[VA] Add periodicity scan notification.

2026-04-29 07:29:32 +00:00 · 2023-09-04 17:44:19 +02:00 · 2023-09-04 17:44:19 +02:00 · c1c283de47
commit c1c283de47
parent 8d7670cab5
4 changed files with 97 additions and 23 deletions
--- a/scripts/lua/modules/vulnerability_scan/vs_utils.lua
+++ b/scripts/lua/modules/vulnerability_scan/vs_utils.lua
@ -35,18 +35,19 @@ local dirs = ntop.getDirs()
 package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
 package.path = dirs.installdir .. "/scripts/lua/pro/modules/?.lua;" .. package.path
 package.path = dirs.installdir .. "/scripts/lua/modules/vulnerability_scan/?.lua;" .. package.path
--package.path = dirs.installdir .. "/scripts/lua/modules/recipients/?.lua;" .. package.path
+package.path = dirs.installdir .. "/scripts/lua/modules/recipients/?.lua;" .. package.path

 require "lua_utils" -- used by tprint (debug)

-local host_to_scan_key          = "ntopng.prefs.host_to_scan"
-local host_scannned_count_key    = "ntopng.prefs.host_to_scan.count_scanned"
-local host_scan_queue_key       = "ntopng.vs_scan_queue"
-local scanned_hosts_changes_key = "ntopng.alerts.scanned_hosts_changes"
+local host_to_scan_key              = "ntopng.prefs.host_to_scan"
+local host_to_scan_periodicity_key  = "ntopng.prefs.host_to_scan.periodicity_scan"
+local host_scannned_count_key       = "ntopng.prefs.host_to_scan.count_scanned"
+local host_scan_queue_key           = "ntopng.vs_scan_queue"
+local scanned_hosts_changes_key     = "ntopng.alerts.scanned_hosts_changes"

 local json = require("dkjson")
 local format_utils = require("format_utils")
--local recipients = require("recipients")
+local recipients = require("recipients")

 local debug_print = false
 local vs_utils = {}
@ -409,6 +410,8 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time

   local counts = vs_utils.update_ts_counters()

+   vs_utils.notify_end_periodicity()
+
   

   --ntop.setCache(host_to_scan_key, json.encode(saved_hosts))
@ -451,6 +454,48 @@ function vs_utils.update_ts_counters()
   return response
 end

+
+function vs_utils.notify_end_periodicity() 
+
+   local periodicity_scan_in_progress = ntop.getCache(host_to_scan_periodicity_key) == "1"
+
+   if (periodicity_scan_in_progress) then
+      local hosts_details = vs_utils.retrieve_hosts_to_scan()
+      for _,item in ipairs(hosts_details) do
+         if(item.is_periodicity and item.is_ok_last_scan == vs_utils.scan_status.in_progress) then
+            return
+         end
+      end  
+
+      ntop.setCache(host_to_scan_periodicity_key, "0")
+
+      local periodicity = ntop.getCache(host_to_scan_periodicity_key.."type")
+
+      
+      for _,item in ipairs(hosts_details) do
+         local host_hash_key = vs_utils.get_host_hash_key(item.host, item.scan_type)
+         local host_hash_value_string = ntop.getHashCache(host_to_scan_key, host_hash_key)
+         if(not isEmptyString(host_hash_value_string)) then
+
+            local host_hash_value = json.decode(host_hash_value_string)
+      
+            host_hash_value.is_periodicity = false
+      
+            ntop.setHashCache(host_to_scan_key, host_hash_key, json.encode(host_hash_value))
+         end
+      end
+
+      local notification_message = ""
+      if (periodicity == "1day") then
+         notification_message = i18n("hosts_stats.page_scan_hosts.periodicity_scan_1_day_ended")
+      elseif (periodicity == "1week") then
+         notification_message = i18n("hosts_stats.page_scan_hosts.periodicity_scan_1_week_ended")
+      end
+      recipients.sendMessageByNotificationType({periodicity = periodicity, success=true, message = notification_message}, "vulnerability_scans")
+   end
+
+end
+
 -- **********************************************************

