def log_rule_results(self, results, drone, _srcaddr, discoveryobj, discovertype, rulesobj):
'''Log the results of this set of rule evaluations'''
status_name = Drone.bp_discoverytype_result_attrname(discovertype)
if hasattr(drone, status_name):
oldstats = pyConfigContext(getattr(drone, status_name))
else:
oldstats = {'pass': [], 'fail': [], 'ignore': [], 'NA': [], 'score': 0.0}
for stat in ('pass', 'fail', 'ignore', 'NA'):
logmethod = self.log.info if stat == 'pass' else self.log.warning
for ruleid in results[stat]:
oldstat = None
for statold in ('pass', 'fail', 'ignore', 'NA'):
if ruleid in oldstats[statold]:
oldstat = statold
break
if oldstat == stat or stat == 'NA':
# No change
continue
BestPractices.send_rule_event(oldstat, stat, drone, ruleid, rulesobj)
thisrule = rulesobj[ruleid]
rulecategory = thisrule['category']
logmethod('%s %sED %s rule %s: %s [%s]' % (drone,
stat.upper(), rulecategory, ruleid,
self.url(drone, ruleid, rulesobj[ruleid]),
thisrule['rule']))
self.compute_score_updates(discoveryobj, drone, rulesobj, results, oldstats)
setattr(drone, status_name, str(results))
def grab_category_scores(store, categories=None, debug=False):
'''Program to create and return some python Dicts with security scores and totals by category
and totals by drone/category
Categories is None or a list of desired categories.
'''
cypher = '''START drone=node:Drone('*:*') RETURN drone'''
BestPractices(CMAdb.io.config, CMAdb.io, store, CMAdb.log, debug=debug)
dtype_totals = {} # scores organized by (category, discovery-type)
drone_totals = {} # scores organized by (category, discovery-type, drone)
rule_totals = {} # scores organized by (category, discovery-type, rule)
for drone in store.load_cypher_nodes(cypher, Drone):
designation = drone.designation
discoverytypes = drone.bp_discoverytypes_list()
for dtype in discoverytypes:
dattr = Drone.bp_discoverytype_result_attrname(dtype)
statuses = getattr(drone, dattr)
for rule_obj in BestPractices.eval_objects[dtype]:
rulesobj = rule_obj.fetch_rules(drone, None, dtype)
_, scores, rulescores = BestPractices.compute_scores(drone, rulesobj, statuses)
for category in scores:
if category not in categories and categories:
continue
# Accumulate scores by (category, discovery_type)
setup_dict2(dtype_totals, category, dtype)
dtype_totals[category][dtype] += scores[category]
# Accumulate scores by (category, discovery_type, drone)
setup_dict3(drone_totals, category, dtype, designation)
drone_totals[category][dtype][designation] += scores[category]
# Accumulate scores by (category, discovery_type, ruleid)
for ruleid in rulescores[category]:
setup_dict3(rule_totals, category, dtype, ruleid)
rule_totals[category][dtype][ruleid] += rulescores[category][ruleid]
return dtype_totals, drone_totals, rule_totals
