Aggregate passed exploit attempts tests (which means failed exploiting)

2019-09-01 12:08:58 +03:00 · 2019-09-01 12:08:58 +03:00 · 3f2d5b1479
parent 1fddd4abbf
commit 3f2d5b1479
1 changed files with 13 additions and 5 deletions
--- a/monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py
+++ b/monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py
@ -34,11 +34,19 @@ def test_machine_exploited(telemetry_json):
        )
        status = STATUS_FAILED

+    # aggregate only passed tests (which means exploit failed). Each successful exploit gets its own finding. 
+    if status == STATUS_FAILED:
        Finding.save_finding(
            test=TEST_MACHINE_EXPLOITED,
            status=status,
            events=events
        )
+    else:
+        AggregateFinding.create_or_add_to_existing(
+            test=TEST_MACHINE_EXPLOITED,
+            status=status,
+            events=events
+        )

    AggregateFinding.create_or_add_to_existing(
        test=TEST_MALICIOUS_ACTIVITY_TIMELINE,