nexpose_cyberark 0.0.8-java → 0.0.9-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 793a9a0d618c0e7a742f5f731496fc5928b918ec
-  data.tar.gz: dab978bfaa5ea403a7c4bad74cd1f088203ad948
+  metadata.gz: 5f2c6964971a551e42241ec895f6de3358b07418
+  data.tar.gz: 5a3d0290c167bd34147d565273ecd75c8063bde0
 SHA512:
-  metadata.gz: 9411df44e4a5747ee11ab1501dc7277f1294dd68766d2be2b305aee98821e910f6d9e060114b852573d3353a9f973b00c311ef9d4280dc9fa106006e8b1199a8
-  data.tar.gz: 447520879d916e8ba1edf1f1959e4aa62c9e15a74c98687fc394a9a5914f7602c809a23e4db62eee89227c28302ed1f1ae7a7a15d97a5cf46b03857925497626
+  metadata.gz: b62fdd317e6e9fe7dd67479475fc9c16364fbee1a7e5287dbe13c20b038deef7baf9eeec619bec21ee2a3ee369f4099a9043d34670bba297c7b475e644ddeedc
+  data.tar.gz: 1804e438104685d865525f300d385a6b062bd83c1f8ceeb91e384b19a58b0f5ef1386259afb1a1005188e41090c5bde7bd1f4e73ddf5d1e2cf9e9eef4797f6b8

data/bin/nx_cyberark.rb

@@ -1,42 +1,11 @@
-#!/usr/bin/env ruby
-# Nexpose Cyberark Integration
-# Please refer to the configuration documentation for instructions on how to run this gem
-# Do NOT run this gem without proper pre-configuration.
-require 'nexpose_cyberark'
-require 'nexpose_cyberark/version'
-require 'nexpose_cyberark/nx_logger'
-require 'yaml'
-
-CONFIG_PATH =  File.join(File.dirname(__FILE__), '../lib/nexpose_cyberark/config/nexpose_cyberark.config')
-
-# Obtain Nexpose settings from Environment Variables.
-configuration_settings = begin
-  YAML.load_file(CONFIG_PATH)
-rescue ArgumentError => e
-  raise "Could not parse YAML #{CONFIG_PATH} : #{e.message}"
-end
-
-raise 'Must configure nexpose settings before starting' if ENV['NEXPOSE_URL'].nil? || ENV['NEXPOSE_USERNAME'].nil? || ENV['NEXPOSE_PASSWORD'].nil?
-configuration_settings[:nexpose_address] = ENV['NEXPOSE_URL']
-configuration_settings[:nexpose_port] = ENV['NEXPOSE_PORT']
-configuration_settings[:nexpose_username] = ENV['NEXPOSE_USERNAME']
-configuration_settings[:nexpose_password] = ENV['NEXPOSE_PASSWORD']
+#! /usr/bin/env ruby
 
+###################
+#
+# STOP. THIS GEM HAS BEEN DEPRECATED. NO CHANGES SHOULD BE MADE TO THIS CODE ANYMORE.
+#
+###################
+require 'nexpose_cyberark/version'
 
-
-# --- DO NOT EDIT BELOW THIS LINE --- #
-
-vault_options = { :app_id => configuration_settings[:ca_options][:app_id], :safe => configuration_settings[:ca_options][:safe], :folder => configuration_settings[:ca_options][:folder] }
-nexpose_options = { :nxip => configuration_settings[:nexpose_address],
-                    :nxport => configuration_settings[:nexpose_port],
-                    :nxuser => configuration_settings[:nexpose_username],
-                    :nxpassword => configuration_settings[:nexpose_password],
-                    :sites => configuration_settings[:ca_options][:sites],
-                    :windows_policy_ids => configuration_settings[:ca_options][:windows_policy_ids],
-                    :unix_policy_ids => configuration_settings[:ca_options][:unix_policy_ids],
-                    :logging => configuration_settings[:ca_options][:logging],
-                    :log_level => configuration_settings[:ca_options][:log_level]}
-NexposeCyberark::Vault.update_credentials(vault_options, nexpose_options)
-NexposeCyberark::Vault.start_scans(nexpose_options) if configuration_settings[:ca_options][:start_scans].casecmp('y') == 0
-log = NexposeCyberark::NxLogger.instance
-log.log_message('Importing credentials complete. Exiting...')
+puts NexposeCyberark::DEPRECATION_NOTICE
+raise RuntimeError

