Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error using pagination in experimental calls #152

Open
mgmacias95 opened this issue Sep 6, 2018 · 3 comments
Open

Error using pagination in experimental calls #152

mgmacias95 opened this issue Sep 6, 2018 · 3 comments
Assignees
Labels

Comments

@mgmacias95
Copy link
Contributor

Hi team,

If offset/limit is used in GET/experimental/ciscat/results the following error takes place:

# curl -u foo:bar -k -X GET "https://127.0.0.1:55000/experimental/ciscat/results?pretty&limit=2&offset=10&sort=-score"
{
   "error": 1000,
   "message": "Wazuh-Python Internal Error: list index out of range"
}

The API call works ok without pagination:

# curl -u foo:bar -k -X GET "https://127.0.0.1:55000/experimental/ciscat/results?pretty&sort=-score"
{
   "error": 0,
   "data": {
      "totalItems": 1,
      "items": [
         {
            "profile": "xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server",
            "scan": {
               "id": 1260865673,
               "time": "2018-09-06T07:58:39.342-07:00"
            },
            "notchecked": 36,
            "pass": 104,
            "benchmark": "CIS Ubuntu Linux 16.04 LTS Benchmark",
            "unknown": 1,
            "score": 57,
            "agent_id": "001",
            "error": 0,
            "fail": 79
         }
      ]
   }
}

Best regards,
Marta

@mgmacias95 mgmacias95 added the bug label Sep 6, 2018
@mgmacias95
Copy link
Contributor Author

This error also happens in syscollector API calls:

# curl -u foo:bar "localhost:55000/experimental/syscollector/hardware?pretty&search=3024112"
{
   "error": 1000,
   "message": "list index out of range"
}

@crd1985 crd1985 added this to the 17th week milestone Apr 23, 2019
@druizz90
Copy link
Contributor

Issue update

Summary

With 3.9 version this errors does not happen but pagination is not working properly:

# curl -u foo:bar -k -X GET "http://127.0.0.1:55000/experimental/ciscat/results?offset=0&pretty"
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan": {
               "id": 790125247,
               "time": "2019-04-23T16:19:36.720+02:00"
            },
            "profile": "xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server",
            "unknown": 0,
            "fail": 92,
            "pass": 99,
            "notchecked": 31,
            "error": 0,
            "score": 52,
            "benchmark": "CIS CentOS Linux 7 Benchmark",
            "agent_id": "000"
         },
         {
            "scan": {
               "id": 1744690172,
               "time": "2019-04-23T15:12:38.234+02:00"
            },
            "profile": "xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server",
            "unknown": 0,
            "fail": 89,
            "pass": 102,
            "notchecked": 31,
            "error": 0,
            "score": 53,
            "benchmark": "CIS CentOS Linux 7 Benchmark",
            "agent_id": "001"
         }
      ],
      "totalItems": 2
   }
}

# curl -u foo:bar -k -X GET "http://127.0.0.1:55000/experimental/ciscat/results?offset=1&pretty"
{
   "error": 0,
   "data": {
      "items": [],
      "totalItems": 2
   }
}

Other filters are working:

# curl -u foo:bar -k -X GET "http://127.0.0.1:55000/experimental/ciscat/results?limit=1&sort=-score&pretty"
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan": {
               "id": 790125247,
               "time": "2019-04-23T16:19:36.720+02:00"
            },
            "profile": "xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server",
            "score": 52,
            "error": 0,
            "unknown": 0,
            "notchecked": 31,
            "pass": 99,
            "benchmark": "CIS CentOS Linux 7 Benchmark",
            "fail": 92,
            "agent_id": "000"
         }
      ],
      "totalItems": 2
   }
}

@crd1985 crd1985 modified the milestones: 17th week, 19th week May 8, 2019
@druizz90 druizz90 changed the title GET/experimental/ciscat/results crashes using pagination Error using pagination in experimental calls May 9, 2019
@druizz90
Copy link
Contributor

druizz90 commented May 9, 2019

Issue update

offset was not working properly. I made a fix for it. Below there are examples of experimental calls before and after apply the fix I made.

