def get_ciscat_results(agent_list=None, offset=0, limit=common.database_limit, select=None, search=None, sort=None,
filters=None, nested=True, array=True, q=''):
""" Get CIS-CAT results for a list of agents
:param agent_list: list of Agent ID to get scan results from. Currently, only first item will be considered
:param offset: First element to return in the collection
:param limit: Maximum number of elements to return
:param select: Select which fields to return
:param search: Looks for items with the specified string. Begins with '-' for a complementary search
:param sort: Sorts the items. Format: {"fields":["field1","field2"],"order":"asc|desc"}
:param filters: Fields to filter by
:param nested: Nested fields
:param array: Array
:param q: Defines query to filter in DB.
:return: AffectedItemsWazuhResult
"""
result = AffectedItemsWazuhResult(
all_msg='All CISCAT results were returned',
some_msg='Some CISCAT results were not returned',
none_msg='No CISCAT results were returned',
sort_fields=['agent_id'] if sort is None else sort['fields'],
sort_casting=['str'],
sort_ascending=[sort['order'] == 'asc' for _ in sort['fields']] if sort is not None else ['True']
)
valid_select_fields = {'scan.id': 'scan_id', 'scan.time': 'scan_time', 'benchmark': 'benchmark',
'profile': 'profile', 'pass': '******', 'fail': 'fail', 'error': 'error',
'notchecked': 'notchecked', 'unknown': 'unknown', 'score': 'score'}
table = 'ciscat_results'
system_agents = get_agents_info()
for agent in agent_list:
try:
if agent not in system_agents:
raise WazuhResourceNotFound(1701)
db_query = WazuhDBQuerySyscollector(agent_id=agent, offset=offset, limit=limit, select=select,
search=search,
sort=sort, filters=filters, fields=valid_select_fields, table=table,
array=array, nested=nested, query=q)
data = db_query.run()
if len(data['items']) > 0:
for item in data['items']:
item['agent_id'] = agent
result.affected_items.append(item)
result.total_affected_items += data['totalItems']
except WazuhResourceNotFound as e:
result.add_failed_item(id_=agent, error=e)
result.affected_items = merge(*[[res] for res in result.affected_items],
criteria=result.sort_fields,
ascending=result.sort_ascending,
types=result.sort_casting)
return result
def get_item_agent(agent_list, offset=0, limit=common.database_limit, select=None, search=None, sort=None, filters=None,
q='', array=True, nested=True, element_type='os'):
""" Get syscollector information about a list of agents.
:param agent_list: List of agents ID's.
:param offset: First item to return.
:param limit: Maximum number of items to return.
:param sort: Sorts the items. Format: {"fields":["field1","field2"],"order":"asc|desc"}.
:param select: Select fields to return. Format: {"fields":["field1","field2"]}.
:param search: Looks for items with the specified string. Format: {"fields": ["field1","field2"]}
:param q: Defines query to filter in DB.
:param filters: Fields to filter by
:param nested: Nested fields
:param array: Array
:param element_type: Type of element to get syscollector information from
:return: AffectedItemsWazuhResult
"""
result = AffectedItemsWazuhResult(
none_msg='No syscollector information was returned',
some_msg='Some syscollector information was not returned',
all_msg='All specified syscollector information was returned',
sort_fields=['agent_id'] if sort is None else sort['fields'],
sort_casting=['str'],
sort_ascending=[sort['order'] == 'asc' for _ in sort['fields']] if sort is not None else ['True']
)
for agent in agent_list:
try:
if agent not in get_agents_info():
raise WazuhResourceNotFound(1701)
table, valid_select_fields = get_valid_fields(Type(element_type), agent_id=agent)
db_query = WazuhDBQuerySyscollector(agent_id=agent, offset=offset, limit=limit, select=select,
search=search,
sort=sort, filters=filters, fields=valid_select_fields, table=table,
array=array, nested=nested, query=q)
data = db_query.run()
for item in data['items']:
item['agent_id'] = agent
result.affected_items.append(item)
result.total_affected_items += data['totalItems']
except WazuhResourceNotFound as e:
result.add_failed_item(id_=agent, error=e)
result.affected_items = merge(*[[res] for res in result.affected_items],
criteria=result.sort_fields,
ascending=result.sort_ascending,
types=result.sort_casting)
return result
def test_results_merge(iterables, criteria, ascending, types, expected_result):
"""Test function `merge` from module results.
Parameters
----------
iterables : list(list) or tuple(list)
List of lists to be merged.
criteria : list(str) or tuple(str)
Expressions accepted by the `nested_itemgetter` function.
ascending : list(bool) or tuple(bool)
True for ascending, False otherwise.
types : list(str) or tuple(str)
Must fit a class in builtins.
expected_result : list(str)
Expected results after merge.
"""
assert merge(*iterables, criteria=criteria, ascending=ascending, types=types) == expected_result