Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SQLite operator #56

Closed
rshipp opened this issue Feb 20, 2019 · 1 comment
Closed

Add SQLite operator #56

rshipp opened this issue Feb 20, 2019 · 1 comment
Assignees
@rshipp
Labels
enhancement New feature or general improvement operator idea Idea for a new Operator plugin
Projects
Issues
Milestone
1.0.0

Comments

@rshipp
Copy link
Contributor

rshipp commented Feb 20, 2019
edited

Store C2s in a SQLite database, for an easy, no-setup operator that's more convenient to actually use than CSV.

Proposed database layout

One table per artifact type: domain, hash, ipaddress, url, yarasignature, task.

Each table's schema can be the same:

  • artifact: text primary key
  • reference_link: text
  • reference_text: text
  • created_date: text (filled by datetime('now', 'utc'))
  • state: text (initially null, for external use only)
@rshipp rshipp added the operator idea Idea for a new Operator plugin label Feb 20, 2019
@rshipp rshipp added this to the 1.0.0 milestone Feb 20, 2019
@rshipp rshipp added this to Future Milestones in Issues via automation Feb 20, 2019
@rshipp rshipp moved this from Future Milestones to In progress in Issues Feb 20, 2019
@rshipp rshipp self-assigned this Feb 20, 2019
@rshipp rshipp added the enhancement New feature or general improvement label Feb 20, 2019
@rshipp
Copy link
Contributor Author

rshipp commented Feb 25, 2019

Closed by #57

@rshipp rshipp closed this as completed Feb 25, 2019
Issues automation moved this from In progress to Done Feb 25, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rshipp rshipp

Labels
enhancement New feature or general improvement operator idea Idea for a new Operator plugin
Projects
No open projects
Issues
  
Done
Milestone
1.0.0
Development

No branches or pull requests
1 participant
@rshipp