experimental/syscollector/hardware

Before

# curl -u foo:bar "localhost:55000/experimental/syscollector/hardware?pretty"
{
   "error": 0,
   "data": {
      "items": [
         {
            "cpu": {
               "cores": 2,
               "mhz": 2712,
               "name": "Intel Core Processor (Broadwell, no TSX, IBRS)"
            },
            "ram": {
               "free": 83604,
               "total": 738276,
               "usage": 89
            },
            "scan": {
               "id": 139676338,
               "time": "2019/05/09 13:54:30"
            },
            "board_serial": "unknown",
            "agent_id": "000"
         },
         {
            "cpu": {
               "cores": 1,
               "mhz": 2712,
               "name": "Intel Core Processor (Broadwell, no TSX, IBRS)"
            },
            "ram": {
               "free": 101836,
               "total": 241292,
               "usage": 58
            },
            "scan": {
               "id": 2081011405,
               "time": "2019/05/07 11:12:49"
            },
            "board_serial": "unknown",
            "agent_id": "001"
         }
      ],
      "totalItems": 2
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/hardware?pretty&offset=1"
{
   "error": 0,
   "data": {
      "items": [],
      "totalItems": 0
   }
}

After

# curl -u foo:bar "localhost:55000/experimental/syscollector/hardware?pretty&offset=1"
{
   "error": 0,
   "data": {
      "items": [
         {
            "cpu": {
               "cores": 1,
               "mhz": 2712,
               "name": "Intel Core Processor (Broadwell, no TSX, IBRS)"
            },
            "ram": {
               "free": 101836,
               "total": 241292,
               "usage": 58
            },
            "scan": {
               "id": 2081011405,
               "time": "2019/05/07 11:12:49"
            },
            "board_serial": "unknown",
            "agent_id": "001"
         }
      ],
      "totalItems": 2
   }
}

experimental/syscollector/netaddr

Before

# curl -u foo:bar "localhost:55000/experimental/syscollector/netaddr?pretty"  
{
   "error": 0,
   "data": {
      "items": [
         {
            "netmask": "255.255.255.0",
            "scan_id": 1868064520,
            "address": "192.168.122.111",
            "broadcast": "192.168.122.255",
            "iface": "ens3",
            "proto": "ipv4",
            "agent_id": "000"
         },
         {
            "netmask": "ffff:ffff:ffff:ffff::",
            "scan_id": 1868064520,
            "address": "fe80::760a:b8ba:dc8:65a7",
            "iface": "ens3",
            "proto": "ipv6",
            "agent_id": "000"
         },
         {
            "netmask": "255.255.255.0",
            "scan_id": 810044709,
            "address": "192.168.122.124",
            "broadcast": "192.168.122.255",
            "iface": "ens3",
            "proto": "ipv4",
            "agent_id": "001"
         },
         {
            "netmask": "ffff:ffff:ffff:ffff::",
            "scan_id": 810044709,
            "address": "fe80::7bb1:8729:874b:24b2",
            "iface": "ens3",
            "proto": "ipv6",
            "agent_id": "001"
         },
         {
            "netmask": "255.255.0.0",
            "scan_id": 810044709,
            "address": "172.17.0.1",
            "broadcast": "172.17.0.1",
            "iface": "docker0",
            "proto": "ipv4",
            "agent_id": "001"
         }
      ],
      "totalItems": 5
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/netaddr?pretty&offset=2"
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan_id": 810044709,
            "broadcast": "172.17.0.1",
            "iface": "docker0",
            "proto": "ipv4",
            "address": "172.17.0.1",
            "netmask": "255.255.0.0",
            "agent_id": "001"
         }
      ],
      "totalItems": 5
   }
}

After

# curl -u foo:bar "localhost:55000/experimental/syscollector/netaddr?pretty&offset=2"
{
   "error": 0,
   "data": {
      "items": [
         {
            "iface": "ens3",
            "address": "192.168.122.124",
            "broadcast": "192.168.122.255",
            "scan_id": 810044709,
            "proto": "ipv4",
            "netmask": "255.255.255.0",
            "agent_id": "001"
         },
         {
            "iface": "ens3",
            "address": "fe80::7bb1:8729:874b:24b2",
            "scan_id": 810044709,
            "proto": "ipv6",
            "netmask": "ffff:ffff:ffff:ffff::",
            "agent_id": "001"
         },
         {
            "iface": "docker0",
            "address": "172.17.0.1",
            "broadcast": "172.17.0.1",
            "scan_id": 810044709,
            "proto": "ipv4",
            "netmask": "255.255.0.0",
            "agent_id": "001"
         }
      ],
      "totalItems": 5
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/netaddr?pretty&offset=4"
{
   "error": 0,
   "data": {
      "items": [
         {
            "netmask": "255.255.0.0",
            "broadcast": "172.17.0.1",
            "proto": "ipv4",
            "scan_id": 810044709,
            "address": "172.17.0.1",
            "iface": "docker0",
            "agent_id": "001"
         }
      ],
      "totalItems": 5
   }
}

