From 9527f45681b952f8138b1ec639dfe200e0fabde4 Mon Sep 17 00:00:00 2001 From: conor-mcnally Date: Thu, 2 Nov 2023 09:34:52 +0000 Subject: [PATCH] Add new trigger outline --- .../bin/komand_rapid7_insightvm | 334 +++++++++--------- .../triggers/scan_completion/__init__.py | 2 + .../triggers/scan_completion/schema.py | 148 ++++++++ .../triggers/scan_completion/trigger.py | 23 ++ 4 files changed, 341 insertions(+), 166 deletions(-) create mode 100644 plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/__init__.py create mode 100644 plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/schema.py create mode 100644 plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/trigger.py diff --git a/plugins/rapid7_insightvm/bin/komand_rapid7_insightvm b/plugins/rapid7_insightvm/bin/komand_rapid7_insightvm index 253af22a3b..345fab2bca 100755 --- a/plugins/rapid7_insightvm/bin/komand_rapid7_insightvm +++ b/plugins/rapid7_insightvm/bin/komand_rapid7_insightvm @@ -1,5 +1,5 @@ #!/usr/bin/env python -# GENERATED BY KOMAND SDK - DO NOT EDIT +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT import os import json from sys import argv @@ -23,7 +23,7 @@ def main(): monkey.patch_all() import insightconnect_plugin_runtime - from komand_rapid7_insightvm import connection, actions, triggers + from komand_rapid7_insightvm import connection, actions, triggers, tasks class ICONRapid7Insightvm(insightconnect_plugin_runtime.Plugin): def __init__(self): @@ -34,188 +34,190 @@ def main(): description=Description, connection=connection.Connection() ) - self.add_trigger(triggers.NewExceptionRequest()) - self.add_trigger(triggers.NewScans()) - - self.add_action(actions.AddScanEnginePoolEngine()) - - self.add_action(actions.AddUserAssetGroupAccess()) - - self.add_action(actions.AddUserSiteAccess()) - - self.add_action(actions.AssetSearch()) - - self.add_action(actions.AssetVulnerabilitySolution()) - - self.add_action(actions.CreateAssetGroup()) - - self.add_action(actions.CreateException()) - - self.add_action(actions.CreateScanEngine()) - - self.add_action(actions.CreateScanEnginePool()) - - self.add_action(actions.CreateSite()) - - self.add_action(actions.CreateTag()) - - self.add_action(actions.CreateUser()) - - self.add_action(actions.DeleteAsset()) - - self.add_action(actions.DeleteAssetGroup()) - - self.add_action(actions.DeleteException()) - - self.add_action(actions.DeleteScanEngine()) - - self.add_action(actions.DeleteScanEnginePool()) - - self.add_action(actions.DeleteSite()) - - self.add_action(actions.DeleteTag()) - - self.add_action(actions.DeleteUser()) - - self.add_action(actions.DisableUser()) - - self.add_action(actions.DownloadReport()) - - self.add_action(actions.EnableUser()) - - self.add_action(actions.GenerateAdhocSqlReport()) - - self.add_action(actions.GenerateSharedSecret()) - - self.add_action(actions.GetAsset()) - - self.add_action(actions.GetAssetGroup()) - - self.add_action(actions.GetAssetGroupAssets()) - - self.add_action(actions.GetAssetGroups()) - - self.add_action(actions.GetAssetSoftware()) - - self.add_action(actions.GetAssetTags()) - - self.add_action(actions.GetAssetVulnerabilities()) - - self.add_action(actions.GetAuthenticationSource()) - - self.add_action(actions.GetAuthenticationSources()) - - self.add_action(actions.GetExpiringVulnerabilityExceptions()) - - self.add_action(actions.GetRole()) - - self.add_action(actions.GetRoles()) - + + self.add_trigger(triggers.NewExceptionRequest()) + + self.add_trigger(triggers.ScanCompletion()) + + self.add_action(actions.Scan()) + self.add_action(actions.GetScan()) - - self.add_action(actions.GetScanAssets()) - - self.add_action(actions.GetScanEngine()) - - self.add_action(actions.GetScanEnginePool()) - - self.add_action(actions.GetScanEnginePools()) - - self.add_action(actions.GetScanEngines()) - - self.add_action(actions.GetScans()) - - self.add_action(actions.GetSite()) - + self.add_action(actions.GetSiteAssets()) - - self.add_action(actions.GetSites()) - + + self.add_action(actions.GetScanAssets()) + + self.add_action(actions.GetAssetVulnerabilities()) + + self.add_action(actions.GetAssetSoftware()) + + self.add_action(actions.DownloadReport()) + + self.add_action(actions.ListReports()) + + self.add_action(actions.GetVulnerabilityAffectedAssets()) + + self.add_action(actions.CreateTag()) + + self.add_action(actions.DeleteTag()) + + self.add_action(actions.GetTags()) + self.add_action(actions.GetTag()) - - self.add_action(actions.GetTagAssetGroups()) - - self.add_action(actions.GetTagAssets()) - + self.add_action(actions.GetTagSites()) - - self.add_action(actions.GetTags()) - - self.add_action(actions.GetUser()) - - self.add_action(actions.GetUsers()) - - self