 -- Function to retrieve hosts list to scan
@ -521,6 +566,9 @@ function vs_utils.delete_host_to_scan(host, scan_type, all)
   if all then
      ntop.delCache(host_to_scan_key)
      ntop.delCache(host_scan_queue_key)
+      ntop.delCache(host_to_scan_periodicity_key)
+      ntop.delCache(host_to_scan_periodicity_key.."type")
+
      local path_to_s_result = get_report_path(scan_type, host, true)
      os.execute("rm -f "..path_to_s_result)
   else
@ -649,7 +697,7 @@ end
 -- **********************************************************

 -- Function to update single host status
-function vs_utils.set_status_scan(scan_type, host, ports, id)
+function vs_utils.set_status_scan(scan_type, host, ports, id, is_periodicity)

   local host_hash_key = vs_utils.get_host_hash_key(host, scan_type)
   local host_hash_value_string = ntop.getHashCache(host_to_scan_key, host_hash_key)
@ -658,6 +706,7 @@ function vs_utils.set_status_scan(scan_type, host, ports, id)
      local host_hash_value = json.decode(host_hash_value_string)

      host_hash_value.is_ok_last_scan = vs_utils.scan_status.in_progress
+      host_hash_value.is_periodicity = is_periodicity

      ntop.setHashCache(host_to_scan_key, host_hash_key, json.encode(host_hash_value))
   end
@ -667,9 +716,9 @@ end

 -- **********************************************************

-function vs_utils.schedule_host_scan(scan_type, host, ports, scan_id)
+function vs_utils.schedule_host_scan(scan_type, host, ports, scan_id, is_periodicity)
   local scan = { scan_type = scan_type, host = host, ports = ports, id= scan_id}
-   vs_utils.set_status_scan(scan_type, host, ports, scan_id)
+   vs_utils.set_status_scan(scan_type, host, ports, scan_id, is_periodicity)

   ntop.rpushCache(host_scan_queue_key, json.encode(scan))

@ -683,7 +732,7 @@ function vs_utils.schedule_all_hosts_scan()

   if #host_to_scan_list > 0 then
      for _,scan_info in ipairs(host_to_scan_list) do
-	 vs_utils.schedule_host_scan(scan_info.scan_type, scan_info.host, scan_info.ports, scan_info.id)
+	 vs_utils.schedule_host_scan(scan_info.scan_type, scan_info.host, scan_info.ports, scan_info.id, false)
      end
   end

@ -694,20 +743,36 @@ end

 -- periodicity can be set to "1day" "1week" "disabled"
 function vs_utils.schedule_periodic_scan(periodicity)
+   
   local host_to_scan_list = vs_utils.retrieve_hosts_to_scan()

-   if #host_to_scan_list > 0 then
-      for _,scan_info in ipairs(host_to_scan_list) do
-	 local frequency = scan_info.scan_frequency
+   if (#host_to_scan_list > 0 ) then
+      local is_already_running = ntop.getCache(host_to_scan_periodicity_key) == "1" 
+      if not is_already_running then
+      

-	 if(frequency == periodicity) then
-	    vs_utils.schedule_host_scan(scan_info.scan_type, scan_info.host, scan_info.ports, scan_info.id)
-	 end
+            for _,scan_info in ipairs(host_to_scan_list) do
+         local frequency = scan_info.scan_frequency
+
+         if(frequency == periodicity) then
+            vs_utils.schedule_host_scan(scan_info.scan_type, scan_info.host, scan_info.ports, scan_info.id, true)
+         end
+            end
+         
+
+         ntop.setCache(host_to_scan_periodicity_key , "1")
+         ntop.setCache(host_to_scan_periodicity_key.."type", periodicity)
+
+         local notification_message = ""
+         if (periodicity == "1day") then
+            notification_message = i18n("hosts_stats.page_scan_hosts.periodicity_scan_1_day_started")
+         elseif (periodicity == "1week") then
+            notification_message = i18n("hosts_stats.page_scan_hosts.periodicity_scan_1_week_started")
+         end
+
+         recipients.sendMessageByNotificationType({periodicity = periodicity, success=true, message = notification_message}, "vulnerability_scans")
      end
   end
-
-   --recipients.sendMessageByNotificationType(periodicity, "vulnerability_scans")
-
   return true
 end