data/lib/nexpose_cyberark.rb

@@ -1,199 +1,4 @@
-Dir[File.dirname(__FILE__)+'/nexpose_cyberark/lib/java/*.jar'].each { |jar| require jar }
-require 'nexpose_cyberark/password_ops'
-require 'nexpose_cyberark/nexpose_ops'
 require 'nexpose_cyberark/version'
-require 'waitutil'
-require 'resolv'
 
 module NexposeCyberark
-  module Vault
-
-    def self.update_credentials(vault_options, nexpose_options = nil)
-      #Setup logger
-      @log = NexposeCyberark::NxLogger.instance
-
-      log_enabled = nexpose_options[:logging].downcase.start_with? 'y'
-      @log.setup_statistics_collection(NexposeCyberark::VENDOR, 
-                                       NexposeCyberark::PRODUCT_NAME, 
-                                       NexposeCyberark::VERSION)
-      @log.setup_logging(log_enabled, nexpose_options[:log_level] || 'info')
-
-      @nx = Ops::Nexpose.new(nexpose_options[:nxip], nexpose_options[:nxport], nexpose_options[:nxuser], nexpose_options[:nxpassword])
-      @log.log_message('Connection to the Nexpose console complete!')
-
-      # Parse sites from config
-      nexpose_options[:sites].each do |site_id|
-        # Get included scan targets
-        site_scan_target_addresses = @nx.get_site_scan_target_addresses(site_id)
-
-
-        # We now have all Nexpose scan targets. Defined scan targets can be IP/Host where
-        # devices that have been scanned before will be an IP. Get the scan targets & subtract
-        # the defined devices to produce a list of new devices to be scanned.
-
-        # Nexpose site credentials expect the credential to match the scan target which may not be the IP.
-        site_devices = @nx.get_site_devices(site_id)
-
-        all_asset_details = []
-        site_devices.each { |device|
-          # Start by getting all the details we have on current devices
-          asset = @nx.load_asset(device.id)
-          asset_details= {}
-          asset_details[:address] = device.address
-          asset_details[:host_names] = asset.host_names
-          asset_details[:os_name] = [asset.os_name]
-
-
-          # Next subtract the defined assets from the defined scan targets to get devices never scanned before.
-          # Also monitor the deleted identifier. We need to remember this to sync the credential to the site for scanning.
-          scan_target_idq = site_scan_target_addresses.delete(device.address)
-          asset_details[:scan_target_idq] = scan_target_idq unless scan_target_idq.nil?
-          asset.host_names.each do |host_name|
-            scan_target_idq = site_scan_target_addresses.delete(host_name)
-            asset_details[:scan_target_idq] = scan_target_idq unless scan_target_idq.nil?
-          end unless asset.host_names.nil?
-          # Handle the case that a device may have been scanned before but is no longer in the scan target list.
-          # in this case we do not add it to the list of assets to import credentials for (think old sites with many inactive devices)
-          # asset_details[:scan_target_idq] = asset_details[:address] if asset_details[:scan_target_idq].nil?
-          if asset_details[:scan_target_idq].nil?
-            @log.log_warn_message("Found a site device not in the scan target list. Not fetching credentials for address <#{asset_details[:address]}>")
-          else
-            all_asset_details << asset_details
-          end
-        }
-
-        #Start by trying to get credentials for defined assets.
-        @log.log_message('Starting to query CyberArk for defined asset credentials...')
-        site_credentials = []
-        credential_data = nil
