Class: Nexpose::Site
Overview
Configuration object representing a Nexpose site.
For a basic walk-through, see https://github.com/rapid7/nexpose-client/wiki/Using-Sites
Instance Attribute Summary collapse
-
#alerts ⇒ Object
- Array
-
Collection of real-time alerts.
-
#assets ⇒ Object
- Array
-
Collection of assets.
-
#config_version ⇒ Object
Configuration version.
-
#credentials ⇒ Object
- Array
-
Collection of credentials associated with this site.
-
#description ⇒ Object
Description of the site.
-
#engine ⇒ Object
Scan Engine to use.
-
#exclude ⇒ Object
- Array
-
Collection of excluded assets.
-
#id ⇒ Object
The site ID.
-
#is_dynamic ⇒ Object
Whether or not this site is dynamic.
-
#name ⇒ Object
Unique name of the site.
-
#organization ⇒ Object
Information about the organization that this site belongs to.
-
#risk_factor ⇒ Object
The risk factor associated with this site.
-
#scan_template ⇒ Object
Scan template to use when starting a scan job.
-
#scan_template_name ⇒ Object
Friendly name of scan template to use when starting a scan job.
-
#schedules ⇒ Object
- Array
-
Schedule starting dates and times for scans, and set their frequency.
-
#users ⇒ Object
- Array
-
List of user IDs for users who have access to the site.
Class Method Summary collapse
-
.copy(connection, id) ⇒ Site
Copy an existing configuration from a Nexpose instance.
-
.load(connection, id) ⇒ Site
Load an existing configuration from a Nexpose instance.
-
.parse(rexml) ⇒ Site
Parse a response from a Nexpose console into a valid Site object.
Instance Method Summary collapse
-
#add_asset(asset) ⇒ Object
Adds an asset to this site, resolving whether an IP or hostname is provided.
-
#add_host(hostname) ⇒ Object
Adds an asset to this site by host name.
-
#add_ip(ip) ⇒ Object
Adds an asset to this site by IP address.
-
#add_ip_range(from, to) ⇒ Object
Adds assets to this site by IP address range.
-
#as_xml ⇒ String
Generate an XML representation of this site configuration.
-
#delete(connection) ⇒ Boolean
Delete this site from a Nexpose console.
-
#dynamic? ⇒ Boolean
Returns true when the site is dynamic.
-
#initialize(name = nil, scan_template = 'full-audit') ⇒ Site
constructor
Site constructor.
-
#save(connection) ⇒ Fixnum
Saves this site to a Nexpose console.
-
#scan(connection, sync_id = nil) ⇒ Scan
Scan this site.
- #to_xml ⇒ Object
Methods included from Sanitize
Constructor Details
#initialize(name = nil, scan_template = 'full-audit') ⇒ Site
Site constructor. Both arguments are optional.
135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 |
# File 'lib/nexpose/site.rb', line 135 def initialize(name = nil, scan_template = 'full-audit') @name = name @scan_template = scan_template @id = -1 @risk_factor = 1.0 @config_version = 3 @is_dynamic = false @assets = [] @schedules = [] @credentials = [] @alerts = [] @exclude = [] @users = [] end |
Instance Attribute Details
#alerts ⇒ Object
- Array
-
Collection of real-time alerts.
114 115 116 |
# File 'lib/nexpose/site.rb', line 114 def alerts @alerts end |
#assets ⇒ Object
- Array
-
Collection of assets. May be IPv4, IPv6, or DNS names.
84 85 86 |
# File 'lib/nexpose/site.rb', line 84 def assets @assets end |
#config_version ⇒ Object
Configuration version. Default: 3
124 125 126 |
# File 'lib/nexpose/site.rb', line 124 def config_version @config_version end |
#credentials ⇒ Object
- Array
-
Collection of credentials associated with this site. Does not
include shared credentials.
107 108 109 |
# File 'lib/nexpose/site.rb', line 107 def credentials @credentials end |
#description ⇒ Object
Description of the site.
79 80 81 |
# File 'lib/nexpose/site.rb', line 79 def description @description end |
#engine ⇒ Object
Scan Engine to use. Will use the default engine if nil or -1.
97 98 99 |
# File 'lib/nexpose/site.rb', line 97 def engine @engine end |
#exclude ⇒ Object
- Array
-
Collection of excluded assets. May be IPv4, IPv6, or DNS names.
