Send logs via syslog when no CVE-IDs found (#646)
This commit is contained in:
Teppei Fukuda
committed by
Kota Kanbe
Kota Kanbe
parent
cb1aec4fc0
commit
6f9fd91849
@@ -57,14 +57,16 @@ func (w SyslogWriter) encodeSyslog(result models.ScanResult) (messages []string)
|
||||
ipv4Addrs := strings.Join(result.IPv4Addrs, ",")
|
||||
ipv6Addrs := strings.Join(result.IPv6Addrs, ",")
|
||||
|
||||
var commonKvPairs []string
|
||||
commonKvPairs = append(commonKvPairs, fmt.Sprintf(`scanned_at="%s"`, result.ScannedAt))
|
||||
commonKvPairs = append(commonKvPairs, fmt.Sprintf(`server_name="%s"`, result.ServerName))
|
||||
commonKvPairs = append(commonKvPairs, fmt.Sprintf(`os_family="%s"`, result.Family))
|
||||
commonKvPairs = append(commonKvPairs, fmt.Sprintf(`os_release="%s"`, result.Release))
|
||||
commonKvPairs = append(commonKvPairs, fmt.Sprintf(`ipv4_addr="%s"`, ipv4Addrs))
|
||||
commonKvPairs = append(commonKvPairs, fmt.Sprintf(`ipv6_addr="%s"`, ipv6Addrs))
|
||||
|
||||
for cveID, vinfo := range result.ScannedCves {
|
||||
var kvPairs []string
|
||||
kvPairs = append(kvPairs, fmt.Sprintf(`scanned_at="%s"`, result.ScannedAt))
|
||||
kvPairs = append(kvPairs, fmt.Sprintf(`server_name="%s"`, result.ServerName))
|
||||
kvPairs = append(kvPairs, fmt.Sprintf(`os_family="%s"`, result.Family))
|
||||
kvPairs = append(kvPairs, fmt.Sprintf(`os_release="%s"`, result.Release))
|
||||
kvPairs = append(kvPairs, fmt.Sprintf(`ipv4_addr="%s"`, ipv4Addrs))
|
||||
kvPairs = append(kvPairs, fmt.Sprintf(`ipv6_addr="%s"`, ipv6Addrs))
|
||||
kvPairs := commonKvPairs
|
||||
|
||||
var pkgNames []string
|
||||
for _, pkg := range vinfo.AffectedPackages {
|
||||
@@ -94,5 +96,10 @@ func (w SyslogWriter) encodeSyslog(result models.ScanResult) (messages []string)
|
||||
// message: key1="value1" key2="value2"...
|
||||
messages = append(messages, strings.Join(kvPairs, " "))
|
||||
}
|
||||
|
||||
if len(messages) == 0 {
|
||||
commonKvPairs = append(commonKvPairs, `message="No CVE-IDs are found"`)
|
||||
messages = append(messages, strings.Join(commonKvPairs, " "))
|
||||
}
|
||||
return messages
|
||||
}
|
||||
|
||||
@@ -73,6 +73,19 @@ func TestSyslogWriterEncodeSyslog(t *testing.T) {
|
||||
`scanned_at="2018-06-13 17:10:00 +0000 UTC" server_name="teste02" os_family="centos" os_release="6" ipv4_addr="" ipv6_addr="2001:0DB8::1" packages="pkg5" cve_id="CVE-2017-0003"`,
|
||||
},
|
||||
},
|
||||
{
|
||||
result: models.ScanResult{
|
||||
ScannedAt: time.Date(2018, 6, 13, 12, 10, 0, 0, time.UTC),
|
||||
ServerName: "teste03",
|
||||
Family: "centos",
|
||||
Release: "7",
|
||||
IPv6Addrs: []string{"2001:0DB8::1"},
|
||||
ScannedCves: models.VulnInfos{},
|
||||
},
|
||||
expectedMessages: []string{
|
||||
`scanned_at="2018-06-13 12:10:00 +0000 UTC" server_name="teste03" os_family="centos" os_release="7" ipv4_addr="" ipv6_addr="2001:0DB8::1" message="No CVE-IDs are found"`,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for i, tt := range tests {
|
||||
|
||||
Reference in New Issue
Block a user