package com.alienvault.otx;
import com.alienvault.otx.connect.ConnectionUtil;
import com.alienvault.otx.connect.OTXConnection;
import com.alienvault.otx.model.indicator.Indicator;
import com.alienvault.otx.model.indicator.IndicatorType;
import com.alienvault.otx.model.pulse.Pulse;
import org.apache.commons.cli.*;
import org.joda.time.DateTime;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.util.StringUtils;
import org.springframework.web.client.HttpClientErrorException;
import java.io.*;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.util.*;
@SpringBootApplication
public class CommandlineRunner {
private static Options getOptions() {
Options opts = new Options();
opts.addOption("k", "key", true, "API Key from OTX Settings Page (https://otx.alienvault.com/settings/).");
opts.addOption("o", "output-file", true, "File to save indicators");
opts.addOption("d", "date", true, "Only pulses modified since the date provided will be downloaded");
opts.addOption("i", "indicators", true, "Indicator types to save to the file. Provide a comma separated string of indicators (" + IndicatorType.toTypeList() + ")");
return opts;
}
public static void main(String[] args) {
ConfigurableApplicationContext run = SpringApplication.run(CommandlineRunner.class, args);
List<String> filteredArgs = new ArrayList<>();
for (String arg : args) {
if (!"--spring.output.ansi.enabled=always".equals(arg))
filteredArgs.add(arg);
}
try {
CommandLineParser parser = new BasicParser();
CommandLine cmd = parser.parse(getOptions(), filteredArgs.toArray(new String[filteredArgs.size()]));
String apiKey;
if (cmd.hasOption('k'))
apiKey = cmd.getOptionValue('k');
else
throw new ParseException("-key is a required option");
DateTime date = null;
if (cmd.hasOption('d'))
date = DateTime.parse(cmd.getOptionValue('d'));
File dest = null;
if (cmd.hasOption('o'))
dest = new File(cmd.getOptionValue('o'));
PrintWriter outs = getPrintStream(dest);
Set<IndicatorType> types = new HashSet<>(Arrays.asList(IndicatorType.values()));
if (cmd.hasOption('i'))
types = parseTypes(cmd.getOptionValue('i'));
OTXConnection connection = ConnectionUtil.getOtxConnection(run.getEnvironment(), apiKey);
List<Pulse> pulses;
if (date != null)
pulses = connection.getPulsesSinceDate(date);
else
pulses = connection.getAllPulses();
for (Pulse pulse : pulses) {
List<Indicator> indicators = pulse.getIndicators();
for (Indicator indicator : indicators) {
if (types.contains(indicator.getType())) {
outs.println(indicator.getIndicator());
outs.flush();
}
}
}
} catch (URISyntaxException | MalformedURLException e) {
System.out.println("Error configuring OTX connection: " + e.getMessage());
} catch (HttpClientErrorException ex) {
System.out.println("Error retrieving data: " + ex.getMessage());
} catch (FileNotFoundException e) {
System.out.println("Error writing to the output file: " + e.getMessage());
} catch (ParseException e) {
System.out.println("Error parsing commandline options: " + e.getMessage());
printUsage();
}
}
private static Set<IndicatorType> parseTypes(String types) throws ParseException {
Set<String> strings = StringUtils.commaDelimitedListToSet(types);
Set<IndicatorType> ret = new HashSet<>();
for (String string : strings) {
try {
ret.add(IndicatorType.valueOf(string.toUpperCase()));
} catch (IllegalArgumentException e) {
throw new ParseException("Error parsing enum type: " +string);
}
}
return ret;
}
private static PrintWriter getPrintStream(File dest) throws FileNotFoundException {
if (dest == null)
return new PrintWriter(System.out);
else
return new PrintWriter(new FileOutputStream(dest));
}
private static void printUsage() {
HelpFormatter formatter = new HelpFormatter();
formatter.setWidth(80);
formatter.printHelp("otx", getOptions());
}
}
