ProcessOutboundConnection¶

ProcessOutboundConnectionView¶

class grapl_analyzerlib.nodes.process_outbound_network_connection.ProcessOutboundConnectionView(dgraph_client: pydgraph.client.DgraphClient, node_key: str, uid: str, node_type: str, created_timestamp: Optional[int] = None, terminated_timestamp: Optional[int] = None, last_seen_timestamp: Optional[int] = None, port: Optional[int] = None, ip_address: Optional[str] = None, protocol: Optional[str] = None, connecting_processes: Optional[IProcessView] = None, connected_over: Optional[grapl_analyzerlib.nodes.ip_port_node.IpPortView] = None, connected_to: Optional[grapl_analyzerlib.nodes.ip_port_node.IpPortView] = None)¶

Predicate	Type	Description
node_key	string	A unique identifier for this node
created_timestamp	int	Time the process outbound network connection was created (in millis-since-epoch).
terminated_timestamp	int	Time the process outbound network connection was terminated (in millis-since-epoch).
last_seen_timestamp	int	Time the process outbound network connection was last seen (in millis-since-epoch)
port	int	Port of the outbound process network connection.
ip_address	str	IP Address of the outbound process network connection.
protocol	int	Network protocol of the outbound process network connection.
connecting_processes	Process	todo: documentation
connected_over	IpPort	todo: documentation
connected_to	IpPort	todo: documentation

get_connected_over() → Optional[grapl_analyzerlib.nodes.ip_port_node.IpPortView]¶

get_connected_to() → Optional[grapl_analyzerlib.nodes.ip_port_node.IpPortView]¶

get_connecting_processes() → List[grapl_analyzerlib.nodes.process_node.ProcessView]¶

get_created_timestamp() → Optional[int]¶

get_ip_address() → Optional[str]¶

get_last_seen_timestamp() → Optional[int]¶

get_node_type() → str¶

get_port() → Optional[int]¶

get_protocol() → Optional[str]¶

get_terminated_timestamp() → Optional[int]¶

ProcessOutboundConnectionQuery¶

class grapl_analyzerlib.nodes.process_outbound_network_connection.ProcessOutboundConnectionQuery(*args, **kwds)¶

with_connected_over(connected_over_query: Optional[IpPortQuery] = None) → NQ¶

with_connected_to(connected_to_query: Optional[IpPortQuery] = None) → NQ¶

with_connecting_processess(connecting_processess_query: Optional[ProcessQuery] = None) → NQ¶

with_created_timestamp(eq: Optional[IntCmp] = None, gt: Optional[IntCmp] = None, lt: Optional[IntCmp] = None) → NQ¶

with_ip_address(eq: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, contains: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, ends_with: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, starts_with: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, regexp: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, distance: Optional[Tuple[Union[str, Not[str], List[str], List[Union[str, Not[str]]]], int]] = None) → NQ¶

with_last_seen_timestamp(eq: Optional[IntCmp] = None, gt: Optional[IntCmp] = None, lt: Optional[IntCmp] = None) → NQ¶

with_port(eq: Optional[IntCmp] = None, gt: Optional[IntCmp] = None, lt: Optional[IntCmp] = None) → NQ¶

with_protocol(eq: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, contains: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, ends_with: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, starts_with: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, regexp: Optional[Union[str, Not[str], List[str], List[Union[str, Not[str]]]]] = None, distance: Optional[Tuple[Union[str, Not[str], List[str], List[Union[str, Not[str]]]], int]] = None) → NQ¶

with_terminated_timestamp(eq: Optional[IntCmp] = None, gt: Optional[IntCmp] = None, lt: Optional[IntCmp] = None) → NQ¶