public abstract class BaseStixUpdateService2 extends BaseThreatFeedUpdateService
Modifier and Type | Field and Description |
---|---|
static String |
MALWAREDOMAIN |
static String |
MALWAREIP |
static String |
MALWAREURL |
DEFAULT_CSV_QUOTE_CHARACTER, DEFAULT_CSV_SEPARATOR
Constructor and Description |
---|
BaseStixUpdateService2() |
Modifier and Type | Method and Description |
---|---|
String |
download(ServiceContext context)
The function to download External Thread Feeds from a third party web
site.
|
abstract String |
getDownloadType() |
static void |
main(String[] args) |
Map<String,List<ThreatFeedDTO>> |
parse(ServiceContext context,
String filePath,
String parentGroup,
List<String> childGroups)
The function to parse the Threat Feeds downloaded by the download
function.
|
appendCondition, download, download, getMaxReadLines, getReadByte, getStartLine, parseLine, setBackReadResult
public static final String MALWAREURL
public static final String MALWAREDOMAIN
public static final String MALWAREIP
public String download(ServiceContext context)
BaseThreatFeedUpdateService
The default implementation of this function downloads all the available Threat Feeds and saves the downloaded raw content to a local file as same format as defined in the web site and return the file name as the result. This download method supports HTTP(s) Basic Authorization only.
This default implementation can be overwritten if this default implementation doesn't meet the API requirement of the third party web site.
download
in class BaseThreatFeedUpdateService
context
- The service context that holds setup parameters
needed for the download.ServiceContext
public Map<String,List<ThreatFeedDTO>> parse(ServiceContext context, String filePath, String parentGroup, List<String> childGroups) throws Exception
BaseThreatFeedUpdateService
This API must be implemented to parse and convert a downloaded Threat
Feed into ThreatFeedDTO
object.
If you assign any Threat Feeds to a child group that doesn't exist in CMDB yet, this child group will be created during importing these Threat Feeds to this child group in CMDB. Also, if you would like assign the downloaded Threat Feeds to a child group, not the parent group named as 'groupName', you should not assign any of the Threat Feeds to this parent group in the return mapping.
parse
in class BaseThreatFeedUpdateService
context
- The service context which holds set up parameters
you may need for parsing.filePath
- The file path or the download Content String that will be
parsed by this function.parentGroup
- The CMDB group name that is being set up to schedule to
download Threat Feeds.childGroups
- a list of child groups under the group 'groupName'
that may hold the downloaded Threat Feeds.Exception
- when error happened during parsing the downloaded
Threat Feeds.ServiceContext
,
ThreatFeedDTO
public abstract String getDownloadType()
Copyright © 2019. All rights reserved.