forked from p15670423/monkey
Made some findings aggregate findings to improve readability of Findings table.
This commit is contained in:
parent
1d5a4d20ce
commit
1fddd4abbf
|
@ -3,8 +3,8 @@ import json
|
|||
from common.data.zero_trust_consts import EVENT_TYPE_MONKEY_LOCAL, EVENT_TYPE_ISLAND, \
|
||||
STATUS_PASSED, STATUS_FAILED, TEST_ENDPOINT_SECURITY_EXISTS
|
||||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.models.zero_trust.aggregate_finding import AggregateFinding
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||
from monkey_island.cc.services.telemetry.zero_trust_tests.known_anti_viruses import ANTI_VIRUS_KNOWN_PROCESS_NAMES
|
||||
|
||||
|
||||
|
@ -31,7 +31,9 @@ def test_antivirus_existence(telemetry_json):
|
|||
test_status = STATUS_PASSED
|
||||
else:
|
||||
test_status = STATUS_FAILED
|
||||
Finding.save_finding(test=TEST_ENDPOINT_SECURITY_EXISTS, status=test_status, events=events)
|
||||
AggregateFinding.create_or_add_to_existing(
|
||||
test=TEST_ENDPOINT_SECURITY_EXISTS, status=test_status, events=events
|
||||
)
|
||||
|
||||
|
||||
def filter_av_processes(telemetry_json):
|
||||
|
|
|
@ -2,8 +2,8 @@ import json
|
|||
|
||||
from common.data.zero_trust_consts import *
|
||||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.models.zero_trust.aggregate_finding import AggregateFinding
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||
|
||||
HTTP_SERVERS_SERVICES_NAMES = ['tcp-80']
|
||||
|
||||
|
@ -54,19 +54,19 @@ def test_open_data_endpoints(telemetry_json):
|
|||
event_type=EVENT_TYPE_ISLAND
|
||||
))
|
||||
|
||||
Finding.save_finding(
|
||||
AggregateFinding.create_or_add_to_existing(
|
||||
test=TEST_DATA_ENDPOINT_HTTP,
|
||||
status=found_http_server_status,
|
||||
events=events
|
||||
)
|
||||
|
||||
Finding.save_finding(
|
||||
AggregateFinding.create_or_add_to_existing(
|
||||
test=TEST_DATA_ENDPOINT_ELASTIC,
|
||||
status=found_elastic_search_server,
|
||||
events=events
|
||||
)
|
||||
|
||||
Finding.save_finding(
|
||||
AggregateFinding.create_or_add_to_existing(
|
||||
test=TEST_MALICIOUS_ACTIVITY_TIMELINE,
|
||||
status=STATUS_INCONCLUSIVE,
|
||||
events=events
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
from common.data.zero_trust_consts import *
|
||||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.models.zero_trust.aggregate_finding import AggregateFinding
|
||||
from monkey_island.cc.models.zero_trust.event import Event
|
||||
from monkey_island.cc.models.zero_trust.finding import Finding
|
||||
|
||||
|
@ -39,7 +40,7 @@ def test_machine_exploited(telemetry_json):
|
|||
events=events
|
||||
)
|
||||
|
||||
Finding.save_finding(
|
||||
AggregateFinding.create_or_add_to_existing(
|
||||
test=TEST_MALICIOUS_ACTIVITY_TIMELINE,
|
||||
status=STATUS_INCONCLUSIVE,
|
||||
events=events
|
||||
|
|
Loading…
Reference in New Issue