ProcessOutboundConnection

ProcessOutboundConnectionView

class grapl_analyzerlib.nodes.process_outbound_connection.ProcessOutboundConnectionView(uid: int, node_key: str, graph_client: Any, node_types: Set[str], created_timestamp: Optional[int] = None, terminated_timestamp: Optional[int] = None, last_seen_timestamp: Optional[int] = None, port: Optional[int] = None, ip_address: Optional[str] = None, protocol: Optional[str] = None, **kwargs)

Predicate

Type

Description

node_key

string

A unique identifier for this node

created_timestamp

int

Time the process outbound network connection was created (in millis-since-epoch).

terminated_timestamp

int

Time the process outbound network connection was terminated (in millis-since-epoch).

last_seen_timestamp

int

Time the process outbound network connection was last seen (in millis-since-epoch)

port

int

Port of the outbound process network connection.

ip_address

str

IP Address of the outbound process network connection.

protocol

int

Network protocol of the outbound process network connection.

connecting_processes

Process

todo: documentation

connected_over

IpPort

todo: documentation

connected_to

IpPort

todo: documentation

classmethod associated_queryable() Type[grapl_analyzerlib.viewable.Q]
classmethod extend_self(*types)

extend_self is a method that performs some monkeypatching to allow combinations of types.

Parameters

types – A var arg of types, all of which must implement the Extendable interface

Returns

Returns a new class, which inherits from ‘cls’ and all passed in types, the returned class will also have all methods of all types that are not prefixed with __

classmethod from_dict(d: Dict[str, Any], graph_client: Any) grapl_analyzerlib.viewable.V
from_node_key(node_key: str) Optional[BaseView]
get_connections_from(*connections_from: abc.FileExtendsProcessQuery, cached=False)
get_created_timestamp(cached=True)
get_int(property_name: str, cached=True) Optional[int]
get_ip_address(cached=True)
get_last_seen_timestamp(cached=True)
get_lenses(*lenses, cached=False) List[grapl_analyzerlib.nodes.lens.LensView]
get_neighbor(default: Type[Q], f_edge: str, r_edge: str, filters, cached=True) Optional[OneOrMany[V]]
get_node_type() str
get_port(cached=True)
get_protocol(cached=True)
get_risks(*risks, cached=False) List[grapl_analyzerlib.nodes.risk.RiskView]
get_str(property_name: str, cached=True) Optional[str]
get_terminated_timestamp(cached=True)
into_view(v: Type[grapl_analyzerlib.viewable.Viewable]) Optional[grapl_analyzerlib.viewable.Viewable]
classmethod node_schema() Schema
queryable

alias of grapl_analyzerlib.nodes.process_outbound_connection.ProcessOutboundConnectionQuery

set_predicate(predicate_name: str, predicate: Union[List[Union[str, int, bool]], str, int, bool, grapl_analyzerlib.viewable.Viewable])
to_adjacency_list()
to_dict()

ProcessOutboundConnectionQuery

class grapl_analyzerlib.nodes.process_outbound_connection.ProcessOutboundConnectionQuery
classmethod associated_viewable() Type[grapl_analyzerlib.queryable.V]
clear_neighbor_filters()
clear_property_filters()
debug_query() Dict[str, Any]
classmethod extend_self(*types)

extend_self is a method that performs some monkeypatching to allow combinations of types.

Parameters

types – A var arg of types, all of which must implement the Extendable interface

Returns

Returns a new class, which inherits from ‘cls’ and all passed in types, the returned class will also have all methods of all types that are not prefixed with __

get_count(graph_client, first: int = 100) int
neighbor_filters() List[Tuple[str, Union[List[grapl_analyzerlib.queryable.Q], List[Tuple[grapl_analyzerlib.queryable.Q, ...]]]]]
classmethod node_schema() Schema
property_filters() List[Tuple[str, List[List[Cmp]]]]
query(graph_client: grapl_analyzerlib.grapl_client.GraphClient, first: int) List[grapl_analyzerlib.queryable.V]
query_first(graph_client: grapl_analyzerlib.grapl_client.GraphClient, contains_node_key: Optional[str] = None, best_effort=False) Optional[grapl_analyzerlib.queryable.V]
set_neighbor_filters(edge_name: str, filters: Union[List[grapl_analyzerlib.queryable.Q], List[Tuple[grapl_analyzerlib.queryable.Q, ...]]])
set_property_filters(property_name: str, filters: List[List[Cmp]])
with_connections_from(*connections_from: abc.FileExtendsProcessQuery)
with_created_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_int_property(property_name: str, *, eq: Optional[IntOrNot] = None, gt: Optional[IntOrNot] = None, ge: Optional[IntOrNot] = None, lt: Optional[IntOrNot] = None, le: Optional[IntOrNot] = None)
with_ip_address(*, eq: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, contains: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, starts_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, ends_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, regexp: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_last_seen_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_lenses(*lenses: LensQuery)
with_node_key(*, eq: str) grapl_analyzerlib.queryable.Q
with_port(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_protocol(*, eq: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, contains: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, starts_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, ends_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, regexp: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_risks(*risks: RiskQuery)
with_str_property(property_name: str, *, eq: Optional[StrOrNot] = None, contains: Optional[OneOrMany[StrOrNot]] = None, starts_with: Optional[StrOrNot] = None, ends_with: Optional[StrOrNot] = None, regexp: Optional[OneOrMany[StrOrNot]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_terminated_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_to_neighbor(default, f, r, edges) Q