-        all_asset_details.each do |asset_details|
-          #The address stored in the vault could be any of the values we have.. so try and find it!
-          vault_options[:address] = asset_details[:address]
-          vault_options[:nexpose_os] = asset_details[:os_name]
-          credential_data = PasswordOps::get_password(nexpose_options, vault_options)
-
-          if credential_data.empty?
-            @log.log_debug_message("Failed to fetch credential for IP <#{asset_details[:address]}>")
-            # No credential for the IP. Let's check if Nexpose has any hostnames and if these match credentials
-            # within CyberArk. If they do not then try and resolve one from the IP.
-            if asset_details[:host_names].nil?
-              asset_details[:host_names] = resolve_address(asset_details[:address])
-            end
-
-            @log.log_debug_message("Trying to fetch credentials for resolved addresses <#{asset_details[:address]}> instead...")
-
-            asset_details[:host_names].each do |hostname|
-              vault_options[:address] = hostname
-              vault_options[:nexpose_os] = asset_details[:os_name]
-              credential_data = PasswordOps::get_password(nexpose_options, vault_options)
-              break unless credential_data.empty?
-            end
-          end
-
-          if credential_data.empty?
-            @log.log_error_message("Failed to get credential for asset with IP <#{asset_details[:address]}> and names <#{asset_details[:host_names]}>. Please check configuration!!!")
-          else
-            credential = @nx.credential_for_service(asset_details[:scan_target_idq], nil, "Automated import for Nexpose scan target <#{asset_details[:scan_target_idq]}> and CyberArk credential <#{vault_options[:address]}>", asset_details[:scan_target_idq], nil, credential_data[:service])
-            credential.user_name = credential_data[:user]
-            credential.password = credential_data[:password]
-            # Only Linux SUDO support currently
-            credential.permission_elevation_user = credential_data[:p_e_user] unless credential_data[:p_e_user].nil?
-            credential.permission_elevation_password = credential_data[:password] unless credential_data[:password].nil?
-            credential.permission_elevation_type = credential_data[:p_e_type]
-            site_credentials.push(credential)
-          end
-        end
-
-        @log.log_message('Starting to query CyberArk for new scan target credentials...')
-
-        # Now let's deal with assets that have never been scanned.
-        # These are more difficult as we only have the scan target address (whatever that may be).
-        site_scan_target_addresses.each do |address|
-          vault_options[:address] = address
-          credential_data = PasswordOps::get_password(nexpose_options, vault_options)
-
-          if credential_data.empty?
-            @log.log_debug_message("Failed to fetch credential for IP <#{address}>")
-            other_addresses = resolve_address(address)
-            @log.log_debug_message("Trying to fetch credentials for resolved addresses <#{other_addresses}> instead...")
-            other_addresses.each do |other_address|
-              vault_options[:address] = other_address
-              credential_data = PasswordOps::get_password(nexpose_options, vault_options)
-              break unless credential_data.empty?
-            end
-          end
-
-          if credential_data.empty?
-            @log.log_error_message("Failed to get credential for asset with IP <#{address}> and names <#{other_addresses}>. Please check configuration!!!")
