DB 1 - Curve
DB 2 - TermFreq
DB 3 - Trending
DB 4 - Sentiments
DB 5 - TermCred
DB 6 - Tags
DB 7 - Metadata
DB 8 - Statistics
DB 9 - Crawler
DB 10 - Objects
ARDB on TCP port
DB 0 - Lines duplicate
DB 1 - Hashes
Database Map:
Redis cache
Brute force protection:
Set Key
Value
failed_login_ip:ip
nb login failed
failed_login_user_id:user_id
nb login failed
Item Import:
Key
Value
uuid:nb_total
nb total
uuid:nb_end
nb
uuid:nb_sucess
nb success
uuid:end
0 (in progress) or (item imported)
uuid:processing
process status: 0 or 1
uuid:error
error message
Set Key
Value
uuid:paste_submit_link
item_path
DB0 - Core:
Update keys:
Key
Value
ail:version
current version
ail:update_update_version
background update name
background update name
...
ail:update_error
update message error
ail:update_in_progress
update version in progress
ail:current_background_update
current update version
ail:current_background_script
name of the background script currently executed
ail:current_background_script_stat
progress in % of the background script
Hset Key
Field
Value
ail:update_date
update tag
update date
User Management:
Hset Key
Field
Value
user:all
user id
password hash
user:tokens
token
user id
user_metadata:user id
token
token
change_passwd
boolean
role
role
Set Key
Value
user_role:role
user id
Zrank Key
Field
Value
ail:all_role
role
int, role priority (1=admin)
MISP Modules:
Set Key
Value
enabled_misp_modules
module name
Key
Value
misp_module:module name
module dict
Item Import:
Key
Value
uuid:isfile
boolean
uuid:paste_content
item_content
DB2 - TermFreq:
Set Key
Value
submitted:uuid
uuid
uuid:ltags
tag
uuid:ltagsgalaxies
tag
DB3 - Leak Hunter:
Tracker metadata:
Hset - Key
Field
Value
tracker:uuid
tracker
tacked word/set/regex
type
word/set/regex
date
date added
user_id
created by user_id
dashboard
0/1 Display alert on dashboard
description
Tracker description
level
0/1 Tracker visibility
Tracker by user_id (visibility level: user only):
Set - Key
Value
user:tracker:user_id
uuid - tracker uuid
user:tracker:user_id:word/set/regex - tracker type
uuid - tracker uuid
Global Tracker (visibility level: all users):
Set - Key
Value
gobal:tracker
uuid - tracker uuid
gobal:tracker:word/set/regex - tracker type
uuid - tracker uuid
All Tracker by type:
Set - Key
Value
all:tracker:word/set/regex - tracker type
tracked item
Set - Key
Value
all:tracker_uuid:tracker type:tracked item
uuid - tracker uuid
All Tracked items:
Set - Key
Value
tracker:item:uuid:date
item_id
All Tracked tags:
Set - Key
Value
tracker:tags:uuid
tag
All Tracked mail:
Set - Key
Value
tracker:mail:uuid
mail
Refresh Tracker:
Key
Value
tracker:refresh:word
last refreshed epoch
tracker:refresh:set
-
tracker:refresh:regex
-
Zset Stat Tracker:
Key
Field
Value
tracker:stat:uuid
date
nb_seen
Stat token:
Key
Field
Value
stat_token_total_by_day:date
word
nb_seen
stat_token_per_item_by_day:date
word
nb_seen
Set - Key
Value
stat_token_history
date
DB6 - Tags:
Hset:
Key
Field
Value
tag_metadata:tag
first_seen
date
tag_metadata:tag
last_seen
date
Set:
Key
Value
list_tags
tag
list_tags:object_type
tag
list_tags:domain
tag
active_taxonomies
taxonomie
active_galaxies
galaxie
active_tag_taxonomie or galaxy
tag
synonym_tag_misp-galaxy:galaxy
tag synonym
list_export_tags
user_tag
tag:date
paste
object_type:tag
object_id
DB7
tag:object_id
tag
old:
Key
Value
tag
paste
DB7 - Metadata:
Crawled Items:
Hset:
Key
Field
Value
paste_metadata:item path
super_father
first url crawled
father
item father
domain
crawled domain:domain port
screenshot
screenshot hash
Set:
Key
Field
tag:item path
tag
paste_children:item path
item path
hash_paste:item path
hash
base64_paste:item path
hash
hexadecimal_paste:item path
hash
binary_paste:item path
hash
Zset:
Key
Field
Value
nb_seen_hash:hash
item
nb_seen
base64_hash:hash
item
nb_seen
binary_hash:hash
item
nb_seen
hexadecimal_hash:hash
item
nb_seen
PgpDump
Hset:
Key
Field
Value
pgpdump_metadata_key:key id
first_seen
date
last_seen
date
pgpdump_metadata_name:name
first_seen
date
last_seen
date
pgpdump_metadata_mail:mail
first_seen
date
last_seen
date
set:
Key
Value
set_pgpdump_key:key id
item_path
set_pgpdump_name:name
item_path
set_pgpdump_mail:mail
item_path
set_domain_pgpdump_pgp_type:key
domain
Hset date:
| Key | Field | Value |
| ------ | ------ |
| pgpdump🔑date | key | nb seen |
| | |
| pgpdump:name:date | name | nb seen |
| | |
| pgpdump:mail:date | mail | nb seen |
----------------------------------------- SENTIMENT ------------------------------------
SET - 'Provider_set' Provider
KEY - 'UniqID' INT
SET - provider_timestamp UniqID
SET - UniqID avg_score