How to use the ivre.utils.datetime2timestamp function in ivre
To help you get started, we’ve selected a few ivre examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
cea-sec / ivre / ivre / db / sql / __init__.py View on Github 
def _date_round(cls, date):
if isinstance(date, datetime.datetime):
ts = utils.datetime2timestamp(date)
else:
ts = date
ts = ts - (ts % config.FLOW_TIME_PRECISION)
if isinstance(date, datetime.datetime):
return datetime.datetime.fromtimestamp(ts)
return ts"""Given a record as presented to the user, fixes it before it can be
inserted in the database.
"""
rec = deepcopy(rec)
try:
rec['addr'] = cls.ip2internal(rec['addr'])
except (KeyError, ValueError):
pass
for fld in ['firstseen', 'lastseen']:
if fld not in rec:
continue
if isinstance(rec[fld], datetime):
rec[fld] = utils.datetime2timestamp(rec[fld])
elif isinstance(rec[fld], basestring):
rec[fld] = utils.datetime2timestamp(
utils.all2datetime(rec[fld])
)
if '_id' in rec:
del rec['_id']
return recport['state_reason_ip']
)
except ValueError:
pass
for trace in host.get('traces', []):
for hop in trace.get('hops', []):
if 'ipaddr' in hop:
try:
hop['ipaddr'] = self.ip2internal(hop['ipaddr'])
except ValueError:
pass
for fld in ['starttime', 'endtime']:
if isinstance(host[fld], datetime):
host[fld] = utils.datetime2timestamp(host[fld])
elif isinstance(host[fld], basestring):
host[fld] = utils.datetime2timestamp(
utils.all2datetime(host[fld])
)
if '_id' not in host:
_id = host['_id'] = str(uuid1())
self.db.insert(host)
utils.LOGGER.debug("HOST STORED: %r in %r", _id, self.dbname)
return _id"""
rec['src_addr'] = self.ip2internal(rec['src'])
rec['dst_addr'] = self.ip2internal(rec['dst'])
findspec, insertspec = self._get_flow_key(rec)
updatespec = [
min_op('firstseen', utils.datetime2timestamp(rec['start_time'])),
max_op('lastseen', utils.datetime2timestamp(rec['end_time'])),
inc_op('cspkts', value=rec['orig_pkts']),
inc_op('scpkts', value=rec['resp_pkts']),
inc_op('csbytes', value=rec['orig_ip_bytes']),
inc_op('scbytes', value=rec['resp_ip_bytes']),
inc_op('count'),
]
insertspec.update({
'firstseen': utils.datetime2timestamp(rec['start_time']),
'lastseen': utils.datetime2timestamp(rec['end_time']),
'cspkts': rec['orig_pkts'],
'scpkts': rec['resp_pkts'],
'csbytes': rec['orig_ip_bytes'],
'scbytes': rec['resp_ip_bytes'],
'count': 1,
})
self._update_timeslots(updatespec, insertspec, rec)
if rec['proto'] in ['udp', 'tcp']:
updatespec.append(add_to_set_op('sports', rec["sport"]))
insertspec['sports'] = [rec['sport']]
elif rec['proto'] == 'icmp':
updatespec.append(add_to_set_op('codes', rec["code"]))
insertspec['codes'] = [rec['code']]def r2time(r):
return int(utils.datetime2timestamp(r['starttime']))
else:def flow_daily(self, precision, flt, after=None, before=None):
"""
Returns a generator within each element is a dict
{
flows: [("proto/dport", count), ...]
time_in_day: time
}.
"""
q = Query()
timeflt = q.duration == precision
if after:
timeflt &= q.start >= utils.datetime2timestamp(after)
if before:
timeflt &= q.start < utils.datetime2timestamp(before)
try:
if flt == self.flt_empty:
flt = q.times.any(timeflt)
else:
flt &= q.times.any(timeflt)
except ValueError:
# Hack for a bug in TinyDB: "ValueError: Query has no
# path" can be raised when comparing empty queries
if repr(flt) != 'Query()':
raise
flt = q.times.any(timeflt)
res = {}
for flw in self.get(flt):
for tslot in flw.get('times', []):spec = self.rec2internal(spec)
try:
del spec['infos']
except KeyError:
pass
count = spec.pop("count", 1)
spec_cond = self.flt_and(*(getattr(q, key) == value
for key, value in viewitems(spec)))
if isinstance(timestamp, datetime):
timestamp = utils.datetime2timestamp(timestamp)
elif isinstance(timestamp, basestring):
timestamp = utils.datetime2timestamp(utils.all2datetime(timestamp))
if isinstance(lastseen, datetime):
lastseen = utils.datetime2timestamp(lastseen)
elif isinstance(lastseen, basestring):
lastseen = utils.datetime2timestamp(
utils.all2datetime(lastseen)
)
current = self.get_one(spec_cond, fields=[])
if current is not None:
self.db.update(op_update(count, timestamp, lastseen or timestamp),
doc_ids=[current.doc_id])
else:
doc = dict(spec, count=count, firstseen=timestamp,
lastseen=lastseen or timestamp)
if getinfos is not None:
orig.update(getinfos(orig))
try:
doc['infos'] = orig['infos']
except KeyError:
pass
# upsert() won't handle operationsdef rec2internal(cls, rec):
"""Given a record as presented to the user, fixes it before it can be
inserted in the database.
"""
rec = deepcopy(rec)
try:
rec['addr'] = cls.ip2internal(rec['addr'])
except (KeyError, ValueError):
pass
for fld in ['firstseen', 'lastseen']:
if fld not in rec:
continue
if isinstance(rec[fld], datetime):
rec[fld] = utils.datetime2timestamp(rec[fld])
elif isinstance(rec[fld], basestring):
rec[fld] = utils.datetime2timestamp(
utils.all2datetime(rec[fld])
)
if '_id' in rec:
del rec['_id']
return recdef searchtimeago(delta, neg=False, new=True):
if not isinstance(delta, timedelta):
delta = timedelta(seconds=delta)
tstamp = utils.datetime2timestamp(datetime.now() - delta)
req = getattr(Query(), 'firstseen' if new else 'lastseen')
if neg:
return req < tstamp
return req >= tstamp
Popular ivre functions
- ivre.config
- ivre.db.db
- ivre.db.db.nmap
- ivre.db.db.nmap.count
- ivre.db.db.nmap.get
- ivre.db.db.passive
- ivre.db.db.passive.get
- ivre.db.sql.__init__.PassiveFilter
- ivre.utils
- ivre.utils.all2datetime
- ivre.utils.datetime2timestamp
- ivre.utils.encode_b64
- ivre.utils.force_int2ip
- ivre.utils.int2ip
- ivre.utils.ip2int
- ivre.utils.LOGGER
- ivre.utils.LOGGER.debug
- ivre.utils.LOGGER.warning
- ivre.utils.str2regexp
- ivre.xmlnmap