experimental/syscollector/netiface

Before

# curl -u foo:bar "localhost:55000/experimental/syscollector/netiface?pretty" 
{
   "error": 0,
   "data": {
      "items": [
         {
            "rx": {
               "bytes": 167456278,
               "dropped": 0,
               "errors": 0,
               "packets": 214815
            },
            "scan": {
               "id": 1868064520,
               "time": "2019/05/09 13:54:30"
            },
            "tx": {
               "bytes": 83664104,
               "dropped": 0,
               "errors": 0,
               "packets": 152249
            },
            "state": "up",
            "mac": "52:54:00:2b:96:56",
            "name": "ens3",
            "type": "ethernet",
            "mtu": 1500,
            "agent_id": "000"
         },
         {
            "rx": {
               "bytes": 7597,
               "dropped": 0,
               "errors": 0,
               "packets": 85
            },
            "scan": {
               "id": 810044709,
               "time": "2019/05/07 11:12:49"
            },
            "tx": {
               "bytes": 1452870,
               "dropped": 0,
               "errors": 0,
               "packets": 5381
            },
            "state": "up",
            "mac": "52:54:00:0B:0A:AA",
            "name": "ens3",
            "type": "ethernet",
            "mtu": 1500,
            "agent_id": "001"
         },
         {
            "rx": {
               "bytes": 0,
               "dropped": 0,
               "errors": 0,
               "packets": 0
            },
            "scan": {
               "id": 810044709,
               "time": "2019/05/07 11:12:49"
            },
            "tx": {
               "bytes": 0,
               "dropped": 0,
               "errors": 0,
               "packets": 0
            },
            "state": "down",
            "mac": "02:42:A2:8B:12:4A",
            "name": "docker0",
            "type": "ethernet",
            "mtu": 1500,
            "agent_id": "001"
         }
      ],
      "totalItems": 3
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/netiface?pretty&offset=2"
{
   "error": 0,
   "data": {
      "items": [],
      "totalItems": 3
   }
}

After

# curl -u foo:bar "localhost:55000/experimental/syscollector/netiface?pretty&offset=2"
{
   "error": 0,
   "data": {
      "items": [
         {
            "rx": {
               "bytes": 0,
               "dropped": 0,
               "errors": 0,
               "packets": 0
            },
            "scan": {
               "id": 810044709,
               "time": "2019/05/07 11:12:49"
            },
            "tx": {
               "bytes": 0,
               "dropped": 0,
               "errors": 0,
               "packets": 0
            },
            "mtu": 1500,
            "mac": "02:42:A2:8B:12:4A",
            "state": "down",
            "name": "docker0",
            "type": "ethernet",
            "agent_id": "001"
         }
      ],
      "totalItems": 3
   }
}

experimental/syscollector/os

Before

# curl -u foo:bar "localhost:55000/experimental/syscollector/os?pretty"
{
   "error": 0,
   "data": {
      "items": [
         {
            "os": {
               "major": "7",
               "minor": "6",
               "name": "CentOS Linux",
               "platform": "centos",
               "version": "7.6"
            },
            "scan": {
               "id": 781580110,
               "time": "2019/05/09 14:54:30"
            },
            "sysname": "Linux",
            "release": "3.10.0-957.1.3.el7.x86_64",
            "hostname": "localhost.localdomain",
            "version": "#1 SMP Thu Nov 29 14:49:43 UTC 2018",
            "architecture": "x86_64",
            "agent_id": "000"
         },
         {
            "os": {
               "codename": "Core",
               "major": "7",
               "name": "CentOS Linux",
               "platform": "centos",
               "version": "7 (Core)"
            },
            "scan": {
               "id": 493907452,
               "time": "2019/05/07 11:12:49"
            },
            "sysname": "Linux",
            "release": "3.10.0-862.11.6.el7.x86_64",
            "hostname": "localhost.localdomain",
            "version": "#1 SMP Tue Aug 14 21:49:04 UTC 2018",
            "architecture": "x86_64",
            "agent_id": "001"
         }
      ],
      "totalItems": 2
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/os?pretty&offset=1"
{
   "error": 0,
   "data": {
      "items": [],
      "totalItems": 0
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/os?pretty&offset=1"
{
   "error": 0,
   "data": {
      "items": [],
      "totalItems": 0
   }
}

After

# curl -u foo:bar "localhost:55000/experimental/syscollector/os?pretty&offset=1"
{
   "error": 0,
   "data": {
      "items": [
         {
            "os": {
               "codename": "Core",
               "major": "7",
               "name": "CentOS Linux",
               "platform": "centos",
               "version": "7 (Core)"
            },
            "scan": {
               "id": 493907452,
               "time": "2019/05/07 11:12:49"
            },
            "release": "3.10.0-862.11.6.el7.x86_64",
            "architecture": "x86_64",
            "version": "#1 SMP Tue Aug 14 21:49:04 UTC 2018",
            "sysname": "Linux",
            "hostname": "localhost.localdomain",
            "agent_id": "001"
         }
      ],
      "totalItems": 2
   }
}

experimental/syscollector/packages

Before

# curl -u foo:bar "localhost:55000/experimental/syscollector/packages?pretty&offset=800"
{
   "error": 0,
   "data": {
      "items": [],
      "totalItems": 1360
   }
}

After

# curl -u foo:bar "localhost:55000/experimental/syscollector/packages?pretty&offset=1000&limit=2"
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan": {
               "id": 1326011171,
               "time": "2019/05/07 11:11:12"
            },
            "description": "System NSS Initialization",
            "install_time": "2018/09/10 09:01:03",
            "vendor": "CentOS",
            "name": "nss-sysinit",
            "size": 13,
            "version": "3.36.0-5.el7_5",
            "architecture": "x86_64",
            "section": "System Environment/Base",
            "format": "rpm",
            "agent_id": "001"
         },
         {
            "scan": {
               "id": 1326011171,
               "time": "2019/05/07 11:11:12"
            },
            "description": "Macros and scripts for Java packaging support",
            "install_time": "2019/04/23 15:09:47",
            "vendor": "CentOS",
            "name": "javapackages-tools",
            "size": 156,
            "version": "3.4.1-11.el7",
            "architecture": "noarch",
            "section": "Unspecified",
            "format": "rpm",
            "agent_id": "001"
         }
      ],
      "totalItems": 1360
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/packages?pretty&offset=1359"        
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan": {
               "id": 1433784266,
               "time": "2019/05/07 11:12:49"
            },
            "size": 3961,
            "vendor": "CentOS",
            "version": "1.8.19p2-14.el7_5",
            "section": "Applications/System",
            "format": "rpm",
            "name": "sudo",
            "install_time": "2018/09/10 09:01:36",
            "description": "Allows restricted root access for specified users",
            "architecture": "x86_64",
            "agent_id": "001"
         }
      ],
      "totalItems": 1360
   }
}

experimental/syscollector/ports

Before

# curl -u foo:bar "localhost:55000/experimental/syscollector/ports?pretty"    
{
   "error": 0,
   "data": {
      "items": [
         {
            "local": {
               "ip": "0.0.0.0",
               "port": 1515
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp",
            "inode": 4067338,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "192.168.122.111",
               "port": 1516
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp",
            "inode": 4066003,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "0.0.0.0",
               "port": 111
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp",
            "inode": 21799,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "0.0.0.0",
               "port": 22
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp",
            "inode": 26416,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "127.0.0.1",
               "port": 25
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp",
            "inode": 33721,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "::",
               "port": 111
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp6",
            "inode": 21801,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "::",
               "port": 22
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp6",
            "inode": 26418,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "::",
               "port": 55000
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp6",
            "inode": 4072423,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "::1",
               "port": 25
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "protocol": "tcp6",
            "inode": 33722,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "127.0.0.1",
               "port": 25
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "state": "listening",
            "protocol": "tcp",
            "inode": 18882,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "001"
         },
         {
            "local": {
               "ip": "::1",
               "port": 25
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "state": "listening",
            "protocol": "tcp6",
            "inode": 18883,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "001"
         },
         {
            "local": {
               "ip": "0.0.0.0",
               "port": 22
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "state": "listening",
            "protocol": "tcp",
            "inode": 18069,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "001"
         },
         {
            "local": {
               "ip": "::",
               "port": 22
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "state": "listening",
            "protocol": "tcp6",
            "inode": 18073,
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "001"
         }
      ],
      "totalItems": 13
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/ports?pretty&offset=8"
{
   "error": 0,
   "data": {
      "items": [
         {
            "local": {
               "ip": "::1",
               "port": 25
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "protocol": "tcp6",
            "inode": 33722,
            "tx_queue": 0,
            "state": "listening",
            "rx_queue": 0,
            "agent_id": "000"
         }
      ],
      "totalItems": 13
   }
}

After

# curl -u foo:bar "localhost:55000/experimental/syscollector/ports?pretty&offset=8"                                                                            
{
   "error": 0,
   "data": {
      "items": [
         {
            "local": {
               "ip": "::1",
               "port": 25
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 1974916637,
               "time": "2019/05/09 14:54:36"
            },
            "state": "listening",
            "inode": 33722,
            "protocol": "tcp6",
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "000"
         },
         {
            "local": {
               "ip": "127.0.0.1",
               "port": 25
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "state": "listening",
            "inode": 18882,
            "protocol": "tcp",
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "001"
         },
         {
            "local": {
               "ip": "::1",
               "port": 25
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "state": "listening",
            "inode": 18883,
            "protocol": "tcp6",
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "001"
         },
         {
            "local": {
               "ip": "0.0.0.0",
               "port": 22
            },
            "remote": {
               "ip": "0.0.0.0",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "state": "listening",
            "inode": 18069,
            "protocol": "tcp",
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "001"
         },
         {
            "local": {
               "ip": "::",
               "port": 22
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "state": "listening",
            "inode": 18073,
            "protocol": "tcp6",
            "rx_queue": 0,
            "tx_queue": 0,
            "agent_id": "001"
         }
      ],
      "totalItems": 13
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/ports?pretty&offset=12"
{
   "error": 0,
   "data": {
      "items": [
         {
            "local": {
               "ip": "::",
               "port": 22
            },
            "remote": {
               "ip": "::",
               "port": 0
            },
            "scan": {
               "id": 491934396,
               "time": "2019/05/07 11:11:29"
            },
            "inode": 18073,
            "rx_queue": 0,
            "protocol": "tcp6",
            "state": "listening",
            "tx_queue": 0,
            "agent_id": "001"
         }
      ],
      "totalItems": 13
   }
}

experimental/syscollector/processes

Before

# curl -u foo:bar "localhost:55000/experimental/syscollector/processes?pretty&limit=2"
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan": {
               "id": 1972256976,
               "time": "2019/05/09 14:54:36"
            },
            "egroup": "root",
            "rgroup": "root",
            "stime": 2576,
            "processor": 1,
            "cmd": "/usr/lib/systemd/systemd",
            "session": 1,
            "euser": "root",
            "priority": 20,
            "vm_size": 125620,
            "state": "S",
            "ppid": 0,
            "fgroup": "root",
            "pid": "1",
            "resident": 660,
            "ruser": "root",
            "sgroup": "root",
            "name": "systemd",
            "suser": "root",
            "tty": 0,
            "argvs": "--switched-root,--system,--deserialize,22",
            "nice": 0,
            "share": 351,
            "pgrp": 1,
            "nlwp": 1,
            "tgid": 1,
            "size": 31405,
            "utime": 1215,
            "start_time": 3,
            "agent_id": "000"
         },
         {
            "scan": {
               "id": 1972256976,
               "time": "2019/05/09 14:54:36"
            },
            "egroup": "root",
            "rgroup": "root",
            "stime": 5,
            "processor": 0,
            "session": 0,
            "euser": "root",
            "priority": 20,
            "vm_size": 0,
            "state": "S",
            "ppid": 0,
            "fgroup": "root",
            "pid": "2",
            "resident": 0,
            "ruser": "root",
            "sgroup": "root",
            "name": "kthreadd",
            "suser": "root",
            "tty": 0,
            "nice": 0,
            "share": 0,
            "pgrp": 0,
            "nlwp": 1,
            "tgid": 2,
            "size": 0,
            "utime": 0,
            "start_time": 3,
            "agent_id": "000"
         }
      ],
      "totalItems": 213
   }
}
# curl -u foo:bar "localhost:55000/experimental/syscollector/processes?pretty&offset=150"
{
   "error": 0,
   "data": {
      "items": [],
      "totalItems": 213
   }
}

After

# curl -u foo:bar "localhost:55000/experimental/syscollector/processes?pretty&offset=211"
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan": {
               "id": 1406300016,
               "time": "2019/05/07 11:11:29"
            },
            "share": 40,
            "size": 28824,
            "pgrp": 1409,
            "start_time": 2235,
            "nlwp": 1,
            "utime": 0,
            "euser": "root",
            "suser": "root",
            "egroup": "ossec",
            "priority": 30,
            "stime": 0,
            "rgroup": "ossec",
            "processor": 0,
            "state": "S",
            "resident": 93,
            "fgroup": "ossec",
            "cmd": "/bin/sh",
            "ruser": "root",
            "vm_size": 115296,
            "session": 1409,
            "sgroup": "ossec",
            "nice": 10,
            "ppid": 1408,
            "name": "CIS-CAT.sh",
            "tgid": 1409,
            "pid": "1409",
            "argvs": "./CIS-CAT.sh,-a,-b,/var/ossec/wodles/ciscat/benchmarks/CIS_CentOS_Linux_7_Benchmark_v2.1.1-xccdf.xml,-p,xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server,-r,/var/ossec/tmp,-rn,ciscat-report,-x,-t,-n,-y",
            "tty": 0,
            "agent_id": "001"
         },
         {
            "scan": {
               "id": 1406300016,
               "time": "2019/05/07 11:11:29"
            },
            "share": 1317,
            "size": 702204,
            "pgrp": 1409,
            "start_time": 2271,
            "nlwp": 12,
            "utime": 489,
            "euser": "root",
            "suser": "root",
            "egroup": "ossec",
            "priority": 30,
            "stime": 179,
            "rgroup": "ossec",
            "processor": 0,
            "state": "S",
            "resident": 26210,
            "fgroup": "ossec",
            "cmd": "java",
            "ruser": "root",
            "vm_size": 2808816,
            "session": 1409,
            "sgroup": "ossec",
            "nice": 10,
            "ppid": 1409,
            "name": "java",
            "tgid": 1426,
            "pid": "1426",
            "argvs": "-Xmx768M,-jar,CISCAT.jar,-a,-b,/var/ossec/wodles/ciscat/benchmarks/CIS_CentOS_Linux_7_Benchmark_v2.1.1-xccdf.xml,-p,xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server,-r,/var/ossec/tmp,-rn,ciscat-report,-x,-t,-n,-y",
            "tty": 0,
            "agent_id": "001"
         }
      ],
      "totalItems": 213
   }
}

experimental/ciscat/results

Before

# curl -u foo:bar -k -X GET "http://127.0.0.1:55000/experimental/ciscat/results?offset=0&pretty"
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan": {
               "id": 790125247,
               "time": "2019-04-23T16:19:36.720+02:00"
            },
            "profile": "xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server",
            "unknown": 0,
            "fail": 92,
            "pass": 99,
            "notchecked": 31,
            "error": 0,
            "score": 52,
            "benchmark": "CIS CentOS Linux 7 Benchmark",
            "agent_id": "000"
         },
         {
            "scan": {
               "id": 1744690172,
               "time": "2019-04-23T15:12:38.234+02:00"
            },
            "profile": "xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server",
            "unknown": 0,
            "fail": 89,
            "pass": 102,
            "notchecked": 31,
            "error": 0,
            "score": 53,
            "benchmark": "CIS CentOS Linux 7 Benchmark",
            "agent_id": "001"
         }
      ],
      "totalItems": 2
   }
}
# curl -u foo:bar -k -X GET "http://127.0.0.1:55000/experimental/ciscat/results?offset=1&pretty"
{
   "error": 0,
   "data": {
      "items": [],
      "totalItems": 2
   }
}

After

# curl -u foo:bar -k -X GET "http://127.0.0.1:55000/experimental/ciscat/results?limit=2&offset=1&pretty"
{
   "error": 0,
   "data": {
      "items": [
         {
            "scan": {
               "id": 1744690172,
               "time": "2019-04-23T15:12:38.234+02:00"
            },
            "pass": 102,
            "notchecked": 31,
            "unknown": 0,
            "fail": 89,
            "benchmark": "CIS CentOS Linux 7 Benchmark",
            "profile": "xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server",
            "error": 0,
            "score": 53,
            "agent_id": "001"
         }
      ],
      "totalItems": 2
   }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants