[VS] Add historical reports. (#8015) (#7950)

scripts/lua/modules/vs_db_utils.lua

@@ -0,0 +1,204 @@
+--
+-- (C) 2014-23 - ntop.org
+--
+
+local dirs = ntop.getDirs()
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+
+-- ####################################################################################
+-- Requires
+
+require "template"
+require "lua_utils"
+
+local json = require("dkjson")
+local format_utils = require("format_utils")
+-- ####################################################################################
+
+local vs_db_utils = {}
+local debug_me = false
+
+local data_table_name               = "vulnerability_scan_data"
+local report_table_name             = "vulnerability_scan_report"
+
+vs_db_utils.report_type = {
+    single_scan = 1,
+    scan_all = 2,
+    periodic_scan = 3
+ }
+
+-- ####################################################################################
+-- Function to save data of single scan on db
+function vs_db_utils.save_vs_result(scan_type, host, end_epoch, json_info, scan_result)
+
+    if debug_me then
+        traceError(TRACE_NORMAL,TRACE_CONSOLE, "Saving on DB HOST: ".. host .. " SCAN_TYPE: " .. scan_type .. " ENDEPOCH: "..end_epoch.." \n")
+    end
+
+    local sql = string.format("INSERT INTO %s (HOST, SCAN_TYPE, LAST_SCAN, INFO, VS_RESULT_FILE) Values",data_table_name)
+    -- it's necessary replace the ' character with a common character like |
+    scan_result = scan_result:gsub("%'","|")
+
+    sql = string.format("%s ('%s', '%s', %s, '%s', '%s');", sql, host, scan_type, end_epoch, json_info, scan_result)
+    
+    return(interface.execSQLQuery(sql))
+    
+end
+
+-- ####################################################################################
+-- Function to retrieve nmap result from DB
+function vs_db_utils.retrieve_scan_result(scan_type, host, end_epoch) 
+    local sql = "SELECT VS_RESULT_FILE FROM %s WHERE HOST = '%s' AND SCAN_TYPE = '%s' AND LAST_SCAN = %u;"
+    sql = string.format(sql, data_table_name, host, scan_type, tonumber(end_epoch))
+    local res = interface.execSQLQuery(sql)
+    local response = ""
+    -- replace back all the "|" with "'"
+    for _, item in ipairs(res) do
+        if (isEmptyString(item.VS_RESULT_FILE)) then
+            response = "Empty response"
+        else
+            response = item.VS_RESULT_FILE:gsub("%|","'")
+        end
+    end
+
+    if (debug_me) then
+        tprint(sql)
+        tprint(res)
+    end
+    return response
+
+end
+
+-- ####################################################################################
+-- Function to retrieve all reports from DB
+function vs_db_utils.retrieve_reports(sort_item, epoch)
+
+    if (isEmptyString(sort_item) or sort_item == 'DATE') then
+        sort_item = 'REPORT_DATE'
+    else
+        sort_item = 'REPORT_NAME'
+    end
+
+    local sql = "SELECT REPORT_NAME, toInt32(REPORT_DATE) REPORT_DATE, REPORT_INFO, "
+                .."NUM_SCANNED_HOSTS,NUM_CVES, NUM_TCP_PORTS,NUM_UDP_PORTS " ..
