-
Notifications
You must be signed in to change notification settings - Fork 506
Architecture
Augustin FL edited this page Jan 7, 2025
·
5 revisions
FIR is coded using Django, which is an MVC (model-view-controller)-oriented framework. This is what the Django tree structure looks like for FIR:
fir
├── docker # Contain what's required to run FIR using docker
├── fir_alerting # Alerting plugin (sending context-aware emails from FIR)
├── fir_artifacts # Artifacts plugin (extract forensic artifacts - IPs, hostnames, etc.)
├── fir_nuggets # FIR Nuggets plugin (forensic investigation data)
├── fir_... # Other plugins
....
├── fir
│ ├── config # different configuration environments & installed_apps.txt
│ ├── settings.py
│ ├── urls.py # base URLs routing for application
│ ├── wsgi.py
├── incidents
│ ├── static
│ │ ├── vendor # non-customized packages (nvd3, bootstrap, etc...)
│ │ │ ├── bootstrap
│ │ │ ├── select
│ │ │ ....
│ │ ├── custom_css # Custom CSS
│ │ ├── custom_js # Custom JS
│ │ ├── img # images
│ ├── admin.py # various admin settings
│ ├── custom_urls
│ ├── fixtures # initial data
│ ├── forms.py # Forms
│ ├── migrations # DB migrations
│ │ └── <files>
│ ├── models.py # Database models
│ ├── tests.py
│ ├── urls.py # more URL routing
│ └── views.py # Controller
├── LICENSE
├── logs
├── manage.py # Django manager
├── README.md
├── requirements.txt # PIP install requirements
├── templates # Directory containing HTML files used throughout the application
│ └── <directories>
└── uploads # Directory containing files uploaded via FIR
└── <directories>
The templates directory and views.py and models.py files are the main files of the Django MVC model. 90% of the core-development occurs in these files. In the MVC model, files correspond to:
-
models.py– The data model. Here are defined the "objects" that will compose FIR's database. These will later be manipulated in the controller, and displayed in the templates. -
templates– It contains the HTML templates (the view of the MVC) that are populated with information returned from the controller and sent to the user's browser. -
views.py– The controler (and not the view, as its name would imply) is the connector between the model and the templates. It interprets requests received by the web application, requests the model for information, and sends a rendered template back to the browser.