-          else
-              credential = @nx.credential_for_service(address, nil, "Automated import for Nexpose scan target <#{address}> and CyberArk credential <#{vault_options[:address]}>",address, nil, credential_data[:service])
-              credential.user_name = credential_data[:user]
-              credential.password = credential_data[:password]
-              #Only Linux SUDO support currently
-              credential.permission_elevation_user = credential_data[:p_e_user] unless credential_data[:p_e_user].nil?
-              credential.permission_elevation_password = credential_data[:password] unless credential_data[:password].nil?
-              credential.permission_elevation_type = credential_data[:p_e_type]
-              site_credentials.push(credential)
-            end
-        end
-        @log.log_message("Saving credentials for site <#{site_id}>. Number of credentials to be saved <#{site_credentials.size}>.")
-        # Save site
-        @nx.save_site(site_id, site_credentials)
-      end
-    end
-
-    def self.start_scans(nexpose_options = nil)
-      @nx = Ops::Nexpose.new(nexpose_options[:nxip], nexpose_options[:nxport], nexpose_options[:nxuser], nexpose_options[:nxpassword])
-      all_site_scan_details = []
-      nexpose_options[:sites].each do |site_id|
-        scan = @nx.start_scan(site_id)
-        if scan.nil?
-          @log.log_error_message("Failed to start scan for site <#{site_id}>!")
-          next
-        end
-        @log.log_message("Started scan for site <#{site_id}>. Scan ID is <#{scan.id}>.")
-        site_scan_details = {}
-        site_scan_details[:site_id] = site_id
-        site_scan_details[:scan_id] = scan.id
-        all_site_scan_details << site_scan_details
-      end
-
-      WaitUtil.wait_for_condition('wait_for_all_scans_to_finish', :timeout_sec => 10800, :delay_sec => 60) do
-        @completed = false
-        all_site_scan_details.delete_if do |site_scan_details|
-          status = @nx.scan_status(site_scan_details[:scan_id])
-          @log.log_debug_message("Scan status for scan ID <#{site_scan_details[:scan_id]}> is <#{status}>.")
-          if status == Scan::Status::RUNNING
-            @log.log_debug_message("Waiting for scan <#{site_scan_details[:scan_id]}> for site <#{site_scan_details[:site_id]}> to finish.")
-            false
-          else
-            @log.log_message("Scan <#{site_scan_details[:scan_id]}> for site <#{site_scan_details[:scan_id]}> finished. Removing credentials")
-            @nx.delete_site_credentials(site_scan_details[:site_id])
-            true
-          end
-        end
-        @completed = true if all_site_scan_details.empty?
-      end
-    end
-
-    def self.resolve_address(address)
-      is_ip = !!((address =~ Resolv::IPv4::Regex) || (address =~ Resolv::IPv6::Regex))
-      resolved_addresses = []
-      @log.log_debug_message("Resolving address <#{address}>.")
-      begin
-        if is_ip
-          resolved_addresses = Resolv.getnames address
-          @log.log_debug_message("Address <#{address}> is an IP. Resolved names are <#{resolved_addresses}>.")
-        else
-          resolved_addresses = Resolv.getaddress address
-          @log.log_debug_message("Address <#{address}> is a name. Resolved IPs are <#{resolved_addresses}>.")
-        end
-        resolved_addresses = [resolved_addresses] unless resolved_addresses.kind_of?(Array)
-      rescue Resolv::ResolvError => e
-        @log.log_error_message("Unable to resolve address <#{address}>. Error was <#{e}>")
-      end
-      return resolved_addresses
-    end
-
-  end
 end

