qualys-mcp 2.2.1__py3-none-any.whl → 2.2.4__py3-none-any.whl

{qualys_mcp-2.2.1.dist-info → qualys_mcp-2.2.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: qualys-mcp
-Version: 2.2.1
+Version: 2.2.4
 Summary: MCP server for Qualys security APIs - natural language interaction with vulnerability, asset, and cloud security data
 Project-URL: Homepage, https://github.com/nelssec/qualys-mcp
 Project-URL: Repository, https://github.com/nelssec/qualys-mcp

qualys_mcp-2.2.4.dist-info/RECORD

@@ -0,0 +1,6 @@
+qualys_mcp.py,sha256=8Lf5HWF7l7VpSwhnz5iAlwcvIna11Glj83iWXwgqgoU,32424
+qualys_mcp-2.2.4.dist-info/METADATA,sha256=tJwDhsTuKqhlUXjMuwlfczvlt-7Cto2nPSAjOknjzDY,3295
+qualys_mcp-2.2.4.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+qualys_mcp-2.2.4.dist-info/entry_points.txt,sha256=Dc8X0AhJDjGaZOJ0SNpWDWjEX4sYzrYa9FZEbggX0Rs,47
+qualys_mcp-2.2.4.dist-info/licenses/LICENSE,sha256=dW3nC4AX_VbxPAgneSDR-miZPiHgAYw5JhPtdbUEt_E,1091
+qualys_mcp-2.2.4.dist-info/RECORD,,

qualys_mcp.py

@@ -116,69 +116,107 @@ def get_assets(limit=100, qql=None):
         return []
 
 
+def get_eol_count(qql_filter):
+    """Get count of assets matching QQL filter (fast, no pagination)"""
+    token = get_bearer_token()
+    url = f"{GATEWAY_URL}/rest/2.0/count/am/asset"
+    filter_body = json.dumps({"filter": qql_filter})
+    req = Request(url, data=filter_body.encode(), method='POST')
+    req.add_header('Authorization', f'Bearer {token}' if token else f'Basic {BASIC_AUTH}')
+    req.add_header('Content-Type', 'application/json')
+    req.add_header('X-Requested-With', 'qualys-mcp')
+    try:
+        with urlopen(req, timeout=30) as resp:
+            return json.loads(resp.read()).get('count', 0)
+    except:
+        return 0
+
+
 def get_eol_assets_by_qql(qql_filter, limit=500):
-    """Query assets using QQL filter syntax"""
-    url = f"{GATEWAY_URL}/rest/2.0/search/am/asset?pageSize={limit}"
+    """Query assets using QQL filter syntax with pagination"""
     token = get_bearer_token()
+    all_assets = []
+    last_seen_id = None
+    page_size = min(100, limit)
 
-    filter_body = json.dumps({"filter": qql_filter})
+    while len(all_assets) < limit:
+        url = f"{GATEWAY_URL}/rest/2.0/search/am/asset?pageSize={page_size}"
+        if last_seen_id:
+            url += f"&lastSeenAssetId={last_seen_id}"
+
+        filter_body = json.dumps({"filter": qql_filter})
+        req = Request(url, data=filter_body.encode(), method='POST')
+        req.add_header('Authorization', f'Bearer {token}' if token else f'Basic {BASIC_AUTH}')
+        req.add_header('Content-Type', 'application/json')
+        req.add_header('X-Requested-With', 'qualys-mcp')
+
+        try:
+            with urlopen(req, timeout=60) as resp:
+                data = json.loads(resp.read())
+                assets = data.get('assetListData', {}).get('asset', [])
+                if not assets:
+                    break
+                all_assets.extend(assets)
+                if not data.get('hasMore'):
+                    break
+                last_seen_id = assets[-1].get('assetId')
+        except:
+            break
 
+    return all_assets[:limit]
+
+
+def is_eol_stage(stage):
+    """Check if stage indicates EOL/EOS status"""
+    if not stage:
+        return False
+    s = stage.upper()
+    return ('EOL' in s or 'EOS' in s) and s != 'NOT APPLICABLE'
+
+
+def get_eol_sample(qql_filter, limit=100):
+    """Get single page of assets (no pagination) and filter for EOL"""
+    token = get_bearer_token()
+    url = f"{GATEWAY_URL}/rest/2.0/search/am/asset?pageSize={limit}"
+    filter_body = json.dumps({"filter": qql_filter})
     req = Request(url, data=filter_body.encode(), method='POST')
     req.add_header('Authorization', f'Bearer {token}' if token else f'Basic {BASIC_AUTH}')
     req.add_header('Content-Type', 'application/json')
     req.add_header('X-Requested-With', 'qualys-mcp')
-
     try:
-        with urlopen(req, timeout=60) as resp:
+        with urlopen(req, timeout=30) as resp:
             return json.loads(resp.read()).get('assetListData', {}).get('asset', [])
     except:
         return []
 
 
-def get_all_eol_assets(limit=300):
-    """Get all EOL/EOS assets across OS, hardware, and software"""
-    results = {'os': [], 'hardware': [], 'software': []}
+def get_all_eol_assets(limit=15):
+    """Get EOL/EOS asset samples (fast, single page per query)"""
+    results = {'os': [], 'hardware': []}
 
-    os_assets = get_eol_assets_by_qql("operatingSystem.lifecycle.stage:EOL or operatingSystem.lifecycle.stage:EOS or operatingSystem.lifecycle.stage:`EOL/EOS`", limit)
-    for a in os_assets:
+    for a in get_eol_sample("operatingSystem.lifecycle.stage:`EOL/EOS`", 100):
         os_info = a.get('operatingSystem', {}) or {}
         lifecycle = os_info.get('lifecycle', {}) or {}
-        results['os'].append({
-            'assetId': a.get('assetId'),
-            'address': a.get('address', ''),
-            'dnsName': a.get('dnsHostName', '') or a.get('dnsName', ''),
-            'type': 'os',
-            'name': os_info.get('osName', '') or os_info.get('fullName', '') or 'Unknown',
-            'stage': lifecycle.get('stage', ''),
-            'eolDate': lifecycle.get('eolDate', ''),
-            'eosDate': lifecycle.get('eosDate', '')
-        })
-
-    hw_assets = get_eol_assets_by_qql("hardware.lifecycle.stage:EOS or hardware.lifecycle.stage:EOL", limit)
-    for a in hw_assets:
+        stage = lifecycle.get('stage', '')
+        if is_eol_stage(stage) and len(results['os']) < limit:
+            results['os'].append({
+                'assetId': a.get('assetId'),
+                'address': a.get('address', ''),
+                'name': os_info.get('osName', '') or 'Unknown',
+                'stage': stage
+            })
+
+    for a in get_eol_sample("hardware.lifecycle.stage:`EOL/EOS`", 100):
         hw_info = a.get('hardware', {}) or {}
         lifecycle = hw_info.get('lifecycle', {}) or {}
-        results['hardware'].append({
-            'assetId': a.get('assetId'),
-            'address': a.get('address', ''),
-            'dnsName': a.get('dnsHostName', '') or a.get('dnsName', ''),
-            'type': 'hardware',
-            'name': hw_info.get('model', '') or hw_info.get('name', '') or 'Unknown',
-            'stage': lifecycle.get('stage', ''),
-            'eolDate': lifecycle.get('eolDate', ''),
-            'eosDate': lifecycle.get('eosDate', '')
-        })
-
-    sw_assets = get_eol_assets_by_qql("software:(lifecycle.stage:EOL)", limit)
-    for a in sw_assets:
-        results['software'].append({
-            'assetId': a.get('assetId'),
-            'address': a.get('address', ''),
-            'dnsName': a.get('dnsHostName', '') or a.get('dnsName', ''),
-            'type': 'software',
-            'name': 'Has EOL software',
-            'stage': 'EOL'
-        })
+        stage = lifecycle.get('stage', '')
+        if is_eol_stage(stage) and len(results['hardware']) < limit:
+            results['hardware'].append({
+                'assetId': a.get('assetId'),
+                'address': a.get('address', ''),
+                'name': hw_info.get('model', '') or 'Unknown',
+                'stage': stage
+            })
 
     return results
 
@@ -561,49 +599,14 @@ def get_asset_risk(asset_id: str) -> dict:
 
 @mcp.tool()
 def get_tech_debt(days_until_eol: int = 0) -> dict:
-    """Get EOL/EOS across OS, hardware, and software. Use days_until_eol to find items approaching end-of-life."""
-    result = {
-        'stats': {'osEOL': 0, 'osEOS': 0, 'hardwareEOL': 0, 'softwareEOL': 0, 'total': 0},
-        'os': [],
-        'hardware': [],
-        'software': [],
-        'byCategory': {}
-    }
-
-    all_eol = get_all_eol_assets(300)
-
-    for item in all_eol['os']:
-        stage = (item.get('stage', '') or '').upper()
-        if 'EOL' in stage and 'EOS' not in stage:
-            result['stats']['osEOL'] += 1
-        else:
-            result['stats']['osEOS'] += 1
-        if len(result['os']) < 20:
-            result['os'].append(item)
-
-    for item in all_eol['hardware']:
-        result['stats']['hardwareEOL'] += 1
-        if len(result['hardware']) < 20:
-            result['hardware'].append(item)
-
-    sw_by_name = {}
-    for item in all_eol['software']:
-        name = item.get('name', 'Unknown')
-        if name not in sw_by_name:
-            sw_by_name[name] = {'name': name, 'version': item.get('version', ''), 'count': 0, 'stage': item.get('stage', '')}
-        sw_by_name[name]['count'] += 1
-        result['stats']['softwareEOL'] += 1
-
-    result['software'] = sorted(sw_by_name.values(), key=lambda x: x['count'], reverse=True)[:20]
-
-    result['stats']['total'] = (result['stats']['osEOL'] + result['stats']['osEOS'] +
-                                 result['stats']['hardwareEOL'] + result['stats']['softwareEOL'])
-
-    result['byCategory'] = {
-        'operatingSystem': len(all_eol['os']),
-        'hardware': len(all_eol['hardware']),
-        'software': len(all_eol['software'])
-    }
+    """Get EOL/EOS operating systems and hardware. Returns sample assets with EOL/EOS status."""
+    result = {'os': [], 'hardware': []}
+
+    samples = get_all_eol_assets(15)
+    result['os'] = samples['os']
+    result['hardware'] = samples['hardware']
+    result['osCount'] = len(samples['os'])
+    result['hardwareCount'] = len(samples['hardware'])
 
     return result
 

qualys_mcp-2.2.1.dist-info/RECORD

@@ -1,6 +0,0 @@
-qualys_mcp.py,sha256=16aUDePxLy7OyDGj3vMl3RwTgwKIYsrrwPSLpJ-Ci1M,32468
-qualys_mcp-2.2.1.dist-info/METADATA,sha256=Eeo3u3kkqAvTR_2wI-CvEbw462ywD3b4xCQ6igfK_QA,3295
-qualys_mcp-2.2.1.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-qualys_mcp-2.2.1.dist-info/entry_points.txt,sha256=Dc8X0AhJDjGaZOJ0SNpWDWjEX4sYzrYa9FZEbggX0Rs,47
-qualys_mcp-2.2.1.dist-info/licenses/LICENSE,sha256=dW3nC4AX_VbxPAgneSDR-miZPiHgAYw5JhPtdbUEt_E,1091
-qualys_mcp-2.2.1.dist-info/RECORD,,