Class: Qualys::Report

Inherits:
Api
  • Object
show all
Defined in:
lib/qualys/report.rb

Overview

Qualys reports

Constant Summary collapse

TIMEOUT =

accepted timeout in seconds

60.0

Constants inherited from Api

Api::PRODUCTION_ENDPOINT

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Api

api_get, api_post, base_uri=

Constructor Details

#initialize(report) ⇒ Report

Returns a new instance of Report.



72
73
74
75
76
77
 
# File 'lib/qualys/report.rb', line 72

def initialize(report)
  @header = report['ASSET_DATA_REPORT']['HEADER']
  @host_list = report['ASSET_DATA_REPORT']['HOST_LIST']['HOST']
  @glossary = report['ASSET_DATA_REPORT']['GLOSSARY']['VULN_DETAILS_LIST']['VULN_DETAILS']
  @appendices = report['ASSET_DATA_REPORT']['APPENDICES']
end

Instance Attribute Details

#appendicesObject

Returns the value of attribute appendices.



6
7
8
 
# File 'lib/qualys/report.rb', line 6

def appendices
  @appendices
end

#glossaryObject

Returns the value of attribute glossary.



6
7
8
 
# File 'lib/qualys/report.rb', line 6

def glossary
  @glossary
end

#headerObject

Returns the value of attribute header.



6
7
8
 
# File 'lib/qualys/report.rb', line 6

def header
  @header
end

#host_listObject

Returns the value of attribute host_list.



6
7
8
 
# File 'lib/qualys/report.rb', line 6

def host_list
  @host_list
end

Class Method Details

.create_global_reportObject

returns the id of the report



40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/qualys/report.rb', line 40

def create_global_report
  scan_template = templates.detect { |template| template['TITLE'] == 'Technical Report' }
  response = api_post('/report/', query: {
                        action: 'launch',
                        report_title: 'Generated_by_Ruby_Qualys_gem',
                        report_type: 'Scan',
                        output_format: 'xml',
                        template_id: scan_template['ID']
                      })

  response.parsed_response['SIMPLE_RETURN']['RESPONSE']['ITEM_LIST']['ITEM']['VALUE']
end

.delete(id) ⇒ Object 



32
33
34
35
36
37
 
# File 'lib/qualys/report.rb', line 32

def delete(id)
  api_post('/report/', query: {
             action: 'delete',
             id: id
           })
end

.find_by_id(id) ⇒ Object 



12
13
14
15
16
17
18
19
20
21
22
 
# File 'lib/qualys/report.rb', line 12

def find_by_id(id)
  response = api_get('/report/', query: {
                       action: 'fetch',
                       id: id
                     })

  # check if report exist
  return unless response.parsed_response.keys.include?('ASSET_DATA_REPORT')

  Report.new(response.parsed_response)
end

.global_reportObject

returns a report global report object. This method can be time consuming and times out after 64 s

Raises:



55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'lib/qualys/report.rb', line 55

def global_report
  report_id = create_global_report
  report = find_by_id(report_id)

  10.times do
    sleep(TIMEOUT / 10)
    report = find_by_id(report_id)
    break unless report.nil?
  end

  raise Qualys::Report::Exception, 'Report generation timed out' if report.nil?

  delete(report_id)
  report
end

.templatesObject

returns the list of the templates



25
26
27
28
29
30
 
# File 'lib/qualys/report.rb', line 25

def templates
  auth = { username: Qualys::Config.username, password: Qualys::Config.password }
  response = HTTParty.get('https://qualysapi.qualys.eu/msp/report_template_list.php',
                          basic_auth: auth)
  response.parsed_response['REPORT_TEMPLATE_LIST']['REPORT_TEMPLATE']
end

Instance Method Details

#hostsObject 



79
80
81
82
83
84
85
86
87
88
 
# File 'lib/qualys/report.rb', line 79

def hosts
  hosts ||= host_list.map do |xml_host|
    vulnerabilities = xml_host['VULN_INFO_LIST']['VULN_INFO'].map do |vuln|
      Qualys::Vulnerability.new(vuln, @glossary)
    end
    Qualys::Host.new(xml_host, vulnerabilities)
  end

  hosts
end