Skip to content
This repository has been archived by the owner on Aug 31, 2018. It is now read-only.

Database

Jump to bottom
robfry edited this page Oct 16, 2014 · 21 revisions

Home
Back to Installation and Usage
Back to Technical Documentation

###Database Overview

The FIDO database is a simple SQLite database. Currently we are using SQLite for it's ease of use and low overhead. However, as we begin to tackle issues of scale, we will likely migrate to another platform which offers more features and options. For where FIDO is today SQLite serves its purpose. The current amount of information created and stored by FIDO is well within the operational limits of SQLite. However, one of the key pieces missing in FIDO is machine learning. We are currently exploring several machine learning offerings for implementation into FIDO. When we find a solution it is reasonable the storage platform best used by this will become the standard which FIDO will use. For the current iteration of this documentation we will only address SQLite.

To begin, the SQLite database is broken up with tables for configurations, events and historical event data. The intent is that no one table will contain too much information and a single table will be used to store a particular kind of information or data. Rather than load and parse a large table with centralized information we instead decided to use smaller more focused tables specific to a single purpose. The exception to this is the config table. Before FIDO was database driven all of the configurations were stored in XML configurations. Recently we updated the code to remove all references to the XML and replaced the XML references with a single 'config' table. While this single table is made up of many configurations, the intention in the future is to break out the config table into it's necessary individual tables. You can see some of this change already in the database with similar configurations between the config table and corresponding tables. Because of this there are a few duplicate value entries. The code is specific to which table values are currently being pulled from. And this documentation will be updated as these migrations occur.

The following is a listing of all tables along with the default values.

Config Table

[Configs_detectors Table] (https://github.com/Netflix/Fido/wiki/table_config_detectors)

[Configs_email Table] (https://github.com/Netflix/Fido/wiki/table_config_email)

[Configs_historical_events Table] (https://github.com/Netflix/Fido/wiki/table_config_historical_events)

[Configs_posture_asset Table] (https://github.com/Netflix/Fido/wiki/table_config_posture_asset)

[Configs_posture_machine Table] (https://github.com/Netflix/Fido/wiki/table_config_posture_machine)

[Configs_posture_user Table] (https://github.com/Netflix/Fido/wiki/table_config_posture_user)

[Configs_threatfeed_virustotal Table] (https://github.com/Netflix/Fido/wiki/table_config_threatfeed_virustotal)

Clone this wiki locally