PyPI - qualys-mcp - Versions diffs - 2.2.0__py3-none-any.whl → 2.2.2__py3-none-any.whl - Mend

qualys-mcp 2.2.0py3-none-any.whl → 2.2.2py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

{qualys_mcp-2.2.0.dist-info → qualys_mcp-2.2.2.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: qualys-mcp
-Version: 2.2.0
+Version: 2.2.2
 Summary: MCP server for Qualys security APIs - natural language interaction with vulnerability, asset, and cloud security data
 Project-URL: Homepage, https://github.com/nelssec/qualys-mcp
 Project-URL: Repository, https://github.com/nelssec/qualys-mcp

qualys_mcp-2.2.2.dist-info/RECORD ADDED Viewed

@@ -0,0 +1,6 @@
+qualys_mcp.py,sha256=L5jSFzPOZWS4D5Tl6x8EbX8mhZQE4OQjnokdKDmNPwU,34292
+qualys_mcp-2.2.2.dist-info/METADATA,sha256=W2hHuoK0iePAS8N2c4x272Zpq1IhYP_4-A2DGk91FOc,3295
+qualys_mcp-2.2.2.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+qualys_mcp-2.2.2.dist-info/entry_points.txt,sha256=Dc8X0AhJDjGaZOJ0SNpWDWjEX4sYzrYa9FZEbggX0Rs,47
+qualys_mcp-2.2.2.dist-info/licenses/LICENSE,sha256=dW3nC4AX_VbxPAgneSDR-miZPiHgAYw5JhPtdbUEt_E,1091
+qualys_mcp-2.2.2.dist-info/RECORD,,

qualys_mcp.py CHANGED Viewed

@@ -116,47 +116,125 @@ def get_assets(limit=100, qql=None):
         return []
-def get_eol_assets(stage_filter="EOL,EOL/EOS", limit=500):
-    url = f"{GATEWAY_URL}/rest/2.0/search/am/asset?pageSize={limit}"
+def get_eol_assets_by_qql(qql_filter, limit=500):
+    """Query assets using QQL filter syntax with pagination"""
     token = get_bearer_token()
+    all_assets = []
+    last_seen_id = None
+    page_size = min(100, limit)
-    filter_body = json.dumps({
-        "filters": [
-            {"field": "operatingSystem.lifecycle.stage", "operator": "IN", "value": stage_filter}
-        ]
-    })
+    while len(all_assets) < limit:
+        url = f"{GATEWAY_URL}/rest/2.0/search/am/asset?pageSize={page_size}"
+        if last_seen_id:
+            url += f"&lastSeenAssetId={last_seen_id}"
-    req = Request(url, data=filter_body.encode(), method='POST')
-    req.add_header('Authorization', f'Bearer {token}' if token else f'Basic {BASIC_AUTH}')
-    req.add_header('Content-Type', 'application/json')
-    req.add_header('X-Requested-With', 'qualys-mcp')
+        filter_body = json.dumps({"filter": qql_filter})
+        req = Request(url, data=filter_body.encode(), method='POST')
+        req.add_header('Authorization', f'Bearer {token}' if token else f'Basic {BASIC_AUTH}')
+        req.add_header('Content-Type', 'application/json')
+        req.add_header('X-Requested-With', 'qualys-mcp')
-    try:
-        with urlopen(req, timeout=60) as resp:
-            data = json.loads(resp.read())
-            assets = []
-            for a in data.get('assetListData', {}).get('asset', []):
-                os_info = a.get('operatingSystem', {}) or {}
-                lifecycle = os_info.get('lifecycle', {}) or {}
-                os_name = os_info.get('osName', '') or os_info.get('fullName', '') or ''
-                if os_info.get('version'):
-                    os_name = f"{os_name} {os_info.get('version', '')}".strip()
-                assets.append({
-                    'assetId': a.get('assetId'),
-                    'address': a.get('address', ''),
-                    'dnsName': a.get('dnsHostName', ''),
-                    'operatingSystem': {
-                        'osName': os_name,
-                        'lifecycle': {
-                            'stage': lifecycle.get('stage', ''),
-                            'eolDate': lifecycle.get('eolDate', ''),
-                            'eosDate': lifecycle.get('eosDate', '')
-                        }
-                    }
-                })
-            return assets
-    except Exception as e:
-        return []
+        try:
+            with urlopen(req, timeout=60) as resp:
+                data = json.loads(resp.read())
+                assets = data.get('assetListData', {}).get('asset', [])
+                if not assets:
+                    break
+                all_assets.extend(assets)
+                if not data.get('hasMore'):
+                    break
+                last_seen_id = assets[-1].get('assetId')
+        except:
+            break
+    return all_assets[:limit]
+def is_eol_stage(stage):
+    """Check if stage indicates EOL/EOS status"""
+    if not stage:
+        return False
+    s = stage.upper()
+    return ('EOL' in s or 'EOS' in s) and s != 'NOT APPLICABLE'
+def get_all_eol_assets(limit=300):
+    """Get all EOL/EOS assets across OS, hardware, and software"""
+    results = {'os': [], 'hardware': [], 'software': []}
+    seen_ids = set()
+    os_assets = get_eol_assets_by_qql("operatingSystem.lifecycle.stage:`EOL/EOS` or operatingSystem.lifecycle.stage:EOL or operatingSystem.lifecycle.stage:EOS", limit * 5)
+    for a in os_assets:
+        os_info = a.get('operatingSystem', {}) or {}
+        lifecycle = os_info.get('lifecycle', {}) or {}
+        stage = lifecycle.get('stage', '')
+        if not is_eol_stage(stage):
+            continue
+        aid = a.get('assetId')
+        if aid in seen_ids:
+            continue
+        seen_ids.add(aid)
+        results['os'].append({
+            'assetId': aid,
+            'address': a.get('address', ''),
+            'dnsName': a.get('dnsHostName', '') or a.get('dnsName', ''),
+            'type': 'os',
+            'name': os_info.get('osName', '') or os_info.get('fullName', '') or 'Unknown',
+            'stage': stage,
+            'eolDate': lifecycle.get('eolDate', ''),
+            'eosDate': lifecycle.get('eosDate', '')
+        })
+        if len(results['os']) >= limit:
+            break
+    seen_ids.clear()
+    hw_assets = get_eol_assets_by_qql("hardware.lifecycle.stage:`EOL/EOS` or hardware.lifecycle.stage:EOL or hardware.lifecycle.stage:EOS", limit * 5)
+    for a in hw_assets:
+        hw_info = a.get('hardware', {}) or {}
+        lifecycle = hw_info.get('lifecycle', {}) or {}
+        stage = lifecycle.get('stage', '')
+        if not is_eol_stage(stage):
+            continue
+        aid = a.get('assetId')
+        if aid in seen_ids:
+            continue
+        seen_ids.add(aid)
+        results['hardware'].append({
+            'assetId': aid,
+            'address': a.get('address', ''),
+            'dnsName': a.get('dnsHostName', '') or a.get('dnsName', ''),
+            'type': 'hardware',
+            'name': hw_info.get('model', '') or hw_info.get('name', '') or 'Unknown',
+            'stage': stage,
+            'eolDate': lifecycle.get('eolDate', ''),
+            'eosDate': lifecycle.get('eosDate', '')
+        })
+        if len(results['hardware']) >= limit:
+            break
+    seen_ids.clear()
+    sw_assets = get_eol_assets_by_qql("software:(lifecycle.stage:`EOL/EOS` or lifecycle.stage:EOL or lifecycle.stage:EOS)", limit * 5)
+    for a in sw_assets:
+        aid = a.get('assetId')
+        if aid in seen_ids:
+            continue
+        seen_ids.add(aid)
+        sw_list = a.get('software', []) or []
+        eol_sw = [s for s in sw_list if is_eol_stage((s.get('lifecycle', {}) or {}).get('stage', ''))]
+        sw_names = [s.get('name', 'Unknown') for s in eol_sw[:3]]
+        results['software'].append({
+            'assetId': aid,
+            'address': a.get('address', ''),
+            'dnsName': a.get('dnsHostName', '') or a.get('dnsName', ''),
+            'type': 'software',
+            'name': ', '.join(sw_names) if sw_names else 'Has EOL software',
+            'stage': 'EOL',
+            'eolSoftwareCount': len(eol_sw)
+        })
+        if len(results['software']) >= limit:
+            break
+    return results
 def get_images(limit=100, severity=None):
@@ -537,85 +615,50 @@ def get_asset_risk(asset_id: str) -> dict:
 @mcp.tool()
 def get_tech_debt(days_until_eol: int = 0) -> dict:
-    """Get EOL/EOS software across your environment. Use days_until_eol to find software approaching end-of-life (e.g., 90 for next 90 days). Returns current EOL/EOS plus upcoming."""
+    """Get EOL/EOS across OS, hardware, and software. Use days_until_eol to find items approaching end-of-life."""
     result = {
-        'stats': {'total': 0, 'currentEOL': 0, 'currentEOS': 0, 'approachingEOL': 0},
-        'currentEOL': [],
-        'currentEOS': [],
-        'approachingEOL': [],
-        'byOS': [],
-        'debug': {'stages_seen': set(), 'parse_errors': 0}
+        'stats': {'osEOL': 0, 'osEOS': 0, 'hardwareEOL': 0, 'softwareEOL': 0, 'total': 0},
+        'os': [],
+        'hardware': [],
+        'software': [],
+        'byCategory': {}
     }
-    assets = get_eol_assets("EOL,EOL/EOS,EOS", 500)
-    result['stats']['total'] = len(assets)
-    today = datetime.utcnow().date()
-    cutoff = today + timedelta(days=days_until_eol) if days_until_eol > 0 else None
-    os_data = {}
-    for a in assets:
-        os_info = a.get('operatingSystem', {})
-        if not isinstance(os_info, dict):
-            result['debug']['parse_errors'] += 1
-            continue
-        os_name = os_info.get('osName', '') or 'Unknown'
-        lc = os_info.get('lifecycle', {})
-        if not isinstance(lc, dict):
-            result['debug']['parse_errors'] += 1
-            continue
-        stage = (lc.get('stage', '') or '').upper()
-        result['debug']['stages_seen'].add(stage)
-        eol_date = lc.get('eolDate', '') or ''
-        eos_date = lc.get('eosDate', '') or ''
-        asset_info = {
-            'assetId': a.get('assetId'),
-            'ip': a.get('address', ''),
-            'hostname': a.get('dnsName', ''),
-            'os': os_name,
-            'stage': stage,
-            'eolDate': eol_date,
-            'eosDate': eos_date
-        }
-        if os_name not in os_data:
-            os_data[os_name] = {'eol': 0, 'eos': 0, 'approaching': 0, 'eolDate': eol_date, 'eosDate': eos_date}
+    all_eol = get_all_eol_assets(300)
+    for item in all_eol['os']:
+        stage = (item.get('stage', '') or '').upper()
         if 'EOL' in stage and 'EOS' not in stage:
-            result['stats']['currentEOL'] += 1
-            os_data[os_name]['eol'] += 1
-            if len(result['currentEOL']) < 20:
-                result['currentEOL'].append(asset_info)
-        elif 'EOS' in stage or 'EOL/EOS' in stage:
-            result['stats']['currentEOS'] += 1
-            os_data[os_name]['eos'] += 1
-            if len(result['currentEOS']) < 20:
-                result['currentEOS'].append(asset_info)
-        elif cutoff and eol_date:
-            try:
-                eol = datetime.strptime(eol_date[:10], '%Y-%m-%d').date()
-                if today < eol <= cutoff:
-                    result['stats']['approachingEOL'] += 1
-                    os_data[os_name]['approaching'] += 1
-                    days_left = (eol - today).days
-                    asset_info['daysUntilEOL'] = days_left
-                    if len(result['approachingEOL']) < 20:
-                        result['approachingEOL'].append(asset_info)
-            except:
-                pass
-    result['byOS'] = [
-        {'os': k, 'eolCount': v['eol'], 'eosCount': v['eos'], 'approachingCount': v['approaching'],
-         'eolDate': v['eolDate'], 'eosDate': v['eosDate']}
-        for k, v in sorted(os_data.items(), key=lambda x: x[1]['eol'] + x[1]['eos'] + x[1]['approaching'], reverse=True)[:15]
-        if v['eol'] + v['eos'] + v['approaching'] > 0
-    ]
+            result['stats']['osEOL'] += 1
+        else:
+            result['stats']['osEOS'] += 1
+        if len(result['os']) < 20:
+            result['os'].append(item)
+    for item in all_eol['hardware']:
+        result['stats']['hardwareEOL'] += 1
+        if len(result['hardware']) < 20:
+            result['hardware'].append(item)
+    sw_by_name = {}
+    for item in all_eol['software']:
+        name = item.get('name', 'Unknown')
+        if name not in sw_by_name:
+            sw_by_name[name] = {'name': name, 'version': item.get('version', ''), 'count': 0, 'stage': item.get('stage', '')}
+        sw_by_name[name]['count'] += 1
+        result['stats']['softwareEOL'] += 1
+    result['software'] = sorted(sw_by_name.values(), key=lambda x: x['count'], reverse=True)[:20]
+    result['stats']['total'] = (result['stats']['osEOL'] + result['stats']['osEOS'] +
+                                 result['stats']['hardwareEOL'] + result['stats']['softwareEOL'])
+    result['byCategory'] = {
+        'operatingSystem': len(all_eol['os']),
+        'hardware': len(all_eol['hardware']),
+        'software': len(all_eol['software'])
+    }
-    result['debug']['stages_seen'] = list(result['debug']['stages_seen'])
     return result

