model additions 2024-10-15 (#3954)

vertexproject · Oct 15, 2024 · 5d297de · 5d297de
1 parent 5065d22
commit 5d297de
Show file tree

Hide file tree

Showing 7 changed files with 40 additions and 3 deletions.
diff --git a/changes/2ce741ee21dd3f5f55838ec14d75e807.yaml b/changes/2ce741ee21dd3f5f55838ec14d75e807.yaml
@@ -0,0 +1,5 @@
+---
+desc: Added ``it:app:snort:hit:dropped`` property to track when hits result in the traffic being dropped.
+prs: []
+type: model
+...
diff --git a/changes/c0742a66de15a690dbd560cf8f17a670.yaml b/changes/c0742a66de15a690dbd560cf8f17a670.yaml
@@ -0,0 +1,5 @@
+---
+desc: Added ``ou:vitals:budget`` property to track budget allocations.
+prs: []
+type: model
+...
diff --git a/changes/f57bc5bea7752161edf0667f2e08204c.yaml b/changes/f57bc5bea7752161edf0667f2e08204c.yaml
@@ -0,0 +1,5 @@
+---
+desc: Added ``ou:requirement:type`` taxonomy property to track requirement types.
+prs: []
+type: model
+...
diff --git a/synapse/models/infotech.py b/synapse/models/infotech.py
@@ -2986,6 +2986,9 @@ def getModelDefs(self):
                         'doc': 'The sensor host node that produced the hit.'}),
                     ('version', ('it:semver', {}), {
                         'doc': 'The version of the rule at the time of match.'}),
+
+                    ('dropped', ('bool', {}), {
+                        'doc': 'Set to true if the network traffic was dropped due to the match.'}),
                 )),
 
                 ('it:sec:stix:bundle', {}, (

diff --git a/synapse/models/orgs.py b/synapse/models/orgs.py
@@ -246,6 +246,9 @@ def getModelDefs(self):
                 ('ou:jobtitle', ('str', {'lower': True, 'onespace': True}), {
                     'doc': 'A title for a position within an org.',
                 }),
+                ('ou:requirement:type:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'A taxonomy of requirement types.'}),
                 ('ou:requirement', ('guid', {}), {
                     'doc': 'A specific requirement.'}),
             ),
@@ -341,8 +344,11 @@ def getModelDefs(self):
                         'doc': 'The currency of the econ:price values.',
                     }),
                     ('costs', ('econ:price', {}), {
-                        'doc': 'The costs/expenditures over the period.',
-                    }),
+                        'doc': 'The costs/expenditures over the period.'}),
+
+                    ('budget', ('econ:price', {}), {
+                        'doc': 'The budget allocated for the period.'}),
+
                     ('revenue', ('econ:price', {}), {
                         'doc': 'The gross revenue over the period.',
                     }),
@@ -1213,11 +1219,15 @@ def getModelDefs(self):
                     }),
                     # TODO duration ('duration'
                 )),
+                ('ou:requirement:type:taxonomy', {}, ()),
                 ('ou:requirement', {}, (
 
                     ('name', ('str', {'lower': True, 'onespace': True}), {
                         'doc': 'A name for the requirement.'}),
 
+                    ('type', ('ou:requirement:type:taxonomy', {}), {
+                        'doc': 'The type of requirement.'}),
+
                     ('text', ('str', {}), {
                         'disp': {'hint': 'text'},
                         'doc': 'The text of the stated requirement.'}),

diff --git a/synapse/tests/test_model_infotech.py b/synapse/tests/test_model_infotech.py
@@ -1675,8 +1675,12 @@ async def test_it_app_snort(self):
             self.eq(1640995200000, nodes[0].get('updated'))
             self.nn(nodes[0].get('author'))
 
-            nodes = await core.nodes('[ it:app:snort:hit=$hit :rule=$rule :flow=$flow :src="tcp://[::ffff:0102:0304]:0" :dst="tcp://[::ffff:0505:0505]:80" :time=2015 :sensor=$host :version=1.2.3 ]', opts=opts)
+            nodes = await core.nodes('''[ it:app:snort:hit=$hit
+                :rule=$rule :flow=$flow :src="tcp://[::ffff:0102:0304]:0"
+                :dst="tcp://[::ffff:0505:0505]:80" :time=2015 :sensor=$host
+                :version=1.2.3 :dropped=true ]''', opts=opts)
             self.len(1, nodes)
+            self.true(nodes[0].get('dropped'))
             self.eq(rule, nodes[0].get('rule'))
             self.eq(flow, nodes[0].get('flow'))
             self.eq(host, nodes[0].get('sensor'))

diff --git a/synapse/tests/test_model_orgs.py b/synapse/tests/test_model_orgs.py
@@ -640,6 +640,7 @@ async def test_ou_simple(self):
 
             nodes = await core.nodes('''[ ou:requirement=50b757fafe4a839ec499023ebcffe7c0
                 :name="acquire pizza toppings"
+                :type=foo.bar
                 :text="The team must acquire ANSI standard pizza toppings."
                 :goal={[ ou:goal=* :name=pizza ]}
                 :issuer={[ ps:contact=* :name=visi ]}
@@ -657,6 +658,7 @@ async def test_ou_simple(self):
             self.eq('The team must acquire ANSI standard pizza toppings.', nodes[0].get('text'))
             self.eq(1, nodes[0].get('deps:min'))
             self.eq(50, nodes[0].get('priority'))
+            self.eq('foo.bar.', nodes[0].get('type'))
             self.eq(True, nodes[0].get('optional'))
             self.eq(1328140800000, nodes[0].get('issued'))
             self.eq((1672531200000, 9223372036854775807), nodes[0].get('period'))
@@ -665,6 +667,7 @@ async def test_ou_simple(self):
             self.len(1, await core.nodes('ou:requirement=50b757fafe4a839ec499023ebcffe7c0 -> ou:goal +:name=pizza'))
             self.len(1, await core.nodes('ou:requirement=50b757fafe4a839ec499023ebcffe7c0 :issuer -> ps:contact +:name=visi'))
             self.len(1, await core.nodes('ou:requirement=50b757fafe4a839ec499023ebcffe7c0 :assignee -> ps:contact +:orgname=ledos'))
+            self.len(1, await core.nodes('ou:requirement=50b757fafe4a839ec499023ebcffe7c0 -> ou:requirement:type:taxonomy'))
 
     async def test_ou_code_prefixes(self):
         guid0 = s_common.guid()
@@ -832,6 +835,7 @@ async def test_ou_vitals(self):
                     :orgfqdn = wootwoot.com
                     :currency = USD
                     :costs = 200
+                    :budget = 300
                     :revenue = 500
                     :profit = 300
                     :valuation = 1000000000
@@ -850,6 +854,7 @@ async def test_ou_vitals(self):
             self.eq(nodes[0].get('orgfqdn'), 'wootwoot.com')
             self.eq(nodes[0].get('currency'), 'usd')
             self.eq(nodes[0].get('costs'), '200')
+            self.eq(nodes[0].get('budget'), '300')
             self.eq(nodes[0].get('revenue'), '500')
             self.eq(nodes[0].get('profit'), '300')
             self.eq(nodes[0].get('valuation'), '1000000000')