File Coverage

blib/lib/STIX/Observable/NetworkTraffic.pm

Criterion	Covered	Total	%
statement	38	38	100.0
branch			n/a
condition			n/a
subroutine	13	13	100.0
pod			n/a
total	51	51	100.0

line	stmt	sub	time	code
1				package STIX::Observable::NetworkTraffic;
2
3	25	25	1347	use 5.010001;
	25		129
4	25	25	171	use strict;
	25		61
	25		708
5	25	25	121	use warnings;
	25		49
	25		1277
6	25	25	181	use utf8;
	25		51
	25		185
7
8	25	25	1012	use STIX::Common::List;
	25		67
	25		1167
9	25	25	140	use Types::Standard qw(Str Bool HashRef Int InstanceOf);
	25		63
	25		238
10	25	25	67127	use Types::TypeTiny qw(ArrayLike);
	25		70
	25		214
11
12	25	25	15570	use Moo;
	25		72
	25		205
13	25	25	11994	use namespace::autoclean;
	25		62
	25		249
14
15				extends 'STIX::Observable';
16
17	25		2804	use constant SCHEMA =>
18	25	25	2553	'http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/network-traffic.json';
	25		107
19
20	25		1898	use constant PROPERTIES => (
21				qw(type id),
22				qw(spec_version object_marking_refs granular_markings defanged extensions),
23				qw(start end is_active src_ref dst_ref src_port dst_port protocols src_byte_count dst_byte_count src_packets dst_packets ipfix src_payload_ref dst_payload_ref encapsulates_refs encapsulated_by_ref),
24	25	25	225	);
	25		59
25
26	25	25	158	use constant STIX_OBJECT => 'SCO';
	25		56
	25		1310
27	25	25	136	use constant STIX_OBJECT_TYPE => 'network-traffic';
	25		54
	25		12804
28
29				has start => (
30				is => 'rw',
31				isa => InstanceOf ['STIX::Common::Timestamp'],
32				coerce => sub { ref($_[0]) ? $_[0] : STIX::Common::Timestamp->new($_[0]) },
33				);
34
35				has end => (
36				is => 'rw',
37				isa => InstanceOf ['STIX::Common::Timestamp'],
38				coerce => sub { ref($_[0]) ? $_[0] : STIX::Common::Timestamp->new($_[0]) },
39				);
40
41				has is_active => (is => 'rw', isa => Bool);
42
43				has src_ref => (
44				is => 'rw',
45				isa => InstanceOf [
46				'STIX::Observable::IPv4Addr', 'STIX::Observable::IPv6Addr',
47				'STIX::Observable::MACAddr', 'STIX::Observable::DomainName',
48				'STIX::Common::Identifier'
49				]
50				);
51
52				has dst_ref => (
53				is => 'rw',
54				isa => InstanceOf [
55				'STIX::Observable::IPv4Addr', 'STIX::Observable::IPv6Addr',
56				'STIX::Observable::MACAddr', 'STIX::Observable::DomainName',
57				'STIX::Common::Identifier'
58				]
59				);
60
61				has src_port => (is => 'rw', isa => Int);
62				has dst_port => (is => 'rw', isa => Int);
63				has protocols => (is => 'rw', isa => ArrayLike [Str], default => sub { STIX::Common::List->new });
64				has src_byte_count => (is => 'rw', isa => Int);
65				has dst_byte_count => (is => 'rw', isa => Int);
66				has src_packets => (is => 'rw', isa => Int);
67				has dst_packets => (is => 'rw', isa => Int);
68				has ipfix => (is => 'rw', isa => HashRef);
69				has src_payload_ref => (is => 'rw', isa => InstanceOf ['STIX::Observable::Artifact', 'STIX::Common::Identifier']);
70				has dst_payload_ref => (is => 'rw', isa => InstanceOf ['STIX::Observable::Artifact', 'STIX::Common::Identifier']);
71
72				has encapsulates_refs => (
73				is => 'rw',
74				isa => ArrayLike [InstanceOf ['STIX::Observable::NetworkTraffic', 'STIX::Common::Identifier']],
75				default => sub { STIX::Common::List->new }
76				);
77
78				has encapsulated_by_ref =>
79				(is => 'rw', isa => InstanceOf ['STIX::Observable::NetworkTraffic', 'STIX::Common::Identifier']);
80
81				1;
82
83				=encoding utf-8
84
85				=head1 NAME
86
87				STIX::Observable::NetworkTraffic - STIX Cyber-observable Object (SCO) - Network Traffic
88
89				=head1 SYNOPSIS
90
91				use STIX::Observable::NetworkTraffic;
92
93				my $network_traffic = STIX::Observable::NetworkTraffic->new();
94
95
96				=head1 DESCRIPTION
97
98				The Network Traffic Object represents arbitrary network traffic that
99				originates from a source and is addressed to a destination.
100
101
102				=head2 METHODS
103
104				L inherits all methods from L
105				and implements the following new ones.
106
107				=over
108
109				=item STIX::Observable::NetworkTraffic->new(%properties)
110
111				Create a new instance of L.
112
113				=item $network_traffic->dst_byte_count
114
115				Specifies the number of bytes sent from the destination to the source.
116
117				=item $network_traffic->dst_packets
118
119				Specifies the number of packets sent destination to the source.
120
121				=item $network_traffic->dst_payload_ref
122
123				Specifies the bytes sent from the source to the destination.
124
125				=item $network_traffic->dst_port
126
127				Specifies the destination port used in the network traffic, as an integer.
128				The port value MUST be in the range of 0 - 65535.
129
130				=item $network_traffic->dst_ref
131
132				Specifies the destination of the network traffic, as a reference to an
133				Observable Object.
134
135				=item $network_traffic->encapsulated_by_ref
136
137				Links to another network-traffic object which encapsulates this object.
138
139				=item $network_traffic->encapsulates_refs
140
141				Links to other network-traffic objects encapsulated by a network-traffic.
142
143				=item $network_traffic->end
144
145				Specifies the date/time the network traffic ended, if known.
146
147				=item $network_traffic->extensions
148
149				The Network Traffic Object defines the following extensions. In addition to
150				these, producers MAY create their own. Extensions: http-ext, tcp-ext,
151				icmp-ext, socket-ext
152
153				=item $network_traffic->id
154
155				=item $network_traffic->ipfix
156
157				Specifies any IP Flow Information Export (IPFIX) data for the traffic.
158
159				=item $network_traffic->protocols
160
161				Specifies the protocols observed in the network traffic, along with their
162				corresponding state.
163
164				=item $network_traffic->src_byte_count
165
166				Specifies the number of bytes sent from the source to the destination.
167
168				=item $network_traffic->src_packets
169
170				Specifies the number of packets sent from the source to the destination.
171
172				=item $network_traffic->src_payload_ref
173
174				Specifies the bytes sent from the source to the destination.
175
176				=item $network_traffic->src_port
177
178				Specifies the source port used in the network traffic, as an integer. The
179				port value MUST be in the range of 0 - 65535.
180
181				=item $network_traffic->src_ref
182
183				Specifies the source of the network traffic, as a reference to an
184				Observable Object.
185
186				=item $network_traffic->start
187
188				Specifies the date/time the network traffic was initiated, if known.
189
190				=item $network_traffic->type
191
192				The value of this property MUST be C.
193
194				=back
195
196
197				=head2 HELPERS
198
199				=over
200
201				=item $network_traffic->TO_JSON
202
203				Encode the object in JSON.
204
205				=item $network_traffic->to_hash
206
207				Return the object HASH.
208
209				=item $network_traffic->to_string
210
211				Encode the object in JSON.
212
213				=item $network_traffic->validate
214
215				Validate the object using JSON Schema
216				(see L).
217
218				=back
219
220
221				=head1 SUPPORT
222
223				=head2 Bugs / Feature Requests
224
225				Please report any bugs or feature requests through the issue tracker
226				at L.
227				You will be notified automatically of any progress on your issue.
228
229				=head2 Source Code
230
231				This is open source software. The code repository is available for
232				public review and contribution under the terms of the license.
233
234				L
235
236				git clone https://github.com/giterlizzi/perl-STIX.git
237
238
239				=head1 AUTHOR
240
241				=over 4
242
243				=item * Giuseppe Di Terlizzi
244
245				=back
246
247
248				=head1 LICENSE AND COPYRIGHT
249
250				This software is copyright (c) 2024 by Giuseppe Di Terlizzi.
251
252				This is free software; you can redistribute it and/or modify it under
253				the same terms as the Perl 5 programming language system itself.
254
255				=cut