diff --git a/scripts/pcs_container_vulnerabilities_on_running_hosts.py b/scripts/pcs_container_vulnerabilities_on_running_hosts.py index 7250ef6..0b0d893 100644 --- a/scripts/pcs_container_vulnerabilities_on_running_hosts.py +++ b/scripts/pcs_container_vulnerabilities_on_running_hosts.py @@ -24,7 +24,13 @@ '--hours', type=int, default=DEFAULT_HOURS, - help="(Optional) - Number of hours for a container host to be considered online. (Default %s)" % DEFAULT_HOURS + help="(Optional) - Number of hours for a container host to be considered online. (Default %s)" % DEFAULT_HOURS) +parser.add_argument( + '--multiples', + type=bool, + choices=[True, False], + default=False, + help="(Optional) - Multiple hosts are running hosts." ) args = parser.parse_args() @@ -59,17 +65,20 @@ def recent(datetime_string, delta_hours): print(' done.') print() +print(hosts, file=open('hosts.txt', 'w')) + hosts_dictionary = {} for host in hosts: + # _id or hostname ? hosts_dictionary[host['_id']] = host # https://prisma.pan.dev/api/cloud/cwpp/images#operation/get-images print('Getting Deployed Images (please wait) ...', end='') result = pc_api.execute_compute('GET', 'api/v1/images/download?', query_params={'filterBaseImage': 'true'}) +print(result, file=open('temp.csv', 'w')) print(' done.') print() -print(result, file=open('temp.csv', 'w')) images = pc_utility.read_csv_file_text('temp.csv') headers = images[0].keys() @@ -81,13 +90,22 @@ def recent(datetime_string, delta_hours): writer.writerow(headers) for image in images: if 'Hosts' in image: - host = image['Hosts'] + if image['Hosts'].isnumeric(): + if args.multiples: + writer.writerow(image.values()) + else: + print("Skipping Container: Multiple Parent Hosts. ID: (%s)" % (image['Id'])) + continue if image['Hosts'] in hosts_dictionary: host = hosts_dictionary[image['Hosts']] if recent(host['scanTime'], args.hours): writer.writerow(image.values()) else: print("Skipping Container: Parent Host (%s) Last Scan Time: (%s) older than (%s) Hours" % (image['Hosts'], host['scanTime'], args.hours)) + else: + print("Skipping Container: Parent Host (%s) not found in Hosts. ID: (%s)" % (image['Hosts'], image['Id'])) + else: + print("Skipping Container: Parent Host not defined in Deployed Images. ID: (%s)" % (image['Id'])) print("* Vulnerabilities Exported") print()