Columnar storage for STIX 2.0 observations.
Project description
Firepit - STIX Columnar Storage
Columnar storage for STIX 2.0 observations.
Free software: Apache Software License 2.0
Documentation: https://firepit.readthedocs.io.
Features
Transforms STIX Observation SDOs to a columnar format
Inserts those transformed observations into SQL (currently sqlite3 and PostgreSQL)
Motivation
STIX 2.0 JSON is a graph-like data format. There aren’t many popular tools for working with graph-like data, but there are numerous tools for working with data from SQL databases. Firepit attempts to make those tools usable with STIX data obtained from stix-shifter.
Firepit also supports STIX 2.1
Firepit is primarily designed for use with the Kestrel Threat Hunting Language.
Credits
This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.
History
2.3.0 (2022-06-15)
Added query.BinnedColumn so you can group by time buckets
2.2.0 (2022-06-08)
Better STIX extension property support - Add a new __columns “private” table to store mapping from object path to column name - New path/prop metadata functions to supply metadata about STIX properties
Improved STIX process “deterministic” id generation - Use a unique ID from extension properties, if found - Use related x-oca-asset hostname or ID if available
2.1.0 (2022-05-18)
Add splint convert command to convert some logs files to STIX bundles
2.0.0 (2022-04-01)
Use a “normalized” SQL database
Initial STIX 2.1 support
1.3.0 (2021-10-04)
New assign_query API, minor query API improvements
new way to create views via assign_query
can now init a Query with a list instead of calling append
Some SQL injection protection in query classes
1.2.0 (2021-08-18)
Better support for grouped data
1.1.0 (2021-07-18)
First stable release
Concurrency fixes in cache()
1.0.0 (2021-05-18)
First release on PyPI.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for firepit-2.3.15-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 7bda79fe2f7273d05c7c10526148deedfda247e0ea14b2d3b832c0ef41ca51d6 |
|
MD5 | 8dc13b5e3e9207b7adbde6d9b09c1cc1 |
|
BLAKE2b-256 | a6edfe70265233fcb7d2bdd6d9b8b473c3c42ed85414626b2a1d2b7a87400ef1 |