.add_action(actions.GetVulnerabilitiesByCve()) - - self.add_action(actions.GetVulnerability()) - - self.add_action(actions.GetVulnerabilityAffectedAssets()) - - self.add_action(actions.ListInactiveAssets()) - - self.add_action(actions.ListReports()) - - self.add_action(actions.RemoveAssetGroupTags()) - + + self.add_action(actions.GetTagAssets()) + + self.add_action(actions.GetTagAssetGroups()) + self.add_action(actions.RemoveAssetTag()) - - self.add_action(actions.RemoveScanEnginePoolEngine()) - + + self.add_action(actions.RemoveAssetGroupTags()) + self.add_action(actions.RemoveTagAssetGroups()) - - self.add_action(actions.RemoveTagSearchCriteria()) - + self.add_action(actions.RemoveTagSites()) - - self.add_action(actions.RemoveUserAssetGroupAccess()) - - self.add_action(actions.RemoveUserSiteAccess()) - - self.add_action(actions.ReviewException()) - - self.add_action(actions.Scan()) - + + self.add_action(actions.RemoveTagSearchCriteria()) + + self.add_action(actions.TagSite()) + self.add_action(actions.TagAsset()) - - self.add_action(actions.TagAssetGroup()) - + self.add_action(actions.TagAssets()) - - self.add_action(actions.TagSite()) - - self.add_action(actions.TopRemediations()) - - self.add_action(actions.UpdateAssetGroupSearchCriteria()) - - self.add_action(actions.UpdateScanStatus()) - - self.add_action(actions.UpdateSharedCredential()) - + + self.add_action(actions.TagAssetGroup()) + + self.add_action(actions.UpdateTagSearchCriteria()) + + self.add_action(actions.AssetSearch()) + + self.add_action(actions.GetAsset()) + + self.add_action(actions.GetAssetTags()) + + self.add_action(actions.GetSites()) + + self.add_action(actions.GetSite()) + + self.add_action(actions.CreateSite()) + self.add_action(actions.UpdateSite()) - - self.add_action(actions.UpdateSiteExcludedAssetGroups()) - + + self.add_action(actions.UpdateSiteIncludedTargets()) + self.add_action(actions.UpdateSiteExcludedTargets()) - + self.add_action(actions.UpdateSiteIncludedAssetGroups()) - - self.add_action(actions.UpdateSiteIncludedTargets()) - + + self.add_action(actions.UpdateSiteExcludedAssetGroups()) + + self.add_action(actions.DeleteSite()) + + self.add_action(actions.GetAssetGroups()) + + self.add_action(actions.GetAssetGroup()) + + self.add_action(actions.CreateAssetGroup()) + + self.add_action(actions.DeleteAssetGroup()) + + self.add_action(actions.UpdateAssetGroupSearchCriteria()) + + self.add_action(actions.GetVulnerabilitiesByCve()) + + self.add_action(actions.GetScans()) + + self.add_action(actions.UpdateScanStatus()) + + self.add_action(actions.GenerateSharedSecret()) + + self.add_action(actions.GetScanEngines()) + + self.add_action(actions.GetScanEngine()) + + self.add_action(actions.CreateScanEngine()) + + self.add_action(actions.DeleteScanEngine()) + + self.add_action(actions.GetScanEnginePools()) + + self.add_action(actions.GetScanEnginePool()) + + self.add_action(actions.CreateScanEnginePool()) + + self.add_action(actions.AddScanEnginePoolEngine()) + + self.add_action(actions.RemoveScanEnginePoolEngine()) + + self.add_action(actions.DeleteScanEnginePool()) + self.add_action(actions.UpdateSiteScanEngine()) - - self.add_action(actions.UpdateTagSearchCriteria()) - + + self.add_action(actions.GetAuthenticationSources()) + + self.add_action(actions.GetAuthenticationSource()) + + self.add_action(actions.GetRoles()) + + self.add_action(actions.GetRole()) + + self.add_action(actions.GetUsers()) + + self.add_action(actions.GetUser()) + + self.add_action(actions.CreateUser()) + self.add_action(actions.UpdateUser()) - - self.add_action(actions.UpdateUserAssetGroupAccess()) - + + self.add_action(actions.DeleteUser()) + + self.add_action(actions.DisableUser()) + + self.add_action(actions.EnableUser()) + self.add_action(actions.UpdateUserRole()) - + + self.add_action(actions.UpdateUserAssetGroupAccess()) + + self.add_action(actions.AddUserAssetGroupAccess()) + + self.add_action(actions.RemoveUserAssetGroupAccess()) + self.add_action(actions.UpdateUserSiteAccess()) - + + self.add_action(actions.AddUserSiteAccess()) + + self.add_action(actions.RemoveUserSiteAccess()) + + self.add_action(actions.TopRemediations()) + + self.add_action(actions.GenerateAdhocSqlReport()) + + self.add_action(actions.ReviewException()) + + self.add_action(actions.DeleteException()) + + self.add_action(actions.CreateException()) + + self.add_action(actions.GetVulnerability()) + + self.add_action(actions.GetAssetGroupAssets()) + + self.add_action(actions.DeleteAsset()) + + self.add_action(actions.ListInactiveAssets()) + + self.add_action(actions.GetExpiringVulnerabilityExceptions()) + self.add_action(actions.UpdateVulnerabilityExceptionExpirationDate()) - + + self.add_action(actions.AssetVulnerabilitySolution()) + + self.add_action(actions.UpdateSharedCredential()) + """Run