empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
9,013 Commits 3 Branches 0 Tags 561 MiB
5f55e0f696
Commit Graph

24 Commits

Author SHA1 Message Date
gillespi314
ac8afb41dc
Mask secret query params when logging url error (#12980) 2023-07-26 16:40:58 -05:00
Juan Fernandez
009a87d33e
Feature 10196: Add filepath to end-points and third party integrations (#11285) 
Adds the software installed path property to the proper end-points and third party integrations (webhook, Zendesk and Jira).
 2023-05-17 16:53:15 -04:00
Juan Fernandez
aecc2fed75
Feature 9834: Add published date to vulnerability object (#10434) 
This only applies to Premium users, we want to show the vulnerabilities' published date anywhere vulnerabilities are shown including API endpoints and third party integrations.
 2023-03-28 16:11:31 -04:00
Frank Sievertsen
e0766d21a3
Add ability to mark policy as critical. (#8896) 2022-12-06 15:59:20 +01:00
gillespi314
6fb3a87ae9
Enable errcheck linter for golangci-lint (#8899) 2022-12-05 16:50:49 -06:00
Juan Fernandez
53e112d264
Feature 7494: Use the MSRC security bulletin artifacts for detecting Win OS vulnerabilities (#7889) 
Use the MSRC security bulletin artifacts for detecting Win OS vulnerabilities
 2022-10-28 11:12:21 -04:00
Frank Sievertsen
e54f066266
Add display_name to more results (#8204) 
* Make HostResponses with one dedicated function only
* more display_name for Hosts
 2022-10-14 11:14:18 -03:00
Frank Sievertsen
e9f7066d87
7135 host display name (#7873) 2022-10-08 08:57:46 -04:00
gillespi314
34688f531a
Refactor webhooks cron to new schedule package (#7840) 2022-09-20 14:26:36 -05:00
Juan Fernandez
765031d962
Bug 6717: Duplicate calls on vulnerability third party integrations. (#7698) 
If the same vulnerability was present in more than one software, then duplicated third party integration calls were being issued.
 2022-09-13 10:41:52 -04:00
Juan Fernandez
b6d084deec
Feature 7559: Include 3rd party severity scores in the vulnerability web-hook payload (#7581) 
Premium users should receive vulnerability scores as part of the web-hook payload.
 2022-09-06 15:12:17 -04:00
Juan Fernandez
966bfbf85e
Feature 6487: Deprecate cpe_id from software_cve table (#6562) 
Part 2/3 of the removal of the cpe_id column from the software_cve table in favor of using the newly added software_id coumn.
 2022-08-04 09:24:44 -04:00
Juan Fernandez
ef73039559
Improve vulnerability detection for Ubuntu (#6102) 
Feature: Improve our capability to detect vulnerable software on Ubuntu hosts

To improve the capability of detecting vulnerable software on Ubuntu, we are now using OVAL definitions to detect vulnerable software on Ubuntu hosts. If data sync is enabled (disable_data_sync=false) OVAL definitions are automatically kept up to date (they are 'refreshed' once per day) - there's also the option to manually download the OVAL definitions using the 'fleetctl vulnerability-data-stream' command. Downloaded definitions are then parsed into an intermediary format and then used to identify vulnerable software on Ubuntu hosts. Finally, any 'recent' detected vulnerabilities are sent to any third-party integrations.
 2022-06-07 21:09:47 -04:00
Martin Angers
a23e0c41ff
Support failing policies integrations (#5973) 2022-06-06 10:41:51 -04:00
Martin Angers
7187f1adac
Queue jobs for Jira integration when enabled and new vulnerabilities are found. (#4975) 2022-04-11 16:42:16 -04:00
Michal Nicpon
6c2199f2b0
fix failing policies nil pointer dereference (#4802) 2022-03-24 15:56:56 -06:00
Michal Nicpon
7b671ac2a3
Add team failing policies webhook (#4633) 
* add config to teams
* update api docs
* update tests
 2022-03-21 13:16:47 -06:00
Martin Angers
6e2ba62744
Trigger webhooks for recently published vulnerabilities (#3941) 2022-02-02 16:34:37 -05:00
Lucas Manuel Rodriguez
787944482b
Global policies automation webhooks (#3378) 
* Add webhook to app config

* Add redis failing policies set and webhook

* Add basic webhook test

* Store hostname in redis

* Global policy deletion to remove policy ID from set and config

* Also process new passing policies

* Fix unit test

* Sort hosts

* Add more tests

* Add ListSets to the failing policies interface

* Fix server URL and garbage collect on the triggering side

* Do not use Redis SCAN

* Fix Redis operation order

* Add API changes to doc

* Add comments

* Add more tests

* Fix tests

* Add tests for config update upon deletion of policies

* Run make dump-test-schema

* Ignore policies that failed to run

* Add proper unit tests to trigger logic

* Fix comments

* WIP

* Add tests to service_osquerty_test.go

* Use SSCAN for listing hosts instead of SMEMBERS

* Add failing policies to docs/01-Using-Fleet/configuration-files/README.md

* Remove skip

* Fix PR comments
 2021-12-23 18:26:55 -03:00
Martin Angers
69a4985cac
Use new error handling approach in other packages (#2954) 2021-11-22 09:13:26 -05:00
Tomas Touceda
058ee84419
Change quote so it doesn't display as weird chars in webhooks (#2861) 2021-11-09 18:58:22 -03:00
Tomas Touceda
d0777ccfd3
Change message for text so webhook works on slack (#2838) 
* Change message for text so webhook works on slack

* Update preview text for the webhook in the FE
 2021-11-08 15:13:02 -03:00
Martin Angers
4f4185372d
Add support for context in datastore/mysql layer (#1962) 
This is just to pass down the context to the datastore layer, it doesn't
use it just yet - this will be in a follow-up PR.
 2021-09-14 08:11:07 -04:00
Tomas Touceda
8b908f6506
Issue 1599 offline webhook (#1777) 
* wip

* Add tests and finish implementation

* Add proper default for periodicity, changes file, and documentation

* Fix tests and add defaults also to new installs

* EnableHostUsers should be true if undefined as well

* In some cases, periodicity can be zero because of the migrations

* Apply defaults when migrating appconfig

* Fix lint

* lint

* Address review comments
 2021-08-27 11:15:36 -03:00