Columnar storage for STIX 2.0 observations.
Project description
Firepit - STIX Columnar Storage
Columnar storage for STIX 2.0 observations.
Free software: Apache Software License 2.0
Documentation: https://firepit.readthedocs.io.
Features
Transforms STIX Observation SDOs to a columnar format
Inserts those transformed observations into SQL (currently sqlite3 and PostgreSQL)
Motivation
STIX 2.0 JSON is a graph-like data format. There aren’t many popular tools for working with graph-like data, but there are numerous tools for working with data from SQL databases. Firepit attempts to make those tools usable with STIX data obtained from stix-shifter.
Firepit also supports STIX 2.1
Firepit is primarily designed for use with the Kestrel Threat Hunting Language.
Credits
This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.
History
2.3.0 (2022-06-15)
Added query.BinnedColumn so you can group by time buckets
2.2.0 (2022-06-08)
Better STIX extension property support - Add a new __columns “private” table to store mapping from object path to column name - New path/prop metadata functions to supply metadata about STIX properties
Improved STIX process “deterministic” id generation - Use a unique ID from extension properties, if found - Use related x-oca-asset hostname or ID if available
2.1.0 (2022-05-18)
Add splint convert command to convert some logs files to STIX bundles
2.0.0 (2022-04-01)
Use a “normalized” SQL database
Initial STIX 2.1 support
1.3.0 (2021-10-04)
New assign_query API, minor query API improvements
new way to create views via assign_query
can now init a Query with a list instead of calling append
Some SQL injection protection in query classes
1.2.0 (2021-08-18)
Better support for grouped data
1.1.0 (2021-07-18)
First stable release
Concurrency fixes in cache()
1.0.0 (2021-05-18)
First release on PyPI.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for firepit-2.3.5-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 44df0f857c4bb669bf4ebb4b164df4ed908d34d8b015df6f25d6fbcde1d37314 |
|
MD5 | e8e363ba40885478f9c6724146a787cb |
|
BLAKE2b-256 | 5c3fb45c1a29523562aa9722f2abe7dc0b41d2db2cd001f75c6d07da206a0e0f |