empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
b7b307c244
fleet/server/webhooks/vulnerabilities.go
Juan Fernandez 53e112d264
Feature 7494: Use the MSRC security bulletin artifacts for detecting Win OS vulnerabilities (#7889) 
Use the MSRC security bulletin artifacts for detecting Win OS vulnerabilities
2022-10-28 11:12:21 -04:00

78 lines
2.0 KiB
Go
Raw Blame History

package webhooks
import (
"context"
"net/url"
"time"
"github.com/fleetdm/fleet/v4/server"
"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
"github.com/fleetdm/fleet/v4/server/fleet"
kitlog "github.com/go-kit/kit/log"
"github.com/go-kit/kit/log/level"
)
// TriggerVulnerabilitiesWebhook performs the webhook requests for vulnerabilities.
func TriggerVulnerabilitiesWebhook(
ctx context.Context,
ds fleet.Datastore,
logger kitlog.Logger,
args VulnArgs,
mapper VulnMapper,
) error {
vulnConfig := args.AppConfig.WebhookSettings.VulnerabilitiesWebhook
if !vulnConfig.Enable {
return nil
}
level.Debug(logger).Log("enabled", "true", "recentVulns", len(args.Vulnerablities))
serverURL, err := url.Parse(args.AppConfig.ServerSettings.ServerURL)
if err != nil {
return ctxerr.Wrap(ctx, err, "invalid server url")
}
targetURL := vulnConfig.DestinationURL
batchSize := vulnConfig.HostBatchSize
// TODO JUAN: Handle OS Vulns
groups := make(map[string][]uint)
for _, v := range args.Vulnerablities {
groups[v.GetCVE()] = append(groups[v.GetCVE()], v.Affected())
}
for cve, sIDs := range groups {
hosts, err := ds.HostsBySoftwareIDs(ctx, sIDs)
if err != nil {
return ctxerr.Wrap(ctx, err, "get hosts by software ids")
}
for len(hosts) > 0 {
limit := len(hosts)
if batchSize > 0 && len(hosts) > batchSize {
limit = batchSize
}
payload := mapper.GetPayload(serverURL, hosts[:limit], cve, args.Meta[cve])
if err := sendVulnerabilityHostBatch(ctx, targetURL, payload, args.Time); err != nil {
return ctxerr.Wrap(ctx, err, "send vulnerability host batch")
}
hosts = hosts[limit:]
}
}
return nil
}
func sendVulnerabilityHostBatch(ctx context.Context, targetURL string, vuln WebhookPayload, now time.Time) error {
payload := map[string]interface{}{
"timestamp": now,
"vulnerability": vuln,
}
if err := server.PostJSONWithTimeout(ctx, targetURL, &payload); err != nil {
return ctxerr.Wrapf(ctx, err, "posting to %s", targetURL)
}
return nil
}
Reference in New Issue View Git Blame Copy Permalink