anamico / node-red-contrib-proofpoint Goto Github PK
View Code? Open in Web Editor NEWNode-RED nodes for talking to Proofpoint
Home Page: https://flows.nodered.org/node/node-red-contrib-proofpoint
License: MIT License
node-red-contrib-proofpoint's People
Contributors
Stargazers
Watchers
node-red-contrib-proofpoint's Issues
Add URL reputation support?
Should look to see if we can spit out reputations per flagged url
Add configuration to turn on/off each of the 4 SIEM sections
Could have a bank of checkboxes to allow the user to "turn on" or "turn off" any of the 4 Proofpoint SIEM response sections.
Should also use that to adjust the query to reduce data where possible.
Switch to streaming lexical json parsing
Currently, the request to proofpoint is returned as a blob and then the next stage parses over the entire parsed json response structure streaming out reputations as they are detected.
This has a level (albeit small) of latency (while the response is streamed to the response buffer - plus, depending on how request works, may also then parse the response buffer) and a memory overhead as the entire parsed json structure resides in memory to be passed from the request response handler to the reputation searching component.
An alternate approach is to stream the response from the request directly to a json lexical streaming parser, and based on the known structure of the proofpoint response, start processing (and discarding) each file reputation as it is hydrated from the stream.
This removes both the memory and latency overheads at the client end (though doesn't overcome the server side latency, it's the best we can do).
Allow users to configure reputation score mappings
Provide a reputation score mapping feature to override based on drop-down selectors (or custom string?) to make the pollproofpoint node more flexible
Callback was already called on timestamp decode
persist? 2021-04-15T06:10:45Z
persist var? proofpointPersistence-eca69f22_a9908 2021-04-15T06:10:45Z
decoded persistent file content { lastTimestamp: '2021-04-15T06:10:45Z' }
22 Apr 15:13:29 - [info] [poll proofpoint siem:eca69f22.a9908] lastTimestamp
22 Apr 15:13:29 - [red] Uncaught Exception:
22 Apr 15:13:29 - Error: Callback was already called.
at C:\Users\xxxx.node-red\node_modules\async\dist\async.js:318:36
at C:\Users\xxxx.node-red\node_modules\node-red-contrib-proofpoint\proofpoint\poll.js:34:29
at read (C:\Users\xxxx.node-red\node_modules\node-red-contrib-proofpoint\proofpoint\util.js:100:13)
at FSReqCallback.readFileAfterClose [as oncomplete] (internal/fs/read_file_context.js:63:3)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.