qualys_mcp-2.2.0.dist-info/RECORD DELETED Viewed

@@ -1,6 +0,0 @@
-qualys_mcp.py,sha256=1RNCIorwyenlNpxZ0K1nC7Uo3oeyvTnYUn147bDgoxQ,33033
-qualys_mcp-2.2.0.dist-info/METADATA,sha256=-OtX5IZBLBie8-S847DANTnjvoG_ETCxiMheA53uPmE,3295
-qualys_mcp-2.2.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-qualys_mcp-2.2.0.dist-info/entry_points.txt,sha256=Dc8X0AhJDjGaZOJ0SNpWDWjEX4sYzrYa9FZEbggX0Rs,47
-qualys_mcp-2.2.0.dist-info/licenses/LICENSE,sha256=dW3nC4AX_VbxPAgneSDR-miZPiHgAYw5JhPtdbUEt_E,1091
-qualys_mcp-2.2.0.dist-info/RECORD,,

{qualys_mcp-2.2.0.dist-info → qualys_mcp-2.2.2.dist-info}/WHEEL RENAMED Viewed

File without changes

{qualys_mcp-2.2.0.dist-info → qualys_mcp-2.2.2.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{qualys_mcp-2.2.0.dist-info → qualys_mcp-2.2.2.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

qualys-mcp 2.2.0__py3-none-any.whl → 2.2.2__py3-none-any.whl

qualys-mcp 2.2.0py3-none-any.whl → 2.2.2py3-none-any.whl