Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Snapshot management #255

Open
f-galland opened this issue Jan 29, 2025 · 0 comments
Open

Snapshot management #255

f-galland opened this issue Jan 29, 2025 · 0 comments
Labels
level/task Task issue type/enhancement Enhancement issue

Comments

@f-galland
Copy link
Member

f-galland commented Jan 29, 2025
edited by AlexRuiz7
Loading

Description

The Content Manager must be able to manage content snapshots in zip format, either for the initialization or offline management of the content.

The zip contains a huge JSON file in NDJSON format. This file can reach several gigabytes in size, so it needs to be handled efficiently, using JSON streaming.

Functional requirements

The Snapshot management module will take care of:

  • Download the snapshot.
  • Generate a hash for the snapshot.
  • Unzip the snapshot.
  • Index the content.

Implementation restrictions

  • The snapshot is downloaded using the URL present in the internal index.
  • The decompression of the content is done in Java code (no process, exec or similar, that runs a command on the operating system layer). Consider using an external library.
  • The indexing of the content uses JSON streaming for efficiency. Use gson library (see Selection of Java libraries for JSON patch and JSON streaming #237).
@f-galland f-galland mentioned this issue Jan 29, 2025
Open
@f-galland f-galland added level/subtask Subtask issue type/research Research issue type/enhancement Enhancement issue and removed type/research Research issue labels Jan 29, 2025
@wazuhci wazuhci moved this to Backlog in XDR+SIEM/Release 5.0.0 Jan 30, 2025
@AlexRuiz7 AlexRuiz7 changed the title Add context snapshot-management functionality to the Content Manager plugin Context initialization from a CTI consumer's snapshots Jan 30, 2025
@AlexRuiz7 AlexRuiz7 changed the title Context initialization from a CTI consumer's snapshots Context initialization from CTI consumer's snapshots Jan 30, 2025
@AlexRuiz7 AlexRuiz7 added level/task Task issue and removed level/subtask Subtask issue labels Jan 31, 2025
@AlexRuiz7 AlexRuiz7 changed the title Context initialization from CTI consumer's snapshots Snapshot management Jan 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
level/task Task issue type/enhancement Enhancement issue
Projects
XDR+SIEM/Release 5.0.0
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AlexRuiz7 @f-galland