+                "FROM %s "
+
+    if (not isEmptyString(epoch)) then
+        local WHERE = "WHERE position('"..epoch.."' IN REPORT_NAME) > 0 "
+        sql = sql .. WHERE
+    end
+    sql = sql .. " ORDER BY %s;"
+    
+    sql = string.format(sql,report_table_name, sort_item)
+
+    local query_result = interface.execSQLQuery(sql)
+    local result = {}
+
+    -- format data
+    for _,item in ipairs(query_result) do
+        local report_name = item.REPORT_NAME
+        report_name = report_name:gsub("_"," ")
+        result[#result+1] = {
+            name = report_name,
+            epoch = item.REPORT_DATE,
+            report_date = format_utils.formatEpoch(item.REPORT_DATE),
+            cves = item.NUM_CVES,
+            tcp_ports = item.NUM_TCP_PORTS,
+            udp_ports = item.NUM_UDP_PORTS,
+            num_hosts = item.NUM_SCANNED_HOSTS
+        }
+    end
+    return(result)
+
+end
+
+-- ####################################################################################
+-- Function to retrieve single report from DB
+function vs_db_utils.retrieve_report(epoch)
+    local sql = "SELECT REPORT_NAME,toInt32(REPORT_DATE) REPORT_DATE, REPORT_INFO, "
+                .."NUM_SCANNED_HOSTS,NUM_CVES, NUM_TCP_PORTS,NUM_UDP_PORTS " ..
+                "FROM %s " ..
+                "WHERE REPORT_DATE = %u"
+    sql = string.format(sql,report_table_name, tonumber(epoch))
+
+    local query_result = interface.execSQLQuery(sql)
+    local result = {}
+    local report_info
+
+    -- format data
+    for _,item in ipairs(query_result) do
+        local report_name = item.REPORT_NAME
+        report_name = report_name:gsub("_"," ")
+        result[#result+1] = {
+            report_name = report_name,
+            epoch = item.REPORT_DATE,
+            report_date = format_utils.formatEpoch(item.REPORT_DATE),
+            cves = item.NUM_CVES,
+            tcp_ports = item.NUM_TCP_PORTS,
+            udp_ports = item.NUM_UDP_PORTS,
+            num_hosts = item.NUM_SCANNED_HOSTS,
+            info = item.REPORT_INFO
+        }
+        report_info = json.decode(item.REPORT_INFO)
+    end
+    return result,report_info
+end
+
+-- ####################################################################################
+-- Function to retrieve single report name from DB
+function vs_db_utils.retrieve_report_name(epoch)
+    local sql = "SELECT REPORT_NAME ".. 
+                "FROM %s " ..
+                "WHERE REPORT_DATE = %u"
+    sql = string.format(sql,report_table_name, tonumber(epoch))
+
+    local query_result = interface.execSQLQuery(sql)
+    local report_name
+
+    -- format data
+    for _,item in ipairs(query_result) do
+        report_name = item.REPORT_NAME
+    end
+    report_name = report_name:gsub("_"," ")
+
+    return report_name
+end
+
+-- ####################################################################################
+-- Function to save report on DB
+function vs_db_utils.save_report_info(report_info)
+
+    local report_name = report_info.name
+    report_name = report_name:gsub(" ","_")
+    local report_date = report_info.date
+    local json_info = json.encode(report_info.all_data_details)
+    local num_scanned_host = report_info.scanned_hosts or 0
+    local num_cves = report_info.cves or 0
+    local num_udp_ports = report_info.udp_ports or 0
+    local num_tcp_ports = report_info.tcp_ports or 0
+
+    local sql = string.format("INSERT INTO %s VALUES",report_table_name)
+    local sql = string.format("%s ('%s', %s, '%s', %u, %u, %u, %u);",sql, report_name, report_date, json_info, num_scanned_host, num_cves, num_tcp_ports, num_udp_ports)
+
+    return(interface.execSQLQuery(sql))
+
+end
+
+-- ####################################################################################
+-- Function to delete single report from DB
+function vs_db_utils.delete_report(epoch)
+
+    local sql = string.format("DELETE FROM %s WHERE REPORT_DATE = %u;",report_table_name, tonumber(epoch))
+    return(interface.execSQLQuery(sql))
+end
+
+-- ####################################################################################
+-- Function to edit single report from DB
+function vs_db_utils.edit_report(epoch, report_name)
+    local sql = string.format("ALTER TABLE %s UPDATE REPORT_NAME = '%s' WHERE REPORT_DATE = %u;",report_table_name,report_name, tonumber(epoch))
+    return(interface.execSQLQuery(sql))
+end
+
+-- ####################################################################################
+
+return vs_db_utils