data/lib/nexpose_cyberark/version.rb

@@ -1,5 +1,14 @@
 module NexposeCyberark
-  VERSION = "0.0.8"
+  VERSION = "0.0.9"
   VENDOR = "Cyberark"
   PRODUCT_NAME = "nexpose_cyberark"
+  DEPRECATION_NOTICE = <<-DEPRECATION
+As of March 4th, 2019, the CyberArk Ruby Gem has been deprecated and is no longer
+available for use. An updated integration is currently available in product,
+the setup instructions of which can be found here:
+https://insightvm.help.rapid7.com/docs/creating-and-managing-cyberark-credentials
+
+For more information please see our announcement which can be found here:
+https://kb.help.rapid7.com/v1.1/docs/legacy-cyberark-ruby-gem-end-of-life-announcement
+  DEPRECATION
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose_cyberark
 version: !ruby/object:Gem::Version
-  version: 0.0.8
+  version: 0.0.9
 platform: java
 authors:
 - Damian Finol
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-06-28 00:00:00.000000000 Z
+date: 2019-03-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -53,36 +53,14 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.1'
-- !ruby/object:Gem::Dependency
-  name: nexpose
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
-- !ruby/object:Gem::Dependency
-  name: waitutil
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-description: Nexpose Cyberark integration provides credentials for authenticated scans
-  in Nexpose.
+description: |
+  As of March 4th, 2019, the CyberArk Ruby Gem has been deprecated and is no longer
+  available for use. An updated integration is currently available in product,
+  the setup instructions of which can be found here:
+  https://insightvm.help.rapid7.com/docs/creating-and-managing-cyberark-credentials
+
+  For more information please see our announcement which can be found here:
+  https://kb.help.rapid7.com/v1.1/docs/legacy-cyberark-ruby-gem-end-of-life-announcement
 email:
 - support@rapid7.com
 executables:
@@ -96,17 +74,19 @@ files:
 - Rakefile
 - bin/nx_cyberark.rb
 - lib/nexpose_cyberark.rb
-- lib/nexpose_cyberark/config/nexpose_cyberark.config
-- lib/nexpose_cyberark/lib/java/JavaPasswordSDK.jar
-- lib/nexpose_cyberark/nexpose_ops.rb
-- lib/nexpose_cyberark/nx_logger.rb
-- lib/nexpose_cyberark/password_ops.rb
 - lib/nexpose_cyberark/version.rb
 homepage: http://www.rapid7.com/
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message: |
+  As of March 4th, 2019, the CyberArk Ruby Gem has been deprecated and is no longer
+  available for use. An updated integration is currently available in product,
+  the setup instructions of which can be found here:
+  https://insightvm.help.rapid7.com/docs/creating-and-managing-cyberark-credentials
+
+  For more information please see our announcement which can be found here:
+  https://kb.help.rapid7.com/v1.1/docs/legacy-cyberark-ruby-gem-end-of-life-announcement
 rdoc_options: []
 require_paths:
 - lib
@@ -122,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.5.2.3
 signing_key: 
 specification_version: 4
 summary: Nexpose Cyberark integration.

data/lib/nexpose_cyberark/config/nexpose_cyberark.config

@@ -1,30 +0,0 @@
----
-# This configuration file defines all the particular options necessary to run the service.
-# Fields marked (M) are mandatory.
-#
-# Service options:
-:ca_options:
-  # Vault Options
-  # App ID
-  :app_id: my_app_id
-  # Safe
-  :safe: my_safe
-  # Folder
-  :folder: my_folder
-  # This setting will start scans on those sites, wait for the site to complete and then remove the credentials
-  # If you prefer to let the scans run on schedule, set this to 'N', otherwise set to 'Y'.
-  :start_scans: 'Y'
-  # CyberArk policy IDs that apply to assets that will require a CIFS connection for authenticated scanning
-  :windows_policy_ids:
-    - 'WinServerLocal'
-  # CyberArk policy IDs that apply to assets that will require an SSH connection for authenticated scanning
-  :unix_policy_ids:
-    - 'UnixSSH'
-  # Nexpose sites to import CyberArk credentials for.
-  :sites:
-  - '1'
-#  - '2'
-  # Enable or disable logging ('N' or 'Y'.)
-  :logging: 'Y'
-  #Support version are 'info' and 'debug'
-  :log_level: 'info'