87 88 89 |
# File 'lib/nexpose/site.rb', line 87 def exclude @exclude end |
#id ⇒ Object
The site ID. An ID of -1 is used to designate a site that has not been saved to a Nexpose console.
73 74 75 |
# File 'lib/nexpose/site.rb', line 73 def id @id end |
#is_dynamic ⇒ Object
Whether or not this site is dynamic. Dynamic sites are created through Asset Discovery Connections. Modifying their behavior through the API is not recommended.
129 130 131 |
# File 'lib/nexpose/site.rb', line 129 def is_dynamic @is_dynamic end |
#name ⇒ Object
Unique name of the site. Required.
76 77 78 |
# File 'lib/nexpose/site.rb', line 76 def name @name end |
#organization ⇒ Object
Information about the organization that this site belongs to. Used by some reports.
118 119 120 |
# File 'lib/nexpose/site.rb', line 118 def organization @organization end |
#risk_factor ⇒ Object
The risk factor associated with this site. Default: 1.0
103 104 105 |
# File 'lib/nexpose/site.rb', line 103 def risk_factor @risk_factor end |
#scan_template ⇒ Object
Scan template to use when starting a scan job. Default: full-audit
90 91 92 |
# File 'lib/nexpose/site.rb', line 90 def scan_template @scan_template end |
#scan_template_name ⇒ Object
Friendly name of scan template to use when starting a scan job. Value is populated when a site is saved or loaded from a console.
94 95 96 |
# File 'lib/nexpose/site.rb', line 94 def scan_template_name @scan_template_name end |
#schedules ⇒ Object
- Array
-
Schedule starting dates and times for scans, and set their frequency.
100 101 102 |
# File 'lib/nexpose/site.rb', line 100 def schedules @schedules end |
#users ⇒ Object
- Array
-
List of user IDs for users who have access to the site.
121 122 123 |
# File 'lib/nexpose/site.rb', line 121 def users @users end |
Class Method Details
.copy(connection, id) ⇒ Site
Copy an existing configuration from a Nexpose instance. Returned object will reset the site ID and append “Copy” to the existing name.
217 218 219 220 221 222 |
# File 'lib/nexpose/site.rb', line 217 def self.copy(connection, id) site = self.load(connection, id) site.id = -1 site.name = "#{site.name} Copy" site end |
.load(connection, id) ⇒ Site
Load an existing configuration from a Nexpose instance.
203 204 205 206 207 |
# File 'lib/nexpose/site.rb', line 203 def self.load(connection, id) r = APIRequest.execute(connection.url, %(<SiteConfigRequest session-id="#{connection.session_id}" site-id="#{id}"/>)) parse(r.res) end |
.parse(rexml) ⇒ Site
Parse a response from a Nexpose console into a valid Site object.
325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 |
# File 'lib/nexpose/site.rb', line 325 def self.parse(rexml) rexml.elements.each('SiteConfigResponse/Site') do |s| site = Site.new(s.attributes['name']) site.id = s.attributes['id'].to_i site.description = s.attributes['description'] site.risk_factor = s.attributes['riskfactor'] || 1.0 site.is_dynamic = true if s.attributes['isDynamic'] == '1' s.elements.each('Users/user') do |user| site.users << user.attributes['id'].to_i end s.elements.each('Organization') do |org| site.organization = Organization.parse(org) end s.elements.each('Hosts/range') do |r| site.assets << IPRange.new(r.attributes['from'], r.attributes['to']) end s.elements.each('Hosts/host') do |host| site.assets << HostName.new(host.text) end s.elements.each('ExcludedHosts/range') do |r| site.exclude << IPRange.new(r.attributes['from'], r.attributes['to']) end s.elements.each('ExcludedHosts/host') do |host| site.exclude << HostName.new(host.text) end s.elements.each('Credentials/adminCredentials') do |cred| site.credentials << Credential.parse(cred) end s.elements.each('ScanConfig') do |scan_config| site.scan_template_name = scan_config.attributes['name'] site.scan_template = scan_config.attributes['templateID'] site.config_version = scan_config.attributes['configVersion'].to_i site.engine = scan_config.attributes['engineID'].to_i scan_config.elements.each('Schedules/Schedule') do |schedule| site.schedules << Schedule.parse(schedule) end end s.elements.each('Alerting/Alert') do |alert| site.alerts << Alert.parse(alert) end return site end nil end |
Instance Method Details
#add_asset(asset) ⇒ Object
Adds an asset to this site, resolving whether an IP or hostname is provided.
