ProcessInboundConnection

ProcessInboundConnectionView

class grapl_analyzerlib.nodes.process_inbound_connection.ProcessInboundConnectionView(*args, **kwds)

Predicate

Type

Description

node_key

string

A unique identifier for this node

created_timestamp

int

Time the process inbound network connection was created (in millis-since-epoch).

terminated_timestamp

int

Time the process inbound network connection was terminated (in millis-since-epoch).

last_seen_timestamp

int

Time the process inbound network connection was last seen (in millis-since-epoch)

port

int

Port of the inbound process network connection.

ip_address

str

IP Address of the inbound process network connection.

protocol

int

Network protocol of the inbound process network connection.

bound_port

List[IpPort]

todo: documentation

bound_by

List[Process]

todo: documentation

classmethod associated_queryable() → Type[Q]
classmethod extend_self(*types)

extend_self is a method that performs some monkeypatching to allow combinations of types.

Parameters

types – A var arg of types, all of which must implement the Extendable interface

Returns

Returns a new class, which inherits from ‘cls’ and all passed in types, the returned class will also have all methods of all types that are not prefixed with __

classmethod from_dict(d: Dict[str, Any], graph_client: Any) → V
from_node_key(node_key: str) → Optional[BaseView]
get_bound_by(*bound_by: abc.FileExtendsProcessQuery, cached=False)
get_bound_ip(*bound_ips, cached=False)
get_bound_port(*ip_ports, cached=False)
get_created_timestamp(cached=True)
get_int(property_name: str, cached=True) → Optional[int]
get_last_seen_timestamp(cached=True)
get_lenses(*lenses, cached=False) → List[grapl_analyzerlib.nodes.lens.LensView]
get_neighbor(default: Type[Q], f_edge: str, r_edge: str, filters, cached=True) → Optional[OneOrMany[V]]
get_node_type() → str
get_port(cached=True)
get_protocol(cached=True)
get_risks(*risks, cached=False) → List[grapl_analyzerlib.nodes.risk.RiskView]
get_str(property_name: str, cached=True) → Optional[str]
get_terminated_timestamp(cached=True)
into_view(v: Type[grapl_analyzerlib.viewable.Viewable]) → Optional[grapl_analyzerlib.viewable.Viewable]
classmethod node_schema() → Schema
queryable

alias of ProcessInboundConnectionQuery

set_predicate(predicate_name: str, predicate: Union[List[Union[str, int, bool]], str, int, bool, grapl_analyzerlib.viewable.Viewable])
to_adjacency_list()
to_dict()

ProcessInboundConnectionQuery

class grapl_analyzerlib.nodes.process_inbound_connection.ProcessInboundConnectionQuery(*args, **kwds)
classmethod associated_viewable() → Type[V]
clear_neighbor_filters()
clear_property_filters()
debug_query() → Dict[str, Any]
classmethod extend_self(*types)

extend_self is a method that performs some monkeypatching to allow combinations of types.

Parameters

types – A var arg of types, all of which must implement the Extendable interface

Returns

Returns a new class, which inherits from ‘cls’ and all passed in types, the returned class will also have all methods of all types that are not prefixed with __

get_count(graph_client, first: int = 100) → int
neighbor_filters() → List[Tuple[str, Union[List[Q], List[Tuple[Q, …]]]]]
classmethod node_schema() → Schema
property_filters() → List[Tuple[str, List[List[Cmp]]]]
query(graph_client: grapl_analyzerlib.grapl_client.GraphClient, first: int) → List[V]
query_first(graph_client: grapl_analyzerlib.grapl_client.GraphClient, contains_node_key: Optional[str] = None, best_effort=False) → Optional[V]
set_neighbor_filters(edge_name: str, filters: Union[List[Q], List[Tuple[Q, …]]])
set_property_filters(property_name: str, filters: List[List[Cmp]])
with_bound_by(*bound_by: abc.FileExtendsProcessQuery)
with_bound_ip(*bound_ips)
with_bound_port(*ip_ports)
with_created_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_int_property(property_name: str, *, eq: Optional[IntOrNot] = None, gt: Optional[IntOrNot] = None, ge: Optional[IntOrNot] = None, lt: Optional[IntOrNot] = None, le: Optional[IntOrNot] = None)
with_last_seen_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_lenses(*lenses: LensQuery)
with_node_key(*, eq: str) → Q
with_port(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_protocol(*, eq: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, contains: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, starts_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, ends_with: Optional[Union[str, grapl_analyzerlib.comparators.Not]] = None, regexp: Optional[Union[str, grapl_analyzerlib.comparators.Not, List[Union[str, grapl_analyzerlib.comparators.Not]]]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_risks(*risks: RiskQuery)
with_str_property(property_name: str, *, eq: Optional[StrOrNot] = None, contains: Optional[OneOrMany[StrOrNot]] = None, starts_with: Optional[StrOrNot] = None, ends_with: Optional[StrOrNot] = None, regexp: Optional[OneOrMany[StrOrNot]] = None, distance_lt: Optional[Tuple[str, int]] = None)
with_terminated_timestamp(*, eq: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, gt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, ge: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, lt: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None, le: Optional[Union[int, grapl_analyzerlib.comparators.Not]] = None)
with_to_neighbor(default, f, r, edges) → Q