data/lib/nexpose_cyberark/nexpose_ops.rb

@@ -1,100 +0,0 @@
-require 'nexpose'
-include Nexpose
-
-module Ops
-  class Nexpose
-    attr_accessor :nsc
-    def initialize(nxip, nxport, nxuser, nxpasword)
-      @log = NexposeCyberark::NxLogger.instance
-      @log.log_message('Connecting to the Nexpose console..')
-      @nsc = Connection.new(nxip, nxuser, nxpasword, nxport)
-      @nsc.login
-      @log.on_connect(nxip, nxport, @nsc.session_id, '{}')
-    end
-
-    def get_site_scan_targets(site_id)
-      @log.log_debug_message("Fetching list of scan targets for site <#{site_id}> from console")
-      site = Site.load(@nsc, site_id)
-      site.included_addresses
-    end
-
-    def get_site_scan_target_addresses(site_id)
-      @log.log_debug_message("Fetching list of scan targets addresses for site <#{site_id}>")
-      site_scan_targets = get_site_scan_targets(site_id)
-      @log.log_message('Console returned scan targets!')
-
-      site_scan_target_addresses = []
-      #Convert this to a list of only addresses
-      site_scan_targets.each do |scan_target|
-        host = scan_target.host if scan_target.is_a?(HostName)
-        host = scan_target.from if scan_target.is_a?(IPRange)
-
-        range_scenario = false
-        range_scenario = true if scan_target.is_a?(IPRange)
-
-        if range_scenario
-            start_ip = IPAddr.new(scan_target.from)
-            end_ip = IPAddr.new(scan_target.to) unless scan_target.to.nil?
-            end_ip = IPAddr.new(scan_target.from) if scan_target.to.nil?
-            site_scan_target_addresses.concat (start_ip..end_ip).map(&:to_s)
-        else
-            site_scan_target_addresses << host
-        end
-      end
-      @log.log_debug_message('Processed scan targets. Returning addresses.')
-      return site_scan_target_addresses
-    end
-
-    def get_site_devices(site_id)
-      @log.log_debug_message("Fetching list of devices for site <#{site_id}>")
-      @nsc.list_site_devices(site_id)
-    end
-
-    def load_asset(device_id)
-      @log.log_debug_message("Fetching asset details for asset <#{device_id}>")
-      Asset.load(@nsc, device_id)
-    end
-
-    def credential_for_service(address, id, description, host, port, service)
-      @log.log_debug_message("Generating credential for address <#{address}>")
-      SiteCredentials.for_service(address, id, description, host, port, service)
-    end
-
-    def save_site(site_id, credentials)
-      @log.log_debug_message("Saving <#{credentials.size}> credentials for site <#{site_id}>")
-      site = Site.load(@nsc, site_id)
-      site.site_credentials = credentials
-      site.save(@nsc)
-    end
-
-    def delete_site_credentials(site_id)
-      @log.log_debug_message("Deleting existing credentials for site <#{site_id}>")
-      site = Site.load(@nsc, site_id)
-      site.site_credentials.clear
-      site.save(@nsc)
-    end
-
-    def load_site(site_id)
-      @log.log_debug_message("Fetching details for site <#{site_id}>")
-      Site.load(@nsc, site_id)
-    end
-
-    def start_scan(site_id)
-      @log.log_debug_message("Starting for site <#{site_id}>")
-      scan_details = nil
-      begin
-        site = load_site(site_id)
-        scan_details = site.scan(@nsc)
-      rescue Exception => e
-        @log.log_error_message("Failed to start scan for site <#{site_id}>. Error is <#{e}>")
-      end
-      scan_details
-    end
-
-    def scan_status(scan_id)
-      status = @nsc.scan_status(scan_id)
-      @log.log_debug_message("Scan status for scan ID <#{scan_id}> is <#{status}>.")
-      status
-    end
-  end
-end

data/lib/nexpose_cyberark/nx_logger.rb

@@ -1,166 +0,0 @@
-require 'fileutils'
-require 'json'
-require 'net/http'
-require 'singleton'
-
-module NexposeCyberark
-  class NxLogger
-    include Singleton
-    LOG_PATH = "./logs/rapid7_%s.log"
-    KEY_FORMAT = "external.integration.%s"
-    PRODUCT_FORMAT = "%s_%s"
-
-    DEFAULT_LOG = 'integration'
-    PRODUCT_RANGE = 4..30
-    KEY_RANGE = 3..15
-
-    ENDPOINT = '/data/external/statistic/'
-
-    def initialize()
-      create_calls
-      @logger_file = get_log_path @product
-      setup_logging(true, 'info')
-    end
-
-    def setup_statistics_collection(vendor, product_name, gem_version)
-      begin
-        @statistic_key = get_statistic_key vendor
-        @product = get_product product_name, gem_version
-      rescue => e
-        #Continue
-      end
-    end
-
-    def setup_logging(enabled, log_level = 'info', stdout=false)
-      @stdout = stdout
-
-      log_message('Logging disabled.') unless enabled || @log.nil?
-      @enabled = enabled
-      return unless @enabled
-
-      @logger_file = get_log_path @product
-
-      require 'logger'
-      directory = File.dirname(@logger_file)
-      FileUtils.mkdir_p(directory) unless File.directory?(directory)
-      io = IO.for_fd(IO.sysopen(@logger_file, 'a'), 'a')
-      io.autoclose = false
-      io.sync = true
-      @log = Logger.new(io, 'weekly')
-      @log.level = if log_level.to_s.casecmp('info') == 0 
-                     Logger::INFO 
-                   else
-                     Logger::DEBUG
-                   end
-      log_message("Logging enabled at level <#{log_level}>")
-    end
-
-    def create_calls
-      levels = [:info, :debug, :error, :warn]
-      levels.each do |level|
-        method_name = 
-        define_singleton_method("log_#{level.to_s}_message") do |message|
-          puts message if @stdout
-          @log.send(level, message) unless !@enabled || @log.nil?
-        end
-      end
-    end
-
-    def log_message(message)
-      log_info_message message
-    end
-
-    def log_stat_message(message)
-    end
-
-    def get_log_path(product)
-      product.downcase! unless product.nil?
-      File.join(File.dirname(__FILE__), LOG_PATH % (product || DEFAULT_LOG))
-    end
-
-    def get_statistic_key(vendor)
-      if vendor.nil? || vendor.length < KEY_RANGE.min
-        log_stat_message("Vendor length is below minimum of <#{KEY_RANGE}>")
-        return nil
-      end
-
-      vendor.gsub!('-', '_')
-      vendor.slice! vendor.rindex('_') until vendor.count('_') <= 1
-
-      vendor.delete! "^A-Za-z0-9\_"
-
-      KEY_FORMAT % vendor[0...KEY_RANGE.max].downcase
-    end
-
-    def get_product(product, version)
-      return nil if ((product.nil? || product.empty?) || 
-                     (version.nil? || version.empty?))
-
-      product.gsub!('-', '_')
-      product.slice! product.rindex('_') until product.count('_') <= 1
-
-      product.delete! "^A-Za-z0-9\_"
-      version.delete! "^A-Za-z0-9\.\-"
-
-      product = (PRODUCT_FORMAT % [product, version])[0...PRODUCT_RANGE.max]
-
-      product.slice! product.rindex(/[A-Z0-9]/i)+1..-1
-
-      if product.length < PRODUCT_RANGE.min
-        log_stat_message("Product length below minimum <#{PRODUCT_RANGE.min}>.")
-        return nil
-      end
-      product.downcase
-    end
-
-    def generate_payload(statistic_value='')
-      product_name, separator, version = @product.to_s.rpartition('_')
-      payload_value = {'version' => version}.to_json
-
-      payload = {'statistic-key' => @statistic_key.to_s,
-                 'statistic-value' => payload_value,
-                 'product' => product_name}
-      JSON.generate(payload)
-    end
-
-    def send(nexpose_address, nexpose_port, session_id, payload)
-      header = {'Content-Type' => 'application/json',
-                'nexposeCCSessionID' => session_id,
-                'Cookie' => "nexposeCCSessionID=#{session_id}"}
-      req = Net::HTTP::Put.new(ENDPOINT, header)
-      req.body = payload
-      http_instance = Net::HTTP.new(nexpose_address, nexpose_port)
-      http_instance.use_ssl = true
-      http_instance.verify_mode = OpenSSL::SSL::VERIFY_NONE
-      response = http_instance.start { |http| http.request(req) }
-      log_stat_message "Received code #{response.code} from Nexpose console."
-      log_stat_message "Received message #{response.msg} from Nexpose console."
-      log_stat_message 'Finished sending statistics data to Nexpose.'
-
-      response.code
-    end
-
-    def on_connect(nexpose_address, nexpose_port, session_id, value)
-      log_stat_message 'Sending statistics data to Nexpose'
-
-      if @product.nil? || @statistic_key.nil?
-        log_stat_message('Invalid product name and/or statistics key.')
-        log_stat_message('Statistics collection not enabled.')
-        return
-      end
-      
-      begin
-        payload = generate_payload value
-        send(nexpose_address, nexpose_port, session_id, payload)
-      rescue => e
-        #Let the program continue
-      end
-    end
-
-    #Used by net library for debugging 
-    def <<(value)
-      log_debug_message(value)
-    end
-
-  end
-end

data/lib/nexpose_cyberark/password_ops.rb

@@ -1,48 +0,0 @@
-module PasswordOps
-  require 'nexpose'
-  include Nexpose
-  def self.cyberark
-    Java::javapasswordsdk
-  end
-
-  def self.get_password(nexpose_options = {}, vault_options = {}, password_req_sdk = nil, password_sdk = nil )
-    @log = NexposeCyberark::NxLogger.instance
-    password_req_sdk = cyberark.PSDKPasswordRequest.new if password_req_sdk.nil?
-    asset_data = {}
-    begin
-      password_req_sdk.set_app_id(vault_options[:app_id])
-      password_req_sdk.set_safe(vault_options[:safe])
-      password_req_sdk.set_folder(vault_options[:folder])
-      password_req_sdk.set_address(vault_options[:address])
-      password_sdk = cyberark.PasswordSDK if password_sdk.nil?
-      password_result = password_sdk.getPassword(password_req_sdk)
-      if nexpose_options[:windows_policy_ids].any?{ |policy| policy.casecmp(password_result.get_policy_id)==0 }
-        if nexpose_options[:unix_policy_ids].any?{ |policy| policy.casecmp(password_result.get_policy_id)==0 }
-          # Has both Windows and Unix policies. Check Nexpose to see if we have an OS listing
-          @log.log_error_message("Asset with credential address <#{vault_options[:address]}> has a conflicting policy configuration! Checking Nexpose fingerprint.. ")
-          if vault_options[:nexpose_os].downcase.include? 'windows'
-            @log.log_debug_message('Nexpose fingerprinting estimates the system is Windows.')
-            asset_data[:service] = Credential::Service::CIFS
-          else
-            @log.log_debug_message('Nexpose fingerprinting estimates the system is Unix based.')
-            asset_data[:service] = Credential::Service::SSH
-            asset_data[:p_e_user] = 'root'
-            asset_data[:p_e_type] = Nexpose::Credential::ElevationType::SUDO
-          end
-        end
-          @log.log_debug_message('Policy ID indicates the system is Windows based.')
-          asset_data[:service] = Credential::Service::CIFS
-      else
-        @log.log_debug_message('Policy ID indicates the system is Unix based.')
-        asset_data[:service] = Credential::Service::SSH
-        asset_data[:p_e_user] = 'root'
-        asset_data[:p_e_type] = Nexpose::Credential::ElevationType::SUDO
-      end
-      asset_data[:password] = password_result.get_content
-      asset_data[:user] = password_result.get_user_name
-    rescue Exception => e
-      @log.log_debug_message("Error fetching credential for address <#{vault_options[:address]}>. Error was <#{e}>")
-    end
-    asset_data
-  end
-end