#datalake #csv #orange #bulk #api #search #cyberdefense

ocd_datalake_rs

Library wrapper around Orange Cyberdefense's Datalake API

5 releases

0.2.1 Jun 5, 2023
0.2.0 Nov 7, 2022
0.1.2 Oct 11, 2022
0.1.1 Sep 14, 2022
0.1.0 Aug 29, 2022

#6 in #datalake

MIT license

31KB
608 lines

OCD_DATALAKE_RS

ocd_datalake_rs is a Rust library to interact with Orange Cyberdefense's Datalake.

Functionalities implemented

  • Bulk lookup
  • Bulk search

Note Only CSV format is returned as of now

Check open issues to see what is planned

Installation

put in Cargo.toml:

[dependencies]
ocd_datalake_rs = "0.2.0"

Usage

Example: Lookup IOCs

    let mut dtl = Datalake::new(
        username,
        password,
        DatalakeSetting::prod(),
    );

    let atom_values: Vec<String> = vec![
        "620c28ece75af2ea227f195fc45afe109ff9f5c876f2e4da9e0d4f4aad68ee8e".to_string(),
        "ef3363dfe2515b826584ab53c4bb7812".to_string(),
        "jeithe7eijeefohch3qu.probes.site".to_string(),
        "8.8.8.8".to_string(),
    ];
    let csv_result = dtl.bulk_lookup(atom_values);
    println!("{csv_result:#?}");

check all the examples to see the full list of functionality in action.

Contribute

All contributions and/or feedbacks are welcome to improve the code and the package.
Please open an issue to start the discussion.

Dependencies

~6–21MB
~365K SLoC