tis-cyberwatch-plugin-import-from-cyberwatch
Silent install package for tis-cyberwatch-plugin-import-from-cyberwatch
16-0
- package: tis-cyberwatch-plugin-import-from-cyberwatch
- version: 16-0
- maintainer: sfonteneau
- locale: all
- target_os: all
- architecture: all
- signature_date:
- size: 10.98 Ko
package : tis-cyberwatch-plugin-import-from-cyberwatch
version : 16-0
architecture : all
section : base
priority : optional
name :
categories :
maintainer : sfonteneau
description : Package for tis-cyberwatch-plugin
depends :
conflicts :
maturity : PROD
locale : all
target_os : all
min_wapt_version : 2.0
sources :
installed_size :
impacted_process :
description_fr : Paquet pour tis-cyberwatch-plugin
description_pl : Pakiet dla tis-cyberwatch-plugin
description_de : Paket für tis-cyberwatch-plugin
description_es : Paquete para tis-cyberwatch-plugin
description_pt : Pacote para tis-cyberwatch-plugin
description_it : Pacchetto per tis-cyberwatch-plugin
description_nl : Pakket voor tis-cyberwatch-plugin
description_ru : Пакет для tis-cyberwatch-plugin
audit_schedule : 1h
editor :
keywords :
licence :
homepage :
package_uuid : 4583e164-dd92-4c1e-8d72-2fec3a5624cf
valid_from :
valid_until :
forced_install_on :
changelog :
min_os_version :
max_os_version :
icon_sha256sum : 84c8d943064b7613cd3ed456ddd81ab07c487931ae81fbbe029c670255d379d2
signer : Tranquil IT
signer_fingerprint: 8c5127a75392be9cc9afd0dbae1222a673072c308c14d88ab246e23832e8c6bb
signature_date : 2025-10-08T07:06:08.000000
signed_attributes : package,version,architecture,section,priority,name,categories,maintainer,description,depends,conflicts,maturity,locale,target_os,min_wapt_version,sources,installed_size,impacted_process,description_fr,description_pl,description_de,description_es,description_pt,description_it,description_nl,description_ru,audit_schedule,editor,keywords,licence,homepage,package_uuid,valid_from,valid_until,forced_install_on,changelog,min_os_version,max_os_version,icon_sha256sum,signer,signer_fingerprint,signature_date,signed_attributes
signature : kIe5jShHmBCIeuO2F9vgO9iGk6AKyPXhKZj2UKoToic6uMoJU3AdYXWG4TAJGeAvHegwkTyowvctBDc8BO1X1OIVh7a/LO3l7R96u4ac+x6knz/S04K5XPufpUbm+bSpc75c+oKaiQxS3RRQwmvuRXub9ay8NH6YR4BJCNCLdjqeyJNdGtEGOpU8+PGSHj+kYrHb3aXvH+xpw1Oi3cZsoq/5oBJ7G7EHY5vw2IbuoP3gvpy02lWc5MAxX0SLwnDtE5AslmNDyKzF2/kKmmVhlJUxGdyXkVvw384b/909KzCyt3k/8ThxiI+xMHhOetUyovvtZ8hI6s1Ctb1ogmjHxg==# -*- coding: utf-8 -*-
from setuphelpers import *
from configparser import ConfigParser
from waptutils import get_verify_cert
from common import get_requests_client_cert_session
from requests.auth import HTTPBasicAuth
import platform
import waptlicences
import json
import concurrent.futures
import datetime
import requests
simultaneous_maximum_send=10
def audit():
CONFWAPT = ConfigParser()
CONFWAPT.read(makepath(WAPT.private_dir, "wapt_api.ini"))
username_wapt = CONFWAPT.get("wapt", "username")
password_wapt = CONFWAPT.get("wapt", "password")
srvwapt_url = CONFWAPT.get("wapt", "url")
t = waptlicences.waptserver_login(WAPT.config_filename,username_wapt,password_wapt)
if not 'session' in t['session_cookies']:
session_cookies = [u for u in t['session_cookies'] if u['Domain'] == WAPT.waptserver.server_url.split('://')[-1]][0]
else:
session_cookies = t['session_cookies']['session']
session_cookies['Name'] = 'session'
sessionwapt = get_requests_client_cert_session(WAPT.waptserver.server_url,cert=(t['client_certificate'],t['client_private_key'],t['client_private_key_password']),verify=WAPT.waptserver.verify_cert)
sessionwapt.cookies.set(session_cookies['Name'], session_cookies['Value'], domain=session_cookies['Domain'])
sessionwapt.verify = WAPT.waptserver.verify_cert
CONFCYB = ConfigParser()
CONFCYB.read(makepath(WAPT.private_dir, "cyberwatch_api.ini"))
cyberwatch_url = CONFCYB.get("cyberwatch", "url")
if CONFCYB.has_option("cyberwatch", 'verify_cert'):
verify_cert_cyb = get_verify_cert(CONFCYB.get("cyberwatch", 'verify_cert'))
else:
verify_cert_cyb = True
CLIENT = requests.Session()
CLIENT.auth = HTTPBasicAuth(CONFCYB.get("cyberwatch", "api_key"), CONFCYB.get("cyberwatch", "secret_key"))
CLIENT.headers.update({"Content-Type": "application/json"})
CLIENT.base_url = CONFCYB.get("cyberwatch", "url")
CLIENT.verify = verify_cert_cyb
dict_hostname_uuid = {}
for pc in json.loads(sessionwapt.get("%s/api/v3/hosts?&limit=1000000" % WAPT.waptserver.server_url).content)["result"]:
dict_hostname_uuid[str(pc["computer_name"]).lower()] = pc["uuid"]
list_error = []
list_run = []
for hostname, uuid in dict_hostname_uuid.items():
list_run.append({
"sessionwapt": sessionwapt,
"CLIENT": CLIENT,
"cyberwatch_url": cyberwatch_url,
"dict_hostname_uuid": {hostname: uuid},
"WAPT": WAPT,
"hostname":hostname,
"list_error":list_error
})
results = []
with concurrent.futures.ThreadPoolExecutor(simultaneous_maximum_send) as executor:
futures = {executor.submit(import_from_cyberwatch, **g): g for g in list_run}
for future in concurrent.futures.as_completed(futures):
results.append(future.result())
waptlicences.waptserver_logout(WAPT.config_filename)
if list_error:
print(" \n".join(list_error))
return "ERROR"
else:
return "OK"
def import_from_cyberwatch(sessionwapt=None,CLIENT=None,cyberwatch_url=None,dict_hostname_uuid=None,WAPT=None,hostname=None,list_error=None):
waptdata = []
resultcyb = CLIENT.get(f"{CLIENT.base_url}/api/v3/vulnerabilities/servers",params={"hostname": hostname},timeout=10).json()
if not resultcyb:
return
entry=resultcyb[0]
# for entry in CLIENT.assets() :
if str(entry['hostname']).lower() in dict_hostname_uuid:
try:
####dictionary conversion for easy searching in console###########
resultpc = CLIENT.get(f"{CLIENT.base_url}/api/v3/vulnerabilities/servers/{entry['id']}", timeout=10).json()
list_patch = {}
for patch in resultpc["updates"]:
if patch.get("target", {}):
if patch.get("cve_announcements", []):
list_patch[patch.get("target", {}).get("product", "")]=None
resultpc['cyberwatch_url'] = cyberwatch_url
resultpc["list_patch"] = sorted(list(list_patch))
resultpc["updates"] = list_to_dict(newkey="id", listconvert=resultpc["updates"])
resultpc["security_issues"] = list_to_dict(newkey="id", listconvert=resultpc["security_issues"])
resultpc["groups"] = list_to_dict(newkey="name", listconvert=resultpc["groups"])
resultpc["cve_announcements"] = list_to_dict(
newkey="cve_code", listconvert=[cve for cve in resultpc["cve_announcements"] if cve["active"]]
)
resultpc["compliance_repositories"] = list_to_dict(newkey="id", listconvert=resultpc["compliance_repositories"])
##################################################################
waptdata.append(
{
"host_id": dict_hostname_uuid[str(entry['hostname']).lower()],
"value_id": int(time.monotonic() * 1000),
"value_date": datetime2isodate(datetime.datetime.utcnow()),
"value_section": "cyberwatch",
"value_key": "cyberwatch",
"value": resultpc,
"expiration_date": datetime2isodate(datetime.datetime.utcnow() + datetime.timedelta(minutes=1440)),
}
)
print("Get %s from cyberwatch" % str(entry['hostname']).lower())
time.sleep(0.0000001)
except Exception as e:
list_error.append("Error %s %s" % (str(entry['hostname']).lower(), str(e)))
sessionwapt.post("%s/api/v3/update_hosts_audit_data" % WAPT.waptserver.server_url, data=json.dumps(waptdata))
def install():
if not isfile(makepath(WAPT.private_dir, "cyberwatch_api.ini")):
filecopyto("cyberwatch_api.ini", makepath(WAPT.private_dir, "cyberwatch_api.ini"))
if not isfile(makepath(WAPT.private_dir, "wapt_api.ini")):
filecopyto("wapt_api.ini", makepath(WAPT.private_dir, "wapt_api.ini"))
80a99d6468013de9f7445c0f40a6e4539ae2bd31b5fde69e9786f0daf3fef83c : .gitignore
38d056ab130f7bf7c481c12636a4e9959de36561d3dfcbe54c6e3571bc0c1dc3 : WAPT/certificate.crt
64ccbcbb15710267e67ce294dbbcc5ace0c8bdef8bcaff32e5e70192b8478e30 : WAPT/control
84c8d943064b7613cd3ed456ddd81ab07c487931ae81fbbe029c670255d379d2 : WAPT/icon.png
e5cb0662e2b27d07eec7a643f4cdaffef8d6dcf15164d9d121826cb12f7623f1 : cyberwatch_api.ini
eacb555de6772753963b6ede28ccb6decfb12dc4e6c115a902705c86f5e39a78 : luti.json
a504f6fc1a497823f6db42b2489e22bfdeef027e529b9fe7155c812dc9b55a34 : setup.py
cb302f842cf1695f553389a436898f9e580d7d866a6726789dca1994a55e9c3c : wapt_api.ini