Skip to content

Commit

Permalink
Change: Differentiate between audit and scan reports
Browse files Browse the repository at this point in the history 
- usage_type can now be used with get_reports GMP command to get audit/scan reports separately.
- compliance / compliance count is now used for audit reports instead of severity / result count.
  • Loading branch information
@a-h-abdelsalam
a-h-abdelsalam committed Aug 22, 2024
1 parent 14ab614 commit e0f3815
Show file tree
Hide file tree
Showing 4 changed files with 1,166 additions and 352 deletions.
27 changes: 23 additions & 4 deletions src/gmp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5555,6 +5555,14 @@ gmp_xml_handle_start_element (/* unused */ GMarkupParseContext* context,
else
get_reports_data->ignore_pagination = 0;

if (find_attribute (attribute_names, attribute_values,
"usage_type", &attribute))
{
get_data_set_extra (&get_reports_data->report_get,
"usage_type",
attribute);
}

set_client_state (CLIENT_GET_REPORTS);
}
else if (strcasecmp ("GET_REPORT_CONFIGS", element_name) == 0)
Expand Down Expand Up @@ -14818,7 +14826,7 @@ handle_get_reports (gmp_parser_t *gmp_parser, GError **error)
|| (strlen (get_reports_data->report_get.id) == 0))
{
int overrides, min_qod;
gchar *filter, *levels;
gchar *filter, *levels, *compliance_levels;
get_data_t * get;

/* For simplicity, use a fixed result filter when filtering
Expand All @@ -14840,13 +14848,22 @@ handle_get_reports (gmp_parser_t *gmp_parser, GError **error)
overrides = filter_term_apply_overrides (filter ? filter : get->filter);
min_qod = filter_term_min_qod (filter ? filter : get->filter);
levels = filter_term_value (filter ? filter : get->filter, "levels");
compliance_levels = filter_term_value (filter
? filter
: get->filter,
"compliance_levels");
g_free (filter);

/* Setup result filter from overrides. */
get_reports_data->get.filter
= g_strdup_printf ("apply_overrides=%i min_qod=%i levels=%s",
overrides, min_qod, levels ? levels : "hmlgdf");
= g_strdup_printf
("apply_overrides=%i min_qod=%i levels=%s compliance_levels=%s",
overrides,
min_qod,
levels ? levels : "hmlgdf",
compliance_levels ? compliance_levels : "yniu");
g_free (levels);
g_free (compliance_levels);
}

ret = init_report_iterator (&reports, &get_reports_data->report_get);
Expand Down Expand Up @@ -16252,6 +16269,7 @@ handle_get_results (gmp_parser_t *gmp_parser, GError **error)
NULL, /* result_hosts_only */
NULL, /* min_qod */
NULL, /* levels */
NULL, /* compliance_levels */
NULL, /* delta_states */
NULL, /* search_phrase */
NULL, /* search_phrase_exact */
Expand Down Expand Up @@ -18266,7 +18284,8 @@ handle_get_tasks (gmp_parser_t *gmp_parser, GError **error)
report_compliance_by_uuid (last_report_id,
&compliance_yes,
&compliance_no,
&compliance_incomplete);
&compliance_incomplete,
NULL);

last_report
= g_strdup_printf ("<last_report>"
Expand Down
9 changes: 6 additions & 3 deletions src/manage.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -838,6 +838,9 @@ set_task_hosts_ordering (task_t, const char *);
void
set_task_scanner (task_t, scanner_t);

int
task_usage_type (task_t, char**);

void
set_task_usage_type (task_t, const char *);

Expand Down Expand Up @@ -1328,7 +1331,7 @@ gboolean
report_task (report_t, task_t*);

void
report_compliance_by_uuid (const char *, int *, int *, int *);
report_compliance_by_uuid (const char *, int *, int *, int *, int *);

int
report_scan_result_count (report_t, const char*, const char*, int, const char*,
Expand Down Expand Up @@ -1724,8 +1727,8 @@ manage_filter_controls (const gchar *, int *, int *, gchar **, int *);

void
manage_report_filter_controls (const gchar *, int *, int *, gchar **, int *,
int *, gchar **, gchar **, gchar **, gchar **,
int *, int *, int *, int *, gchar **);
int *, gchar **, gchar **, gchar **, gchar **,
gchar **, int *, int *, int *, int *, gchar **);

gchar *
manage_clean_filter (const gchar *);
Expand Down
39 changes: 38 additions & 1 deletion src/manage_pg.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -895,7 +895,44 @@ manage_create_sql_functions ()
"$$ LANGUAGE plpgsql"
" IMMUTABLE;");

/* Functions in SQL. */
sql ("CREATE OR REPLACE FUNCTION compliance_status ("
" report_id integer)"
"RETURNS text AS $$ "
"BEGIN"
" CASE"
" WHEN (SELECT count(*) FROM results"
" WHERE report = report_id"
" AND description LIKE 'Compliant:%%NO%%') > 0"
" THEN RETURN 'no';"
" WHEN (SELECT count(*) FROM results"
" WHERE report = report_id"
" AND description LIKE 'Compliant:%%INCOMPLETE%%') > 0"
" THEN RETURN 'incomplete';"
" WHEN (SELECT count(*) FROM results"
" WHERE report = report_id"
" AND description LIKE 'Compliant:%%YES%%') > 0"
" THEN RETURN 'yes';"
" ELSE RETURN 'undefined';"
" END CASE;"
"END;"
"$$ LANGUAGE plpgsql"
" IMMUTABLE;");

sql ("CREATE OR REPLACE FUNCTION compliance_count (report_id integer, compliance text)"
" RETURNS integer AS $$"
" DECLARE count integer := 0;"
" BEGIN"
" WITH compliance_count AS"
" (SELECT count(*) AS total FROM results WHERE report = report_id"
" AND description LIKE 'Compliant:%%' || compliance || '%%')"
" SELECT total FROM compliance_count"
" INTO count;"
" RETURN count;"
" END;"
" $$ LANGUAGE plpgsql"
" IMMUTABLE;");

/* Functions in SQL. */

if (sql_int ("SELECT (EXISTS (SELECT * FROM information_schema.tables"
" WHERE table_catalog = '%s'"
Expand Down
Loading

0 comments on commit e0f3815

Please sign in to comment.