anamico / node-red-contrib-proofpoint Goto Github PK
View Code? Open in Web Editor NEWNode-RED nodes for talking to Proofpoint
Home Page: https://flows.nodered.org/node/node-red-contrib-proofpoint
License: MIT License
Node-RED nodes for talking to Proofpoint
Home Page: https://flows.nodered.org/node/node-red-contrib-proofpoint
License: MIT License
Should look to see if we can spit out reputations per flagged url
Could have a bank of checkboxes to allow the user to "turn on" or "turn off" any of the 4 Proofpoint SIEM response sections.
Should also use that to adjust the query to reduce data where possible.
Currently, the request to proofpoint is returned as a blob and then the next stage parses over the entire parsed json response structure streaming out reputations as they are detected.
This has a level (albeit small) of latency (while the response is streamed to the response buffer - plus, depending on how request works, may also then parse the response buffer) and a memory overhead as the entire parsed json structure resides in memory to be passed from the request response handler to the reputation searching component.
An alternate approach is to stream the response from the request directly to a json lexical streaming parser, and based on the known structure of the proofpoint response, start processing (and discarding) each file reputation as it is hydrated from the stream.
This removes both the memory and latency overheads at the client end (though doesn't overcome the server side latency, it's the best we can do).
Provide a reputation score mapping feature to override based on drop-down selectors (or custom string?) to make the pollproofpoint node more flexible
persist? 2021-04-15T06:10:45Z
persist var? proofpointPersistence-eca69f22_a9908 2021-04-15T06:10:45Z
decoded persistent file content { lastTimestamp: '2021-04-15T06:10:45Z' }
22 Apr 15:13:29 - [info] [poll proofpoint siem:eca69f22.a9908] lastTimestamp
22 Apr 15:13:29 - [red] Uncaught Exception:
22 Apr 15:13:29 - Error: Callback was already called.
at C:\Users\xxxx.node-red\node_modules\async\dist\async.js:318:36
at C:\Users\xxxx.node-red\node_modules\node-red-contrib-proofpoint\proofpoint\poll.js:34:29
at read (C:\Users\xxxx.node-red\node_modules\node-red-contrib-proofpoint\proofpoint\util.js:100:13)
at FSReqCallback.readFileAfterClose [as oncomplete] (internal/fs/read_file_context.js:63:3)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.