183 184 185 186 187 188 189 190 191 192 193 194 195 |
# File 'lib/nexpose/site.rb', line 183 def add_asset(asset) begin # If the asset registers as a valid IP, store as IP. ip = IPAddr.new(asset) add_ip(asset) rescue ArgumentError => e if e. == 'invalid address' add_host(asset) else raise "Unable to parse asset: '#{asset}'. #{e.message}" end end end |
#add_host(hostname) ⇒ Object
Adds an asset to this site by host name.
159 160 161 |
# File 'lib/nexpose/site.rb', line 159 def add_host(hostname) @assets << HostName.new(hostname) end |
#add_ip(ip) ⇒ Object
Adds an asset to this site by IP address.
166 167 168 |
# File 'lib/nexpose/site.rb', line 166 def add_ip(ip) @assets << IPRange.new(ip) end |
#add_ip_range(from, to) ⇒ Object
Adds assets to this site by IP address range.
174 175 176 |
# File 'lib/nexpose/site.rb', line 174 def add_ip_range(from, to) @assets << IPRange.new(from, to) end |
#as_xml ⇒ String
Generate an XML representation of this site configuration
266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 |
# File 'lib/nexpose/site.rb', line 266 def as_xml xml = REXML::Element.new('Site') xml.attributes['id'] = @id xml.attributes['name'] = @name xml.attributes['description'] = @description xml.attributes['riskfactor'] = @risk_factor unless @users.empty? elem = REXML::Element.new('Users') @users.each { |user| elem.add_element('user', { 'id' => user }) } xml.add_element(elem) end xml.add_element(@organization.as_xml) if @organization elem = REXML::Element.new('Hosts') @assets.each { |a| elem.add_element(a.as_xml) } xml.add_element(elem) elem = REXML::Element.new('ExcludedHosts') @exclude.each { |e| elem.add_element(e.as_xml) } xml.add_element(elem) unless credentials.empty? elem = REXML::Element.new('Credentials') @credentials.each { |c| elem.add_element(c.as_xml) } xml.add_element(elem) end unless alerts.empty? elem = REXML::Element.new('Alerting') alerts.each { |a| elem.add_element(a.as_xml) } xml.add_element(elem) end elem = REXML::Element.new('ScanConfig') elem.add_attributes({ 'configID' => @id, 'name' => @scan_template_name || @scan_template, 'templateID' => @scan_template, 'configVersion' => @config_version || 3, 'engineID' => @engine }) sched = REXML::Element.new('Schedules') @schedules.each { |s| sched.add_element(s.as_xml) } elem.add_element(sched) xml.add_element(elem) xml end |
#delete(connection) ⇒ Boolean
Delete this site from a Nexpose console.
239 240 241 242 |
# File 'lib/nexpose/site.rb', line 239 def delete(connection) r = connection.execute(%(<SiteDeleteRequest session-id="#{connection.session_id}" site-id="#{@id}"/>)) r.success end |
#dynamic? ⇒ Boolean
Returns true when the site is dynamic.
152 153 154 |
# File 'lib/nexpose/site.rb', line 152 def dynamic? is_dynamic end |
#save(connection) ⇒ Fixnum
Saves this site to a Nexpose console.
229 230 231 232 |
# File 'lib/nexpose/site.rb', line 229 def save(connection) r = connection.execute('<SiteSaveRequest session-id="' + connection.session_id + '">' + to_xml + ' </SiteSaveRequest>') @id = r.attributes['site-id'].to_i if r.success end |
#scan(connection, sync_id = nil) ⇒ Scan
Scan this site.
250 251 252 253 254 255 256 257 258 |
# File 'lib/nexpose/site.rb', line 250 def scan(connection, sync_id = nil) xml = REXML::Element.new('SiteScanRequest') xml.add_attributes({ 'session-id' => connection.session_id, 'site-id' => @id, 'sync-id' => sync_id }) response = connection.execute(xml, '1.1', timeout: 60) Scan.parse(response.res) if response.success end |
#to_xml ⇒ Object
315 316 317 |
# File 'lib/nexpose/site.rb', line 315 def to_xml as_xml.to_s end |