93 lines
3.3 KiB
Python
93 lines
3.3 KiB
Python
from decouple import config
|
|
import yaml
|
|
import requests
|
|
import json
|
|
import pandas as pd
|
|
import time
|
|
from distutils.version import LooseVersion
|
|
|
|
def make_request(url, headers):
|
|
try:
|
|
response = requests.get(url, headers=headers)
|
|
response.raise_for_status()
|
|
except requests.exceptions.HTTPError as errh:
|
|
return "An Http Error occurred:" + repr(errh)
|
|
except requests.exceptions.ConnectionError as errc:
|
|
return "An Error Connecting to the API occurred:" + repr(errc)
|
|
except requests.exceptions.Timeout as errt:
|
|
return "A Timeout Error occurred:" + repr(errt)
|
|
except requests.exceptions.RequestException as err:
|
|
return "An Unknown Error occurred" + repr(err)
|
|
|
|
return response
|
|
|
|
def GatherReportingInfo(DTAPIToken, DTENV,friendlyName):
|
|
|
|
|
|
env = DTENV
|
|
DTAPIToken = DTAPIToken
|
|
|
|
DTAPIURL= env + "/api/v2/securityProblems/11497873967941161718/remediationItems"
|
|
headers = {
|
|
'Content-Type': 'application/json',
|
|
'Authorization': 'Api-Token ' + DTAPIToken
|
|
}
|
|
|
|
|
|
r = make_request(DTAPIURL,headers)
|
|
|
|
df = pd.DataFrame()
|
|
mgmt = pd.DataFrame()
|
|
|
|
for Item in r.json()['remediationItems']:
|
|
row={'Name':Item['name'],'State':Item['vulnerabilityState'],'exposure':Item['assessment']['exposure'],'dataAssets':Item['assessment']['dataAssets'],'firstAffectedTimestamp':time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(Item['firstAffectedTimestamp']/1000))}
|
|
|
|
if 'resolvedTimestamp' in Item.keys():
|
|
row.update({'Resolved':time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(Item['resolvedTimestamp']/1000))})
|
|
|
|
DTAPIURL= env + "/api/v2/entities/" + Item['id']
|
|
r = make_request(DTAPIURL,headers)
|
|
|
|
for tag in r.json()['tags']:
|
|
try:
|
|
row.update({ tag['key']:tag['value']})
|
|
except:
|
|
row.update({ tag['key']:tag['key']})
|
|
|
|
for vulComp in Item['vulnerableComponents']:
|
|
min_version='9.0.0-0'
|
|
for PGI in vulComp['affectedEntities']:
|
|
DTAPIURL= env + "/api/v2/entities/" + PGI
|
|
r = make_request(DTAPIURL,headers)
|
|
|
|
if 'installerVersion' in r.json()['properties']:
|
|
current_version = r.json()['properties']['installerVersion']
|
|
print(current_version)
|
|
if LooseVersion(current_version) < LooseVersion(min_version):
|
|
min_version=current_version
|
|
|
|
|
|
row.update({'vulnerableComponent':vulComp['fileName'],'oldestOneAgent':min_version})
|
|
|
|
|
|
df = df.append(row,ignore_index=True)
|
|
|
|
df.to_csv(friendlyName + 'log4j_vulnerability.csv')
|
|
|
|
with open('./environment.yaml') as file:
|
|
doc = yaml.safe_load(file)
|
|
|
|
for item, doc in doc.items():
|
|
token = dict(doc[2])
|
|
url = dict(doc[1])
|
|
print("Crawling through: " + item)
|
|
print("Check if token exists in environment...")
|
|
if(config(token.get('env-token-name')) != ""):
|
|
print("Gather data, hold on a minute")
|
|
DTTOKEN = config(token.get('env-token-name'))
|
|
DTURL = url.get('env-url')
|
|
|
|
GatherReportingInfo(DTTOKEN,DTURL,item)
|
|
|
|
else:
|
|
print("token not found, skipping " + item) |