nexpose_paloalto 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4031017be8639d09edbb9fef2ffb3ec43b21330e
4
- data.tar.gz: f75c2a16d0ce151d132a77eaf11c9e3b377b2cbb
3
+ metadata.gz: c0af792eac7ae480fd8b3b64aafa83fbe1404dee
4
+ data.tar.gz: 2a45f4ccc434c1e6e6cf111215704e91219a3a93
5
5
  SHA512:
6
- metadata.gz: 410ba9dfbe608b1465fdc6bd5967f561537e1ef3b36799ff9454d9440de7a3d708f68a80ba82112b68f88ac7196a6c5941d9f9ed6c0fea48a36a88980b4a9034
7
- data.tar.gz: 3495a3363873daa1faa9fc2956262907d37f6e7122e1ae269094c41c01cce8f12f5d910df0cda6dc579b076d271699de2252779dee83b7be5935525f79c9866c
6
+ metadata.gz: 3fa81cb10b01533f4fbee535e9994656ff6b5d7f47d0deb93df354b65936cafaa7dd028903625957d6c53b6ad3b2d1552c3c5cd99ff80efb4e484736383ae955
7
+ data.tar.gz: be3c6a081d67b4d200a0e0f60ad7fd50dbad2628afa2e65fa173c214ef0f786b13f132806048e2401d33760efff5077715b2537088375afdc7c06feba1135573
data/README.md CHANGED
@@ -2,14 +2,17 @@
2
2
 
3
3
  Nexpose -> Palo Alto integration Gem.
4
4
 
5
- With this Gem an integration between Nexpose Dynamic Asset Groups and Palo Alto's PAN TAGs. By using this integration,
6
- dynamic asset groups could be setup in Nexpose that correspond to groups in PAN with applicable policies.
7
-
8
- For example:
9
- * Create a DAG in Nexpose which affects a particular vulnerability (Heartbleed).
10
- * Define a policy in PAN to block SSL (mitigates temporarily Heartbleed).
11
- * Run this Gem with the Hearbleed DAG in the configuration.
12
- * All assets identified by Nexpose will be registered in PAN.
5
+ This gem is an integration between Nexpose Dynamic Asset Groups and Palo
6
+ Alto's PAN Tags. By using this integration,
7
+ dynamic asset groups could be setup in Nexpose that correspond to groups in PAN
8
+ with applicable policies.
9
+
10
+ For example:
11
+
12
+ * Create a DAG in Nexpose which affects a particular vulnerability (Heartbleed).
13
+ * Define a policy in PAN to block SSL (mitigates temporarily Heartbleed).
14
+ * Run this gem with the Hearbleed DAG in the configuration.
15
+ * All assets identified by Nexpose will be registered in PAN.
13
16
  * Apply PAN Heartbleed Policy on the created group.
14
17
 
15
18
  ## Installation
@@ -32,32 +35,81 @@ Or install it yourself as:
32
35
 
33
36
  Follow these steps once installed:
34
37
 
35
- * Modify the file nexpose_paloalto.rb under the bin folder, and add the DAGs to report on.
38
+ * Modify the file nexpose_paloalto.config under the lib/paloalto/config folder,
39
+ and add the DAGs to report on. Sites can also be used.
40
+
41
+ * Also include the port for the Nexpose console if it does not use the default
42
+ port.
36
43
 
37
- * Add the following Environment variables, with your respective information:
44
+ * Add the following information to the configuration file, or set as environment
45
+ variables:
38
46
 
39
- NEXPOSE_URL
47
+ * NEXPOSE_URL (IP address or hostname)
40
48
 
41
- NEXPOSE_USERNAME
49
+ * NEXPOSE_USERNAME
42
50
 
43
- NEXPOSE_PASSWORD
51
+ * NEXPOSE_PASSWORD
44
52
 
53
+ * PAN_URL
45
54
 
46
- PAN_URL
55
+ * PAN_USERNAME
47
56
 
48
- PAN_USERNAME
57
+ * PAN_PASSWORD
49
58
 
50
- PAN_PASSWORD
51
59
 
60
+ * Run the command 'nexpose_paloalto' under the bin folder.
52
61
 
53
- For Linux systems, make sure they are added to the current environment where the gem is run.
62
+ * (Optional) Review the log file under the logs folder in the Gem path.
54
63
 
