public abstract class BaseThreatFeedUpdateService extends Object
In the abstract class, a default download is implemented to download feeds defined at a third party web site using Apache HttpClient and save the feeds into a local file with the same format defined at the web site and return the filename to allow the parse function to parse the feeds.
If there is no pre-defined Threat Feed Update Services available in this release to download Threat Feeds from a third party web site, please use one of the pre-defined services as an example to implement your own service.
Modifier and Type | Field and Description |
---|---|
static char |
DEFAULT_CSV_QUOTE_CHARACTER |
static char |
DEFAULT_CSV_SEPARATOR |
Constructor and Description |
---|
BaseThreatFeedUpdateService() |
Modifier and Type | Method and Description |
---|---|
protected String |
appendCondition(String url,
ServiceContext context) |
String |
download(ServiceContext serviceContext)
The function to download External Thread Feeds from a third party web
site.
|
String |
download(String url) |
String |
download(String url,
String json) |
static int |
getMaxReadLines(ServiceContext context) |
static long |
getReadByte(ServiceContext context) |
static int |
getStartLine(ServiceContext context) |
abstract Map<String,List<ThreatFeedDTO>> |
parse(ServiceContext serviceContext,
String filePath,
String groupName,
List<String> childGroups)
The function to parse the Threat Feeds downloaded by the download
function.
|
static String[] |
parseLine(String var1,
char quotechar,
char separator) |
static void |
setBackReadResult(int count,
int maxlines,
ServiceContext context,
long readByte,
int startline) |
public static final char DEFAULT_CSV_SEPARATOR
public static final char DEFAULT_CSV_QUOTE_CHARACTER
public String download(ServiceContext serviceContext)
The default implementation of this function downloads all the available Threat Feeds and saves the downloaded raw content to a local file as same format as defined in the web site and return the file name as the result. This download method supports HTTP(s) Basic Authorization only.
This default implementation can be overwritten if this default implementation doesn't meet the API requirement of the third party web site.
serviceContext
- The service context that holds setup parameters
needed for the download.ServiceContext
public String download(String url) throws IOException
IOException
public abstract Map<String,List<ThreatFeedDTO>> parse(ServiceContext serviceContext, String filePath, String groupName, List<String> childGroups) throws Exception
This API must be implemented to parse and convert a downloaded Threat
Feed into ThreatFeedDTO
object.
If you assign any Threat Feeds to a child group that doesn't exist in CMDB yet, this child group will be created during importing these Threat Feeds to this child group in CMDB. Also, if you would like assign the downloaded Threat Feeds to a child group, not the parent group named as 'groupName', you should not assign any of the Threat Feeds to this parent group in the return mapping.
serviceContext
- The service context which holds set up parameters
you may need for parsing.filePath
- The file path or the download Content String that will be
parsed by this function.groupName
- The CMDB group name that is being set up to schedule to
download Threat Feeds.childGroups
- a list of child groups under the group 'groupName'
that may hold the downloaded Threat Feeds.Exception
- when error happened during parsing the downloaded
Threat Feeds.ServiceContext
,
ThreatFeedDTO
public static String[] parseLine(String var1, char quotechar, char separator) throws IOException
IOException
public static int getStartLine(ServiceContext context)
public static long getReadByte(ServiceContext context)
public static int getMaxReadLines(ServiceContext context)
public static void setBackReadResult(int count, int maxlines, ServiceContext context, long readByte, int startline)
protected String appendCondition(String url, ServiceContext context)
Copyright © 2019. All rights reserved.