Class: Threatinator::Amqp::Rcvr::CLI

Inherits:
Object
  • Object
show all
Defined in:
lib/threatinator/amqp/rcvr/cli.rb

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeCLI

Returns a new instance of CLI.



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
 
# File 'lib/threatinator/amqp/rcvr/cli.rb', line 16

def initialize
  options = {}

  options[:fqdns] = false
  options[:ips] = false

  options[:sqlite] = false
  options[:sqlite_location] = Threatinator::Amqp::Rcvr::Settings.sql_file_location

  opt_parser = OptionParser.new do |opt|
    opt.banner = "Usage: threatinator-ampq-rcvr"
    opt.separator ""

    opt.on("-f", "--fqdns", "Store FQDNS") do
      options[:fqdns] = true
      Threatinator::Amqp::Rcvr::Settings.sql_table_name = "fqdns"
    end

    opt.on("-i", "--ips", "Store IPv4") do
      options[:ips] = true
      Threatinator::Amqp::Rcvr::Settings.sql_table_name = "ipv4"
    end

    opt.separator ""

    opt.separator "AMQP"
    opt.separator ""

    opt.on("-H", "--amqp-host=", "AMQP Hostname","  Default: #{Threatinator::Amqp::Rcvr::Settings.amqp_hostname}") do |value|
      Threatinator::Amqp::Rcvr::Settings.amqp_hostname = value
    end

    opt.on("-T", "--amqp-topic=", "AMQP Binding Topic","  Default: #{Threatinator::Amqp::Rcvr::Settings.amqp_binding_topic}") do |value|
      Threatinator::Amqp::Rcvr::Settings.amqp_binding_topic = value
    end

    opt.on("-R", "--amqp-routekey=", "AMQP Routekey","Default: #{Threatinator::Amqp::Rcvr::Settings.amqp_routing_key}",  "[#, threatinator.#, threatinator.c2, threatinator.attacker, threatinator.malware_host, threatinator.spamming, threatinator.scanning, threatinator.phishing]") do |value|
      Threatinator::Amqp::Rcvr::Settings.amqp_routing_key = value
    end

    opt.separator "Backend"
    opt.separator ""

    opt.on("-s", "--sqlite=", "Sqlite3 backend file location","  Default: #{options[:sqlite_location]}") do |value|
      options[:sqlite] = true
      options[:sqlite_location] = value
    end

    opt.separator "Options::"

    opt.on("-v", "--verbose", "Run verbosely") do
      options[:verbose] = true
    end

    opt.on_tail("-h","--help","Display this screen") do
      puts opt_parser
      exit 0
    end

  end

  #Verify the options
  begin
    raise unless ARGV.size > 0
    opt_parser.parse!

  #If options fail display help
  #rescue Exception => e
  #  puts e.message
  #  puts e.backtrace.inspect
  rescue
    puts opt_parser
    exit
  end

  # Boolean switch
  Threatinator::Amqp::Rcvr::Settings.verbose = options[:verbose]
  Threatinator::Amqp::Rcvr::Settings.sql_file_location = options[:sqlite_location]

  if Threatinator::Amqp::Rcvr::Settings.verbose
    puts "++++++++++++++++++++++++++++++++++++++++++++++"
    puts "threatinator-ampq-rcvr!"
    Threatinator::Amqp::Rcvr::Settings.print
    puts "++++++++++++++++++++++++++++++++++++++++++++++\n"
  end

  if options[:fqdns]
    stream = FQDNTable.new(['sqlite3'])
  end

  if options[:ips]
    stream = IPTable.new(['sqlite3'])
  end

  puts " [*] Waiting for events. To exit press CTRL+C"
  begin
    stream.subscribe
  rescue Interrupt => _
    stream.close
  end

end

Class Method Details

.invokeObject 



10
11
12
13
14
 
# File 'lib/threatinator/amqp/rcvr/cli.rb', line 10

def self.invoke
  puts "ARGV #{ARGV.size}"
  puts ARGV.to_s
  self.new
end