create disposition for unknown file on first interaction.

author: mo khan <mo@mokhan.ca> 2015-02-07 08:46:25 -0700
committer: mo khan <mo@mokhan.ca> 2015-02-07 08:46:25 -0700
commit: 4faa654334dcf2460a2fbaae82da31bccc23c139 (patch)
tree: 310d26ce6fef8024fdd4683fb72bca17b0348100 /app/workers/cloud_queries.rb
parent: d6af160515debb1de4144c632cc81e6039c3a1bf (diff)
1 files changed, 6 insertions, 5 deletions
diff --git a/app/workers/cloud_queries.rb b/app/workers/cloud_queries.rb
index 4e87649..e944142 100644
--- a/app/workers/cloud_queries.rb
+++ b/app/workers/cloud_queries.rb
@@ -8,7 +8,7 @@ class CloudQueries
     logger.info "Query for: #{json.inspect}"
     attributes = JSON.parse(json)
 
-    fingerprint = attributes["fingerprint"]
+    fingerprint = attributes["data"]["fingerprint"]
     disposition = Disposition.find_by(fingerprint: fingerprint)
 
     publish(JSON.generate({
@@ -19,11 +19,12 @@ class CloudQueries
 
     if disposition.nil?
       #publish(JSON.generate({
-        #command: :request_analysis,
-        #agent_id: attributes["agent_id"],
-        #fingerprint: fingerprint,
+      #command: :request_analysis,
+      #agent_id: attributes["agent_id"],
+      #fingerprint: fingerprint,
       #}), routing_key: "malwer.commands")
-      FingerprintLookup.perform_later(fingerprint)
+      Disposition.create!(fingerprint: fingerprint, state: :unknown)
+      FingerprintLookupJob.perform_later(fingerprint)
     end
 
     ack!
author	mo khan <mo@mokhan.ca>	2015-02-07 08:46:25 -0700
committer	mo khan <mo@mokhan.ca>	2015-02-07 08:46:25 -0700
commit	4faa654334dcf2460a2fbaae82da31bccc23c139 (patch)
tree	310d26ce6fef8024fdd4683fb72bca17b0348100 /app/workers/cloud_queries.rb
parent	d6af160515debb1de4144c632cc81e6039c3a1bf (diff)