-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathemail_notif_open.py
159 lines (127 loc) · 4.68 KB
/
email_notif_open.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
import os
import subprocess
import datetime
import pandas as pd
import json
import smtplib
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
# Directories to scan
directories = [
"/usr/share/opensearch-dashboards/",
"/etc/opensearch-dashboards/",
"/var/lib/opensearch-dashboards/",
"/opt/opensearch-dashboard/"
]
# Output files
output_txt = "/tmp/opensearch_dashboards_1.txt"
output_csv = "/tmp/threat_table.csv"
output_json = "/tmp/threat_table.json"
# Email configuration
smtp_server = 'smtp.gmail.com' # Replace with your SMTP server
smtp_port = '587' # Replace with the correct port
smtp_user = 'recipient2@example.com' # Replace with your email
recipient_emails = ['recipient2@example.com', 'recipient2@example.com']
subject = 'Latest Trivy Vulnerability Scan Results'
# Function to run Trivy scan
def run_trivy_scan():
with open(output_txt, "w") as f:
for directory in directories:
subprocess.run(["trivy", "fs", directory, "--scanners",
"vuln", "--include-dev-deps"], stdout=f)
# Function to parse Trivy scan results
def parse_trivy_results():
with open(output_txt, "r") as f:
lines = f.readlines()
cves = []
for line in lines:
if "CVE-" in line:
parts = line.split()
cve = parts[0]
severity = parts[1]
description = " ".join(parts[2:])
cves.append({
"CVE": cve,
"Threat Level": severity,
"Description": description
})
return cves
# Function to save threat table in CSV format
def save_threat_table_csv(cves):
now = datetime.datetime.now()
date = now.strftime("%Y-%m-%d")
time = now.strftime("%H:%M:%S")
data = []
for cve in cves:
cve_id = cve["CVE"]
severity = cve["Threat Level"]
description = cve["Description"]
data.append([cve_id, severity, description, date, time,
"Please refer to the CVE details for specific commands."])
df = pd.DataFrame(data, columns=[
"CVE", "Threat Level", "Description", "Date", "Time", "Mitigation Commands"])
df.to_csv(output_csv, index=False)
# Function to save threat table in JSON format
def save_threat_table_json(cves):
now = datetime.datetime.now()
date = now.strftime("%Y-%m-%d")
time = now.strftime("%H:%M:%S")
data = []
for cve in cves:
cve_id = cve["CVE"]
severity = cve["Threat Level"]
description = cve["Description"]
data.append({
"CVE": cve_id,
"Threat Level": severity,
"Description": description,
"Date": date,
"Time": time,
"Mitigation Commands": "Please refer to the CVE details for specific commands."
})
with open(output_json, "w") as f:
json.dump(data, f, indent=2)
# Function to send email notification
def send_email(cves):
now = datetime.datetime.now()
date = now.strftime("%Y-%m-%d")
time = now.strftime("%H:%M:%S")
body = f"Trivy Vulnerability Scan Results - {date} {time}\n\n"
for cve in cves:
body += f"CVE: {cve['CVE']}\n"
body += f"Threat Level: {cve['Threat Level']}\n"
body += f"Description: {cve['Description']}\n"
body += f"Date: {date}\n"
body += f"Time: {time}\n"
body += f"Mitigation Commands: Please refer to the CVE details for specific commands.\n"
body += "\n"
msg = MIMEMultipart()
msg['From'] = smtp_user
msg['To'] = ", ".join(recipient_emails)
msg['Subject'] = subject
msg.attach(MIMEText(body, 'plain'))
try:
print("Connecting to SMTP server...")
server = smtplib.SMTP(smtp_server, smtp_port)
server.starttls()
server.set_debuglevel(1) # Enable debug output
print("Sending email...")
server.sendmail(smtp_user, recipient_emails, msg.as_string())
server.quit()
print("Email sent successfully")
except Exception as e:
print(f"Failed to send email: {e}")
# Main function to run the scan, save the threat table, and send email notification
def main():
print("Running Trivy scan...")
run_trivy_scan()
print("Parsing Trivy results...")
cves = parse_trivy_results()
print("Saving threat table in CSV format...")
save_threat_table_csv(cves)
print("Saving threat table in JSON format...")
save_threat_table_json(cves)
print("Sending email notification...")
send_email(cves)
if __name__ == "__main__":
main()