===============================
Firepit - STIX Columnar Storage
===============================
.. image:: https://img.shields.io/pypi/v/firepit.svg
:target: https://pypi.python.org/pypi/firepit
.. image:: https://readthedocs.org/projects/firepit/badge/?version=latest
:target: https://firepit.readthedocs.io/en/latest/?badge=latest
:alt: Documentation Status
.. image:: https://github.com/opencybersecurityalliance/firepit/actions/workflows/testing.yml/badge.svg
:target: https://github.com/opencybersecurityalliance/firepit
:alt: Unit Test Status
.. image:: https://codecov.io/gh/opencybersecurityalliance/firepit/branch/develop/graph/badge.svg?token=Pu7pkqmE5W
:target: https://codecov.io/gh/opencybersecurityalliance/firepit
Columnar storage for STIX 2.0 observations.
* Free software: Apache Software License 2.0
* Documentation: https://firepit.readthedocs.io.
Features
--------
* Transforms STIX Observation SDOs to a columnar format
* Inserts those transformed observations into SQL (currently sqlite3 and PostgreSQL)
Motivation
----------
`STIX 2.0 JSON <https://docs.oasis-open.org/cti/stix/v2.0/stix-v2.0-part1-stix-core.html>`_ is a graph-like data format. There aren't many popular tools for working with graph-like data, but there are numerous tools for working with data from SQL databases. Firepit attempts to make those tools usable with STIX data obtained from `stix-shifter <https://github.com/opencybersecurityalliance/stix-shifter>`_.
Firepit also supports `STIX 2.1 <https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html>`_
Firepit is primarily designed for use with the `Kestrel Threat Hunting Language <https://github.com/opencybersecurityalliance/kestrel-lang>`_.
Credits
-------
This package was created with Cookiecutter_ and the `audreyr/cookiecutter-pypackage`_ project template.
.. _Cookiecutter: https://github.com/audreyr/cookiecutter
.. _`audreyr/cookiecutter-pypackage`: https://github.com/audreyr/cookiecutter-pypackage
=======
History
=======
2.3.0 (2022-06-15)
------------------
- Added query.BinnedColumn so you can group by time buckets
2.2.0 (2022-06-08)
------------------
- Better STIX extension property support
- Add a new `__columns` "private" table to store mapping from object path to column name
- New path/prop metadata functions to supply metadata about STIX properties
- Improved STIX ``process`` "deterministic" ``id`` generation
- Use a unique ID from extension properties, if found
- Use related ``x-oca-asset`` hostname or ID if available
2.1.0 (2022-05-18)
------------------
- Add ``splint convert`` command to convert some logs files to STIX
bundles
2.0.0 (2022-04-01)
------------------
- Use a "normalized" SQL database
- Initial STIX 2.1 support
1.3.0 (2021-10-04)
------------------
New assign_query API, minor query API improvements
- new way to create views via assign_query
- can now init a Query with a list instead of calling append
- Some SQL injection protection in query classes
1.2.0 (2021-08-18)
------------------
* Better support for grouped data
1.1.0 (2021-07-18)
------------------
* First stable release
* Concurrency fixes in ``cache()``
1.0.0 (2021-05-18)
------------------
* First release on PyPI.
Raw data
{
"_id": null,
"home_page": "https://github.com/opencybersecurityalliance/firepit",
"name": "firepit",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": null,
"keywords": "stix stix-shifter sql python",
"author": "IBM Security",
"author_email": "pcoccoli@us.ibm.com",
"download_url": "https://files.pythonhosted.org/packages/05/1c/1c6a8df409d81d516a21f29a2d9195caf3839207b1b6ede2e1f3ede5b3c8/firepit-2.3.35.tar.gz",
"platform": null,
"description": "===============================\nFirepit - STIX Columnar Storage\n===============================\n\n\n.. image:: https://img.shields.io/pypi/v/firepit.svg\n :target: https://pypi.python.org/pypi/firepit\n\n.. image:: https://readthedocs.org/projects/firepit/badge/?version=latest\n :target: https://firepit.readthedocs.io/en/latest/?badge=latest\n :alt: Documentation Status\n\n.. image:: https://github.com/opencybersecurityalliance/firepit/actions/workflows/testing.yml/badge.svg\n :target: https://github.com/opencybersecurityalliance/firepit\n :alt: Unit Test Status\n\n.. image:: https://codecov.io/gh/opencybersecurityalliance/firepit/branch/develop/graph/badge.svg?token=Pu7pkqmE5W\n :target: https://codecov.io/gh/opencybersecurityalliance/firepit\n\n\nColumnar storage for STIX 2.0 observations.\n\n\n* Free software: Apache Software License 2.0\n* Documentation: https://firepit.readthedocs.io.\n\n\nFeatures\n--------\n\n* Transforms STIX Observation SDOs to a columnar format\n* Inserts those transformed observations into SQL (currently sqlite3 and PostgreSQL)\n\nMotivation\n----------\n\n`STIX 2.0 JSON <https://docs.oasis-open.org/cti/stix/v2.0/stix-v2.0-part1-stix-core.html>`_ is a graph-like data format. There aren't many popular tools for working with graph-like data, but there are numerous tools for working with data from SQL databases. Firepit attempts to make those tools usable with STIX data obtained from `stix-shifter <https://github.com/opencybersecurityalliance/stix-shifter>`_.\n\nFirepit also supports `STIX 2.1 <https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html>`_\n\nFirepit is primarily designed for use with the `Kestrel Threat Hunting Language <https://github.com/opencybersecurityalliance/kestrel-lang>`_.\n\nCredits\n-------\n\nThis package was created with Cookiecutter_ and the `audreyr/cookiecutter-pypackage`_ project template.\n\n.. _Cookiecutter: https://github.com/audreyr/cookiecutter\n.. _`audreyr/cookiecutter-pypackage`: https://github.com/audreyr/cookiecutter-pypackage\n\n\n=======\nHistory\n=======\n\n2.3.0 (2022-06-15)\n------------------\n\n- Added query.BinnedColumn so you can group by time buckets\n\n2.2.0 (2022-06-08)\n------------------\n\n- Better STIX extension property support\n - Add a new `__columns` \"private\" table to store mapping from object path to column name\n - New path/prop metadata functions to supply metadata about STIX properties\n- Improved STIX ``process`` \"deterministic\" ``id`` generation\n - Use a unique ID from extension properties, if found\n - Use related ``x-oca-asset`` hostname or ID if available\n\n2.1.0 (2022-05-18)\n------------------\n\n- Add ``splint convert`` command to convert some logs files to STIX\n bundles\n\n2.0.0 (2022-04-01)\n------------------\n\n- Use a \"normalized\" SQL database\n- Initial STIX 2.1 support\n\n1.3.0 (2021-10-04)\n------------------\n\nNew assign_query API, minor query API improvements\n\n- new way to create views via assign_query\n- can now init a Query with a list instead of calling append\n- Some SQL injection protection in query classes\n\n1.2.0 (2021-08-18)\n------------------\n\n* Better support for grouped data\n\n1.1.0 (2021-07-18)\n------------------\n\n* First stable release\n* Concurrency fixes in ``cache()``\n\n1.0.0 (2021-05-18)\n------------------\n\n* First release on PyPI.\n\n\n",
"bugtrack_url": null,
"license": "Apache Software License 2.0",
"summary": "Columnar storage for STIX 2.0 observations.",
"version": "2.3.35",
"project_urls": {
"Homepage": "https://github.com/opencybersecurityalliance/firepit"
},
"split_keywords": [
"stix",
"stix-shifter",
"sql",
"python"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "488cfecef665bdcc093ff779df3e6846bd34f6bead3749f0922b9fd78e819353",
"md5": "faa809826c11e2cc7c1be976fbe05be7",
"sha256": "3d21717b7af6ba57e43c9776be04d9a52da021d3e015c2ccef41c97e506f96a9"
},
"downloads": -1,
"filename": "firepit-2.3.35-py2.py3-none-any.whl",
"has_sig": false,
"md5_digest": "faa809826c11e2cc7c1be976fbe05be7",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": ">=3.8",
"size": 92453,
"upload_time": "2024-06-05T14:21:40",
"upload_time_iso_8601": "2024-06-05T14:21:40.161184Z",
"url": "https://files.pythonhosted.org/packages/48/8c/fecef665bdcc093ff779df3e6846bd34f6bead3749f0922b9fd78e819353/firepit-2.3.35-py2.py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "051c1c6a8df409d81d516a21f29a2d9195caf3839207b1b6ede2e1f3ede5b3c8",
"md5": "a35cc703eeb6d45e050ff1f746102d95",
"sha256": "ba47f38b1b3f0d549355affe88752d3cdcb4c4e18d3cd0d23348112037024643"
},
"downloads": -1,
"filename": "firepit-2.3.35.tar.gz",
"has_sig": false,
"md5_digest": "a35cc703eeb6d45e050ff1f746102d95",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 287836,
"upload_time": "2024-06-05T14:21:43",
"upload_time_iso_8601": "2024-06-05T14:21:43.765124Z",
"url": "https://files.pythonhosted.org/packages/05/1c/1c6a8df409d81d516a21f29a2d9195caf3839207b1b6ede2e1f3ede5b3c8/firepit-2.3.35.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-06-05 14:21:43",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "opencybersecurityalliance",
"github_project": "firepit",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"tox": true,
"lcname": "firepit"
}
JSON
