def update_assets(self, mock_api):
mock_api().get_assets.return_value = self.hosts
mock_api().get_users.return_value = self.users
_update_assets(self.config_id)
self.assertEqual(2, Search().index(AssetDocument.Index.name).count())
self.assertEqual(AssetDocument.search().filter('term', ip_address='10.0.0.23').count(), 1)
self.assertEqual(AssetDocument.search().filter('term', ip_address='10.0.0.25').count(), 1)
_update_assets(self.config_id)
self.assertEqual(2, Search().index(AssetDocument.Index.name).count())
def main():
print('Download CVEs')
group(update_cwe.si() | group(
update_cve.si(year) for year in range(START_YEAR,
datetime.now().year + 1))
| update_exploits.si())().get()
print('Update Assets')
_update_assets(RalphConfig.objects.first().pk)
asset_search = AssetDocument.search()
times = 0
while asset_search.count() == 0:
print('Assets count still 0, waiting...')
time.sleep(1)
if times > 4:
print('Unable to count assets, exiting...')
exit(1)
times += 1
asset_count = asset_search.count()
# Draw enough unique CVEs to make them min 4 times more than there are hosts
cve_sets = get_cve_sets(asset_count)
# draw as many as there will be 130 on average per host
generate_vulns(asset_count, asset_search, cve_sets)
start_processing()
def test_update_discovered_asset(self):
asset = AssetDocument.get_or_create('10.0.0.1')
self.assertEqual(asset.tags, [AssetStatus.DISCOVERED])
self.assertEqual(1, Search().index(AssetDocument.Index.name).count())
asset = AssetDocument(ip_address='10.0.0.1',
os='Windows',
id=1,
confidentiality_requirement='NOT_DEFINED',
integrity_requirement='NOT_DEFINED',
availability_requirement='NOT_DEFINED',
hostname='hostname_1')
AssetDocument.create_or_update({asset.id: asset}, AssetConfigMock())
thread_pool_executor.wait_for_all()
self.assertEqual(1, Search().index(AssetDocument.Index.name).count())
result = AssetDocument.search().filter(
'term', ip_address='10.0.0.1').execute()
uut = result.hits[0]
self.assertEqual(uut.os, 'Windows')
self.assertEqual(uut.ip_address, '10.0.0.1')
self.assertEqual(uut.hostname, 'hostname_1')
self.assertEqual(uut.tags, [])
def test_document(self):
self.create_asset(ip_address='10.10.10.1')
result = AssetDocument.search().filter(
'term', ip_address='10.10.10.1').execute()
self.assertEqual(len(result.hits), 1)
uut = result.hits[0]
self.assertEqual(uut.os, 'Windows')
self.assertEqual(uut.confidentiality_requirement.name, Impact.LOW.name)
self.assertEqual(uut.integrity_requirement.name, Impact.LOW.name)
self.assertEqual(uut.availability_requirement.name, Impact.LOW.name)
self.assertEqual(uut.confidentiality_requirement.second_value,
Impact.LOW.second_value)
self.assertEqual(uut.integrity_requirement.second_value,
Impact.LOW.second_value)
self.assertEqual(uut.availability_requirement.second_value,
Impact.LOW.second_value)
self.assertEqual(uut.business_owner, [{
'name': 'bo_name',
'email': '*****@*****.**',
'department': 'department',
'team': ['team']
}])
self.assertEqual(uut.technical_owner, [{
'name': 'to_name',
'email': '*****@*****.**',
'department': 'department',
'team': ['team']
}])
self.assertEqual(uut.hostname, 'test-hostname')
self.assertTrue(uut.created_date)
self.assertEqual(uut.tags, [])
self.assertTrue(uut.modified_date)
def start_processing_per_tenant(vulnerability_index: str, asset_index: str):
LOGGER.info(
F'Calculation for {vulnerability_index} and {asset_index} started')
try:
assets_count = AssetDocument.search(index=asset_index).filter(
~Q('match', tags=AssetStatus.DELETED)).count()
vuln_search = VulnerabilityDocument.search(
index=vulnerability_index).filter(
~Q('match', tags=VulnerabilityStatus.FIXED)
& ~Q('match', asset__tags=AssetStatus.DELETED))
prepare(vulnerability_index)
workers_count = get_workers_count()
vuln_count = vuln_search.count()
slices_count = 1
if vuln_count > 500:
slices_count = vuln_count // workers_count
slices_count = slices_count if slices_count <= workers_count else workers_count
(group(
_processing.si(idx, slices_count, assets_count,
vulnerability_index) for idx in range(slices_count))
| _end_processing.si(vulnerability_index, asset_index))()
except Exception as ex:
LOGGER.error(F'Unknown processing exception {ex}')
def test_delete_asset(self):
asset_1 = self.create_asset(asset_id=1,
ip_address='10.0.0.1',
hostname='hostname_1')
asset_2 = self.create_asset(asset_id=2,
ip_address='10.0.0.2',
hostname='hostname_2')
self.assertEqual(2, Search().index(AssetDocument.Index.name).count())
AssetDocument.create_or_update({asset_1.id: asset_1},
AssetConfigMock())
thread_pool_executor.wait_for_all()
result = AssetDocument.search().filter(
Q('match', tags=AssetStatus.DELETED)).execute()
self.assertEqual(1, len(result.hits))
self.assertEqual(result.hits[0].ip_address, asset_2.ip_address)
self.assertEqual(result.hits[0].id, asset_2.id)
def test_update_asset(self):
asset_tenant_1 = self.create_asset(self.config_tenant_1.name)
asset_tenant_2 = self.create_asset(self.config_tenant_2.name)
AssetDocument.create_or_update({asset_tenant_1.id: asset_tenant_1},
self.config_tenant_1)
AssetDocument.create_or_update({asset_tenant_2.id: asset_tenant_2},
self.config_tenant_2)
thread_pool_executor.wait_for_all()
asset_tenant_1 = self.create_asset(self.config_tenant_1.name)
asset_tenant_1.hostname = 'tenant-test'
AssetDocument.create_or_update({asset_tenant_1.id: asset_tenant_1},
self.config_tenant_1)
thread_pool_executor.wait_for_all()
result = AssetDocument.search(index='test.tenant.asset').filter(
'term', ip_address='10.10.10.1').execute()
self.assertEqual(1, len(result.hits))
self.assertEqual(result.hits[0].ip_address, '10.10.10.1')
self.assertEqual(result.hits[0].hostname, 'tenant-test')