From f7d66e0ebc3d6ec8c71e1832b206ff825a9dd684 Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Sun, 1 Sep 2019 12:10:27 +0300 Subject: [PATCH] Realize the previous idea was stupid and aggregate all exploit attempts based on status alone --- .../zero_trust_tests/machine_exploited.py | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py b/monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py index 1afe8bfe1..ef300d82b 100644 --- a/monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py +++ b/monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py @@ -34,19 +34,11 @@ def test_machine_exploited(telemetry_json): ) status = STATUS_FAILED - # aggregate only passed tests (which means exploit failed). Each successful exploit gets its own finding. - if status == STATUS_FAILED: - Finding.save_finding( - test=TEST_MACHINE_EXPLOITED, - status=status, - events=events - ) - else: - AggregateFinding.create_or_add_to_existing( - test=TEST_MACHINE_EXPLOITED, - status=status, - events=events - ) + AggregateFinding.create_or_add_to_existing( + test=TEST_MACHINE_EXPLOITED, + status=status, + events=events + ) AggregateFinding.create_or_add_to_existing( test=TEST_MALICIOUS_ACTIVITY_TIMELINE,