Redo threat intel plugin migration with new content packs #107
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kmerz
changed the title
bernd
requested changes
Sep 10, 2018
| @AutoValue | ||
| @WithBeanGetter | ||
| public static abstract class MigrationCompleted { | ||
| @JsonProperty("content_bundle_id") |
There was a problem hiding this comment.
Please rename this to content_pack_ids.
...rg/graylog/plugins/threatintel/migrations/V20170815111700_CreateThreatIntelLookupTables.java
Show resolved
Hide resolved
| public abstract List<String> contentBundleIds(); | ||
|
|
||
| @JsonCreator | ||
| public static MigrationCompleted create(@JsonProperty("content_bundle_id") final List<String> contentBundleIds) { |
kmerz
force-pushed
the
content-pack-migration
branch
from
3ed4ce2
to
c6aaaf6
Compare
bernd
requested changes
Oct 10, 2018
| @@ -0,0 +1 @@ | |||
| {"id":"9350a70a-8453-f516-7041-517b4df0b832","rev":1,"v":"1","name":"Tor Exit Node List - Threat Intel Plugin","summary":"The Tor Exit Node List Lookup Table of the Threat Intel Plugin","description":"This content pack is part of the [Graylog Threat Intel Plugin](http://github.com/graylog-labs/graylog-plugin-threatintel).\n\n*Please do not delete it manually if you consider to use the Threat Intel Plugin's functions. It contains important resources required by the plugin.*\n\nThis is the lookup table for the TOR (The Onion Router) Exit Node List, listing Exit Nodes of the TOR Network . This lookup table is used internally by Graylog's Threat Intel Plugin. Do not delete it manually.","vendor":"Graylog <hello@graylog.com>","url":"https://github.com/kmerz/noodle","requires":[{"type":"plugin-version","plugin":"org.graylog.plugins.threatintel.ThreatIntelPlugin","version":">=3.0.0-alpha.2"},{"type":"server-version","version":">=3.0.0-alpha.2+af8d8e0"}],"parameters":[],"entities":[{"id":"5ac762873d274666e34eca87","type":{"name":"lookup_adapter","version":"1"},"v":"1","data":{"name":{"type":"string","value":"tor-exit-node"},"title":{"type":"string","value":"Tor Exit Node"},"description":{"type":"string","value":"This is the data adapter for the TOR (The Onion Router) Exit Node List, listing Exit Nodes of the TOR Network . This adapter is used internally by Graylog's Threat Intel Plugin. Do not delete it manually."},"configuration":{"type":{"type":"string","value":"torexitnode"}}}},{"id":"5ac762873d274666e34eca80","type":{"name":"lookup_cache","version":"1"},"v":"1","data":{"name":{"type":"string","value":"threat-intel-uncached-adapters"},"title":{"type":"string","value":"Threat Intel Uncached Adapters"},"description":{"type":"string","value":"Certain downloaded lists do not require caching because they are in memory already and use this no-op cache."},"configuration":{"type":{"type":"string","value":"none"}}}},{"id":"5ac762873d274666e34eca8c","type":{"name":"lookup_table","version":"1"},"v":"1","data":{"name":{"type":"string","value":"tor-exit-node-list"},"title":{"type":"string","value":"Tor Exit Node List"},"description":{"type":"string","value":"This is the lookup table for the TOR (The Onion Router) Exit Node List, listing Exit Nodes of the TOR Network . This lookup table is used internally by Graylog's Threat Intel Plugin. Do not delete it manually."},"cache_name":{"type":"string","value":"5ac762873d274666e34eca80"},"data_adapter_name":{"type":"string","value":"5ac762873d274666e34eca87"},"default_single_value":{"type":"string","value":""},"default_single_value_type":{"type":"string","value":"NULL"},"default_multi_value":{"type":"string","value":""},"default_multi_value_type":{"type":"string","value":"NULL"}}}]} | |||
There was a problem hiding this comment.
Not sure why, but the url of this plugin is set to "github.com/kmerz/noodle". 😄
Also, please prettify all the JSON files. That makes it easier to read them. 😃
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The threat intel plugin used the content pack mechanism to install dependency configuration.
For that it read the configuration via a content pack. Since we rewrote the content pack code,
we need to adjust the migration as well.