def _run_scan(scan_def_id, owner_id, eta=None):
scan_def = get_object_or_404(ScanDefinition, id=scan_def_id)
if scan_def.engine:
engine = scan_def.engine
else:
engines = EngineInstance.objects.filter(engine=scan_def.engine_type)
if engines.count() > 0:
engine = random.choice(engines)
else:
engine = None
scan = Scan.objects.create(
scan_definition=scan_def,
title=scan_def.title,
status="created",
engine=engine,
engine_type=scan_def.engine_type,
engine_policy=scan_def.engine_policy,
owner=User.objects.get(id=owner_id)
)
scan.save()
assets_list = []
for asset in scan_def.assets_list.all():
scan.assets.add(asset)
assets_list.append({
"id": asset.id,
"value": asset.value.strip(),
"criticity": asset.criticity,
"datatype": asset.type
})
# append assets related to the asset groups
for assetgroup in scan_def.assetgroups_list.all():
for a in assetgroup.assets.all():
scan.assets.add(a)
assets_list.append({
"id": a.id,
"value": a.value.strip(),
"criticity": a.criticity,
"datatype": a.type
})
if not engine:
scan.status = "error"
scan.started_at = datetime.now() # todo: check timezone
scan.finished_at = datetime.now() # todo: check timezone
scan.save()
return False
parameters = {
"scan_definition_id": scan_def.id,
"scan_params": {
"assets": assets_list,
"options": scan.engine_policy.options,
"engine_id": engine.id,
"scan_id": scan.id},
"engine_id": engine.id,
"engine_name": str(scan.engine_type.name).lower(),
"owner_id": owner_id
}
scan_options = {
"args": [parameters],
"queue": 'scan-'+scan.engine_type.name.lower(),
"routing_key": 'scan.'+scan.engine_type.name.lower(),
"retry": False,
"countdown": 1
}
if eta is not None:
scan_options.update({"eta": eta})
# enqueue the task in the right queue
resp = startscan_task.apply_async(**scan_options)
scan.status = "enqueued"
scan.task_id = uuid.UUID(str(resp))
scan.save()
return scan
def _run_scan(scan_def_id, owner_id, eta=None):
scan_def = get_object_or_404(ScanDefinition, id=scan_def_id)
AuditLog.objects.create(message="Scan '{}' started".format(scan_def),
scope='engine',
type='scan_run',
owner=get_user_model().objects.get(id=owner_id),
request_context=inspect.stack())
engine = None
if scan_def.engine:
engine = scan_def.engine
else:
engines = EngineInstance.objects.filter(engine=scan_def.engine_type)
if engines.count() > 0:
engine = random.choice(engines)
scan = Scan.objects.create(scan_definition=scan_def,
title=scan_def.title,
status="created",
engine=engine,
engine_type=scan_def.engine_type,
engine_policy=scan_def.engine_policy,
owner=get_user_model().objects.get(id=owner_id))
scan.save()
if engine is None:
scan.status = "error"
scan.started_at = timezone.now()
scan.finished_at = timezone.now()
scan.save()
Event.objects.create(
message="[RunScan] No engine '{}' available. Scan aborted.".format(
scan_def.engine_type),
type="ERROR",
severity="ERROR",
scan=scan)
return False
# to be removed
assets_list = []
for asset in scan_def.assets_list.all():
scan.assets.add(asset)
assets_list.append({
"id": asset.id,
"value": asset.value.strip(),
"criticity": asset.criticity,
"datatype": asset.type
})
# append assets related to the asset groups
for assetgroup in scan_def.assetgroups_list.all():
for a in assetgroup.assets.all():
scan.assets.add(a)
assets_list.append({
"id": a.id,
"value": a.value.strip(),
"criticity": a.criticity,
"datatype": a.type
})
for taggroup in scan_def.taggroups_list.all():
for a in taggroup.asset_set.all():
scan.assets.add(a)
assets_list.append({"id": a.id, "value": a.value.strip()})
parameters = {
"scan_definition_id": scan_def.id,
"scan_params": {
"assets": assets_list,
"options": scan.engine_policy.options,
"engine_id": engine.id,
"scan_id": scan.id
},
"engine_id": engine.id,
"engine_name": str(scan.engine_type.name).lower(),
"owner_id": owner_id
}
scan_options = {
"args": [parameters],
"queue": 'scan',
"retry": False,
"countdown": 1,
"ignore_result": True
}
if eta is not None:
scan_options.update({"eta": eta, "countdown": None})
# enqueue the task in the right queue
resp = startscan_task.apply_async(**scan_options)
scan.status = "enqueued"
scan.task_id = uuid.UUID(str(resp))
scan.save()
Event.objects.create(message="[RunScan] Scan started (enqueued).",
type="INFO",
severity="INFO",
scan=scan)
return True
