IpPort

IpPortView

class grapl_analyzerlib.nodes.ip_port.IpPortView(*args, **kwds)

Predicate

Type

Description

node_key

string

A unique identifier for this node.

first_seen_timestamp

int

Time the IP Port was first seen (in millis-since-epoch).

last_seen_timestamp

int

Time the IP Port was last seen (in millis-since-epoch).

terminated_timestamp

int

Time connection was terminated (in millis-since-epoch).

ip_address

string

The IP Address associated with this node. (TODO: v4? v6? both?)

protocol

string

todo: documentation

network_connections

List[NetworkConnection]

todo: documentation

bound_by

List[ProcessInboundConnection]

todo: documentation

process_connections

List[ProcessOutboundConnection]

todo: documentation

process_connects

List[ProcessOutboundConnection]

todo: documentation

classmethod associated_viewable() → Type[V]
clear_neighbor_filters()
clear_property_filters()
debug_query() → Dict[str, Any]
classmethod extend_self(*types)

extend_self is a method that performs some monkeypatching to allow combinations of types.

Parameters

types – A var arg of types, all of which must implement the Extendable interface

Returns

Returns a new class, which inherits from ‘cls’ and all passed in types, the returned class will also have all methods of all types that are not prefixed with __

get_count(graph_client, first: int = 100) → int
get_first_seen_timestamp(cached=True)
get_inbound_network_connections_from(*inbound_network_connections_from, cached=False)
get_ip_address(cached=True)
get_last_seen_timestamp(cached=True)
get_network_connections(*network_connections, cached=False)
get_port(cached=True)
neighbor_filters() → List[Tuple[str, Union[List[Q], List[Tuple[Q, …]]]]]
classmethod node_schema() → Schema
property_filters() → List[Tuple[str, List[List[Cmp]]]]
query(graph_client: grapl_analyzerlib.grapl_client.GraphClient, first: int) → List[V]
query_first(graph_client: grapl_analyzerlib.grapl_client.GraphClient, contains_node_key: Optional[str] = None, best_effort=False) → Optional[V]
queryable

alias of IpPortQuery

set_neighbor_filters(edge_name: str, filters: Union[List[Q], List[Tuple[Q, …]]])
set_property_filters(property_name: str, filters: List[List[Cmp]])
with_first_seen_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_inbound_network_connections_from(*inbound_network_connections_from)
with_int_property(property_name: str, *, eq: Optional[IntOrNot] = None, gt: Optional[IntOrNot] = None, ge: Optional[IntOrNot] = None, lt: Optional[IntOrNot] = None, le: Optional[IntOrNot] = None)
with_ip_address(*, eq: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, contains: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, starts_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, ends_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, regexp: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_last_seen_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_lenses(*lenses: LensQuery)
with_network_connections(*network_connections)
with_node_key(*, eq: str) → Q
with_port(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_risks(*risks: RiskQuery)
with_str_property(property_name: str, *, eq: Optional[StrOrNot] = None, contains: Optional[OneOrMany[StrOrNot]] = None, starts_with: Optional[StrOrNot] = None, ends_with: Optional[StrOrNot] = None, regexp: Optional[OneOrMany[StrOrNot]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_to_neighbor(default, f, r, edges) → Q

IpPortQuery

class grapl_analyzerlib.nodes.ip_port.IpPortQuery(*args, **kwds)
classmethod associated_viewable() → Type[V]
clear_neighbor_filters()
clear_property_filters()
debug_query() → Dict[str, Any]
classmethod extend_self(*types)

extend_self is a method that performs some monkeypatching to allow combinations of types.

Parameters

types – A var arg of types, all of which must implement the Extendable interface

Returns

Returns a new class, which inherits from ‘cls’ and all passed in types, the returned class will also have all methods of all types that are not prefixed with __

get_count(graph_client, first: int = 100) → int
neighbor_filters() → List[Tuple[str, Union[List[Q], List[Tuple[Q, …]]]]]
classmethod node_schema() → Schema
property_filters() → List[Tuple[str, List[List[Cmp]]]]
query(graph_client: grapl_analyzerlib.grapl_client.GraphClient, first: int) → List[V]
query_first(graph_client: grapl_analyzerlib.grapl_client.GraphClient, contains_node_key: Optional[str] = None, best_effort=False) → Optional[V]
set_neighbor_filters(edge_name: str, filters: Union[List[Q], List[Tuple[Q, …]]])
set_property_filters(property_name: str, filters: List[List[Cmp]])
with_first_seen_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_inbound_network_connections_from(*inbound_network_connections_from)
with_int_property(property_name: str, *, eq: Optional[IntOrNot] = None, gt: Optional[IntOrNot] = None, ge: Optional[IntOrNot] = None, lt: Optional[IntOrNot] = None, le: Optional[IntOrNot] = None)
with_ip_address(*, eq: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, contains: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, starts_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, ends_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, regexp: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_last_seen_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_lenses(*lenses: LensQuery)
with_network_connections(*network_connections)
with_node_key(*, eq: str) → Q
with_port(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_risks(*risks: RiskQuery)
with_str_property(property_name: str, *, eq: Optional[StrOrNot] = None, contains: Optional[OneOrMany[StrOrNot]] = None, starts_with: Optional[StrOrNot] = None, ends_with: Optional[StrOrNot] = None, regexp: Optional[OneOrMany[StrOrNot]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_to_neighbor(default, f, r, edges) → Q