vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 07:29:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix redis cache. (#7625)

Browse source
This commit is contained in:
Nicolo Maio 2023-08-05 16:22:42 +02:00
parent d468a4223b
commit 89483920a8
4 changed files with 76 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

153
scripts/lua/modules/vulnerability_scan/vs_utils.lua
View file

@ -49,6 +49,12 @@ local vs_utils = {}
-- **********************************************************
function vs_utils.get_host_hash_key(host, scan_type)
return string.format("%s-%s",host,scan_type)
end
-- **********************************************************
function vs_utils.is_nmap_installed()
local path = {
"/usr/bin/nmap",
@ -219,46 +225,48 @@ end
function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time, last_duration,
is_ok_last_scan, ports, scan_frequency, num_open_ports,
num_vulnerabilities_found, cve)
local saved_hosts_string = ntop.getCache(host_to_scan_key)
--local saved_hosts_string = ntop.getCache(host_to_scan_key)
local saved_hosts = {}
if not isEmptyString(saved_hosts_string) then
local host_hash_key = vs_utils.get_host_hash_key(host, scan_type)
--if not isEmptyString(saved_hosts_string) then
local checks = require "checks"
local trigger_alert = checks.isCheckEnabled("system", "vulnerability_scan") or false
saved_hosts = json.decode(saved_hosts_string) or {}
local index_to_remove = 0
--saved_hosts = json.decode(saved_hosts_string) or {}
-- local index_to_remove = 0
--[[
for index,value in ipairs(saved_hosts) do
if value.host == host and value.scan_type == scan_type then
index_to_remove = index
end
end
if index_to_remove ~= 0 then
local old_data = saved_hosts[index_to_remove]
--]]
-- if index_to_remove ~= 0 then
--local old_data = saved_hosts[index_to_remove]
local host_hash_key = vs_utils.get_host_hash_key(host, scan_type)
local old_data_string = ntop.getHashCache(host_to_scan_key, host_hash_key)
local old_data = json.decode(old_data_string)
-- In case the alert needs to be triggered, save the differences in order to lessen
-- the info dropped on redis
-- if is_ok_last_scan is nil then no prior scan was done, so do not trigger the alert
if trigger_alert and old_data.is_ok_last_scan then
local host_info_to_cache = check_differences(host,
scan_type,
{
vulnerabilities = old_data.num_vulnerabilities_found,
ports = old_data.num_open_ports,
cve = old_data.cve,
},
{
vulnerabilities = num_vulnerabilities_found,
ports = num_open_ports,
cve = cve,
})
if host_info_to_cache then
ntop.rpushCache(scanned_hosts_changes_key, json.encode(host_info_to_cache))
end
end
table.remove(saved_hosts, index_to_remove)
if trigger_alert and old_data and old_data.is_ok_last_scan then
local host_info_to_cache = check_differences(host,
scan_type,
{
vulnerabilities = old_data.num_vulnerabilities_found,
ports = old_data.num_open_ports,
cve = old_data.cve,
},
{
vulnerabilities = num_vulnerabilities_found,
ports = num_open_ports,
cve = cve,
})
if host_info_to_cache then
ntop.rpushCache(scanned_hosts_changes_key, json.encode(host_info_to_cache))
end
end
local new_item = {
@ -299,9 +307,10 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time
handle:close()
end
saved_hosts[#saved_hosts+1] = new_item
--saved_hosts[#saved_hosts+1] = new_item
ntop.setHashCache(host_to_scan_key, host_hash_key, json.encode(new_item))
ntop.setCache(host_to_scan_key, json.encode(saved_hosts))
--ntop.setCache(host_to_scan_key, json.encode(saved_hosts))
return 1
end
@ -309,29 +318,39 @@ end
-- Function to retrieve hosts list to scan
function vs_utils.retrieve_hosts_to_scan()
local res_string = ntop.getCache(host_to_scan_key)
if not isEmptyString(res_string) and res_string ~= "[[]]" and res_string ~= "[]" then
return json.decode(res_string)
else
return {}
local hash_keys = ntop.getHashKeysCache(host_to_scan_key)
local rsp = {}
if hash_keys then
for k in pairs(hash_keys) do
local hash_value_string = ntop.getHashCache(host_to_scan_key, k)
if (not isEmptyString(hash_value_string)) then
local hash_value = json.decode(hash_value_string)
rsp[#rsp+1] = hash_value
end
end
end
return rsp
end
-- **********************************************************
-- Function to retrieve hosts list to scan just for status_info
function vs_utils.check_in_progress_status()
local res_string = ntop.getCache(host_to_scan_key)
if not isEmptyString(res_string) and res_string ~= "[[]]" and res_string ~= "[]" then
local hosts_to_scan_details = json.decode(res_string) or {}
if hosts_to_scan_details then
for _,value in ipairs(hosts_to_scan_details) do
local hash_keys = ntop.getHashKeysCache(host_to_scan_key)
if hash_keys then
for k in pairs(hash_keys) do
local hash_value_string = ntop.getHashCache(host_to_scan_key, k)
if (not isEmptyString(hash_value_string)) then
local hash_value = json.decode(hash_value_string)
-- Check IN PROGRESS --> FIX ME with enums
if value.is_ok_last_scan == 4 then
if hash_value and hash_value.is_ok_last_scan == 4 then
return true
end
end
end
end
end
@ -360,32 +379,16 @@ end
-- Function to delete host to scan
function vs_utils.delete_host_to_scan(host, scan_type, all)
local saved_hosts_string = ntop.getCache(host_to_scan_key)
local saved_hosts = {}
if all then
ntop.delCache(host_to_scan_key)
else
if not isEmptyString(saved_hosts_string) then
saved_hosts = json.decode(saved_hosts_string)
local index_to_remove = 0
for index,value in ipairs(saved_hosts) do
if value.host == host and value.scan_type == scan_type then
index_to_remove = index
end
end
if index_to_remove ~= 0 then
table.remove(saved_hosts, index_to_remove)
end
end
ntop.setCache(host_to_scan_key, json.encode(saved_hosts))
local host_hash_key = vs_utils.get_host_hash_key(host, scan_type)
ntop.delHashCache(host_to_scan_key, host_hash_key)
end
return 1
return true
end
-- **********************************************************
@ -448,31 +451,17 @@ end
-- Function to update single host status
function vs_utils.set_status_scan(scan_type, host, ports)
local saved_hosts_string = ntop.getCache(host_to_scan_key)
local saved_hosts = {}
if not isEmptyString(saved_hosts_string) then
saved_hosts = json.decode(saved_hosts_string)
local index_to_update = 0
local value_to_update = {}
for index,value in ipairs(saved_hosts) do
if value.host == host and value.scan_type == scan_type then
index_to_update = index
value.is_ok_last_scan = 4
value_to_update = value
local host_hash_key = vs_utils.get_host_hash_key(host, scan_type)
local host_hash_value_string = ntop.getHashCache(host_to_scan_key, host_hash_key)
if(not isEmptyString(host_hash_value_string)) then
end
end
local host_hash_value = json.decode(host_hash_value_string)
if index_to_update ~= 0 then
table.remove(saved_hosts, index_to_update)
table.insert(saved_hosts, index_to_update, value_to_update)
end
host_hash_value.is_ok_last_scan = 4
ntop.setHashCache(host_to_scan_key, host_hash_key, json.encode(host_hash_value))
end
ntop.setCache(host_to_scan_key, json.encode(saved_hosts))
return true
end