Updating and Extending¶
Over time, we expect that the database schema will change. To make
transitioning to a new schema easier, each object is defined with the expected
database columns defined in a class variable named column_names
. The bulk
data field (which contains json or raw packet capture) is in a class variable
named bulk_data_field
. The valid_kwargs
class variable is used in
parsing keyword arguments for filtering in the SQL query. These items tie into
functions that live in the Utility class, and are used for forming the SQL
that’s used to query the Kismet DB.
This tool follows calendar versioning, and new versions support DB schemas as far back as v4.
As the database schema changes, the changes required to support a new version of the db will be required on a per-object basis. The following object attributes are used to contain version-specific schema information:
field_defaults
: This is used to force a default value for fields that are not found in older-than-current versions of the Kismet DB.converters_reference
: This allows us to specify a converter so that if the data type changes between schema versions, we can force the older DB type to match the current DB version’s type.column_reference
: This describes the expected columns for each supported version of the kismet DB
All objects representing tables inherit from the BaseInterface class:
-
class
kismetdb.
BaseInterface
(file_location)¶ Initialize with a path to a valid Kismet log file.
Parameters: file_location (str) – Path to Kismet log file. -
bulk_data_field
¶ Field containing bulk data (typically stored as a blob in the DB). This allows the get_meta() method to exclude information which may have a performance impact. This is especially true for the retrieval of packet captures.
Type: str
-
column_reference
¶ Top-level keys in this dictionary are version numbers, and are used to easily extend the schema for new versions. The
column_names
attribute is populated from this during instantiation.Type: dict
-
column_names
¶ Name of columns expected to be in this object’s table by this abstraction. Used for validation against columns in DB on instanitation.
Type: list
-
table_name
¶ Name of the table this abstraction represents.
Type: str
-
valid_kwargs
¶ This is a dictionary where the key is the name of a keyword argument and the value is a reference to the function which builds the SQL partial and replacement dictionary.
Type: str
-
field_defaults
¶ Statically set these column defaults by DB version.
Type: dict
-
converters_reference
¶ This provides a reference for converters to use on data coming from the DB on a version by version basis.
Type: dict
-
full_query_column_names
¶ Processed column names for full query of kismet DB. Created on instantiation.
Type: list
-
meta_query_column_names
¶ Processed column names for meta query of kismet DB. Created on instantiation.
Type: list
-
get_all
(**kwargs)¶ Get all objects represented by this class from Kismet DB.
Keyword arguments are described above, near the beginning of the class documentation.
Returns: List of each json object from all rows returned from query. Return type: list
-
get_meta
(**kwargs)¶ Get metadata columns from DB, excluding bulk data columns.
Keyword arguments are described above, near the beginning of the class documentation.
Returns: List of each json object from all rows returned from query. Return type: list
-
yield_all
(**kwargs)¶ Get all objects represented by this class from Kismet DB.
Yields one row at a time. Keyword arguments are described above, near the beginning of the class documentation.
Yields: dict – Dict representing one row from query.
-
yield_meta
(**kwargs)¶ Yield metadata from DB, excluding bulk data columns.
Yields one row at a time. Keyword arguments are described above, near the beginning of the class documentation.
Returns: Dict representing one row from query. Return type: dict
-