New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

vectra

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

vectra

  • 0.1.3
  • Rubygems
  • Socket score
Version published
Maintainers
1
Created
Source

Ruby Vectra

A Ruby extension for interfacing with Vectra API.

TravisCI

Installation

Like any other gem:

gem install vectra

Usage

Basic Block Configuration:

Vectra.configure do |config|
  config.endpoint = @endpoint_url
  config.username = @username
  config.password = @password
end

endpoint should be your Vectra box URL, no need to add the /api suffix. If you include it, it won't break things either.

Detections

To get all detections, use #all:

Vectra::Detections.all

You can also get a detection by ID or by referencing the detection URL:

Vectra::Detections.get(1)
Vectra::Detections.get('https://vectra/detection/1')

Detection Details

Within the response of a detection, you may find Detection Details. You can get more details on these like so:

Vectra::Detections.get(1)["detection_detail_set"].each do |d|
  details = Vectra::DetectionDetails.get(d)
  puts "--> #{details["destination"]}:#{details["dst_port"]}"
end

Relayed Comms

Another type of detection detail you may see is the following:

Vectra::Detections.get(1)["relayed_comm_set"].each do |r|
  details = Vectra::RelayComms.get(r)
  puts "--> #{details['inbound_proto']} #{details["inbound_ip"]}:#{details["inbound_port"]} @ #{details['total_bytes_rcvd']} bytes"
end

DNS

There is also a DNS set:

Vectra::Detections.get(1)["dns_set"].each do |d|
  details = Vectra::DNS.get(r)
  puts "--> DNS Server: #{details['dns_ip']} resolved #{details['dns_request']} to #{details['resp']}"
end

SQL Injection

And lastly, an SQL Injection Set

Vectra::Detections.get(1)["sqli_set"].each do |s|
  details = Vectra::SQLi.get(s)
  puts "Injection Attempted: #{details['ngram']} to #{details['destination']}"
end

Hosts

Do not use ::Hosts.all if you are in production. This will be very costly if you have more than 5,000 discovered hosts.

Instead, pass a Host ID or URL:

Vectra::Hosts.get(1)

Notes

Vectra uses a next parameter in their responses for pagination. Default pagination is 50. This API client will follow the next pages.

Currently, all responses which contain arrays (hosts and detections) will be sorted in ASC order by ID.

Credit

Mike Mackintosh

FAQs

Package last updated on 04 Mar 2015

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

38% of CISOs Fear They’re Not Moving Fast Enough on AI

Security News

38% of CISOs Fear They’re Not Moving Fast Enough on AI

CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.

By Sarah Gooding  -  Feb 04, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc