nexpose_ticketing 1.0.2 → 1.2.1

data/lib/nexpose_ticketing/ticket_metrics.rb

@@ -0,0 +1,39 @@
+module NexposeTicketing
+  class TicketMetrics
+    attr_accessor :ticket_counts
+
+    #Create the specific metric collecting methods
+    @@ticket_counts = {}
+    [:created, :updated, :closed].each do |action|
+      @@ticket_counts[action] = 0
+      define_method(action) do |increment=nil|
+        @@ticket_counts[action] += increment || 1
+      end
+
+      define_method("get_#{action}") do
+        @@ticket_counts[action]
+      end
+    end
+
+    def initialize
+      @start_time = nil
+      @log = NexposeTicketing::NxLogger.instance
+    end
+
+    def start
+      return if @start_time != nil
+      @start_time = Time.now
+    end
+
+    def finish
+      return if @start_time == nil  
+      @time_taken = Time.at(Time.now - @start_time).utc.strftime("%H:%M:%S")
+      @start_time = nil
+
+      @log.log_message("Ticket processing took #{@time_taken} to complete.")
+      @@ticket_counts.keys.each do |action|
+        @log.log_message("Metrics: #{@@ticket_counts[action]} tickets were #{action}.")
+      end
+    end
+  end
+end

data/lib/nexpose_ticketing/ticket_repository.rb

@@ -12,10 +12,24 @@ module NexposeTicketing
 
     def initialize(options = nil)
       @timeout = options[:timeout]
+
+      # Gets the suffix of the query method signatures based on the mode
+      @method_suffix = options[:query_suffix]
+
+      define_query_methods
     end
 
-    def nexpose_login(nexpose_data)
+    def define_query_methods
+      methods = Queries.methods.grep Regexp.new (@method_suffix+'$')
       
+      methods.each do |m|
+        define_singleton_method m do |options, override=nil|
+          request_query(m, options, override)
+        end
+      end
+    end
+
+    def nexpose_login(nexpose_data) 
       @nsc = Nexpose::Connection.new(nexpose_data[:nxconsole], nexpose_data[:nxuser], nexpose_data[:nxpasswd])
       @nsc.login
       @log = NexposeTicketing::NxLogger.instance
@@ -67,8 +81,9 @@ module NexposeTicketing
     #
     def load_last_scans(options = {}, report_config = Nexpose::AdhocReportConfig.new(nil, 'sql'))
       report_config.add_filter('version', '1.2.0')
-      sites = Array(options[:sites])
-      tags = Array(options[:tags])
+      sites = Array(options[:sites]).map!(&:to_s)
+      tags = Array(options[:tags]).map!(&:to_s)
+
       if(options[:tag_run])
         report_config.add_filter('query', Queries.last_tag_scans)
         tags.each do |tag|
@@ -84,7 +99,7 @@ module NexposeTicketing
       #We only care about sites we are monitoring.
       trimmed_csv = []
       if(options[:tag_run])
-        trimmed_csv << 'tag_id, last_scan_fingerprint'
+        trimmed_csv << 'tag_id,last_scan_fingerprint'
         current_tag_id = nil
         tag_finger_print = ''
         csv_output.each  do |row|
@@ -94,7 +109,7 @@ module NexposeTicketing
               current_tag_id = row[0].to_i
             else
               #New tag ID, finish off the old fingerprint and start on the new one
-              trimmed_csv << CSV::Row.new('tag_id, last_scan_fingerprint'.split(','), "#{current_tag_id},#{Digest::MD5::hexdigest(tag_finger_print)}".split(','))
+              trimmed_csv << CSV::Row.new('tag_id,last_scan_fingerprint'.split(','), "#{current_tag_id},#{Digest::MD5::hexdigest(tag_finger_print)}".split(','))
               tag_finger_print.clear
               current_tag_id = row[0].to_i
             end
@@ -107,7 +122,7 @@ module NexposeTicketing
           end
         end
         unless tag_finger_print.empty?
-          trimmed_csv << CSV::Row.new('tag_id, last_scan_fingerprint'.split(','), "#{current_tag_id},#{Digest::MD5::hexdigest(tag_finger_print)}".split(','))
+          trimmed_csv << CSV::Row.new('tag_id,last_scan_fingerprint'.split(','), "#{current_tag_id},#{Digest::MD5::hexdigest(tag_finger_print)}".split(','))
         end
       else
         trimmed_csv << report_output.lines.first
@@ -117,6 +132,7 @@ module NexposeTicketing
           end
         end
       end
+
       trimmed_csv
     end
 
@@ -130,18 +146,17 @@ module NexposeTicketing
     #   - Returns String @vulnerability_categories
     #
     def createVulnerabilityFilter(options = {})
-      @vulnerability_categories = nil
-      if options.has_key?(:vulnerabilityCategories)
-        if not options[:vulnerabilityCategories].nil? and not options[:vulnerabilityCategories].empty?
-          @vulnerability_categories = options[:vulnerabilityCategories].strip.split(',').map {|category| "include:#{category}"}.join(',')
-        end
+      if options[:vulnerabilityCategories].nil? || options[:vulnerabilityCategories].empty?
+        return nil
       end
-      @vulnerability_categories
+      
+      filter = options[:vulnerabilityCategories].strip.split(',')
+      filter.map { |category| "include:#{category}" }.join(',')
     end
 
-    def read_tag_asset_list(cvs_file_name)
+    def read_tag_asset_list(csv_file_name)
       file_identifier_histories = Hash.new(-1)
-      CSV.foreach(cvs_file_name, headers: true) do |row|
+      CSV.foreach(csv_file_name, headers: true) do |row|
         file_identifier_histories[row[0]] = row[1]
       end
       file_identifier_histories
@@ -150,10 +165,8 @@ module NexposeTicketing
     def generate_tag_asset_list(options = {}, report_config = Nexpose::AdhocReportConfig.new(nil, 'sql'))
       report_config.add_filter('version', '1.2.0')
       tags = Array(options[:tags])
-        report_config.add_filter('query', Queries.last_tag_scans)
-      tags.each do |tag|
-        report_config.add_filter('tag', tag)
-      end
+      report_config.add_filter('query', Queries.last_tag_scans)
+      tags.each { |tag| report_config.add_filter('tag', tag) }
 
       report_output = report_config.generate(@nsc, @timeout)
       csv_output = CSV.parse(report_output.chomp,  headers: :first_row)
@@ -170,6 +183,9 @@ module NexposeTicketing
             save_to_file(options[:csv_file], trimmed_csv)
             current_tag_id = row[0].to_i
             trimmed_csv = []
+
+            # TODO: test this change
+            trimmed_csv << 'asset_id, last_scan_id'
           end
         end
 
@@ -186,14 +202,14 @@ module NexposeTicketing
     #   - +csv_file_name+ -  CSV File name.
     #
     def save_to_file(csv_file_name, trimmed_csv, saved_file = nil)
-      saved_file.open(csv_file_name, 'w') { |file| file.puts(trimmed_csv) } unless saved_file.nil?
-      if saved_file.nil?
-        dir = File.dirname(csv_file_name)
-        unless File.directory?(dir)
-          FileUtils.mkdir_p(dir)
-        end
-        File.open(csv_file_name, 'w') { |file| file.puts(trimmed_csv) }
+      unless saved_file.nil?
+        saved_file.open(csv_file_name, 'w') { |file| file.puts(trimmed_csv) } 
+        return
       end
+
+      dir = File.dirname(csv_file_name)
+      FileUtils.mkdir_p(dir) unless File.directory?(dir)
+      File.open(csv_file_name, 'w') { |file| file.puts(trimmed_csv) }
     end
 
     # Gets the last scan information from nexpose sans the CSV headers.
@@ -210,212 +226,55 @@ module NexposeTicketing
       nexpose_ids
     end
 
-    # Gets all the vulnerabilities for a new site or fresh install.
-    #
-    # * *Args*    :
-    #   - +options+ -  A Hash with user configuration information.
-    #   - +nexpose_item_override+ - Override for user-configured tag/site options
-    #
-    # * *Returns* :
-    #   - Returns CSV |asset_id| |ip_address| |current_scan| |vulnerability_id| |solution_id| |nexpose_id|
-    #     |url| |summary| |fix|
-    #
-    def all_vulns(options = {}, nexpose_item_override = nil)
-      report_config =  @report_helper.generate_sql_report_config()
-      severity = options[:severity].nil? ? 0 : options[:severity]
-      report_config.add_filter('version', '1.2.0')
-      if options[:ticket_mode] == 'V'
-        report_config.add_filter('query', Queries.all_new_vulns_by_vuln_id(options))
-      else
-        report_config.add_filter('query', Queries.all_new_vulns(options))
-      end
-
-      if nexpose_item_override.nil?
-        if(options[:tag_run])
-          nexpose_items = Array(options[:tags])
-        else
-          nexpose_items = Array(options[:sites])
-        end
-      else
-        nexpose_items = Array(nexpose_item_override)
-      end
-
-      if options[:tag_run]
-        unless nexpose_items.nil? || nexpose_items.empty?
-          nexpose_items.each do |tag_id|
-            report_config.add_filter('tag', tag_id)
-          end
-        end
-      else
-        unless nexpose_items.nil? || nexpose_items.empty?
-          nexpose_items.each do |site_id|
-            report_config.add_filter('site', site_id)
-          end
-        end
-      end
-
-      report_config.add_filter('vuln-severity', severity)
-
-      vuln_filter_cats = createVulnerabilityFilter(options)
-
-      if not vuln_filter_cats.nil? and not vuln_filter_cats.empty?
-        report_config.add_filter('vuln-categories', vuln_filter_cats)
-      end
-
-      @report_helper.save_generate_cleanup_report_config(report_config)
+    def request_query(query_name, options = {}, nexpose_items = nil)
+      items = Array(nexpose_items || options["#{options[:scan_mode]}s".intern]) 
+      
+      report_config = generate_config(query_name, options, items)
     end
 
-    # Gets the new vulns from base scan reported_scan_id and the newest / latest scan from a site.
-    #
-    # * *Args*    :
-    #   - +options+ -  A Hash with user configuration information.
-    #
-    # * *Returns* :
-    #   - Returns CSV |asset_id| |ip_address| |current_scan| |vulnerability_id| |solution_id| |nexpose_id|
-    #     |url| |summary| |fix|
-    #
-    def new_vulns(options = {})
+    def generate_config(query_name, options, nexpose_items)
       report_config =  @report_helper.generate_sql_report_config()
       nexpose_item = options[:nexpose_item]
       reported_scan_id = options[:scan_id]
-      fail 'Nexpose item cannot be null or empty' if nexpose_item.nil? || reported_scan_id.nil?
-      severity = options[:severity].nil? ? 0 : options[:severity]
-      report_config.add_filter('version', '1.2.0')
-      if options[:ticket_mode] == 'V'
-        report_config.add_filter('query', Queries.new_vulns_by_vuln_id_since_scan(options))
-      else
-        report_config.add_filter('query', Queries.new_vulns_since_scan(options))
-      end
 
-      if(options[:tag_run])
-        report_config.add_filter('tag', options[:tag])
-      else
-        report_config.add_filter('site', nexpose_item)
+      # If it's a non-initial run, we need the last scan ID
+      unless options[:initial_run]
+        fail 'Nexpose item cannot be null or empty' if nexpose_item.nil? || reported_scan_id.nil?
       end
 
-      report_config.add_filter('vuln-severity', severity)
-
-      vuln_filter_cats = createVulnerabilityFilter(options)
-
-      if not vuln_filter_cats.nil? and not vuln_filter_cats.empty?
-        report_config.add_filter('vuln-categories', vuln_filter_cats)
-      end
-
-      @report_helper.save_generate_cleanup_report_config(report_config)
-    end
-    
-    # Gets the old vulns from base scan reported_scan_id and the newest / latest scan from a site.
-    #
-    # * *Args*    :
-    #   - +options+ -  A Hash with user configuration information.
-    #
-    # * *Returns* :
-    #   - Returns CSV |asset_id| |ip_address| |current_scan| |vulnerability_id| |solution_id| |nexpose_id|
-    #     |url| |summary| |fix|
-    #
-    def old_vulns(options = {})
-      report_config =  @report_helper.generate_sql_report_config()
-      nexpose_item = options[:nexpose_item]
-      reported_scan_id = options[:scan_id]
-      fail 'Nexpose item cannot be null or empty' if nexpose_item.nil? || reported_scan_id.nil?
-      severity = options[:severity].nil? ? 0 : options[:severity]
       report_config.add_filter('version', '1.2.0')
-      report_config.add_filter('query', Queries.old_vulns_since_scan(options))
-
-      if(options[:tag_run])
-        report_config.add_filter('tag', options[:tag])
-      else
-        report_config.add_filter('site', nexpose_item)
-      end
-
-      report_config.add_filter('vuln-severity', severity)
-
-      vuln_filter_cats = createVulnerabilityFilter(options)
+      report_config.add_filter('query', Queries.send(query_name, options))
 
-      if not vuln_filter_cats.nil? and not vuln_filter_cats.empty?
-        report_config.add_filter('vuln-categories', vuln_filter_cats)
-      end
-
-      @report_helper.save_generate_cleanup_report_config(report_config)
-    end
-
-    # Gets information on possible tickets to close based on only having old vulns/IPs and no new/same ones.
-    # Based on IP address (for 'I' mode) or vuln ID ('V' mode).
-    #
-    # * *Args*    :
-    #   - +options+ -  A Hash with user configuration information.
-    #
-    # * *Returns* :
-    #   - Returns CSV |asset_id| |ip_address| |current_scan| |vulnerability_id| |comparison|
-    #
-    def tickets_to_close(options = {})
-      report_config =  @report_helper.generate_sql_report_config()
-      nexpose_item = options[:nexpose_item]
-      reported_scan_id = options[:scan_id]
-      fail 'Nexpose item cannot be null or empty' if nexpose_item.nil? || reported_scan_id.nil?
-      severity = options[:severity].nil? ? 0 : options[:severity]
-      report_config.add_filter('version', '1.2.0')
-      if options[:ticket_mode] == 'V'
-        report_config.add_filter('query', Queries.old_tickets_by_vuln_id(options))
-      else
-      report_config.add_filter('query', Queries.old_tickets_by_ip(options))
-      end
+      id_type = options[:tag_run] ? 'tag' : 'site'
 
-      if(options[:tag_run])
-        report_config.add_filter('tag', options[:tag])
+      if nexpose_items != nil && !nexpose_items.empty?
+        nexpose_items.each { |id| report_config.add_filter(id_type, id) }
       else
-        report_config.add_filter('site', nexpose_item)
+        item = options[:tag_run] ? options[:tag] : nexpose_item
+        report_config.add_filter(id_type, item)
       end 
 
-      report_config.add_filter('vuln-severity', severity)
+      report_config.add_filter('vuln-severity', options[:severity] || 0)
 
       vuln_filter_cats = createVulnerabilityFilter(options)
 
-      if not vuln_filter_cats.nil? and not vuln_filter_cats.empty?
+      unless vuln_filter_cats.nil? || vuln_filter_cats.empty?
         report_config.add_filter('vuln-categories', vuln_filter_cats)
       end
 
       @report_helper.save_generate_cleanup_report_config(report_config)
     end
 
-
-    # Gets all vulns from base scan reported_scan_id and the newest / latest scan from a site. This is
-    # used for IP-based issue updating. Includes the baseline comparision value ('Old','New', or 'Same').
-    #
-    # * *Args*    :
-    #   - +options+ -  A Hash with user configuration information.
-    #
-    # * *Returns* :
-    #   - Returns CSV |asset_id| |ip_address| |current_scan| |vulnerability_id| |solution_id| |nexpose_id|
-    #     |url| |summary| |fix| |comparison| 
-    #
-    def all_vulns_since(options = {})
-      report_config =  @report_helper.generate_sql_report_config()
-      nexpose_item = options[:nexpose_item]
-      reported_scan_id = options[:scan_id]
-      fail 'Nexpose item cannot be null or empty' if nexpose_item.nil? || reported_scan_id.nil?
-      severity = options[:severity].nil? ? 0 : options[:severity]
-      report_config.add_filter('version', '1.2.0')
-      if options[:ticket_mode] == 'V'
-        report_config.add_filter('query', Queries.all_vulns_by_vuln_id_since_scan(options))
-      else
-        report_config.add_filter('query', Queries.all_vulns_since_scan(options))
-      end
-
-      if(options[:tag_run])
-        report_config.add_filter('tag', options[:tag])
-      else
-        report_config.add_filter('site', nexpose_item)
-      end
-      report_config.add_filter('vuln-severity', severity)
-
-      vuln_filter_cats = createVulnerabilityFilter(options)
-
-      if not vuln_filter_cats.nil? and not vuln_filter_cats.empty?
-        report_config.add_filter('vuln-categories', vuln_filter_cats)
+    def method_missing(name, *args, &block)
+      full_method_name = "#{name}#{@method_suffix}"
+    
+      unless Queries.respond_to? full_method_name
+        fail %Q{Query request "#{full_method_name}" not understood}
       end
 
-      @report_helper.save_generate_cleanup_report_config(report_config)
+      @log.log_message %Q{Creating query request "#{full_method_name}".}
+      request_query(full_method_name, args[0], args[1])
     end
+
   end
 end