55
- For Windows systems, make sure they are on the Environment Variables section in your Control Panel.
64
+ For any support requests, please email support@rapid7.com with a description of
65
+ the issue and any logs available.
56
66
 
57
- * Run the command 'nexpose_paloalto' under the bin folder.
67
+ #### Notes on Environment Variables
68
+ For Linux systems, make sure they are added to the current environment where
69
+ the gem is run.
58
70
 
59
- * (Optional) Review the log file under the logs folder in the Gem path.
71
+ For Windows systems, make sure they are set within the environment variables
72
+ section in your Control Panel.
73
+
74
+
75
+ ## Encryption Settings
76
+
77
+ The usernames and passwords within the configuration files are automatically
78
+ encrypted when the integration runs. The key and IV files used during
79
+ encryption/decryption are saved within the config folder by default.
80
+
81
+ #### Setting Custom Locations for Encryption Files
82
+
83
+ To set custom locations for the key and IV files, update the following values
84
+ within the encryption.config file:
85
+
86
+ - key_filename - The absolute path to where the key file will be created.
87
+ - iv_file - The absolute path to where the IV file will be created.
88
+
89
+ To set a custom path after the integration has already executed, the files must
90
+ be moved to the new location manually.
91
+
92
+ #### Encrypting the Configuration without running the Integration
93
+ The Nexpose Paloalto integration can encrypt its configuration file without running the gem. This allows users to secure their login information for future use e.g for use in a cron-schedule.
94
+
95
+ The command to do so is:
96
+ ```
97
+ nexpose_paloalto -e
98
+ ```
99
+ or
100
+ ```
101
+ nexpose_paloalto --encrypt_config
102
+ ```
103
+
104
+
105
+ ## Changelog
106
+
107
+ ### 0.1.3
108
+
109
+ User now has the option to configure the gem using a configuration file as well
110
+ as with environment variables. DAG and site selection has now been moved to the configuration file.
60
111
 
112
+ Added an encryption configuration file. Usernames and passwords within the
113
+ configuration files are now encrypted when the application runs.
61
114
 
62
- For any support requests, please email support@rapid7.com with a description of the issue and any logs
63
- available.
115
+ Command line options have been added to the gem. Several are common to all Nexpose gem integrations. Call the gem with '-h' or '--help' to view these options.
data/bin/nexpose_paloalto CHANGED
@@ -1,40 +1,52 @@
1
1
  #!/usr/bin/env ruby
2
2
  require 'paloalto'
3
+ require 'paloalto/utilities/config_parser'
4
+ require 'paloalto/utilities/gem_options'
3
5
 
4
- # Obtain Nexpose settings from Environment Variables.
5
- nexpose_settings = Hash.new
6
- raise 'Must configure nexpose settings before starting' if ENV['NEXPOSE_URL'].nil? || ENV['NEXPOSE_USERNAME'].nil? || ENV['NEXPOSE_PASSWORD'].nil?
7
- nexpose_settings[:nexpose_url] = ENV['NEXPOSE_URL']
8
- nexpose_settings[:nexpose_username] = ENV['NEXPOSE_USERNAME']
9
- nexpose_settings[:nexpose_password] = ENV['NEXPOSE_PASSWORD']
10
- # User can change the port if Nexpose does not use port 3780
11
- nexpose_settings[:nexpose_port] = 3780
12
-
13
- # Obtain PAN's info.
14
- pan_settings = Hash.new
15
- raise 'Must configure Palo Alto settings before starting' if ENV['PAN_URL'].nil? || ENV['PAN_USERNAME'].nil? || ENV['PAN_PASSWORD'].nil?
16
- pan_settings[:pan_url] = ENV['PAN_URL']
17
- pan_settings[:pan_username] = ENV['PAN_USERNAME']
18
- pan_settings[:pan_password] = ENV['PAN_PASSWORD']
19
-
20
- # Nexpose options
21
- # Dynamic Asset Groups to use, separated by commas:
22
- # dag = [1, 2]
23
- dag = []
24
-
25
- # Sites to use. We recommend using DAGs, separated by commas:
26
- # sites = [1, 2]
27
- sites = []
28
-
29
- # Report Time_out. Leave default value of 10800.
30
- report_timeout = 10800
31
-
32
- # Do not edit below this line.
33
- # Check that everything is in place before we start it.
34
- raise 'Must configure a site or a dag before starting' if dag.empty? && sites.empty?
35
- nexpose_settings[:dag] = dag
36
- nexpose_settings[:sites] = sites
37
- nexpose_settings[:timeout] = report_timeout
6
+ # Obtain Integration settings from Encrypted Configuration File.
7
+ PA_CONFIG_PATH = File.join(File.dirname(__FILE__),
8
+ '../lib/paloalto/config/nexpose_paloalto.config')
9
+ config_path = File.expand_path(PA_CONFIG_PATH)
10
+
11
+ # Setup Logging
12
+ Paloalto.enable_logging
13
+
14
+ # Setup CLI Options
15
+ GemOptions.create_parser
16
+ .with_banner_and_options('nexpose_paloalto')
17
+ .with_configuration_encryption([config_path])
18
+ .with_help_and_version('Nexpose PaloAlto', Paloalto::VERSION)
19
+ .parse
20
+
21
+ service_data = ConfigParser.get_config(config_path)
22
+
23
+ # Setup Logging
24
+ Paloalto.enable_logging
25
+
26
+ # Use ENV instead of configuration options if they are set
27
+ nexpose_settings = Paloalto.set_variables(service_data[:nexpose_options])
28
+ pan_settings = Paloalto.set_variables(service_data[:pan_options])
29
+
30
+ nexpose_fields = %i(nexpose_url nexpose_username nexpose_password)
31
+ pan_fields= %i(pan_url pan_username pan_password)
32
+
33
+ if nexpose_fields.any? { |i| nexpose_settings[i].nil? }
34
+ raise "Must configure Nexpose settings before starting (by Configuration \
35
+ file or Environment variable)"
36
+ end
37
+
38
+ if pan_fields.any? { |i| pan_settings[i].nil? }
39
+ raise "Must configure PAN settings before starting (by Configuration \
40
+ file or Environment variable)"
41
+ end
42
+
43
+ if service_data[:options][:dag].empty? && service_data[:options][:sites].empty?
44
+ raise 'Must configure a site or a dag before starting'
45
+ end
46
+
47
+ nexpose_settings[:dag] = service_data[:options][:dag]
48
+ nexpose_settings[:sites] = service_data[:options][:sites]
49
+ nexpose_settings[:timeout] = service_data[:options][:report_timeout]
38
50
 
39
51
  # Start integration with all the parameters.
40
52
  Paloalto.start_integration(nexpose_settings, pan_settings)
data/lib/paloalto.rb CHANGED
@@ -1,12 +1,12 @@
1
1
  require 'paloalto/version'
2
2
  require 'paloalto/nexpose_helper'
3
3
  require 'paloalto/ngfw'
4
- require 'paloalto/nx_logger'
4
+ require 'paloalto/utilities/nx_logger'
5
5
 
6
6
  module Paloalto
7
7
  def self.start_integration(nexpose_settings, pan_settings)
8
- # Asset query.
9
- asset_query = "select asset_id, da.ip_address, string_agg(DISTINCT '<' || dt.tag_name, '>') || '>' as tags
8
+ # Asset query.
9
+ asset_query = "select asset_id, da.ip_address, string_agg(DISTINCT '<' || dt.tag_name, '>') || '>' as tags
10
10
  from dim_site_asset
11
11
  LEFT OUTER JOIN dim_asset da USING (asset_id)
12
12
  LEFT OUTER JOIN dim_tag_asset dta using (asset_id)
@@ -24,15 +24,9 @@ module Paloalto
24
24
 
25
25
  report_timeout = nexpose_settings[:timeout]
26
26
 
27
- #Setup logging
28
- @log = Paloalto::NxLogger.instance
29
- @log.setup_statistics_collection(Paloalto::VENDOR,
30
- Paloalto::PRODUCT,
31
- Paloalto::VERSION)
32
- @log.setup_logging(true, 'info')
33
-
34
- #Nexpose sites and DAGs to import. Uses Site Id and DAG ID e.g. 'sites = [1,2,3,4]'. Leave as nil to run on all sites and DAGs the user has access to or
35
- # set as an empty array e.g. 'dags=[]' to not run on any sites/dags.
27
+ # Nexpose sites and DAGs to import. Uses Site Id and DAG ID e.g.
28
+ # 'sites = [1,2,3,4]'. Leave as nil to run on all sites and DAGs the user
29
+ # has access to or set as an empty array e.g. 'dags=[]' to not run on any sites/dags.
36
30
  sites = nexpose_settings[:sites]
37
31
  dags = nexpose_settings[:dag]
38
32
 
@@ -151,5 +145,22 @@ module Paloalto
151
145
  @log.log_message('Exiting..')
152
146
  end
153
147
 
148
+ def self.enable_logging()
149
+ @log = Paloalto::NxLogger.instance
150
+ @log.setup_statistics_collection(Paloalto::VENDOR,
151
+ Paloalto::PRODUCT,
152
+ Paloalto::VERSION)
153
+ @log.setup_logging(true, 'info')
154
+ end
154
155
 
156
+ def self.set_variables(options)
157
+ settings = {}
158
+ options.each_key do |key|
159
+ value = ENV[key.to_s.upcase]
160
+ value ||= options[key]
161
+ @log.log_message('No configuration value found for #{key}') if value.nil?
162
+ settings[key] = value
163
+ end
164
+ settings
165
+ end
155
166
  end
@@ -0,0 +1,20 @@
1
+ #
2
+ # Symmetric Encryption for Ruby
3
+ #
4
+ ---
5
+ production:
6
+ # Since the encryption key must NOT be stored along with the
7
+ # source code, only store the key encryption key here.
8
+ private_rsa_key:
9
+
10
+ # List Symmetric Key Ciphers in the order of current / newest first
11
+ ciphers:
12
+ -
13
+ # Name of the file containing the encrypted key and iv.
14
+ key_filename: <absolute/path/to/filename>.key
15
+ iv_filename: <absolute/path/to/filename>.iv
16
+
17
+ cipher: aes-256-cbc
18
+ encoding: base64strict
19
+ version: 1
20
+ always_add_header: true
@@ -0,0 +1,42 @@
1
+ ---
2
+ # This configuration file defines all the particular options necessary to run the service.
3
+ # Fields marked (M) are mandatory.
4
+ #
5
+ # For this integration a DAG or site needs to be provided, or both can be provided.
6
+ # To not generate tags for a group (e.g. sites), leave a single '-' as shown below.
7
+ # Removing the '-' will result in tags being generated for all of that group.
8
+ # Do not place site or DAG ids in quotes ('' or "")
9
+ #
10
+ # Service options:
11
+ :options:
12
+ # Dynamic Asset Groups to use, newline for each:
13
+ :dag:
14
+ - 1
15
+ # Sites to use, newline for each. We recommend using DAGs, above:
16
+ :sites:
17
+ -
18
+ # Report Time_out. Leave default value of 10800.
19
+ :report_timeout: 10800
20
+ # Nexpose options.
21
+ :nexpose_options:
22
+ # (M) Nexpose console hostname.
23
+ :nexpose_url: 127.0.0.1
24
+ # (M) Nexpose username.
25
+ :nexpose_username: username
26
+ # (M) Nexpose password.
27
+ :nexpose_password: password
28
+ # Port for Nexpose console. Leave default value of 3780
29
+ :nexpose_port: 3780
30
+ # PaloAlto Firewall options
31
+ :pan_options:
32
+ # (M) PAN hostname.
33
+ :pan_url: 127.0.0.1
34
+ # (M) PAN username.
35
+ :pan_username: username
36
+ # (M) PAN password
37
+ :pan_password: password
38
+ # Encryption options
39
+ :encryption_options:
40
+ # (M) Path to the encryption.config file
41
+ :directory: '../../config/encryption.config'
42
+
@@ -2,11 +2,11 @@ module Paloalto
2
2
  module NexposeHelper
3
3
  require 'nexpose'
4
4
  require 'csv'
5
- require 'paloalto/nx_logger'
5
+ require 'paloalto/utilities/nx_logger'
6
6
 
7
7
  # Logs in to Nexpose using the url, username and password.
8
8
  def self.login(url=nil, username=nil, password=nil, port=3780)
9
- raise 'Nexpose connection must be set in environment variables.' if url.nil? || username.nil? || password.nil?
9
+ raise 'Nexpose connection details must be set.' if url.nil? || username.nil? || password.nil?
10
10
  nsc = Nexpose::Connection.new(url, username, password, port)
11
11
  nsc.login
12
12
  Paloalto::NxLogger.instance.on_connect(url, port, nsc.session_id, "{}")
@@ -0,0 +1,141 @@
1
+ require 'erb'
2
+ require 'yaml'
3
+ require 'fileutils'
4
+ require 'symmetric-encryption'
5
+
6
+ class ConfigParser
7
+ ENCRYPTED_FORMAT = '<%%= SymmetricEncryption.try_decrypt "%s" %%>'
8
+ PLACEHOLDER = '<absolute/path/to/filename>'
9
+ # The environment to use, defined within the encryption config
10
+ STANZA = 'production'
11
+ # The line width of the YAML file before line-wrapping occurs
12
+ WIDTH = 120
13
+
14
+ # Encrypts a configuration file and returns the unencrypted hash.
15
+ def self.get_config(config_path, enc_path=nil)
16
+ # Try to load a path from the provided config
17
+ custom_enc_path = get_enc_directory(config_path)
18
+ enc_path = custom_enc_path unless custom_enc_path.nil?
19
+
20
+ enc_path = File.expand_path(enc_path, __FILE__)
21
+ config_path = File.expand_path(config_path)
22
+
23
+
24
+ generate_keys(enc_path, config_path)
25
+ encrypt_config(enc_path, config_path)
26
+ decrypt_config(enc_path, config_path)
27
+ end
28
+
29
+ # Writes the YAML to file with custom formatting options
30
+ def self.save_config(config_details, config_path)
31
+ yaml = config_details.to_yaml(line_width: WIDTH)
32
+ File.open(config_path, 'w') {|f| f.write yaml }
33
+ end
34
+
35
+ def self.encrypt_field(value)
36
+ encrypted_value = SymmetricEncryption.encrypt value
37
+ ENCRYPTED_FORMAT % encrypted_value
38
+ end
39
+
40
+ # Retrieves the custom directory of the encryption config
41
+ def self.get_enc_directory(config_path)
42
+ settings = YAML.load_file(config_path)
43
+ return nil if settings[:encryption_options].nil?
44
+
45
+ enc_dir = settings[:encryption_options][:directory]
46
+ return nil if (enc_dir.nil? || enc_dir == '')
47
+
48
+ File.expand_path(enc_dir, __FILE__)
49
+ end
50
+
51
+ # Generates the RSA key, associated files and directories.
52
+ def self.generate_keys(enc_path, config_path)
53
+ settings = YAML.load_file(enc_path)
54
+ key = settings[STANZA]['private_rsa_key']
55
+
56
+ # Recognise an existing key
57
+ return unless (key.nil? || key == '')
58
+
59
+ # Generate a new RSA key and store the details
60
+ new_rsa_key = SymmetricEncryption::KeyEncryptionKey.generate
61
+ settings[STANZA]['private_rsa_key'] = new_rsa_key
62
+ save_config(settings, enc_path)
63
+
64
+ # Populate the placeholder values within the config
65
+ populate_ciphers(enc_path, config_path)
66
+
67
+ # Need to create a folder (specified by the user) to store the key files
68
+ dir = File.dirname(settings[STANZA]['ciphers'].first['key_filename'])
69
+
70
+ begin
71
+ unless File.directory?(dir) || PLACEHOLDER.include?(dir)
72
+ puts "Creating folder: #{dir}"
73
+ FileUtils::mkdir_p dir
74
+ end
75
+ rescue Exception => e
76
+ msg = "Unable to create the folders used to store encryption details.\n"\
77
+ 'Please ensure the user has permissions to create folders in the ' \
78
+ "path specified in the encryption config: #{enc_path}\n"
79
+ handle_error(msg, e)
80
+ end
81
+
82
+ SymmetricEncryption.generate_symmetric_key_files(enc_path, STANZA)
83
+ end
84
+
85
+ # Replace placeholder values for the key and iv file paths,
86
+ # placing them in the config folder by default.
87
+ def self.populate_ciphers(enc_path, config_path)
88
+ settings = YAML.load_file(enc_path)
89
+ ciphers = settings[STANZA]['ciphers'].first
90
+ config_folder = File.dirname(config_path)
91
+ config_name = File.basename(config_path, File.extname(config_path))
92
+
93
+ %w(key iv).each do |file|
94
+ label = "#{file}_filename"
95
+ file_path = ciphers[label]
96
+ next unless file_path.include? PLACEHOLDER
97
+
98
+ filename = ".#{config_name}.#{file}"
99
+ ciphers[label] = File.join(config_folder, filename)
100
+ end
101
+
102
+ save_config(settings, enc_path)
103
+ end
104
+
105
+ def self.encrypt_config(enc_path, config_path)
106
+ SymmetricEncryption.load!(enc_path, STANZA)
107
+
108
+ # Read the config in as an array of strings
109
+ f = File.open(config_path)
110
+ config_lines = f.readlines
111
+ f.close
112
+
113
+ # Define the regex that can find relevant fields
114
+ regex = /^(?<label>\s*:?\w*(passw|pwd|user|usr)\w*:?\s)(?<value>.*)$/
115
+
116
+ # Line by line, write the line to file, encrypting sensitive fields
117
+ File.open(config_path, 'w+') do |f|
118
+ config_lines.each do |l|
119
+ matches = l.match(regex)
120
+
121
+ # Encrypt fields with username/password labels that are in plaintext
122
+ unless matches.nil? || matches['value'].include?('SymmetricEncryption')
123
+ l = "#{matches['label']}#{encrypt_field(matches['value'])}"
124
+ end
125
+
126
+ f.puts l
127
+ end
128
+ end
129
+ end
130
+
131
+ # Returns a hash containing the decrypted details from a config file.
132
+ def self.decrypt_config(enc_path, config_path)
133
+ SymmetricEncryption.load!(enc_path, STANZA)
134
+ return YAML.load(ERB.new(File.new(config_path).read).result)
135
+ end
136
+
137
+ def self.handle_error(message, error)
138
+ puts message
139
+ raise error
140
+ end
141
+ end
@@ -0,0 +1,91 @@
1
+ require 'optparse'
2
+
3
+ class GemOptions
4
+
5
+ @parser
6
+
7
+ def self.create_parser
8
+ @parser = OptionParser.new
9
+ self
10
+ end
11
+
12
+ # How the gem is used e.g 'nexpose ticketing jira [options]'
13
+ def self.with_banner(gem_usage_string)
14
+ @parser.banner = "Usage: #{gem_usage_string} [options]"
15
+ @parser.separator ''
16
+ self
17
+ end
18
+
19
+ # Header for options list
20
+ def self.with_options
21
+ @parser.separator 'Options:'
22
+ self
23
+ end
24
+
25
+ # Creates banner and options
26
+ def self.with_banner_and_options(gem_usage_string)
27
+ with_banner(gem_usage_string)
28
+ with_options
29
+ self
30
+ end
31
+
32
+ # For setting encryption switch. Can be set to work with two configurations
33
+ # Config_paths is an array
34
+ def self.with_configuration_encryption(config_paths, enc_path = nil)
35
+ @parser.on('-e',
36
+ '--encrypt_config',
37
+ 'Encrypt the configuration file(s) without running the gem') do |e|
38
+ ConfigParser.get_config(config_paths.first, enc_path) unless enc_path.nil?
39
+ ConfigParser.get_config(config_paths.last)
40
+ puts "\nConfiguration File(s) Encrypted"
41
+ exit
42
+ end
43
+ self
44
+ end
45
+
46
+ def self.with_help
47
+ @parser.on_tail('-h', '--help', 'Show this message') do |h|
48
+ puts @parser
49
+ exit
50
+ end
51
+ self
52
+ end
53
+
54
+ def self.with_version(gem, version)
55
+ @parser.on_tail('--version', 'Version Information') do |v|
56
+ puts "#{gem} #{version}"
57
+ exit
58
+ end
59
+ self
60
+ end
61
+
62
+ def self.with_help_and_version(gem, version)
63
+ with_help
64
+ with_version(gem, version)
65
+ self
66
+ end
67
+
68
+ # Method to allow integrations to create own options, with both short and long
69
+ # switches and description.
70
+ # Handler is the block to run when option is called.
71
+ def self.with_other_option(short_switch, long_switch, description, &handler)
72
+ @parser.on("-#{short_switch}", "--#{long_switch}", description) do |opt|
73
+ handler.call
74
+ end
75
+ end
76
+
77
+ # Method to allow integrations to create own options, with only one size of
78
+ # switch and description.
79
+ # '-' for short switches and '--' for long switches is required.
80
+ # Handler is the block to run when option is called.
81
+ def self.with_single_switch_option(identifier, switch, description, &handler)
82
+ @parser.on("#{identifier}#{switch}", description) do |opt|
83
+ handler.call
84
+ end
85
+ end
86
+
87
+ # Parses the options to make them available
88
+ def self.parse
89
+ @parser.parse!
90
+ end
91
+ end
@@ -6,7 +6,7 @@ require 'singleton'
6
6
  module Paloalto
7
7
  class NxLogger
8
8
  include Singleton
9
- LOG_PATH = "./logs/rapid7_%s.log"
9
+ LOG_PATH = "../logs/rapid7_%s.log"
10
10
  KEY_FORMAT = "external.integration.%s"
11
11
  PRODUCT_FORMAT = "%s_%s"
12
12
 
@@ -163,4 +163,4 @@ module Paloalto
163
163
  end
164
164
 
165
165
  end
166
- end
166
+ end
@@ -1,5 +1,5 @@
1
1
  module Paloalto
2
- VERSION = "0.1.2"
2
+ VERSION = "0.1.3"
3
3
  VENDOR = "Palo Alto"
4
4
  PRODUCT = "NGFW"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nexpose_paloalto
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Damian Finol
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2017-05-08 00:00:00.000000000 Z
12
+ date: 2017-05-30 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler
@@ -81,6 +81,26 @@ dependencies:
81
81
  - - "~>"
82
82
  - !ruby/object:Gem::Version
83
83
  version: '1.6'
84
+ - !ruby/object:Gem::Dependency
85
+ name: symmetric-encryption
86
+ requirement: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - "~>"
89
+ - !ruby/object:Gem::Version
90
+ version: '3.9'
91
+ - - ">="
92
+ - !ruby/object:Gem::Version
93
+ version: 3.9.0
94
+ type: :runtime
95
+ prerelease: false
96
+ version_requirements: !ruby/object:Gem::Requirement
97
+ requirements:
98
+ - - "~>"
99
+ - !ruby/object:Gem::Version
100
+ version: '3.9'
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: 3.9.0
84
104
  description: This Gem allows usage of Nexpose Dynamic Asset groups with Palo Alto
85
105
  TAGs.
86
106
  email:
@@ -97,9 +117,13 @@ files:
97
117
  - Rakefile
98
118
  - bin/nexpose_paloalto
99
119
  - lib/paloalto.rb
120
+ - lib/paloalto/config/encryption.config
121
+ - lib/paloalto/config/nexpose_paloalto.config
100
122
  - lib/paloalto/nexpose_helper.rb
101
123
  - lib/paloalto/ngfw.rb
102
- - lib/paloalto/nx_logger.rb
124
+ - lib/paloalto/utilities/config_parser.rb
125
+ - lib/paloalto/utilities/gem_options.rb
126
+ - lib/paloalto/utilities/nx_logger.rb
103
127
  - lib/paloalto/version.rb
104
128
  homepage: http://www.rapid7.com
105
129
  licenses: