "v_indicator_label"
	DB_TABLE_VOCAB_INDUSTRY_SECTOR             = "v_industry_sector"
	DB_TABLE_VOCAB_MALWARE_LABEL               = "v_malware_label"
	DB_TABLE_VOCAB_REPORT_LABEL                = "v_report_label"
	DB_TABLE_VOCAB_THREAT_ACTOR_LABEL          = "v_threat_actor_label"
	DB_TABLE_VOCAB_THREAT_ACTOR_ROLE           = "v_threat_actor_role"
	DB_TABLE_VOCAB_THREAT_ACTOR_SOPHISTICATION = "v_threat_actor_sophistication"
	DB_TABLE_VOCAB_TOOL_LABEL                  = "v_tool_label"

	DB_TABLE_TAXII_COLLECTIONS           = "t_collections"
	DB_TABLE_TAXII_COLLECTION_MEDIA_TYPE = "t_collection_media_type"
	DB_TABLE_TAXII_COLLECTION_DATA       = "t_collection_data"
	DB_TABLE_TAXII_MEDIA_TYPES           = "t_media_types"
)

The following constants define database tables names for a relational database. All of the SQL statements and other code uses these constants, so it should be pretty safe, if needed, to change the actual table names without problems.

Variables

This section is empty.

Functions

This section is empty.

Types

type Store 

type Store struct {
	Filename string
	DB       *sql.DB
	Logger   *log.Logger
	Cache    struct {
		BaseObjectIDIndex int
		Collections       map[string]*collections.Collection
	}
	Strict struct {
		IDs   bool
		Types bool
	}
}

Store defines all of the properties and information associated with connecting and talking to the database.

When Strict.IDs = false, then the system will allow vanity STIX IDs like: indicator--1, indicator--2

When Strict.Types = false, then the system will allow unknown STIX types

func New 

func New(logger *log.Logger, filename string, collections map[string]collections.Collection) *Store

New - This function will return a Store.

func (*Store) AddObject 

func (ds *Store) AddObject(obj interface{}) error

AddObject - This method will take in a STIX object and add it to the database.

func (*Store) AddTAXIIObject 

func (ds *Store) AddTAXIIObject(obj interface{}) error

AddTAXIIObject - This method will take in a TAXII object and add it to the database.

func (*Store) AddToCollection 

func (ds *Store) AddToCollection(collectionid, stixid string) error

AddToCollection - This method will add an entry to a collection as defined in addToCollection() in t_collectiondata.go

func (*Store) Close 

func (ds *Store) Close() error

Close - This method will close the database connection

func (*Store) CreateSTIXTables 

func (ds *Store) CreateSTIXTables()

CreateSTIXTables - This method will create all of the tables needed to store STIX content in the database.

func (*Store) CreateTAXIITables 

func (ds *Store) CreateTAXIITables()

CreateTAXIITables - This method will create all of the tables needed to store STIX content in the database.

func (*Store) CreateVocabTables 

func (ds *Store) CreateVocabTables()

CreateVocabTables - This method will create all of the tables needed to store STIX content in the database.

func (*Store) GetAllCollections 

func (ds *Store) GetAllCollections() (*collections.Collections, error)

GetAllCollections - This method will return all collections, even those that are disabled and hidden. This is primarily used for administration tools that need to see all collections.

func (*Store) GetAllEnabledCollections 

func (ds *Store) GetAllEnabledCollections() (*collections.Collections, error)

GetAllEnabledCollections - This method will return only enabled collections, even those that are hidden. This is used for setup up the HTTP MUX routers.

func (*Store) GetCollections 

func (ds *Store) GetCollections() (*collections.Collections, error)

GetCollections - This method will return just those collections that are both enabled and visible. This is primarily used to populate the results for clients that pull a collections resource. Clients may be able to talk to a hidden collection, but they should not see it in the list.

func (*Store) GetManifestData 

func (ds *Store) GetManifestData(query collections.CollectionQuery) (*collections.CollectionQueryResult, error)

GetManifestData - This method will take in query struct for a collection and will return a TAXII manifest resource that contains all of the records that match the query parameters.

func (*Store) GetObjects 

func (ds *Store) GetObjects(query collections.CollectionQuery) (*collections.CollectionQueryResult, error)

GetObjects - This method will take in a query struct for a collection and will return a TAXII Enveloper resource that contains all of the STIX objects that are in that collection that meet those query parameters.

func (*Store) GetVersions 

func (ds *Store) GetVersions(query collections.CollectionQuery) (*collections.CollectionQueryResult, error)

GetVersions - This method will take in a query struct for a collection and will return a TAXII versions resource that contains all of the versions of the STIX objects that are in that collection that meet those query parameters.

func (*Store) PopulateVocabTables 

func (ds *Store) PopulateVocabTables()

PopulateVocabTables - This method will insert all of the vocabulary data into the right database tables.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.