EngineFactoryObjectInterface

The Engine Factory Object Interface

Create an object implementing this interface to send binary data to an analysis engine other than the built-in YARA one in order to find Indicators of Compromise (IOCs). This object is responsible for creating and configuring your engine object.

The fully-qualified class name of the class implementing this interface should be inserted as the value of the _provider: property of the engine: section of the configuration file.

Your object must implement all methods defined in this reference.

Your implementation can inherit from the class cbc_binary_toolkit.engine.manager.LocalEngineFactory (defined here), to ensure that the protocol is properly implemented.

create_engine method

def create_engine(self, config):

This method is called when the toolkit is initialized, so your factory object can create and configure the engine object instance that will be used.

Parameters:

config (type: Config) - Reference to a Config object pointing at the engine: section of the configuration.

Returns:

(type: object) Instance of your engine object.

Information here is current as of Carbon Black Cloud Binary Toolkit 1.0.0

CBC Binary Toolkit

Home
Performance Metrics
User Guide
Developer Guide
- Replace Components
  - Analysis Engine
  - Persistence System
- Architecture Overview
- Schemas
- Interfaces
Glossary

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

EngineFactoryObjectInterface

The Engine Factory Object Interface

create_engine method

CBC Binary Toolkit

Clone this wiki locally