IpPort¶
IpPortView¶
-
class
grapl_analyzerlib.nodes.ip_port_node.IpPortView(dgraph_client: pydgraph.client.DgraphClient, node_key: str, uid: str, node_type: str, port: Optional[int] = None, first_seen_timestamp: Optional[int] = None, last_seen_timestamp: Optional[int] = None, ip_address: Optional[str] = None, protocol: Optional[str] = None, network_connections: Optional[List[grapl_analyzerlib.nodes.network_connection_node.NetworkConnectionView]] = None, bound_by: Optional[List[grapl_analyzerlib.nodes.process_inbound_network_connection.ProcessInboundConnectionView]] = None, process_connections: Optional[List[grapl_analyzerlib.nodes.process_outbound_network_connection.ProcessOutboundConnectionView]] = None, process_connects: Optional[List[grapl_analyzerlib.nodes.process_outbound_network_connection.ProcessOutboundConnectionView]] = None)¶ Predicate
Type
Description
node_key
string
A unique identifier for this node.
first_seen_timestamp
int
Time the IP Port was first seen (in millis-since-epoch).
last_seen_timestamp
int
Time the IP Port was last seen (in millis-since-epoch).
terminated_timestamp
int
Time connection was terminated (in millis-since-epoch).
ip_address
string
The IP Address associated with this node. (TODO: v4? v6? both?)
protocol
string
todo: documentation
network_connections
List[NetworkConnection]
todo: documentation
bound_by
List[ProcessInboundConnection]
todo: documentation
process_connections
todo: documentation
process_connects
todo: documentation
-
get_bound_by() → List[grapl_analyzerlib.nodes.process_inbound_network_connection.ProcessInboundConnectionView]¶
-
get_connections_from_processes() → List[grapl_analyzerlib.nodes.process_outbound_network_connection.ProcessOutboundConnectionView]¶
-
get_first_seen_timestamp() → Optional[int]¶
-
get_ip_address() → Optional[str]¶
-
get_last_seen_timestamp() → Optional[int]¶
-
get_network_connections_from() → List[grapl_analyzerlib.nodes.network_connection_node.NetworkConnectionView]¶
-
get_node_type() → str¶
-
get_port() → Optional[int]¶
-
get_process_connects() → List[grapl_analyzerlib.nodes.process_outbound_network_connection.ProcessOutboundConnectionView]¶
-
get_protocol() → Optional[str]¶
-
IpPortQuery¶
-
class
grapl_analyzerlib.nodes.ip_port_node.IpPortQuery(*args, **kwds)¶ -
with_bound_by(bound_by_query: Optional[IProcessInboundConnectionQuery] = None) → NQ¶
-
with_connections_from_processes(connections_from_processes_query: Optional[IProcessOutboundConnectionQuery] = None) → NQ¶
-
with_first_seen_timestamp(eq: Optional[IntCmp] = None, gt: Optional[IntCmp] = None, lt: Optional[IntCmp] = None) → NQ¶
-
with_ip_address(eq: Optional[StrCmp] = None, contains: Optional[StrCmp] = None, ends_with: Optional[StrCmp] = None, starts_with: Optional[StrCmp] = None) → NQ¶
-
with_last_seen_timestamp(eq: Optional[IntCmp] = None, gt: Optional[IntCmp] = None, lt: Optional[IntCmp] = None) → NQ¶
-
with_network_connections(network_connections_query: Optional[INetworkConnectionQuery] = None) → NQ¶
-
with_network_connections_from(network_connections_from_query: Optional[INetworkConnectionQuery] = None) → NQ¶
-
with_port(eq: Optional[IntCmp] = None, gt: Optional[IntCmp] = None, lt: Optional[IntCmp] = None) → NQ¶
-
with_process_connections(process_connections_query: Optional[IProcessOutboundConnectionQuery] = None) → NQ¶
-
with_protocol(eq: Optional[StrCmp] = None, contains: Optional[StrCmp] = None, ends_with: Optional[StrCmp] = None) → NQ¶
-