This repository has been archived by the owner on Aug 1, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #249 from JupiterOne/tenable-enhancement-dev
Tenable enhancement dev
- Loading branch information
Showing
23 changed files
with
786 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,15 @@ | ||
ACCESS_KEY=tenable-access-key | ||
SECRET_KEY=tenable-secret-key | ||
ASSET_API_TIMEOUT_IN_MINUTES=30 | ||
|
||
# Configuration filters for Vulnerabilities | ||
VULNERABILITY_API_TIMEOUT_IN_MINUTES=30 | ||
VULNERABILITY_SEVERITIES=info,low,medium,high,critical | ||
VULNERABILITY_STATES=open,reopened,fixed | ||
|
||
# Configuration filters for Compliance Findings | ||
COMPLIANCE_LAST_SEEN=15,30,60,90 | ||
COMPLIANCE_STATE=OPEN,REOPENED,FIXED | ||
COMPLIANCE_RESULT=PASSED,FAILED,WARNING,SKIPPED,UNKNOWN,ERROR | ||
COMPLIANCE_NUM_FINDINGS=10000 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
import { IntegrationIngestionConfigFieldMap } from '@jupiterone/integration-sdk-core'; | ||
import { INGESTION_SOURCE_IDS } from './steps/constants'; | ||
|
||
export const ingestionConfig: IntegrationIngestionConfigFieldMap = { | ||
[INGESTION_SOURCE_IDS.ACCOUNT]: { | ||
title: 'Account', | ||
description: 'Tenable accounts', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.SERVICE]: { | ||
title: 'Service', | ||
description: 'Service descriptions', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.ASSETS]: { | ||
title: 'Assets', | ||
description: 'Asset descriptions', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.VULNERABILITIES]: { | ||
title: 'Vulnerabilities', | ||
description: 'Vulnerability descriptions', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.USERS]: { | ||
title: 'Users', | ||
description: 'User information', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.CONTAINER_IMAGES]: { | ||
title: 'Container Images', | ||
description: 'Container image descriptions', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.CONTAINER_REPOSITORIES]: { | ||
title: 'Container Repositories', | ||
description: 'Container repository descriptions', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.CONTAINER_REPORTS]: { | ||
title: 'Container Reports', | ||
description: 'Reports on container statuses', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.SCANNER_IDS]: { | ||
title: 'Scanner IDs', | ||
description: 'Scanner ID information', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.AGENTS]: { | ||
title: 'Agents', | ||
description: 'Agent information', | ||
defaultsToDisabled: false, | ||
}, | ||
[INGESTION_SOURCE_IDS.COMPLIANCE_FINDINGS]: { | ||
title: 'Compliance Findings', | ||
description: 'Compliance findings', | ||
defaultsToDisabled: true, | ||
}, | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
import { Entities } from '../constants'; | ||
import { | ||
createIntegrationEntity, | ||
Entity, | ||
} from '@jupiterone/integration-sdk-core'; | ||
import { generateEntityKey } from '../../utils/generateKey'; | ||
|
||
export function createComplianceFindingEntity(complianceChunk): Entity { | ||
return createIntegrationEntity({ | ||
entityData: { | ||
source: complianceChunk, | ||
assign: { | ||
_class: Entities.COMPLIANCE_FINDINGS._class, | ||
_type: Entities.COMPLIANCE_FINDINGS._type, | ||
_key: generateEntityKey( | ||
Entities.COMPLIANCE_FINDINGS._type, | ||
complianceChunk.uuid, | ||
), | ||
|
||
// Schema required fields. | ||
category: ['network', 'host'], | ||
severity: ['low', 'medium'], | ||
numericSeverity: [1, 2], | ||
id: String(complianceChunk.id), | ||
agentId: complianceChunk.id, | ||
displayName: complianceChunk.name, | ||
open: complianceChunk.state === 'OPEN', | ||
|
||
// Entity additional data. | ||
name: complianceChunk.name, | ||
status: complianceChunk.status, | ||
firstSeen: complianceChunk.first_seen, | ||
lastSeen: complianceChunk.last_seen, | ||
agentName: complianceChunk.agent_name, | ||
}, | ||
}, | ||
}); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
import { IntegrationConfig } from '../../config'; | ||
import { | ||
ExportComplianceFindingsFilter, | ||
complianceChunkState, | ||
complianceChunkResult, | ||
} from '../../tenable/client'; | ||
import { subDays, getUnixTime } from 'date-fns'; | ||
|
||
const DEFAULT_STATES: complianceChunkState[] = ['OPEN', 'REOPENED', 'FIXED']; | ||
const DEFAULT_RESULTS: complianceChunkResult[] = [ | ||
'PASSED', | ||
'FAILED', | ||
'WARNING', | ||
'SKIPPED', | ||
'UNKNOWN', | ||
'ERROR', | ||
]; | ||
const DEFAULT_LAST_SEEN_DAYS = 30; // Default to 30 days if not provided | ||
|
||
function parseComplianceStates(states: string): complianceChunkState[] { | ||
return states.split(',') as complianceChunkState[]; | ||
} | ||
|
||
function parseComplianceResults(results: string): complianceChunkResult[] { | ||
return results.split(',') as complianceChunkResult[]; | ||
} | ||
|
||
function calculateLastSeenTimestamp(daysAgo: number): number { | ||
const lastSeenDate = subDays(new Date(), daysAgo); | ||
return getUnixTime(lastSeenDate); | ||
} | ||
|
||
export function buildComplianceFilters( | ||
config: IntegrationConfig, | ||
): ExportComplianceFindingsFilter { | ||
const lastSeenDays = config.complianceLastSeen | ||
? Number(config.complianceLastSeen) | ||
: DEFAULT_LAST_SEEN_DAYS; | ||
if (isNaN(lastSeenDays)) { | ||
throw new Error( | ||
`Invalid complianceLastSeen value: ${config.complianceLastSeen}`, | ||
); | ||
} | ||
|
||
const lastSeenTimestamp = calculateLastSeenTimestamp(lastSeenDays); | ||
|
||
return { | ||
state: config.complianceState | ||
? parseComplianceStates(config.complianceState) | ||
: DEFAULT_STATES, | ||
compliance_results: config.complianceResults | ||
? parseComplianceResults(config.complianceResults) | ||
: DEFAULT_RESULTS, | ||
last_seen: lastSeenTimestamp, | ||
}; | ||
} |
Oops, something went wrong.