utils

package
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 19, 2025 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddPermissionsToContext 

func AddPermissionsToContext(ctx context.Context, perms *permissions.Config) context.Context

AddPermissionsToContext adds permissions configuration to the context

func CreateFilterFromJSONString 

func CreateFilterFromJSONString(filterString string) (thehive.InputQueryNamedOperation, error)

func ExpandEntitiesWithQueries 

func ExpandEntitiesWithQueries(
	ctx context.Context,
	entityType string,
	entities []map[string]interface{},
	additionalQueries []string,
) ([]map[string]interface{}, error)

ExpandEntitiesWithQueries expands each entity with its related data inline

func GetAttachmentsFromAlertID 

func GetAttachmentsFromAlertID(ctx context.Context, client *thehive.APIClient, alertID string) ([]map[string]interface{}, error)

func GetAttachmentsFromCaseID 

func GetAttachmentsFromCaseID(ctx context.Context, client *thehive.APIClient, caseID string) ([]map[string]interface{}, error)

func GetCommentsFromAlertID 

func GetCommentsFromAlertID(ctx context.Context, client *thehive.APIClient, alertID string) ([]map[string]interface{}, error)

func GetCommentsFromCaseID 

func GetCommentsFromCaseID(ctx context.Context, client *thehive.APIClient, caseID string) ([]map[string]interface{}, error)

func GetHiveClientFromContext 

func GetHiveClientFromContext(ctx context.Context) (*thehive.APIClient, error)

func GetJSONFields 

func GetJSONFields(v interface{}) []string

func GetModelCompletion 

func GetModelCompletion(ctx context.Context, messages []mcp.PromptMessage, target interface{}) error

func GetObservablesFromAlertID 

func GetObservablesFromAlertID(ctx context.Context, client *thehive.APIClient, alertID string) ([]map[string]interface{}, error)

Alert-related functions

func GetObservablesFromCaseID 

func GetObservablesFromCaseID(ctx context.Context, client *thehive.APIClient, caseID string) ([]map[string]interface{}, error)

func GetOpenaiModelCompletion 

func GetOpenaiModelCompletion(
	ctx context.Context,
	messages []openai.ChatCompletionMessage,
	target interface{},
) error

GetOpenaiModelCompletion uses the globally initialized OpenAI wrapper

func GetPagesFromAlertID 

func GetPagesFromAlertID(ctx context.Context, client *thehive.APIClient, alertID string) ([]map[string]interface{}, error)

func GetPagesFromCaseID 

func GetPagesFromCaseID(ctx context.Context, client *thehive.APIClient, caseID string) ([]map[string]interface{}, error)

func GetPermissionsFromContext 

func GetPermissionsFromContext(ctx context.Context) (*permissions.Config, error)

GetPermissionsFromContext retrieves permissions configuration from the context

func GetSamplingModelCompletion 

func GetSamplingModelCompletion(ctx context.Context, messages []mcp.PromptMessage, target interface{}) error

func GetSupportedQueries 

func GetSupportedQueries(entityType string) []string

GetSupportedQueries returns the list of supported queries for an entity type

func GetTaskLogsFromTaskID 

func GetTaskLogsFromTaskID(ctx context.Context, client *thehive.APIClient, taskID string) ([]map[string]interface{}, error)

Task-related functions

func GetTasksFromCaseID 

func GetTasksFromCaseID(ctx context.Context, client *thehive.APIClient, caseID string) ([]map[string]interface{}, error)

Case-related functions

func InitOpenai 

func InitOpenai(options *types.TheHiveMcpDefaultOptions)

InitOpenai initializes the global OpenAI wrapper with configuration from options If OpenAI configuration is missing, it logs warnings but does not return errors

func NewToolResultJSONUnescaped 

func NewToolResultJSONUnescaped(data interface{}) *mcp.CallToolResult

NewToolResultJSONUnescaped creates a new MCP tool result with proper UTF-8 encoding without escaping non-ASCII characters. This fixes issues where Unicode characters like emojis and accented characters get escaped (e.g., ✅ becomes \u2705).

func ParseDateFields 

func ParseDateFields(entity map[string]interface{}) (map[string]interface{}, error)

func PerformAdditionalQueries 

func PerformAdditionalQueries(
	ctx context.Context,
	entityType string,
	entities []map[string]interface{},
	additionalQueries []string,
) (map[string][]interface{}, error)

PerformAdditionalQueries collects all additional data separately (your original behavior)

func TranslateDatesToTimestamps 

func TranslateDatesToTimestamps(filterMap map[string]interface{}) map[string]interface{}

Searches the filter map for date strings and converts them to timestamps in milliseconds since epoch.

func ValidateQuery 

func ValidateQuery(entityType, queryName string) error

ValidateQuery checks if a query is supported for an entity type

Types

type ElicitationTransport 

type ElicitationTransport struct {
	Transport http.RoundTripper
}

ElicitationTransport wraps an http.RoundTripper to add elicitation for modifying operations

func (*ElicitationTransport) RoundTrip 

func (e *ElicitationTransport) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip implements http.RoundTripper interface with elicitation for POST, PATCH, DELETE

type EntityQueryConfig 

type EntityQueryConfig map[string]QueryFunc

EntityQueryConfig maps query names to their corresponding query functions

type OpenAIWrapper 

type OpenAIWrapper struct {
	ModelName  string
	MaxTokens  int
	MaxRetries int
	// contains filtered or unexported fields
}

type QueryFunc 

type QueryFunc func(ctx context.Context, client *thehive.APIClient, entityID string) ([]map[string]interface{}, error)

QueryFunc defines a function that queries data for a single entity

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.