Realize the previous idea was stupid and aggregate all exploit attempts based on status alone

2019-09-01 12:10:27 +03:00 · 2019-09-01 12:10:27 +03:00 · f7d66e0ebc
parent e7953defdc
commit f7d66e0ebc
1 changed files with 5 additions and 13 deletions
--- a/monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py
+++ b/monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py
@ -34,19 +34,11 @@ def test_machine_exploited(telemetry_json):
        )
        status = STATUS_FAILED

-    # aggregate only passed tests (which means exploit failed). Each successful exploit gets its own finding. 
-    if status == STATUS_FAILED:
-        Finding.save_finding(
-            test=TEST_MACHINE_EXPLOITED,
-            status=status,
-            events=events
-        )
-    else:
-        AggregateFinding.create_or_add_to_existing(
-            test=TEST_MACHINE_EXPLOITED,
-            status=status,
-            events=events
-        )
+    AggregateFinding.create_or_add_to_existing(
+        test=TEST_MACHINE_EXPLOITED,
+        status=status,
+        events=events
+    )

    AggregateFinding.create_or_add_to_existing(
        test=TEST_MALICIOUS_ACTIVITY_TIMELINE,