Class: Sourcefire::ReportOps

Inherits:

Object

• Object
• Sourcefire::ReportOps

Includes:

Nexpose

Defined in:

lib/sourcefire/nexpose_helper.rb

Instance Method Summary

• #ad_hoc_report_request(query, site_ids, save_file, report_config = Nexpose::AdhocReportConfig.new(nil, 'sql')) ⇒ Object
• #generate_sourcefire_nexpose_report(report_file, sites_to_query = nil) ⇒ Object
• #login(url = nil, username = nil, password = nil, timeout = nil, port = nil) ⇒ Object

  Logs in to Nexpose using the url, username and password.

• #site_id_listing ⇒ Object
• #vulnerability_listing ⇒ Object

Instance Method Details

#ad_hoc_report_request(query, site_ids, save_file, report_config = Nexpose::AdhocReportConfig.new(nil, 'sql')) ⇒ Object

# File 'lib/sourcefire/nexpose_helper.rb', line 39

def ad_hoc_report_request(query, site_ids, save_file, report_config = Nexpose::AdhocReportConfig.new(nil, 'sql'))
  @log.log_message("Setting up Ad-Hoc query request. Sites to query are <#{site_ids}> and report results file is <#{save_file.path}>.")
  report_config.add_filter('version', '1.1.0')
  report_config.add_filter('query', query)
  site_ids.each { |site_id| report_config.add_filter('site', site_id) }
  @log.log_message('Sending query request to Nexpose...')
  report_output = report_config.generate(@nsc, @timeout)
  @log.log_message("Parsing report response and saving to file <#{save_file.path}>")
  csv_output = CSV.parse(report_output.chomp,  headers: :first_row)
  save_file.puts(csv_output)
end

#generate_sourcefire_nexpose_report(report_file, sites_to_query = nil) ⇒ Object

# File 'lib/sourcefire/nexpose_helper.rb', line 51

def generate_sourcefire_nexpose_report(report_file, sites_to_query=nil)
  sites_to_query = site_id_listing if sites_to_query.nil? || sites_to_query.empty?
  @log.log_message("Generating report on the following sites #{sites_to_query}")
  self.ad_hoc_report_request(Queries.sf_host_vuln_info, sites_to_query, report_file)
end

#login(url = nil, username = nil, password = nil, timeout = nil, port = nil) ⇒ Object

Logs in to Nexpose using the url, username and password.

# File 'lib/sourcefire/nexpose_helper.rb', line 10

def login(url=nil, username=nil, password=nil, timeout=nil, port=nil)
  raise 'Nexpose connection must be set in environment variables.' if url.nil? || username.nil? || password.nil?
  @log = Sourcefire::NxLogger.instance
  @log.log_message('Setting up Nexpose connection...')
  @timeout = timeout
  @nsc = if port != nil 
           Nexpose::Connection.new(url, username, password, port)
         else
           Nexpose::Connection.new(url, username, password) 
         end
  @nsc.login
  @log.log_message('Nexpose connection established.')
  @log.on_connect(url, port || 3780, @nsc.session_id, "{}")
  @nsc
end

#site_id_listing ⇒ Object

# File 'lib/sourcefire/nexpose_helper.rb', line 26

def site_id_listing
  @log.log_message('Generating site ID list...')
  site_ids = Array.new
  @nsc.list_sites.each { |site| site_ids << site.id }
  @log.log_message("Site ID list generation complete. Resulting list is <#{site_ids}>")
  site_ids
end

#vulnerability_listing ⇒ Object

# File 'lib/sourcefire/nexpose_helper.rb', line 34

def vulnerability_listing
  @log.log_message('Generating vulnerability list...')
  @nsc.list_vulns
end