Added debug print to VA

2026-04-29 07:29:32 +00:00 · 2023-08-18 12:52:34 +00:00 · 2023-08-18 12:52:34 +00:00 · f88f512ac2
commit f88f512ac2
parent fdeb7c09fe
3 changed files with 32 additions and 38 deletions
--- a/scripts/lua/modules/vulnerability_scan/vs_utils.lua
+++ b/scripts/lua/modules/vulnerability_scan/vs_utils.lua
@ -45,6 +45,7 @@ local scanned_hosts_changes_key = "ntopng.alerts.scanned_hosts_changes"
 local json = require("dkjson")
 local format_utils = require("format_utils")

+local debug_print = false
 local vs_utils = {}

 -- **********************************************************
@ -110,7 +111,7 @@ end

 -- This function checks the differences between an old and a new host scan
 -- and return a table containing those differences
-local function check_differences(host, scan_type, old_data, new_data)
+local function check_differences(host, host_name, scan_type, old_data, new_data)
   local rsp = {}
   -- security checks
   if host == nil or scan_type == nil then
@ -166,6 +167,7 @@ local function check_differences(host, scan_type, old_data, new_data)
      rsp = nil
   else
      rsp["host"] = host
+      rsp["host_name"] = host_name
      rsp["scan_type"] = scan_type
   end

@ -243,32 +245,22 @@ end
 function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time, last_duration,
 				    is_ok_last_scan, ports, scan_frequency, num_open_ports,
 				     num_vulnerabilities_found, cve, id, is_edit)
-   --local saved_hosts_string = ntop.getCache(host_to_scan_key)
-   --local saved_hosts = {}
-   --local host_hash_key = vs_utils.get_host_hash_key( id)
-
-   --if not isEmptyString(saved_hosts_string) then
-      local checks = require "checks"
-      local trigger_alert = checks.isCheckEnabled("system", "vulnerability_scan") or false
-      --saved_hosts = json.decode(saved_hosts_string) or {}
-    --  local index_to_remove = 0
-      --[[
-      for index,value in ipairs(saved_hosts) do
-	 if value.host == host and value.scan_type == scan_type then
-	    index_to_remove = index
-	 end
-      end
-      --]]
-    --  if index_to_remove ~= 0 then
-         --local old_data = saved_hosts[index_to_remove]
-         local host_hash_key = vs_utils.get_host_hash_key(host, scan_type)
-         local old_data_string = ntop.getHashCache(host_to_scan_key, host_hash_key)
-         local old_data = json.decode(old_data_string)
-         -- In case the alert needs to be triggered, save the differences in order to lessen
-         -- the info dropped on redis
-         -- if is_ok_last_scan is nil then no prior scan was done, so do not trigger the alert
+   local checks = require "checks"
+   local host_name = ""
+   local trigger_alert = checks.isCheckEnabled("system", "vulnerability_scan") or false
+   local host_hash_key = vs_utils.get_host_hash_key(host, scan_type)
+   local old_data_string = ntop.getHashCache(host_to_scan_key, host_hash_key)
+   local old_data = json.decode(old_data_string)
+   -- Getting the hostname, the only way is to scan all the interfaces and retrieve it
+   host_name = ntop.resolveName(host)
+   if host_name == host then
+      host_name = ""
+   end
+   -- In case the alert needs to be triggered, save the differences in order to lessen
+   -- the info dropped on redis
+   -- if is_ok_last_scan is nil then no prior scan was done, so do not trigger the alert
   if trigger_alert and old_data and old_data.is_ok_last_scan then
-      local host_info_to_cache = check_differences(host,
+      local host_info_to_cache = check_differences(host, host_name,
                                    scan_type,
                                    {
                                       vulnerabilities = old_data.num_vulnerabilities_found,
@ -294,15 +286,6 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time
      epoch_id = id
   end

-   local ifstats   = interface.getStats()
-   interface.select(tostring(ifstats.id))
-
-   local info = interface.getHostInfo(host)
-
-   local host_name = ""
-   if info and info.name then
-      host_name = info.name
-   end
   local new_item = {
      host = host,
      host_name = host_name,
@ -533,9 +516,16 @@ end

 -- Function to exec single host scan
 function vs_utils.scan_host(scan_type, host, ports, scan_id)
+   if debug_print then
+      traceError(TRACE_NORMAL,TRACE_CONSOLE,"Scanning Host ".. host .. " on Ports: " .. ports .. "\n")
+   end
+
   local scan_module = vs_utils.load_module(scan_type)
   local result,duration,scan_result,num_open_ports,num_vulnerabilities_found, cve = scan_module:scan_host(host, ports)
-
+   
+   if debug_print then
+      traceError(TRACE_NORMAL,TRACE_CONSOLE,"End scan Host ".. host .. ", result: " .. result .. "\n")
+   end
   vs_utils.save_host_to_scan(scan_type, host, result, now, duration, scan_result,
 			      ports, nil, num_open_ports, num_vulnerabilities_found, cve, scan_id, false)

@ -613,6 +603,10 @@ function vs_utils.process_oldest_scheduled_scan()
   local elem = ntop.lpopCache(host_scan_queue_key)

   if((elem ~= nil) and (elem ~= "")) then
+      if debug_print then
+         traceError(TRACE_NORMAL,TRACE_CONSOLE,"Found vulnerability scan: ".. elem .. "\n")
+      end
+
      local elem = json.decode(elem)

      vs_utils.scan_host(elem.scan_type, elem.host, elem.ports, elem.id)