Class: Nexpose::Alert

Inherits:

Object

• Object
• Nexpose::Alert

Defined in:

lib/nexpose/alert.rb

Overview

Alert parent object. The three alert types should be wrapped in this object to store data.

Instance Attribute Summary

• #enabled ⇒ Object

  Whether or not this alert is currently active.

• #max_alerts ⇒ Object

  Send at most this many alerts per scan.

• #name ⇒ Object

  Name for this alert.

• #scan_filter ⇒ Object

  Send alerts based upon scan status.

• #type ⇒ Object

  Alert type and its configuration.

• #vuln_filter ⇒ Object

  Send alerts based upon vulnerability finding status.

Class Method Summary

• .parse(rexml) ⇒ Alert

  Parse a response from a Nexpose console into a valid Alert object.

Instance Method Summary

• #initialize(name, enabled = 1, max_alerts = -1)) ⇒ Alert constructor

  A new instance of Alert.

• #to_xml ⇒ Object

Constructor Details

#initialize(name, enabled = 1, max_alerts = -1)) ⇒ Alert

Returns a new instance of Alert.

# File 'lib/nexpose/alert.rb', line 21

def initialize(name, enabled = 1, max_alerts = -1)
  @name, @enabled, @max_alerts = name, enabled, max_alerts
end

Instance Attribute Details

#enabled ⇒ Object

Whether or not this alert is currently active.

# File 'lib/nexpose/alert.rb', line 11

def enabled
  @enabled
end

#max_alerts ⇒ Object

Send at most this many alerts per scan.

# File 'lib/nexpose/alert.rb', line 13

def max_alerts
  @max_alerts
end

#name ⇒ Object

Name for this alert.

# File 'lib/nexpose/alert.rb', line 9

def name
  @name
end

#scan_filter ⇒ Object

Send alerts based upon scan status.

# File 'lib/nexpose/alert.rb', line 15

def scan_filter
  @scan_filter
end

#type ⇒ Object

Alert type and its configuration. One of SMTPAlert, SyslogAlert, SNMPAlert

# File 'lib/nexpose/alert.rb', line 19

def type
  @type
end

#vuln_filter ⇒ Object

Send alerts based upon vulnerability finding status.

# File 'lib/nexpose/alert.rb', line 17

def vuln_filter
  @vuln_filter
end

Class Method Details

.parse(rexml) ⇒ Alert

Parse a response from a Nexpose console into a valid Alert object.

Parameters:

• rexml (REXML::Document) —

  XML document to parse.

Returns:

• (Alert) —

  Alert object represented by the XML.

# File 'lib/nexpose/alert.rb', line 42

def self.parse(rexml)
  name = rexml.attributes['name']
  rexml.elements.each("//Alert[@name='#{name}']") do |xml|
    alert = new(name,
                xml.attributes['enabled'].to_i,
                xml.attributes['maxAlerts'].to_i)
    alert.scan_filter = ScanFilter.parse(REXML::XPath.first(xml, "//Alert[@name='#{name}']/scanFilter"))
    alert.vuln_filter = VulnFilter.parse(REXML::XPath.first(xml, "//Alert[@name='#{name}']/vulnFilter"))
    if (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/smtpAlert"))
      alert.type = SMTPAlert.parse(type)
    elsif (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/syslogAlert"))
      alert.type = SyslogAlert.parse(type)
    elsif (type = REXML::XPath.first(xml, "//Alert[@name='#{name}']/snmpAlert"))
      alert.type = SNMPAlert.parse(type)
    end
    return alert
  end
  nil
end

Instance Method Details

#to_xml ⇒ Object

# File 'lib/nexpose/alert.rb', line 25

def to_xml
  xml = '<Alert'
  xml << %( name="#{@name}")
  xml << %( enabled="#{@enabled}")
  xml << %( maxAlerts="#{@max_alerts}")
  xml << '>'
  xml << scan_filter.to_xml
  xml << vuln_filter.to_xml
  xml << type.to_xml
  xml << '</Alert>'
end