def _run_scan(scan_def_id, owner_id, eta=None): scan_def = get_object_or_404(ScanDefinition, id=scan_def_id) if scan_def.engine: engine = scan_def.engine else: engines = EngineInstance.objects.filter(engine=scan_def.engine_type) if engines.count() > 0: engine = random.choice(engines) else: engine = None scan = Scan.objects.create( scan_definition=scan_def, title=scan_def.title, status="created", engine=engine, engine_type=scan_def.engine_type, engine_policy=scan_def.engine_policy, owner=User.objects.get(id=owner_id) ) scan.save() assets_list = [] for asset in scan_def.assets_list.all(): scan.assets.add(asset) assets_list.append({ "id": asset.id, "value": asset.value.strip(), "criticity": asset.criticity, "datatype": asset.type }) # append assets related to the asset groups for assetgroup in scan_def.assetgroups_list.all(): for a in assetgroup.assets.all(): scan.assets.add(a) assets_list.append({ "id": a.id, "value": a.value.strip(), "criticity": a.criticity, "datatype": a.type }) if not engine: scan.status = "error" scan.started_at = datetime.now() # todo: check timezone scan.finished_at = datetime.now() # todo: check timezone scan.save() return False parameters = { "scan_definition_id": scan_def.id, "scan_params": { "assets": assets_list, "options": scan.engine_policy.options, "engine_id": engine.id, "scan_id": scan.id}, "engine_id": engine.id, "engine_name": str(scan.engine_type.name).lower(), "owner_id": owner_id } scan_options = { "args": [parameters], "queue": 'scan-'+scan.engine_type.name.lower(), "routing_key": 'scan.'+scan.engine_type.name.lower(), "retry": False, "countdown": 1 } if eta is not None: scan_options.update({"eta": eta}) # enqueue the task in the right queue resp = startscan_task.apply_async(**scan_options) scan.status = "enqueued" scan.task_id = uuid.UUID(str(resp)) scan.save() return scan
def _run_scan(scan_def_id, owner_id, eta=None): scan_def = get_object_or_404(ScanDefinition, id=scan_def_id) AuditLog.objects.create(message="Scan '{}' started".format(scan_def), scope='engine', type='scan_run', owner=get_user_model().objects.get(id=owner_id), request_context=inspect.stack()) engine = None if scan_def.engine: engine = scan_def.engine else: engines = EngineInstance.objects.filter(engine=scan_def.engine_type) if engines.count() > 0: engine = random.choice(engines) scan = Scan.objects.create(scan_definition=scan_def, title=scan_def.title, status="created", engine=engine, engine_type=scan_def.engine_type, engine_policy=scan_def.engine_policy, owner=get_user_model().objects.get(id=owner_id)) scan.save() if engine is None: scan.status = "error" scan.started_at = timezone.now() scan.finished_at = timezone.now() scan.save() Event.objects.create( message="[RunScan] No engine '{}' available. Scan aborted.".format( scan_def.engine_type), type="ERROR", severity="ERROR", scan=scan) return False # to be removed assets_list = [] for asset in scan_def.assets_list.all(): scan.assets.add(asset) assets_list.append({ "id": asset.id, "value": asset.value.strip(), "criticity": asset.criticity, "datatype": asset.type }) # append assets related to the asset groups for assetgroup in scan_def.assetgroups_list.all(): for a in assetgroup.assets.all(): scan.assets.add(a) assets_list.append({ "id": a.id, "value": a.value.strip(), "criticity": a.criticity, "datatype": a.type }) for taggroup in scan_def.taggroups_list.all(): for a in taggroup.asset_set.all(): scan.assets.add(a) assets_list.append({"id": a.id, "value": a.value.strip()}) parameters = { "scan_definition_id": scan_def.id, "scan_params": { "assets": assets_list, "options": scan.engine_policy.options, "engine_id": engine.id, "scan_id": scan.id }, "engine_id": engine.id, "engine_name": str(scan.engine_type.name).lower(), "owner_id": owner_id } scan_options = { "args": [parameters], "queue": 'scan', "retry": False, "countdown": 1, "ignore_result": True } if eta is not None: scan_options.update({"eta": eta, "countdown": None}) # enqueue the task in the right queue resp = startscan_task.apply_async(**scan_options) scan.status = "enqueued" scan.task_id = uuid.UUID(str(resp)) scan.save() Event.objects.create(message="[RunScan] Scan started (enqueued).", type="INFO", severity="INFO", scan=scan) return True