plugin""" cli = insightconnect_plugin_runtime.CLI(ICONRapid7Insightvm()) diff --git a/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/__init__.py b/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/__init__.py new file mode 100644 index 0000000000..fcfdd5f44d --- /dev/null +++ b/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/__init__.py @@ -0,0 +1,2 @@ +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT +from .trigger import ScanCompletion diff --git a/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/schema.py b/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/schema.py new file mode 100644 index 0000000000..69db6eb4ea --- /dev/null +++ b/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/schema.py @@ -0,0 +1,148 @@ +# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT +import insightconnect_plugin_runtime +import json + + +class Component: + DESCRIPTION = "Fire upon completed scan" + + +class Input: + ASSET_GROUP = "asset_group" + CVE = "cve" + HOSTNAME = "hostname" + IP_ADDRESS = "ip_address" + RISK_SCORE = "risk_score" + SITE_ID = "site_id" + SOURCE = "source" + + +class Output: + ASSET_ID = "asset_id" + HOSTNAME = "hostname" + IP = "ip" + NEXPOSE_ID = "nexpose_id" + SOFTWARE_UPDATE_ID = "software_update_id" + SOLUTION_ID = "solution_id" + SOLUTION_SUMMARY = "solution_summary" + VULNERABILITY_ID = "vulnerability_id" + + +class ScanCompletionInput(insightconnect_plugin_runtime.Input): + schema = json.loads(r""" + { + "type": "object", + "title": "Variables", + "properties": { + "asset_group": { + "type": "string", + "title": "Asset Group", + "description": "Asset Group", + "order": 2 + }, + "cve": { + "type": "string", + "title": "CVE", + "description": "CVE", + "order": 6 + }, + "hostname": { + "type": "string", + "title": "Hostname", + "description": "Hostname", + "order": 3 + }, + "ip_address": { + "type": "string", + "title": "IP Address", + "description": "IP Address", + "order": 4 + }, + "risk_score": { + "type": "integer", + "title": "Risk Score", + "description": "Risk score", + "order": 5 + }, + "site_id": { + "type": "string", + "title": "Site ID", + "description": "Site ID", + "order": 1 + }, + "source": { + "type": "string", + "title": "Source", + "description": "Source", + "order": 7 + } + }, + "definitions": {} +} + """) + + def __init__(self): + super(self.__class__, self).__init__(self.schema) + + +class ScanCompletionOutput(insightconnect_plugin_runtime.Output): + schema = json.loads(r""" + { + "type": "object", + "title": "Variables", + "properties": { + "asset_id": { + "type": "string", + "title": "Asset ID", + "description": "Asset ID", + "order": 1 + }, + "hostname": { + "type": "string", + "title": "Hostname", + "description": "Hostname", + "order": 2 + }, + "ip": { + "type": "string", + "title": "IP", + "description": "IP", + "order": 3 + }, + "nexpose_id": { + "type": "string", + "title": "Nexpose ID", + "description": "Nexpose ID", + "order": 5 + }, + "software_update_id": { + "type": "string", + "title": "Software Update ID", + "description": "Software update ID", + "order": 8 + }, + "solution_id": { + "type": "string", + "title": "Solution ID", + "description": "Solution ID", + "order": 6 + }, + "solution_summary": { + "type": "string", + "title": "Solution Summary", + "description": "Solution Summary", + "order": 7 + }, + "vulnerability_id": { + "type": "string", + "title": "Vulnerability ID", + "description": "Vulnerability ID", + "order": 4 + } + }, + "definitions": {} +} + """) + + def __init__(self): + super(self.__class__, self).__init__(self.schema) diff --git a/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/trigger.py b/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/trigger.py new file mode 100644 index 0000000000..52d9b2e019 --- /dev/null +++ b/plugins/rapid7_insightvm/komand_rapid7_insightvm/triggers/scan_completion/trigger.py @@ -0,0 +1,23 @@ +import insightconnect_plugin_runtime +import time +from .schema import ScanCompletionInput, ScanCompletionOutput, Input, Output, Component +# Custom imports below + + +class ScanCompletion(insightconnect_plugin_runtime.Trigger): + + def __init__(self): + super(self.__class__, self).__init__( + name="scan_completion", + description=Component.DESCRIPTION, + input=ScanCompletionInput(), + output=ScanCompletionOutput()) + + def run(self, params={}): + # START INPUT BINDING - DO NOT REMOVE - ANY INPUTS BELOW WILL UPDATE WITH YOUR PLUGIN SPEC AFTER REGENERATION + # END INPUT BINDING - DO NOT REMOVE + + while True: + # TODO: Implement trigger functionality + self.send({}) + time.sleep(5)