def inspec_report_json(data, project_id, scan_id):
"""
:param data:
:param project_id:
:param scan_id:
:return:
"""
vul_col = 'info'
for key, value in data.viewitems():
if key == 'profiles':
for profile in value:
controls = profile['controls']
for con in controls:
controls_id = con['id']
controls_title = con['title']
controls_desc = con['desc']
controls_descriptions = con['descriptions'][0]['data']
controls_impact = con['impact']
controls_refs = con['refs']
controls_tags_severity = con['tags']['severity']
controls_tags_cis_id = con['tags']['cis_id']
controls_tags_cis_control = con['tags']['cis_control']
controls_tags_cis_level = con['tags']['cis_level']
controls_tags_audit = con['tags']['audit text']
controls_tags_fix = con['tags']['fix']
controls_code = con['code']
controls_source_location = con['source_location']
for res in con['results']:
controls_results_status = res['status']
controls_results_code_desc = res['code_desc']
controls_results_run_time = res['run_time']
controls_results_start_time = res['start_time']
# controls_results_message = res['message']
for key, value in res.viewitems():
if key == 'message':
controls_results_message = value
if controls_results_status == "failed":
vul_col = "important"
status = "Failed"
elif controls_results_status == 'passed':
vul_col = "warning"
status = "Passed"
elif controls_results_status == 'skipped':
vul_col = "info"
status = "Skipped"
vul_id = uuid.uuid4()
save_all = inspec_scan_results_db(
scan_id=scan_id,
project_id=project_id,
vul_col=vul_col,
vuln_id=vul_id,
controls_id=controls_id,
controls_title=controls_title,
controls_desc=controls_desc,
controls_descriptions=controls_descriptions,
controls_impact=controls_impact,
controls_refs=controls_refs,
controls_tags_severity=controls_tags_severity,
controls_tags_cis_id=controls_tags_cis_id,
controls_tags_cis_control=controls_tags_cis_control,
controls_tags_cis_level=controls_tags_cis_level,
controls_tags_audit=controls_tags_audit,
controls_tags_fix=controls_tags_fix,
controls_code=controls_code,
controls_source_location=controls_source_location,
controls_results_status=status,
controls_results_code_desc=
controls_results_code_desc,
controls_results_run_time=controls_results_run_time,
controls_results_start_time=
controls_results_start_time,
controls_results_message=controls_results_message,
# controls_results_backtrace=controls_results_backtrace,
)
save_all.save()
all_inspec_data = inspec_scan_results_db.objects.filter(
scan_id=scan_id)
total_vul = len(all_inspec_data)
inspec_failed = len(
all_inspec_data.filter(controls_results_status="Failed"))
inspec_passed = len(
all_inspec_data.filter(controls_results_status="Passed"))
inspec_skipped = len(
all_inspec_data.filter(controls_results_status="Skipped"))
total_duplicate = len(all_inspec_data.filter(vuln_duplicate='Yes'))
inspec_scan_db.objects.filter(scan_id=scan_id).update(
total_vuln=total_vul,
inspec_failed=inspec_failed,
inspec_passed=inspec_passed,
inspec_skipped=inspec_skipped,
total_dup=total_duplicate)
def inspec_report_json(data, project_id, scan_id, username):
"""
:param data:
:param project_id:
:param scan_id:
:return:
"""
global controls_results_message, status
vul_col = 'info'
for key, value in data.items():
if key == 'profiles':
for profile in value:
controls = profile['controls']
for con in controls:
controls_id = con['id']
controls_title = con['title']
controls_desc = con['desc']
controls_descriptions = ""
try:
controls_descriptions = con['descriptions'][0]['data']
except:
controls_descriptions = controls_desc
controls_impact = con['impact']
controls_refs = con['refs']
try:
controls_tags_severity = con['tags']['severity']
except:
controls_tags_severity= "INFO"
try:
controls_tags_cis_id = con['tags']['severity']
except:
controls_tags_cis_id= "None"
try:
controls_tags_cis_control = con['tags']['cis_control']
except:
controls_tags_cis_control= "None"
try:
controls_tags_cis_level = con['tags']['cis_level']
except:
controls_tags_cis_level= "None"
try:
controls_tags_audit = con['tags']['audit text']
except:
controls_tags_audit= "None"
try:
controls_tags_fix = con['tags']['fix']
except:
controls_tags_fix= "None"
controls_code = con['code']
controls_source_location = con['source_location']['line']
for res in con['results']:
controls_results_status = res['status']
controls_results_code_desc = res['code_desc']
controls_results_run_time = res['run_time']
controls_results_start_time = res['start_time']
for key, value in res.items():
if key == 'message':
controls_results_message = value
if controls_results_status == "failed":
vul_col = "danger"
status = "Failed"
elif controls_results_status == 'passed':
vul_col = "warning"
status = "Passed"
elif controls_results_status == 'skipped':
vul_col = "info"
status = "Skipped"
vul_id = uuid.uuid4()
save_all = inspec_scan_results_db(
scan_id=scan_id,
project_id=project_id,
vul_col=vul_col,
vuln_id=vul_id,
controls_id=controls_id,
controls_title=controls_title,
controls_desc=controls_desc,
controls_descriptions=controls_descriptions,
controls_impact=controls_impact,
controls_refs=controls_refs,
controls_tags_severity=controls_tags_severity,
controls_tags_cis_id=controls_tags_cis_id,
controls_tags_cis_control=controls_tags_cis_control,
controls_tags_cis_level=controls_tags_cis_level,
controls_tags_audit=controls_tags_audit,
controls_tags_fix=controls_tags_fix,
controls_code=controls_code,
controls_source_location=controls_source_location,
controls_results_status=status,
controls_results_code_desc=controls_results_code_desc,
controls_results_run_time=controls_results_run_time,
controls_results_start_time=controls_results_start_time,
controls_results_message=controls_results_message,
username=username,
)
save_all.save()
all_inspec_data = inspec_scan_results_db.objects.filter(username=username, scan_id=scan_id)
total_vul = len(all_inspec_data)
inspec_failed = len(all_inspec_data.filter(controls_results_status="Failed"))
inspec_passed = len(all_inspec_data.filter(controls_results_status="Passed"))
inspec_skipped = len(all_inspec_data.filter(controls_results_status="Skipped"))
total_duplicate = len(all_inspec_data.filter(vuln_duplicate='Yes'))
inspec_scan_db.objects.filter(username=username, scan_id=scan_id).update(
total_vuln=total_vul,
inspec_failed=inspec_failed,
inspec_passed=inspec_passed,
inspec_skipped=inspec_skipped,
total_dup=total_duplicate
)
subject = 'Archery Tool Scan Status - Inspec Report Uploaded'
message = 'Inspec Scanner has completed the scan ' \
' %s <br> Total: %s <br>Failed: %s <br>' \
'failed: %s <br>Skipped %s' % (scan_id, total_vul, inspec_failed, inspec_failed, inspec_skipped)
email_sch_notify(subject=subject, message=message)