├── LICENSE ├── NOTICE ├── README.md ├── configs ├── activemq.xml ├── afevents.sql ├── alertflex.sql ├── default.conf ├── enterprise-attack.json ├── jetty-realm.properties ├── misp.sql ├── mysql.sql ├── nginx.conf ├── project.properties └── ssl.conf ├── controller ├── pom.xml └── src │ └── main │ ├── java │ └── org │ │ └── alertflex │ │ ├── common │ │ └── PojoAlertLogic.java │ │ ├── controller │ │ ├── AgentsManagement.java │ │ ├── AlertsMessageBean.java │ │ ├── ConfigManagement.java │ │ ├── InfoMessageBean.java │ │ ├── LogsManagement.java │ │ ├── ProbesManagement.java │ │ ├── ReportsMessageBean.java │ │ └── StatsManagement.java │ │ ├── entity │ │ ├── Agent.java │ │ ├── AgentMisconfig.java │ │ ├── AgentVul.java │ │ ├── Alert.java │ │ ├── AlertCategory.java │ │ ├── AlertPriority.java │ │ ├── Attributes.java │ │ ├── Container.java │ │ ├── Events.java │ │ ├── Hosts.java │ │ ├── Networks.java │ │ ├── Node.java │ │ ├── NodeAlerts.java │ │ ├── NodeMonitor.java │ │ ├── NodePK.java │ │ ├── Playbook.java │ │ ├── Pod.java │ │ ├── PostureAppsecret.java │ │ ├── PostureAppvuln.java │ │ ├── PostureCloudformation.java │ │ ├── PostureCloudsploit.java │ │ ├── PostureDockerconfig.java │ │ ├── PostureDockervuln.java │ │ ├── PostureInspector.java │ │ ├── PostureK8sconfig.java │ │ ├── PostureK8svuln.java │ │ ├── PostureKubehunter.java │ │ ├── PostureNikto.java │ │ ├── PostureNmap.java │ │ ├── PostureNuclei.java │ │ ├── PostureSemgrep.java │ │ ├── PostureSonarqube.java │ │ ├── PostureTask.java │ │ ├── PostureTerraform.java │ │ ├── PostureZap.java │ │ ├── Probe.java │ │ ├── ProbePK.java │ │ ├── Project.java │ │ ├── Response.java │ │ └── Users.java │ │ ├── facade │ │ ├── AbstractFacade.java │ │ ├── AgentFacade.java │ │ ├── AgentMisconfigFacade.java │ │ ├── AgentVulFacade.java │ │ ├── AlertCategoryFacade.java │ │ ├── AlertFacade.java │ │ ├── AlertPriorityFacade.java │ │ ├── AttributesFacade.java │ │ ├── ContainerFacade.java │ │ ├── EventsFacade.java │ │ ├── HostsFacade.java │ │ ├── NetworksFacade.java │ │ ├── NodeAlertsFacade.java │ │ ├── NodeFacade.java │ │ ├── NodeMonitorFacade.java │ │ ├── PlaybookFacade.java │ │ ├── PodFacade.java │ │ ├── PostureAppsecretFacade.java │ │ ├── PostureAppvulnFacade.java │ │ ├── PostureCloudformationFacade.java │ │ ├── PostureCloudsploitFacade.java │ │ ├── PostureDockerconfigFacade.java │ │ ├── PostureDockervulnFacade.java │ │ ├── PostureInspectorFacade.java │ │ ├── PostureK8sconfigFacade.java │ │ ├── PostureK8svulnFacade.java │ │ ├── PostureKubehunterFacade.java │ │ ├── PostureNiktoFacade.java │ │ ├── PostureNmapFacade.java │ │ ├── PostureNucleiFacade.java │ │ ├── PostureSemgrepFacade.java │ │ ├── PostureSonarqubeFacade.java │ │ ├── PostureTaskFacade.java │ │ ├── PostureTerraformFacade.java │ │ ├── PostureZapFacade.java │ │ ├── ProbeFacade.java │ │ ├── ProjectFacade.java │ │ ├── ResponseFacade.java │ │ └── UsersFacade.java │ │ ├── jobs │ │ ├── CheckProbes.java │ │ ├── RemoveAlerts.java │ │ └── RemoveNodeStat.java │ │ ├── logserver │ │ ├── ElasticSearch.java │ │ ├── FromElasticPool.java │ │ ├── FromGraylogPool.java │ │ ├── GrayLog.java │ │ ├── PooledElasticProducer.java │ │ └── PooledGraylogProducer.java │ │ ├── posture │ │ ├── AppSbom.java │ │ ├── AppSecret.java │ │ ├── AppVuln.java │ │ ├── CloudFormation.java │ │ ├── Cloudsploit.java │ │ ├── DockerConfig.java │ │ ├── DockerSbom.java │ │ ├── DockerVuln.java │ │ ├── K8sConfig.java │ │ ├── K8sVuln.java │ │ ├── KubeHunter.java │ │ ├── Nikto.java │ │ ├── Nmap.java │ │ ├── Nuclei.java │ │ ├── Semgrep.java │ │ ├── Sonarqube.java │ │ ├── Terraform.java │ │ ├── Zap.java │ │ └── nmap │ │ │ ├── NmapJson.java │ │ │ ├── NmapParser.java │ │ │ └── NmapReport.java │ │ ├── reports │ │ ├── AlertsBar.java │ │ ├── AlertsPie.java │ │ ├── CounterInterval.java │ │ ├── Finding.java │ │ ├── JasperDataAlertsSeverity.java │ │ ├── JasperDataAlertsSource.java │ │ ├── JasperDataCloud.java │ │ ├── JasperDataMisconfig.java │ │ ├── JasperDataScanners.java │ │ └── JasperDataVuln.java │ │ ├── rest │ │ ├── MetricsREST.java │ │ ├── PlaybookREST.java │ │ ├── PostureREST.java │ │ ├── StixAlertsREST.java │ │ └── VrnREST.java │ │ └── supp │ │ ├── GeoIp.java │ │ ├── GitlabIncident.java │ │ ├── HiveIncident.java │ │ ├── PosturePostBody.java │ │ ├── ProjectRepository.java │ │ └── RestResponseFilter.java │ ├── resources │ └── META-INF │ │ └── persistence.xml │ └── webapp │ └── WEB-INF │ ├── beans.xml │ ├── glassfish-ejb-jar.xml │ ├── glassfish-web.xml │ └── web.xml ├── env.sh ├── env_appliance.sh ├── html ├── api.yaml ├── css │ ├── bootstrap.css │ ├── font-awesome.min.css │ ├── style.css │ ├── swagger-ui.css │ └── swagger-ui.css.map ├── fonts │ ├── FontAwesome.otf │ ├── fontawesome-webfont.eot │ ├── fontawesome-webfont.svg │ ├── fontawesome-webfont.ttf │ ├── fontawesome-webfont.woff │ └── fontawesome-webfont.woff2 ├── img │ └── box.ico ├── index.html └── js │ ├── bootstrap.min.js │ ├── jquery.js │ ├── swagger-ui-bundle.js │ ├── swagger-ui-bundle.js.map │ ├── swagger-ui-es-bundle-core.js │ ├── swagger-ui-es-bundle-core.js.map │ ├── swagger-ui-es-bundle.js │ ├── swagger-ui-es-bundle.js.map │ ├── swagger-ui-standalone-preset.js │ ├── swagger-ui-standalone-preset.js.map │ ├── swagger-ui.js │ └── swagger-ui.js.map ├── img └── arch.png ├── install_ubuntu20.sh ├── pom.xml ├── reports ├── alerts_report.jasper ├── alerts_subrep1.jasper ├── alerts_subrep2.jasper ├── alerts_subrep3.jasper ├── alerts_subrep4.jasper ├── cloud_cform.jasper ├── cloud_gd.jasper ├── cloud_ins.jasper ├── cloud_report.jasper ├── cloud_terra.jasper ├── misconfig_app.jasper ├── misconfig_docker.jasper ├── misconfig_host.jasper ├── misconfig_k8s.jasper ├── misconfig_report.jasper ├── scanner_kubehunter.jasper ├── scanner_nmap.jasper ├── scanner_nuclei.jasper ├── scanner_zap.jasper ├── scanners_report.jasper ├── vuln_app.jasper ├── vuln_docker.jasper ├── vuln_host.jasper ├── vuln_k8s.jasper └── vuln_report.jasper └── test-cases.md /NOTICE: -------------------------------------------------------------------------------- 1 | Copyright notices 2 | ----------------- 3 | 4 | The repository includes a common installation script and configs files for Alertflex central node, the MISP docker install script. 5 | Additionally, the repository includes a java binary file of the Alertflex management console, that is not covered by the license of the repository 6 | (you need to confirm a EULA to start using the management console). 7 | 8 | * installation script includes code for install ActiveMQ, please see https://activemq.apache.org/what-is-the-license 9 | 10 | * installation script includes code for install MISP, please see https://www.misp-project.org/license/ 11 | 12 | * installation script includes modified code for install MISP docker image, original code/image available from https://hub.docker.com/r/harvarditsecurity/misp/dockerfile 13 | 14 | * installation script includes code for install MySQL community edition, please see https://www.mysql.com/products/community/ 15 | 16 | * installation script includes code for install Nginx, please see http://nginx.org/LICENSE 17 | 18 | * installation script includes code for install Payara, please see https://github.com/payara/Payara/blob/master/LICENSE.txt 19 | 20 | * installation script includes code for install Wazuh, please see https://github.com/wazuh/wazuh/blob/master/LICENSE 21 | 22 | * this product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com 23 | 24 | * console includes Ganymed SSH-2. Copyright notice for Ganymed SSH-2 shown below: 25 | 26 | Copyright (c) 2005 - 2006 Swiss Federal Institute of Technology (ETH Zurich), 27 | Department of Computer Science (http://www.inf.ethz.ch), 28 | Christian Plattner. All rights reserved. 29 | 30 | Redistribution and use in source and binary forms, with or without 31 | modification, are permitted provided that the following conditions 32 | are met: 33 | 34 | a.) Redistributions of source code must retain the above copyright 35 | notice, this list of conditions and the following disclaimer. 36 | b.) Redistributions in binary form must reproduce the above copyright 37 | notice, this list of conditions and the following disclaimer in the 38 | documentation and/or other materials provided with the distribution. 39 | c.) Neither the name of ETH Zurich nor the names of its contributors may 40 | be used to endorse or promote products derived from this software 41 | without specific prior written permission. 42 | 43 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 44 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 45 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 46 | ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 47 | LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 48 | CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 49 | SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 50 | INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 51 | CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 52 | ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 53 | POSSIBILITY OF SUCH DAMAGE. 54 | 55 | 56 | The Java implementations of the AES, Blowfish and 3DES ciphers have been 57 | taken (and slightly modified) from the cryptography package released by 58 | "The Legion Of The Bouncy Castle". 59 | 60 | Their license states the following: 61 | 62 | Copyright (c) 2000 - 2004 The Legion Of The Bouncy Castle 63 | (http://www.bouncycastle.org) 64 | 65 | Permission is hereby granted, free of charge, to any person obtaining a copy 66 | of this software and associated documentation files (the "Software"), to deal 67 | in the Software without restriction, including without limitation the rights 68 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 69 | copies of the Software, and to permit persons to whom the Software is 70 | furnished to do so, subject to the following conditions: 71 | 72 | The above copyright notice and this permission notice shall be included in 73 | all copies or substantial portions of the Software. 74 | 75 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 76 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 77 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 78 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 79 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 80 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 81 | THE SOFTWARE. 82 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # cnode 2 | see [Alertflex documentation](https://alertflex.github.io/doc) 3 | -------------------------------------------------------------------------------- /configs/afevents.sql: -------------------------------------------------------------------------------- 1 | -- do not change any settings 2 | 3 | CREATE TABLE `alert` ( 4 | `alert_id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, 5 | `alert_uuid` char(37) NOT NULL DEFAULT '', 6 | `ref_id` varchar(255) NOT NULL DEFAULT '', 7 | `node` varchar(255) NOT NULL DEFAULT '', 8 | `probe` varchar(512) NOT NULL DEFAULT '', 9 | `categories` varchar(1024) NOT NULL DEFAULT '', 10 | `description` varchar(1024) NOT NULL DEFAULT '', 11 | `alert_severity` int(10) unsigned NOT NULL DEFAULT '0', 12 | `alert_source` varchar(32) NOT NULL DEFAULT '', 13 | `alert_type` varchar(32) NOT NULL DEFAULT '', 14 | `event_id` varchar(512) NOT NULL DEFAULT '', 15 | `event_severity` varchar(255) NOT NULL DEFAULT '', 16 | `location` varchar(1024) NOT NULL DEFAULT '', 17 | `status` varchar(32) NOT NULL DEFAULT '', 18 | `action` varchar(256) NOT NULL DEFAULT '', 19 | `filter` varchar(512) NOT NULL DEFAULT '', 20 | `info` varchar(1024) NOT NULL DEFAULT '', 21 | `src_ip` varchar(128) NOT NULL DEFAULT '', 22 | `dst_ip` varchar(128) NOT NULL DEFAULT '', 23 | `src_hostname` varchar(512) NOT NULL DEFAULT '', 24 | `dst_hostname` varchar(512) NOT NULL DEFAULT '', 25 | `src_port` int(10) unsigned NOT NULL DEFAULT '0', 26 | `dst_port` int(10) unsigned NOT NULL DEFAULT '0', 27 | `file_name` varchar(1024) NOT NULL DEFAULT '', 28 | `reg_value` varchar(512) NOT NULL DEFAULT '', 29 | `hash_md5` varchar(128) NOT NULL DEFAULT '', 30 | `hash_sha1` varchar(128) NOT NULL DEFAULT '', 31 | `hash_sha256` varchar(512) NOT NULL DEFAULT '', 32 | `process_id` int(10), 33 | `process_name` varchar(512) NOT NULL DEFAULT '', 34 | `process_cmdline` varchar(512) NOT NULL DEFAULT '', 35 | `process_path` varchar(1024) NOT NULL DEFAULT '', 36 | `url_hostname` varchar(512) NOT NULL DEFAULT '', 37 | `url_path` varchar(1024) NOT NULL DEFAULT '', 38 | `container_id` varchar(512) NOT NULL DEFAULT '', 39 | `container_name` varchar(512) NOT NULL DEFAULT '', 40 | `cloud_instance` varchar(1024) NOT NULL DEFAULT '', 41 | `user_name` varchar(512) NOT NULL DEFAULT '', 42 | `agent_name` varchar(512) NOT NULL DEFAULT '', 43 | `incident_ext` varchar(512) NOT NULL DEFAULT '', 44 | `time_event` varchar(512) NOT NULL DEFAULT '', 45 | `time_collr` datetime DEFAULT NULL, 46 | `time_cntrl` datetime DEFAULT NULL, 47 | PRIMARY KEY (`alert_id`) 48 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8; 49 | 50 | CREATE TABLE `node_alerts` ( 51 | `rec_id` bigint unsigned NOT NULL AUTO_INCREMENT, 52 | `ref_id` varchar(150) NOT NULL DEFAULT '', 53 | `node` varchar(255) NOT NULL DEFAULT '', 54 | `host` varchar(255) NOT NULL, 55 | `crs_agg` bigint unsigned NOT NULL DEFAULT '0', 56 | `crs_filter` bigint unsigned NOT NULL DEFAULT '0', 57 | `crs_s0` bigint unsigned NOT NULL DEFAULT '0', 58 | `crs_s1` bigint unsigned NOT NULL DEFAULT '0', 59 | `crs_s2` bigint unsigned NOT NULL DEFAULT '0', 60 | `crs_s3` bigint unsigned NOT NULL DEFAULT '0', 61 | `hids_agg` bigint unsigned NOT NULL DEFAULT '0', 62 | `hids_filter` bigint unsigned NOT NULL DEFAULT '0', 63 | `hids_s0` bigint unsigned NOT NULL DEFAULT '0', 64 | `hids_s1` bigint unsigned NOT NULL DEFAULT '0', 65 | `hids_s2` bigint unsigned NOT NULL DEFAULT '0', 66 | `hids_s3` bigint unsigned NOT NULL DEFAULT '0', 67 | `nids_agg` bigint unsigned NOT NULL DEFAULT '0', 68 | `nids_filter` bigint unsigned NOT NULL DEFAULT '0', 69 | `nids_s0` bigint unsigned NOT NULL DEFAULT '0', 70 | `nids_s1` bigint unsigned NOT NULL DEFAULT '0', 71 | `nids_s2` bigint unsigned NOT NULL DEFAULT '0', 72 | `nids_s3` bigint unsigned NOT NULL DEFAULT '0', 73 | `waf_agg` bigint unsigned NOT NULL DEFAULT '0', 74 | `waf_filter` bigint unsigned NOT NULL DEFAULT '0', 75 | `waf_s0` bigint unsigned NOT NULL DEFAULT '0', 76 | `waf_s1` bigint unsigned NOT NULL DEFAULT '0', 77 | `waf_s2` bigint unsigned NOT NULL DEFAULT '0', 78 | `waf_s3` bigint unsigned NOT NULL DEFAULT '0', 79 | `time_of_survey` datetime DEFAULT NULL, 80 | PRIMARY KEY (`rec_id`) 81 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8; 82 | 83 | CREATE TABLE `node_monitor` ( 84 | `rec_id` bigint unsigned NOT NULL AUTO_INCREMENT, 85 | `ref_id` varchar(150) NOT NULL DEFAULT '', 86 | `node` varchar(255) NOT NULL DEFAULT '', 87 | `host` varchar(255) NOT NULL, 88 | `events_crs` bigint unsigned NOT NULL DEFAULT '0', 89 | `events_hids` bigint unsigned NOT NULL DEFAULT '0', 90 | `events_nids` bigint unsigned NOT NULL DEFAULT '0', 91 | `events_waf` bigint unsigned NOT NULL DEFAULT '0', 92 | `log_counter` bigint unsigned NOT NULL DEFAULT '0', 93 | `log_volume` bigint unsigned NOT NULL DEFAULT '0', 94 | `stat_counter` bigint unsigned NOT NULL DEFAULT '0', 95 | `stat_volume` bigint unsigned NOT NULL DEFAULT '0', 96 | `time_of_survey` datetime DEFAULT NULL, 97 | PRIMARY KEY (`rec_id`) 98 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8; -------------------------------------------------------------------------------- /configs/default.conf: -------------------------------------------------------------------------------- 1 | 2 | server { 3 | listen 80; 4 | 5 | server_name _admin_host; 6 | 7 | location / { 8 | root /usr/share/nginx/html; 9 | index index.html index.htm; 10 | } 11 | } 12 | 13 | -------------------------------------------------------------------------------- /configs/jetty-realm.properties: -------------------------------------------------------------------------------- 1 | ## --------------------------------------------------------------------------- 2 | ## Licensed to the Apache Software Foundation (ASF) under one or more 3 | ## contributor license agreements. See the NOTICE file distributed with 4 | ## this work for additional information regarding copyright ownership. 5 | ## The ASF licenses this file to You under the Apache License, Version 2.0 6 | ## (the "License"); you may not use this file except in compliance with 7 | ## the License. You may obtain a copy of the License at 8 | ## 9 | ## http://www.apache.org/licenses/LICENSE-2.0 10 | ## 11 | ## Unless required by applicable law or agreed to in writing, software 12 | ## distributed under the License is distributed on an "AS IS" BASIS, 13 | ## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | ## See the License for the specific language governing permissions and 15 | ## limitations under the License. 16 | ## --------------------------------------------------------------------------- 17 | 18 | # Defines users that can access the web (console, demo, etc.) 19 | # username: password [,rolename ...] 20 | admin: _admin_pwd, admin 21 | -------------------------------------------------------------------------------- /configs/misp.sql: -------------------------------------------------------------------------------- 1 | -- do not change any settings 2 | 3 | CREATE TABLE `events` ( 4 | `id` int(11) NOT NULL AUTO_INCREMENT, 5 | `org_id` int(11) NOT NULL, 6 | `date` date NOT NULL, 7 | `info` text COLLATE utf8_bin NOT NULL, 8 | `user_id` int(11) NOT NULL, 9 | `uuid` varchar(40) COLLATE utf8_bin NOT NULL, 10 | `published` tinyint(1) NOT NULL DEFAULT 0, 11 | `analysis` tinyint(4) NOT NULL, 12 | `attribute_count` int(11) unsigned DEFAULT 0, 13 | `orgc_id` int(11) NOT NULL, 14 | `timestamp` int(11) NOT NULL DEFAULT 0, 15 | `distribution` tinyint(4) NOT NULL DEFAULT 0, 16 | `sharing_group_id` int(11) NOT NULL, 17 | `proposal_email_lock` tinyint(1) NOT NULL DEFAULT 0, 18 | `locked` tinyint(1) NOT NULL DEFAULT 0, 19 | `threat_level_id` int(11) NOT NULL, 20 | `publish_timestamp` int(11) NOT NULL DEFAULT 0, 21 | `sighting_timestamp` int(11) NOT NULL DEFAULT 0, 22 | `disable_correlation` tinyint(1) NOT NULL DEFAULT 0, 23 | `extends_uuid` varchar(40) COLLATE utf8_bin DEFAULT '', 24 | PRIMARY KEY (`id`), 25 | UNIQUE INDEX `uuid` (`uuid`), 26 | INDEX `info` (`info`(255)), 27 | INDEX `sharing_group_id` (`sharing_group_id`), 28 | INDEX `org_id` (`org_id`), 29 | INDEX `orgc_id` (`orgc_id`), 30 | INDEX `extends_uuid` (`extends_uuid`) 31 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; 32 | 33 | CREATE TABLE `attributes` ( 34 | `id` int(11) NOT NULL AUTO_INCREMENT, 35 | `event_id` int(11) NOT NULL, 36 | `object_id` int(11) NOT NULL DEFAULT 0, 37 | `object_relation` varchar(255) COLLATE utf8_bin, 38 | `category` varchar(255) COLLATE utf8_bin NOT NULL, 39 | `type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, 40 | `value1` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, 41 | `value2` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, 42 | `to_ids` tinyint(1) NOT NULL DEFAULT 1, 43 | `uuid` varchar(40) COLLATE utf8_bin NOT NULL, 44 | `timestamp` int(11) NOT NULL DEFAULT 0, 45 | `distribution` tinyint(4) NOT NULL DEFAULT 0, 46 | `sharing_group_id` int(11) NOT NULL, 47 | `comment` text COLLATE utf8_bin, 48 | `deleted` tinyint(1) NOT NULL DEFAULT 0, 49 | `disable_correlation` tinyint(1) NOT NULL DEFAULT 0, 50 | PRIMARY KEY (`id`), 51 | INDEX `event_id` (`event_id`), 52 | INDEX `object_id` (`object_id`), 53 | INDEX `object_relation` (`object_relation`), 54 | INDEX `value1` (`value1`(255)), 55 | INDEX `value2` (`value2`(255)), 56 | INDEX `type` (`type`), 57 | INDEX `category` (`category`), 58 | INDEX `sharing_group_id` (`sharing_group_id`), 59 | UNIQUE INDEX `uuid` (`uuid`) 60 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; 61 | -------------------------------------------------------------------------------- /configs/mysql.sql: -------------------------------------------------------------------------------- 1 | -- do not change any settings 2 | 3 | ALTER USER root@'localhost' IDENTIFIED WITH mysql_native_password BY '_db_pwd'; 4 | 5 | CREATE USER _db_user@'_db_host' IDENTIFIED WITH mysql_native_password BY '_db_pwd'; 6 | 7 | CREATE USER misp@'localhost' IDENTIFIED WITH mysql_native_password BY '_db_pwd'; 8 | 9 | CREATE DATABASE alertflex; 10 | GRANT ALL ON alertflex.* TO _db_user@'_db_host'; 11 | 12 | CREATE DATABASE afevents; 13 | GRANT ALL ON afevents.* TO _db_user@'_db_host'; 14 | 15 | CREATE DATABASE misp; 16 | GRANT ALL ON misp.* TO misp@'localhost'; 17 | 18 | FLUSH PRIVILEGES; 19 | -------------------------------------------------------------------------------- /configs/nginx.conf: -------------------------------------------------------------------------------- 1 | 2 | user nginx; 3 | worker_processes 2; 4 | 5 | error_log /var/log/nginx/error.log info; 6 | pid /var/run/nginx.pid; 7 | 8 | 9 | events { 10 | worker_connections 1024; 11 | } 12 | 13 | 14 | http { 15 | include /etc/nginx/mime.types; 16 | default_type application/octet-stream; 17 | 18 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 19 | '$status $body_bytes_sent "$http_referer" ' 20 | '"$http_user_agent" "$http_x_forwarded_for"'; 21 | 22 | access_log /var/log/nginx/access.log main; 23 | 24 | sendfile on; 25 | #tcp_nopush on; 26 | 27 | keepalive_timeout 65; 28 | 29 | #gzip on; 30 | 31 | include /etc/nginx/conf.d/*.conf; 32 | } 33 | -------------------------------------------------------------------------------- /configs/project.properties: -------------------------------------------------------------------------------- 1 | # Update project properties 2 | update_properties=0 3 | 4 | # Generate alerts based on status of findings: 1 - for all existing, 2 - for non confirmed, 3 - only for new 5 | alert_type=3 6 | # Set project parameters 7 | alert_timerange=0 8 | node_timerange=0 9 | posture_timerange=0 10 | ioc_check=0 11 | 12 | prometheus_stat=0 13 | send_netflow=0 14 | send_incident=0 15 | 16 | # Graylog 17 | graylog_host= 18 | graylog_port=0 19 | 20 | # ELK/OpenSearch log 21 | elk_host= 22 | elk_port=9200 23 | elk_user= 24 | elk_pass= 25 | elk_storepass= 26 | elk_keystore= 27 | elk_truststore= 28 | 29 | # TheHive incidents 30 | hive_url= 31 | hive_key= 32 | 33 | # GitLab incidents 34 | gitlab_url= 35 | gitlab_key= 36 | 37 | # SonarQube 38 | sonar_url= 39 | sonar_user= 40 | sonar_pass= 41 | 42 | # Dependency-track 43 | track_url= 44 | track_key= 45 | track_project= 46 | track_version= 47 | -------------------------------------------------------------------------------- /configs/ssl.conf: -------------------------------------------------------------------------------- 1 | 2 | server { 3 | listen 443 ssl; 4 | 5 | ssl_certificate /etc/nginx/ssl/nginx.crt; 6 | ssl_certificate_key /etc/nginx/ssl/nginx.key; 7 | 8 | location / { 9 | root /usr/share/nginx/html; 10 | index index.html index.htm; 11 | } 12 | 13 | location /alertflex-mc { 14 | proxy_pass http://127.0.0.1:8080/alertflex-mc; 15 | } 16 | 17 | location /admin { 18 | proxy_pass http://127.0.0.1:8161/admin; 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/controller/AgentsManagement.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.controller; 17 | 18 | import org.alertflex.entity.Agent; 19 | import org.json.JSONException; 20 | import org.json.JSONObject; 21 | 22 | import org.apache.logging.log4j.LogManager; 23 | import org.apache.logging.log4j.Logger; 24 | 25 | public class AgentsManagement { 26 | 27 | private static final Logger logger = LogManager.getLogger(AgentsManagement.class); 28 | 29 | private InfoMessageBean eventBean; 30 | String ref; 31 | String node; 32 | 33 | public AgentsManagement(InfoMessageBean eb) { 34 | this.eventBean = eb; 35 | this.ref = eb.getRefId(); 36 | this.node = eb.getNode(); 37 | } 38 | 39 | public void saveAgentKey(String agent, String json) { 40 | 41 | try { 42 | 43 | JSONObject obj = new JSONObject(json); 44 | 45 | int error = obj.getInt("error"); 46 | 47 | if (error != 0) { 48 | return; 49 | } 50 | 51 | JSONObject data = obj.getJSONObject("data"); 52 | 53 | String id = data.getString("id"); 54 | String key = data.getString("key"); 55 | 56 | Agent a = eventBean.getAgentFacade().findAgentByName(ref, node, agent); 57 | 58 | if (a != null) { 59 | a.setAgentId(id); 60 | a.setAgentKey(key); 61 | eventBean.getAgentFacade().edit(a); 62 | } 63 | 64 | } catch (JSONException e) { 65 | logger.error(json); 66 | logger.error("alertflex_ctrl_exception", e); 67 | } 68 | 69 | } 70 | 71 | } 72 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/entity/AlertCategory.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.entity; 17 | 18 | import java.io.Serializable; 19 | import javax.persistence.Basic; 20 | import javax.persistence.Column; 21 | import javax.persistence.Entity; 22 | import javax.persistence.GeneratedValue; 23 | import javax.persistence.GenerationType; 24 | import javax.persistence.Id; 25 | import javax.persistence.NamedQueries; 26 | import javax.persistence.NamedQuery; 27 | import javax.persistence.Table; 28 | import javax.validation.constraints.NotNull; 29 | import javax.validation.constraints.Size; 30 | import javax.xml.bind.annotation.XmlRootElement; 31 | 32 | @Entity 33 | @Table(name = "alert_category") 34 | @XmlRootElement 35 | @NamedQueries({ 36 | @NamedQuery(name = "AlertCategory.findAll", query = "SELECT a FROM AlertCategory a") 37 | , @NamedQuery(name = "AlertCategory.findById", query = "SELECT a FROM AlertCategory a WHERE a.id = :id") 38 | , @NamedQuery(name = "AlertCategory.findByEventId", query = "SELECT a FROM AlertCategory a WHERE a.eventId = :eventId") 39 | , @NamedQuery(name = "AlertCategory.findByCats", query = "SELECT a FROM AlertCategory a WHERE a.cats = :cats") 40 | , @NamedQuery(name = "AlertCategory.findBySource", query = "SELECT a FROM AlertCategory a WHERE a.source = :source")}) 41 | public class AlertCategory implements Serializable { 42 | 43 | private static final long serialVersionUID = 1L; 44 | @Id 45 | @GeneratedValue(strategy = GenerationType.IDENTITY) 46 | @Basic(optional = false) 47 | @Column(name = "id") 48 | private Integer id; 49 | @Basic(optional = false) 50 | @NotNull 51 | @Size(min = 1, max = 512) 52 | @Column(name = "event_id") 53 | private String eventId; 54 | @Basic(optional = false) 55 | @NotNull 56 | @Size(min = 1, max = 1024) 57 | @Column(name = "cats") 58 | private String cats; 59 | @Basic(optional = false) 60 | @NotNull 61 | @Size(min = 1, max = 128) 62 | @Column(name = "source") 63 | private String source; 64 | 65 | public AlertCategory() { 66 | } 67 | 68 | public AlertCategory(Integer id) { 69 | this.id = id; 70 | } 71 | 72 | public AlertCategory(Integer id, String eventId, String cats, String source) { 73 | this.id = id; 74 | this.eventId = eventId; 75 | this.cats = cats; 76 | this.source = source; 77 | } 78 | 79 | public Integer getId() { 80 | return id; 81 | } 82 | 83 | public void setId(Integer id) { 84 | this.id = id; 85 | } 86 | 87 | public String getEventId() { 88 | return eventId; 89 | } 90 | 91 | public void setEventId(String eventId) { 92 | this.eventId = eventId; 93 | } 94 | 95 | public String getCats() { 96 | return cats; 97 | } 98 | 99 | public void setCats(String cats) { 100 | this.cats = cats; 101 | } 102 | 103 | public String getSource() { 104 | return source; 105 | } 106 | 107 | public void setSource(String source) { 108 | this.source = source; 109 | } 110 | 111 | @Override 112 | public int hashCode() { 113 | int hash = 0; 114 | hash += (id != null ? id.hashCode() : 0); 115 | return hash; 116 | } 117 | 118 | @Override 119 | public boolean equals(Object object) { 120 | // TODO: Warning - this method won't work in the case the id fields are not set 121 | if (!(object instanceof AlertCategory)) { 122 | return false; 123 | } 124 | AlertCategory other = (AlertCategory) object; 125 | if ((this.id == null && other.id != null) || (this.id != null && !this.id.equals(other.id))) { 126 | return false; 127 | } 128 | return true; 129 | } 130 | 131 | @Override 132 | public String toString() { 133 | return "org.alertflex.entity.AlertCategory[ id=" + id + " ]"; 134 | } 135 | 136 | } 137 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/entity/NodePK.java: -------------------------------------------------------------------------------- 1 | /* 2 | * To change this license header, choose License Headers in Project Properties. 3 | * To change this template file, choose Tools | Templates 4 | * and open the template in the editor. 5 | */ 6 | package org.alertflex.entity; 7 | 8 | import java.io.Serializable; 9 | import javax.persistence.Basic; 10 | import javax.persistence.Column; 11 | import javax.persistence.Embeddable; 12 | import javax.validation.constraints.NotNull; 13 | import javax.validation.constraints.Size; 14 | 15 | /** 16 | * 17 | * @author root 18 | */ 19 | @Embeddable 20 | public class NodePK implements Serializable { 21 | 22 | @Basic(optional = false) 23 | @NotNull 24 | @Size(min = 1, max = 255) 25 | @Column(name = "ref_id") 26 | private String refId; 27 | @Basic(optional = false) 28 | @NotNull 29 | @Size(min = 1, max = 255) 30 | @Column(name = "name") 31 | private String name; 32 | 33 | public NodePK() { 34 | } 35 | 36 | public NodePK(String refId, String name) { 37 | this.refId = refId; 38 | this.name = name; 39 | } 40 | 41 | public String getRefId() { 42 | return refId; 43 | } 44 | 45 | public void setRefId(String refId) { 46 | this.refId = refId; 47 | } 48 | 49 | public String getName() { 50 | return name; 51 | } 52 | 53 | public void setName(String name) { 54 | this.name = name; 55 | } 56 | 57 | @Override 58 | public int hashCode() { 59 | int hash = 0; 60 | hash += (refId != null ? refId.hashCode() : 0); 61 | hash += (name != null ? name.hashCode() : 0); 62 | return hash; 63 | } 64 | 65 | @Override 66 | public boolean equals(Object object) { 67 | // TODO: Warning - this method won't work in the case the id fields are not set 68 | if (!(object instanceof NodePK)) { 69 | return false; 70 | } 71 | NodePK other = (NodePK) object; 72 | if ((this.refId == null && other.refId != null) || (this.refId != null && !this.refId.equals(other.refId))) { 73 | return false; 74 | } 75 | if ((this.name == null && other.name != null) || (this.name != null && !this.name.equals(other.name))) { 76 | return false; 77 | } 78 | return true; 79 | } 80 | 81 | @Override 82 | public String toString() { 83 | return "org.alertflex.entity.NodePK[ refId=" + refId + ", name=" + name + " ]"; 84 | } 85 | 86 | } 87 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/entity/ProbePK.java: -------------------------------------------------------------------------------- 1 | /* 2 | * To change this license header, choose License Headers in Project Properties. 3 | * To change this template file, choose Tools | Templates 4 | * and open the template in the editor. 5 | */ 6 | package org.alertflex.entity; 7 | 8 | import java.io.Serializable; 9 | import javax.persistence.Basic; 10 | import javax.persistence.Column; 11 | import javax.persistence.Embeddable; 12 | import javax.validation.constraints.NotNull; 13 | import javax.validation.constraints.Size; 14 | 15 | /** 16 | * 17 | * @author root 18 | */ 19 | @Embeddable 20 | public class ProbePK implements Serializable { 21 | 22 | @Basic(optional = false) 23 | @NotNull 24 | @Size(min = 1, max = 255) 25 | @Column(name = "ref_id") 26 | private String refId; 27 | @Basic(optional = false) 28 | @NotNull 29 | @Size(min = 1, max = 255) 30 | @Column(name = "node") 31 | private String node; 32 | @Basic(optional = false) 33 | @NotNull 34 | @Size(min = 1, max = 255) 35 | @Column(name = "name") 36 | private String name; 37 | 38 | public ProbePK() { 39 | } 40 | 41 | public ProbePK(String refId, String node, String name) { 42 | this.refId = refId; 43 | this.node = node; 44 | this.name = name; 45 | } 46 | 47 | public String getRefId() { 48 | return refId; 49 | } 50 | 51 | public void setRefId(String refId) { 52 | this.refId = refId; 53 | } 54 | 55 | public String getNode() { 56 | return node; 57 | } 58 | 59 | public void setNode(String node) { 60 | this.node = node; 61 | } 62 | 63 | public String getName() { 64 | return name; 65 | } 66 | 67 | public void setName(String name) { 68 | this.name = name; 69 | } 70 | 71 | @Override 72 | public int hashCode() { 73 | int hash = 0; 74 | hash += (refId != null ? refId.hashCode() : 0); 75 | hash += (node != null ? node.hashCode() : 0); 76 | hash += (name != null ? name.hashCode() : 0); 77 | return hash; 78 | } 79 | 80 | @Override 81 | public boolean equals(Object object) { 82 | // TODO: Warning - this method won't work in the case the id fields are not set 83 | if (!(object instanceof ProbePK)) { 84 | return false; 85 | } 86 | ProbePK other = (ProbePK) object; 87 | if ((this.refId == null && other.refId != null) || (this.refId != null && !this.refId.equals(other.refId))) { 88 | return false; 89 | } 90 | if ((this.node == null && other.node != null) || (this.node != null && !this.node.equals(other.node))) { 91 | return false; 92 | } 93 | if ((this.name == null && other.name != null) || (this.name != null && !this.name.equals(other.name))) { 94 | return false; 95 | } 96 | return true; 97 | } 98 | 99 | @Override 100 | public String toString() { 101 | return "org.alertflex.entity.ProbePK[ refId=" + refId + ", node=" + node + ", name=" + name + " ]"; 102 | } 103 | 104 | } 105 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/AbstractFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.persistence.EntityManager; 20 | 21 | public abstract class AbstractFacade { 22 | 23 | private Class entityClass; 24 | 25 | public AbstractFacade(Class entityClass) { 26 | this.entityClass = entityClass; 27 | } 28 | 29 | protected abstract EntityManager getEntityManager(); 30 | 31 | public void create(T entity) { 32 | getEntityManager().persist(entity); 33 | } 34 | 35 | public void edit(T entity) { 36 | getEntityManager().merge(entity); 37 | } 38 | 39 | public void remove(T entity) { 40 | getEntityManager().remove(getEntityManager().merge(entity)); 41 | } 42 | 43 | public T find(Object id) { 44 | return getEntityManager().find(entityClass, id); 45 | } 46 | 47 | public List findAll() { 48 | javax.persistence.criteria.CriteriaQuery cq = getEntityManager().getCriteriaBuilder().createQuery(); 49 | cq.select(cq.from(entityClass)); 50 | return getEntityManager().createQuery(cq).getResultList(); 51 | } 52 | 53 | public List findRange(int[] range) { 54 | javax.persistence.criteria.CriteriaQuery cq = getEntityManager().getCriteriaBuilder().createQuery(); 55 | cq.select(cq.from(entityClass)); 56 | javax.persistence.Query q = getEntityManager().createQuery(cq); 57 | q.setMaxResults(range[1] - range[0] + 1); 58 | q.setFirstResult(range[0]); 59 | return q.getResultList(); 60 | } 61 | 62 | public int count() { 63 | javax.persistence.criteria.CriteriaQuery cq = getEntityManager().getCriteriaBuilder().createQuery(); 64 | javax.persistence.criteria.Root rt = cq.from(entityClass); 65 | cq.select(getEntityManager().getCriteriaBuilder().count(rt)); 66 | javax.persistence.Query q = getEntityManager().createQuery(cq); 67 | return ((Long) q.getSingleResult()).intValue(); 68 | } 69 | 70 | } 71 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/AgentFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.Agent; 25 | 26 | @Stateless 27 | public class AgentFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public AgentFacade() { 38 | super(Agent.class); 39 | } 40 | 41 | public List findAgentsByNode(String ref, String node) { 42 | 43 | List al = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query agentProcessQry = em.createQuery( 49 | "SELECT a FROM Agent a WHERE a.refId = :ref AND a.node = :node") 50 | .setParameter("ref", ref).setParameter("node", node); 51 | agentProcessQry.setMaxResults(1); 52 | // Enable forced database query 53 | agentProcessQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 54 | 55 | al = (List) agentProcessQry.getResultList(); 56 | 57 | } catch (Exception e) { 58 | al = null; 59 | } 60 | 61 | return al; 62 | } 63 | 64 | public Agent findAgentByName(String ref, String node, String name) { 65 | 66 | Agent a = null; 67 | 68 | try { 69 | em.flush(); 70 | 71 | Query agentProcessQry = em.createQuery( 72 | "SELECT a FROM Agent a WHERE a.refId = :ref AND a.node = :node AND a.name = :name") 73 | .setParameter("ref", ref).setParameter("node", node).setParameter("name", name); 74 | agentProcessQry.setMaxResults(1); 75 | // Enable forced database query 76 | agentProcessQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 77 | 78 | a = (Agent) agentProcessQry.getSingleResult(); 79 | 80 | } catch (Exception e) { 81 | 82 | } 83 | 84 | return a; 85 | } 86 | 87 | public Agent findAgentById(String ref, String node, String id) { 88 | 89 | Agent a = null; 90 | 91 | try { 92 | em.flush(); 93 | 94 | Query agentProcessQry = em.createQuery( 95 | "SELECT a FROM Agent a WHERE a.refId = :ref AND a.node = :node AND a.agentId = :id") 96 | .setParameter("ref", ref).setParameter("node", node).setParameter("id", id); 97 | agentProcessQry.setMaxResults(1); 98 | // Enable forced database query 99 | agentProcessQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 100 | a = (Agent) agentProcessQry.getSingleResult(); 101 | 102 | } catch (Exception e) { 103 | 104 | } 105 | 106 | return a; 107 | } 108 | 109 | public String findAgentByIP(String ref, String node, String ip) { 110 | 111 | String a = null; 112 | 113 | try { 114 | em.flush(); 115 | 116 | Query agentProcessQry = em.createQuery( 117 | "SELECT a.name FROM Agent a WHERE a.refId = :ref AND a.node = :node AND a.ip = :ip").setParameter("ref", ref).setParameter("node", node).setParameter("ip", ip); 118 | agentProcessQry.setMaxResults(1); 119 | // Enable forced database query 120 | agentProcessQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 121 | a = (String) agentProcessQry.getSingleResult(); 122 | 123 | } catch (Exception e) { 124 | return ""; 125 | } 126 | 127 | return a; 128 | } 129 | } 130 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/AgentMisconfigFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.AgentMisconfig; 25 | import org.alertflex.reports.Finding; 26 | 27 | @Stateless 28 | public class AgentMisconfigFacade extends AbstractFacade { 29 | 30 | @PersistenceContext(unitName = "alertflex_PU") 31 | private EntityManager em; 32 | 33 | @Override 34 | protected EntityManager getEntityManager() { 35 | return em; 36 | } 37 | 38 | public AgentMisconfigFacade() { 39 | super(AgentMisconfig.class); 40 | } 41 | 42 | public AgentMisconfig findMisconfigurations(String ref, String node, String agent, int id, String policy) { 43 | 44 | AgentMisconfig am; 45 | 46 | try { 47 | em.flush(); 48 | 49 | Query qry = em.createQuery( 50 | "SELECT a FROM AgentMisconfig a WHERE a.refId = :ref AND a.node = :node AND a.agent = :agent AND a.scaId = :id AND a.policyId = :policy") 51 | .setParameter("ref", ref) 52 | .setParameter("node", node) 53 | .setParameter("agent", agent) 54 | .setParameter("id", id) 55 | .setParameter("policy", policy); 56 | qry.setMaxResults(1); 57 | // Enable forced database query 58 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 59 | am = (AgentMisconfig) qry.getSingleResult(); 60 | 61 | } catch (Exception e) { 62 | am = null; 63 | } 64 | 65 | return am; 66 | } 67 | 68 | public List getFindings(String ref) { 69 | 70 | List f = null; 71 | 72 | try { 73 | em.flush(); 74 | 75 | Query qry = em.createQuery( 76 | "SELECT a.agent, COUNT(a) FROM AgentMisconfig a WHERE a.refId = :ref GROUP BY a.agent", Finding.class) 77 | .setParameter("ref", ref); 78 | // Enable forced database query 79 | qry.setMaxResults(10); 80 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 81 | 82 | f = (List) qry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | f = null; 86 | } 87 | 88 | return f; 89 | } 90 | } 91 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/AgentVulFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.AgentVul; 25 | import org.alertflex.reports.Finding; 26 | 27 | @Stateless 28 | public class AgentVulFacade extends AbstractFacade { 29 | 30 | @PersistenceContext(unitName = "alertflex_PU") 31 | private EntityManager em; 32 | 33 | @Override 34 | protected EntityManager getEntityManager() { 35 | return em; 36 | } 37 | 38 | public AgentVulFacade() { 39 | super(AgentVul.class); 40 | } 41 | 42 | public AgentVul findVulnerability(String ref, String node, String agent, String vuln, String pkg) { 43 | 44 | AgentVul v; 45 | 46 | try { 47 | em.flush(); 48 | 49 | Query vQry = em.createQuery( 50 | "SELECT a FROM AgentVul a WHERE a.refId = :ref AND a.node = :node AND a.agent = :agent AND a.vulnerability = :vuln AND a.pkgName = :pkg") 51 | .setParameter("ref", ref) 52 | .setParameter("node", node) 53 | .setParameter("agent", agent) 54 | .setParameter("vuln", vuln) 55 | .setParameter("pkg", pkg); 56 | vQry.setMaxResults(1); 57 | // Enable forced database query 58 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 59 | v = (AgentVul) vQry.getSingleResult(); 60 | 61 | } catch (Exception e) { 62 | v = null; 63 | } 64 | 65 | return v; 66 | 67 | } 68 | 69 | public List getFindings(String ref) { 70 | 71 | List f = null; 72 | 73 | try { 74 | em.flush(); 75 | 76 | Query qry = em.createQuery( 77 | "SELECT a.agent, COUNT(a) FROM AgentVul a WHERE a.refId = :ref GROUP BY a.agent", Finding.class) 78 | .setParameter("ref", ref); 79 | // Enable forced database query 80 | qry.setMaxResults(10); 81 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 82 | 83 | f = (List) qry.getResultList(); 84 | 85 | } catch (Exception e) { 86 | f = null; 87 | } 88 | 89 | return f; 90 | } 91 | } 92 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/AlertCategoryFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.EntityManager; 21 | import javax.persistence.PersistenceContext; 22 | import javax.persistence.Query; 23 | import org.alertflex.entity.AlertCategory; 24 | 25 | @Stateless 26 | public class AlertCategoryFacade extends AbstractFacade { 27 | 28 | @PersistenceContext(unitName = "alertflex_PU") 29 | private EntityManager em; 30 | 31 | @Override 32 | protected EntityManager getEntityManager() { 33 | return em; 34 | } 35 | 36 | public AlertCategoryFacade() { 37 | super(AlertCategory.class); 38 | } 39 | 40 | public List findCatsByEvent(String source, String event) { 41 | 42 | List cats = null; 43 | 44 | try { 45 | em.flush(); 46 | 47 | Query catsQry = em.createQuery( 48 | "SELECT a.cats FROM AlertCategory a WHERE a.source = :source AND a.eventId = :event GROUP BY a.cats") 49 | .setParameter("source", source) 50 | .setParameter("event", event); 51 | cats = (List) catsQry.getResultList(); 52 | 53 | } catch (Exception e) { 54 | 55 | return null; 56 | } 57 | 58 | return cats; 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/AlertPriorityFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.AlertPriority; 25 | 26 | @Stateless 27 | public class AlertPriorityFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public AlertPriorityFacade() { 38 | super(AlertPriority.class); 39 | } 40 | 41 | public List findSourcesNameByRef(String r) { 42 | 43 | List las = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query alertsCatListQry = em.createQuery("SELECT a.source FROM AlertPriority a WHERE a.refId = :ref") 49 | .setParameter("ref", r); 50 | // Enable forced database query 51 | alertsCatListQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 52 | las = alertsCatListQry.getResultList(); 53 | 54 | } catch (Exception e) { 55 | return null; 56 | } 57 | 58 | return las; 59 | } 60 | 61 | public AlertPriority findPriorityBySource(String ref, String source) { 62 | 63 | AlertPriority ap = null; 64 | 65 | try { 66 | em.flush(); 67 | 68 | Query alertsServerityQry = em.createQuery("SELECT a FROM AlertPriority a WHERE a.refId = :ref AND a.source = :source") 69 | .setParameter("source", source) 70 | .setParameter("ref", ref); 71 | // Enable forced database query 72 | alertsServerityQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 73 | ap = (AlertPriority) alertsServerityQry.getSingleResult(); 74 | 75 | } catch (Exception e) { 76 | 77 | return null; 78 | } 79 | 80 | return ap; 81 | } 82 | 83 | } 84 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/ContainerFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.Container; 25 | 26 | @Stateless 27 | public class ContainerFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public ContainerFacade() { 38 | super(Container.class); 39 | } 40 | 41 | public List findByProbe(String ref, String node, String probe) { 42 | 43 | List lc = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query listQry = em.createQuery( 49 | "SELECT c FROM Container c WHERE c.node = :node AND c.refId = :ref AND c.probe = :probe") 50 | .setParameter("ref", ref).setParameter("node", node).setParameter("probe", probe); 51 | 52 | // Enable forced database query 53 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 54 | lc = listQry.getResultList(); 55 | 56 | } catch (Exception e) { 57 | lc = null; 58 | } 59 | 60 | return lc; 61 | } 62 | 63 | public Container findByName(String ref, String node, String probe, String id) { 64 | 65 | Container c = null; 66 | 67 | try { 68 | em.flush(); 69 | 70 | Query listQry = em.createQuery( 71 | "SELECT c FROM Container c WHERE c.node = :node AND c.refId = :ref AND c.probe = :probe AND c.imageId = :id") 72 | .setParameter("ref", ref).setParameter("node", node).setParameter("probe", probe).setParameter("id", id); 73 | 74 | // Enable forced database query 75 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 76 | c = (Container) listQry.getSingleResult(); 77 | 78 | } catch (Exception e) { 79 | c = null; 80 | } 81 | 82 | return c; 83 | 84 | } 85 | } 86 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/EventsFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import javax.ejb.Stateless; 19 | import javax.persistence.CacheRetrieveMode; 20 | import javax.persistence.EntityManager; 21 | import javax.persistence.PersistenceContext; 22 | import javax.persistence.Query; 23 | import org.alertflex.entity.Events; 24 | 25 | @Stateless 26 | public class EventsFacade extends AbstractFacade { 27 | 28 | @PersistenceContext(unitName = "misp_PU") 29 | private EntityManager em; 30 | 31 | @Override 32 | protected EntityManager getEntityManager() { 33 | return em; 34 | } 35 | 36 | public EventsFacade() { 37 | super(Events.class); 38 | } 39 | 40 | public Events findById(Integer id) { 41 | 42 | Events event = null; 43 | 44 | try { 45 | em.flush(); 46 | 47 | Query eventQry = em.createQuery("SELECT e FROM Events e WHERE e.id = :id").setParameter("id", id); 48 | 49 | // Enable forced database query 50 | eventQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 51 | event = (Events) eventQry.getSingleResult(); 52 | 53 | } catch (Exception e) { 54 | 55 | } 56 | 57 | return event; 58 | 59 | } 60 | 61 | } 62 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/NetworksFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.Networks; 25 | 26 | @Stateless 27 | public class NetworksFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public NetworksFacade() { 38 | super(Networks.class); 39 | } 40 | 41 | public List findByRef(String ref) { 42 | 43 | List ln = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query listQry = em.createQuery( 49 | "SELECT n FROM Networks n WHERE n.refId = :ref").setParameter("ref", ref); 50 | 51 | // Enable forced database query 52 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 53 | ln = (List) listQry.getResultList(); 54 | 55 | } catch (Exception e) { 56 | 57 | } 58 | 59 | return ln; 60 | 61 | } 62 | 63 | } 64 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/NodeAlertsFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.sql.Timestamp; 19 | import java.util.List; 20 | import javax.ejb.Stateless; 21 | import javax.persistence.CacheRetrieveMode; 22 | import javax.persistence.EntityManager; 23 | import javax.persistence.PersistenceContext; 24 | import javax.persistence.Query; 25 | import org.alertflex.entity.NodeAlerts; 26 | 27 | @Stateless 28 | public class NodeAlertsFacade extends AbstractFacade { 29 | 30 | @PersistenceContext(unitName = "afevents_PU") 31 | private EntityManager em; 32 | 33 | @Override 34 | protected EntityManager getEntityManager() { 35 | return em; 36 | } 37 | 38 | public NodeAlertsFacade() { 39 | super(NodeAlerts.class); 40 | } 41 | 42 | public int delOldStat(String ref, Timestamp timerange) { 43 | 44 | int deletedCount = 0; 45 | 46 | try { 47 | em.flush(); 48 | Query qry = em.createQuery("DELETE FROM NodeAlerts n WHERE n.refId = :ref AND n.timeOfSurvey < :timerange") 49 | .setParameter("ref", ref) 50 | .setParameter("timerange", timerange); 51 | 52 | // Enable forced database query 53 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 54 | deletedCount = qry.executeUpdate(); 55 | } catch (Exception e) { 56 | 57 | } 58 | 59 | return deletedCount; 60 | } 61 | 62 | public List getOldStat(String ref, Timestamp timerange) { 63 | 64 | List l = null; 65 | 66 | try { 67 | em.flush(); 68 | 69 | Query listQry = em.createQuery( "SELECT n FROM NodeAlerts n WHERE n.refId = :ref AND n.timeOfSurvey < :timerange") 70 | .setParameter("ref", ref) 71 | .setParameter("timerange", timerange); 72 | 73 | // Enable forced database query 74 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 75 | l = listQry.getResultList(); 76 | 77 | } catch (Exception e) { 78 | 79 | return null; 80 | } 81 | 82 | return l; 83 | } 84 | 85 | public NodeAlerts getLastRecord(String r, String n, Timestamp start, Timestamp end) { 86 | 87 | NodeAlerts na = null; 88 | 89 | try { 90 | 91 | em.flush(); 92 | 93 | Query qry = em.createQuery( 94 | "SELECT n FROM NodeAlerts n WHERE n.refId = :ref AND n.node = :node AND n.timeOfSurvey BETWEEN :start AND :end ORDER BY n.timeOfSurvey") 95 | .setParameter("ref", r).setParameter("node", n).setParameter("start", start).setParameter("end", end); 96 | 97 | // Enable forced database query 98 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 99 | List nal = qry.getResultList(); 100 | 101 | if (nal != null && nal.size() > 0) { 102 | na = nal.get(nal.size() - 1); 103 | } 104 | 105 | } catch (Exception e) { 106 | 107 | return null; 108 | } 109 | 110 | return na; 111 | } 112 | } 113 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/NodeFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.Node; 25 | 26 | @Stateless 27 | public class NodeFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public NodeFacade() { 38 | super(Node.class); 39 | } 40 | 41 | public List findByRef(String r) { 42 | 43 | List nodeList = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query listProbesQry = em.createQuery("SELECT n FROM Node n WHERE n.nodePK.refId = :ref").setParameter("ref", r); 49 | 50 | listProbesQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 51 | nodeList = (List) listProbesQry.getResultList(); 52 | 53 | //FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_INFO, "Successfully Authenticated", "")); 54 | } catch (Exception e) { 55 | return null; 56 | } 57 | 58 | return nodeList; 59 | } 60 | 61 | public Node findByNodeName(String r, String n) { 62 | Node node = null; 63 | 64 | try { 65 | em.flush(); 66 | 67 | Query listProbesQry = em.createQuery("SELECT n FROM Node n WHERE n.nodePK.refId = :ref AND n.nodePK.name = :node").setParameter("ref", r).setParameter("node", n); 68 | 69 | listProbesQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 70 | node = (Node) listProbesQry.getSingleResult(); 71 | 72 | //FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_INFO, "Successfully Authenticated", "")); 73 | } catch (Exception e) { 74 | return null; 75 | } 76 | 77 | return node; 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/NodeMonitorFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.sql.Timestamp; 19 | import java.util.Date; 20 | import java.util.List; 21 | import javax.ejb.Stateless; 22 | import javax.persistence.CacheRetrieveMode; 23 | import javax.persistence.EntityManager; 24 | import javax.persistence.PersistenceContext; 25 | import javax.persistence.Query; 26 | import org.alertflex.entity.NodeMonitor; 27 | 28 | @Stateless 29 | public class NodeMonitorFacade extends AbstractFacade { 30 | 31 | @PersistenceContext(unitName = "afevents_PU") 32 | private EntityManager em; 33 | 34 | @Override 35 | protected EntityManager getEntityManager() { 36 | return em; 37 | } 38 | 39 | public NodeMonitorFacade() { 40 | super(NodeMonitor.class); 41 | } 42 | 43 | public int delOldStat(String ref, Timestamp timerange) { 44 | 45 | int deletedCount = 0; 46 | 47 | try { 48 | em.flush(); 49 | Query qry = em.createQuery("DELETE FROM NodeMonitor n WHERE n.refId = :ref AND n.timeOfSurvey < :timerange") 50 | .setParameter("ref", ref) 51 | .setParameter("timerange", timerange); 52 | 53 | // Enable forced database query 54 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 55 | deletedCount = qry.executeUpdate(); 56 | } catch (Exception e) { 57 | 58 | } 59 | 60 | return deletedCount; 61 | } 62 | 63 | public List getOldStat(String ref, Timestamp timerange) { 64 | 65 | List l = null; 66 | 67 | try { 68 | em.flush(); 69 | 70 | Query listQry = em.createQuery( "SELECT n FROM NodeMonitor n WHERE n.refId = :ref AND n.timeOfSurvey < :timerange") 71 | .setParameter("ref", ref) 72 | .setParameter("timerange", timerange); 73 | 74 | // Enable forced database query 75 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 76 | l = listQry.getResultList(); 77 | 78 | } catch (Exception e) { 79 | 80 | return null; 81 | } 82 | 83 | return l; 84 | 85 | } 86 | 87 | public NodeMonitor getLastRecord(String r, String n, Timestamp start, Timestamp end) { 88 | 89 | NodeMonitor nm = null; 90 | 91 | try { 92 | 93 | em.flush(); 94 | 95 | Query qry = em.createQuery( 96 | "SELECT n FROM NodeMonitor n WHERE n.refId = :ref AND n.node = :node AND n.timeOfSurvey BETWEEN :start AND :end ORDER BY n.timeOfSurvey") 97 | .setParameter("ref", r).setParameter("node", n).setParameter("start", start).setParameter("end", end); 98 | 99 | // Enable forced database query 100 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 101 | List nml = qry.getResultList(); 102 | 103 | if (nml != null && nml.size() > 0) { 104 | nm = nml.get(nml.size() - 1); 105 | } 106 | 107 | } catch (Exception e) { 108 | 109 | return null; 110 | } 111 | 112 | return nm; 113 | 114 | } 115 | 116 | public List findAllStatBetween(String r, String n, String h, Date start, Date end) { 117 | 118 | List pm = null; 119 | 120 | try { 121 | em.flush(); 122 | 123 | Query listQry = em.createQuery( 124 | "SELECT n FROM NodeMonitor n WHERE n.refId = :ref AND n.node = :node AND n.host = :host AND n.timeOfSurvey BETWEEN :start AND :end") 125 | .setParameter("ref", r).setParameter("node", n).setParameter("host", h).setParameter("start", start).setParameter("end", end); 126 | 127 | // Enable forced database query 128 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 129 | pm = listQry.getResultList(); 130 | 131 | } catch (Exception e) { 132 | 133 | return null; 134 | } 135 | 136 | return pm; 137 | 138 | } 139 | } 140 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PodFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.Pod; 25 | 26 | @Stateless 27 | public class PodFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PodFacade() { 38 | super(Pod.class); 39 | } 40 | 41 | public List findByNode(String ref, String node) { 42 | 43 | List lp = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query listQry = em.createQuery( 49 | "SELECT p FROM Pod p WHERE p.node = :node AND p.refId = :ref") 50 | .setParameter("ref", ref).setParameter("node", node); 51 | 52 | // Enable forced database query 53 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 54 | lp = listQry.getResultList(); 55 | 56 | } catch (Exception e) { 57 | lp = null; 58 | } 59 | 60 | return lp; 61 | } 62 | 63 | public Pod findByName(String ref, String node, String name) { 64 | 65 | Pod p = null; 66 | 67 | try { 68 | em.flush(); 69 | 70 | Query listQry = em.createQuery( 71 | "SELECT p FROM Pod p WHERE p.node = :node AND p.refId = :ref AND p.name = :name") 72 | .setParameter("ref", ref).setParameter("node", node).setParameter("name", name); 73 | 74 | // Enable forced database query 75 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 76 | p = (Pod) listQry.getSingleResult(); 77 | 78 | } catch (Exception e) { 79 | p = null; 80 | } 81 | 82 | return p; 83 | 84 | } 85 | } 86 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureAppsecretFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureAppsecret; 25 | 26 | @Stateless 27 | public class PostureAppsecretFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureAppsecretFacade() { 38 | super(PostureAppsecret.class); 39 | } 40 | 41 | public PostureAppsecret findSecret(String ref, String node, String probe, String artifactName, String target, String rule, int start, int end) { 42 | 43 | PostureAppsecret pa; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query vQry = em.createQuery("SELECT p FROM PostureAppsecret p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.artifactName = :artifact AND p.target = :target AND p.ruleId = :rule AND p.startLine = :start AND p.endLine = :end") 49 | .setParameter("ref", ref) 50 | .setParameter("node", node) 51 | .setParameter("probe", probe) 52 | .setParameter("artifact", artifactName) 53 | .setParameter("target", target) 54 | .setParameter("rule", rule) 55 | .setParameter("start", start) 56 | .setParameter("end", end); 57 | vQry.setMaxResults(1); 58 | // Enable forced database query 59 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 60 | pa = (PostureAppsecret) vQry.getSingleResult(); 61 | 62 | } catch (Exception e) { 63 | pa = null; 64 | } 65 | 66 | return pa; 67 | 68 | } 69 | 70 | public List getFindings(String ref) { 71 | 72 | List f = null; 73 | 74 | try { 75 | em.flush(); 76 | 77 | Query qry = em.createQuery( 78 | "SELECT p.severity, COUNT(p) FROM PostureAppsecret p WHERE p.refId = :ref GROUP BY p.severity") 79 | .setParameter("ref", ref); 80 | // Enable forced database query 81 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 82 | 83 | f = (List) qry.getResultList(); 84 | 85 | } catch (Exception e) { 86 | f = null; 87 | } 88 | 89 | return f; 90 | } 91 | 92 | } 93 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureAppvulnFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureAppvuln; 25 | 26 | @Stateless 27 | public class PostureAppvulnFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureAppvulnFacade() { 38 | super(PostureAppvuln.class); 39 | } 40 | 41 | public PostureAppvuln findVulnerability(String ref, String node, String probe, String artifactName, String target, String vuln, String pkgName, String pkgVer) { 42 | 43 | PostureAppvuln pa; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query vQry = em.createQuery("SELECT p FROM PostureAppvuln p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.artifactName = :artifact AND p.target = :target AND p.vulnerabilityId = :vuln AND p.pkgName = :pkgName AND p.pkgVersion = :pkgVer") 49 | .setParameter("ref", ref) 50 | .setParameter("node", node) 51 | .setParameter("probe", probe) 52 | .setParameter("artifact", artifactName) 53 | .setParameter("target", target) 54 | .setParameter("vuln", vuln) 55 | .setParameter("pkgName", pkgName) 56 | .setParameter("pkgVer", pkgVer); 57 | vQry.setMaxResults(1); 58 | // Enable forced database query 59 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 60 | pa = (PostureAppvuln) vQry.getSingleResult(); 61 | 62 | } catch (Exception e) { 63 | pa = null; 64 | } 65 | 66 | return pa; 67 | 68 | } 69 | 70 | public List getFindings(String ref) { 71 | 72 | List f = null; 73 | 74 | try { 75 | em.flush(); 76 | 77 | Query qry = em.createQuery( 78 | "SELECT p.severity, COUNT(p) FROM PostureAppvuln p WHERE p.refId = :ref GROUP BY p.severity") 79 | .setParameter("ref", ref); 80 | // Enable forced database query 81 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 82 | 83 | f = (List) qry.getResultList(); 84 | 85 | } catch (Exception e) { 86 | f = null; 87 | } 88 | 89 | return f; 90 | } 91 | 92 | } 93 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureCloudformationFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureCloudformation; 25 | 26 | @Stateless 27 | public class PostureCloudformationFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureCloudformationFacade() { 38 | super(PostureCloudformation.class); 39 | } 40 | 41 | public PostureCloudformation findMisconfig(String ref, String node, String probe, String artifactName, String target, String avdid) { 42 | 43 | PostureCloudformation pc; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query vQry = em.createQuery("SELECT p FROM PostureCloudformation p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.artifactName = :artifact AND p.target = :target AND p.misconfigAvdid = :avdid") 49 | .setParameter("ref", ref) 50 | .setParameter("node", node) 51 | .setParameter("probe", probe) 52 | .setParameter("artifact", artifactName) 53 | .setParameter("target", target) 54 | .setParameter("avdid", avdid); 55 | 56 | vQry.setMaxResults(1); 57 | // Enable forced database query 58 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 59 | pc = (PostureCloudformation) vQry.getSingleResult(); 60 | 61 | } catch (Exception e) { 62 | pc = null; 63 | } 64 | 65 | return pc; 66 | 67 | } 68 | 69 | public List getFindings(String ref) { 70 | 71 | List f = null; 72 | 73 | try { 74 | em.flush(); 75 | 76 | Query qry = em.createQuery( 77 | "SELECT p.severity, COUNT(p) FROM PostureCloudformation p WHERE p.refId = :ref GROUP BY p.severity") 78 | .setParameter("ref", ref); 79 | // Enable forced database query 80 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 81 | 82 | f = (List) qry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | f = null; 86 | } 87 | 88 | return f; 89 | } 90 | 91 | } 92 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureCloudsploitFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureCloudsploit; 25 | 26 | @Stateless 27 | public class PostureCloudsploitFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureCloudsploitFacade() { 38 | super(PostureCloudsploit.class); 39 | } 40 | 41 | public PostureCloudsploit findVulnerability(String ref, String cloud, String region, String resources, String plugin, String title) { 42 | 43 | PostureCloudsploit pc = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureCloudsploit p WHERE p.refId = :ref AND p.cloudType = :cloud AND p.resources = :resources AND p.region = :region AND p.plugin = :plugin AND p.title = :title") 50 | .setParameter("ref", ref) 51 | .setParameter("cloud", cloud) 52 | .setParameter("region", region) 53 | .setParameter("resources", resources) 54 | .setParameter("plugin", plugin) 55 | .setParameter("title", title); 56 | // Enable forced database query 57 | qry.setMaxResults(1); 58 | 59 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 60 | pc = (PostureCloudsploit) qry.getSingleResult(); 61 | 62 | } catch (Exception e) { 63 | pc = null; 64 | } 65 | 66 | return pc; 67 | } 68 | 69 | public List getFindings(String ref) { 70 | 71 | List f = null; 72 | 73 | try { 74 | em.flush(); 75 | 76 | Query qry = em.createQuery( 77 | "SELECT p.severity, COUNT(p) FROM PostureCloudsploit p WHERE p.refId = :ref GROUP BY p.severity") 78 | .setParameter("ref", ref); 79 | // Enable forced database query 80 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 81 | 82 | f = (List) qry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | f = null; 86 | } 87 | 88 | return f; 89 | } 90 | } 91 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureDockerconfigFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureDockerconfig; 25 | 26 | @Stateless 27 | public class PostureDockerconfigFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureDockerconfigFacade() { 38 | super(PostureDockerconfig.class); 39 | } 40 | 41 | public PostureDockerconfig findMisconfig(String ref, String node, String probe, String artifactName, String target, String avdid) { 42 | 43 | PostureDockerconfig pd; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query vQry = em.createQuery("SELECT p FROM PostureDockerconfig p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.artifactName = :artifact AND p.target = :target AND p.misconfigAvdid = :avdid") 49 | .setParameter("ref", ref) 50 | .setParameter("node", node) 51 | .setParameter("probe", probe) 52 | .setParameter("artifact", artifactName) 53 | .setParameter("target", target) 54 | .setParameter("avdid", avdid); 55 | 56 | vQry.setMaxResults(1); 57 | // Enable forced database query 58 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 59 | pd = (PostureDockerconfig) vQry.getSingleResult(); 60 | 61 | } catch (Exception e) { 62 | pd = null; 63 | } 64 | 65 | return pd; 66 | 67 | } 68 | 69 | public List getFindings(String ref) { 70 | 71 | List f = null; 72 | 73 | try { 74 | em.flush(); 75 | 76 | Query qry = em.createQuery( 77 | "SELECT p.severity, COUNT(p) FROM PostureDockerconfig p WHERE p.refId = :ref GROUP BY p.severity") 78 | .setParameter("ref", ref); 79 | // Enable forced database query 80 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 81 | 82 | f = (List) qry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | f = null; 86 | } 87 | 88 | return f; 89 | } 90 | 91 | } 92 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureDockervulnFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureDockervuln; 25 | 26 | @Stateless 27 | public class PostureDockervulnFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureDockervulnFacade() { 38 | super(PostureDockervuln.class); 39 | } 40 | 41 | public PostureDockervuln findVulnerability(String ref, String node, String probe, String artifactName, String target, String vuln, String pkgName, String pkgVer) { 42 | 43 | PostureDockervuln pd; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query vQry = em.createQuery("SELECT p FROM PostureDockervuln p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.artifactName = :artifact AND p.target = :target AND p.vulnerabilityId = :vuln AND p.pkgName = :pkgName AND p.pkgVersion = :pkgVer") 49 | .setParameter("ref", ref) 50 | .setParameter("node", node) 51 | .setParameter("probe", probe) 52 | .setParameter("artifact", artifactName) 53 | .setParameter("target", target) 54 | .setParameter("vuln", vuln) 55 | .setParameter("pkgName", pkgName) 56 | .setParameter("pkgVer", pkgVer); 57 | vQry.setMaxResults(1); 58 | // Enable forced database query 59 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 60 | pd = (PostureDockervuln) vQry.getSingleResult(); 61 | 62 | } catch (Exception e) { 63 | pd = null; 64 | } 65 | 66 | return pd; 67 | 68 | } 69 | 70 | public List getFindings(String ref) { 71 | 72 | List f = null; 73 | 74 | try { 75 | em.flush(); 76 | 77 | Query qry = em.createQuery( 78 | "SELECT p.severity, COUNT(p) FROM PostureDockervuln p WHERE p.refId = :ref GROUP BY p.severity") 79 | .setParameter("ref", ref); 80 | // Enable forced database query 81 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 82 | 83 | f = (List) qry.getResultList(); 84 | 85 | } catch (Exception e) { 86 | f = null; 87 | } 88 | 89 | return f; 90 | } 91 | 92 | } 93 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureInspectorFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureInspector; 25 | import org.alertflex.reports.Finding; 26 | 27 | @Stateless 28 | public class PostureInspectorFacade extends AbstractFacade { 29 | 30 | @PersistenceContext(unitName = "alertflex_PU") 31 | private EntityManager em; 32 | 33 | @Override 34 | protected EntityManager getEntityManager() { 35 | return em; 36 | } 37 | 38 | public PostureInspectorFacade() { 39 | super(PostureInspector.class); 40 | } 41 | 42 | public PostureInspector findMisconfig(String ref, String template, String title, String ec2) { 43 | 44 | PostureInspector pi = null; 45 | 46 | try { 47 | em.flush(); 48 | 49 | Query qry = em.createQuery( 50 | "SELECT p FROM PostureInspector p WHERE p.refId = :ref AND p.arn = :template AND p.title = :title AND p.ec2Name = :ec2") 51 | .setParameter("ref", ref) 52 | .setParameter("template", template) 53 | .setParameter("title", title) 54 | .setParameter("ec2", ec2); 55 | 56 | // Enable forced database query 57 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 58 | pi = (PostureInspector) qry.getSingleResult(); 59 | 60 | } catch (Exception e) { 61 | pi = null; 62 | } 63 | 64 | return pi; 65 | } 66 | 67 | public List getFindings(String ref) { 68 | 69 | List f = null; 70 | 71 | try { 72 | em.flush(); 73 | 74 | Query qry = em.createQuery( 75 | "SELECT p.severity, COUNT(p) FROM PostureInspector p WHERE p.refId = :ref GROUP BY p.severity", Finding.class) 76 | .setParameter("ref", ref); 77 | // Enable forced database query 78 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 79 | 80 | f = (List) qry.getResultList(); 81 | 82 | } catch (Exception e) { 83 | f = null; 84 | } 85 | 86 | return f; 87 | } 88 | } 89 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureK8sconfigFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureK8sconfig; 25 | 26 | @Stateless 27 | public class PostureK8sconfigFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureK8sconfigFacade() { 38 | super(PostureK8sconfig.class); 39 | } 40 | 41 | public PostureK8sconfig findMisconfig(String ref, String node, String probe, String clusterName, String namespace, String target, String avdid) { 42 | 43 | PostureK8sconfig pk; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query vQry = em.createQuery("SELECT p FROM PostureK8sconfig p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.clusterName = :cluster AND p.namespace = :namespace AND p.target = :target AND p.misconfigAvdid = :avdid") 49 | .setParameter("ref", ref) 50 | .setParameter("node", node) 51 | .setParameter("probe", probe) 52 | .setParameter("cluster", clusterName) 53 | .setParameter("namespace", namespace) 54 | .setParameter("target", target) 55 | .setParameter("avdid", avdid); 56 | 57 | vQry.setMaxResults(1); 58 | // Enable forced database query 59 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 60 | pk = (PostureK8sconfig) vQry.getSingleResult(); 61 | 62 | } catch (Exception e) { 63 | pk = null; 64 | } 65 | 66 | return pk; 67 | 68 | } 69 | 70 | public List getFindings(String ref) { 71 | 72 | List f = null; 73 | 74 | try { 75 | em.flush(); 76 | 77 | Query qry = em.createQuery( 78 | "SELECT p.severity, COUNT(p) FROM PostureK8sconfig p WHERE p.refId = :ref GROUP BY p.severity") 79 | .setParameter("ref", ref); 80 | // Enable forced database query 81 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 82 | 83 | f = (List) qry.getResultList(); 84 | 85 | } catch (Exception e) { 86 | f = null; 87 | } 88 | 89 | return f; 90 | } 91 | 92 | } 93 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureK8svulnFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureK8svuln; 25 | 26 | @Stateless 27 | public class PostureK8svulnFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureK8svulnFacade() { 38 | super(PostureK8svuln.class); 39 | } 40 | 41 | public PostureK8svuln findVulnerability(String ref, String node, String probe, String clusterName, String namespace, String target, String vuln, String pkgName, String pkgVer) { 42 | 43 | PostureK8svuln pk; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query vQry = em.createQuery("SELECT p FROM PostureK8svuln p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.clusterName = :cluster AND p.namespace = :namespace AND p.target = :target AND p.vulnerabilityId = :vuln AND p.pkgName = :pkgName AND p.pkgVersion = :pkgVer") 49 | .setParameter("ref", ref) 50 | .setParameter("node", node) 51 | .setParameter("probe", probe) 52 | .setParameter("cluster", clusterName) 53 | .setParameter("namespace", namespace) 54 | .setParameter("target", target) 55 | .setParameter("vuln", vuln) 56 | .setParameter("pkgName", pkgName) 57 | .setParameter("pkgVer", pkgVer); 58 | vQry.setMaxResults(1); 59 | // Enable forced database query 60 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 61 | pk = (PostureK8svuln) vQry.getSingleResult(); 62 | 63 | } catch (Exception e) { 64 | pk = null; 65 | } 66 | 67 | return pk; 68 | 69 | } 70 | 71 | public List getFindings(String ref) { 72 | 73 | List f = null; 74 | 75 | try { 76 | em.flush(); 77 | 78 | Query qry = em.createQuery( 79 | "SELECT p.severity, COUNT(p) FROM PostureK8svuln p WHERE p.refId = :ref GROUP BY p.severity") 80 | .setParameter("ref", ref); 81 | // Enable forced database query 82 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 83 | 84 | f = (List) qry.getResultList(); 85 | 86 | } catch (Exception e) { 87 | f = null; 88 | } 89 | 90 | return f; 91 | } 92 | 93 | } 94 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureKubehunterFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureKubehunter; 25 | 26 | @Stateless 27 | public class PostureKubehunterFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureKubehunterFacade() { 38 | super(PostureKubehunter.class); 39 | } 40 | 41 | public PostureKubehunter findVulnerability(String ref, String node, String probe, String target, String loc, String vid, String cat) { 42 | 43 | PostureKubehunter pk = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureKubehunter p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.target = :target AND p.location = :loc AND p.vulnerabilityId = :vid AND p.category = :cat") 50 | .setParameter("ref", ref) 51 | .setParameter("node", node) 52 | .setParameter("probe", probe) 53 | .setParameter("target", target) 54 | .setParameter("loc", loc) 55 | .setParameter("vid", vid) 56 | .setParameter("cat", cat); 57 | qry.setMaxResults(1); 58 | // Enable forced database query 59 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 60 | pk = (PostureKubehunter) qry.getSingleResult(); 61 | 62 | } catch (Exception e) { 63 | pk = null; 64 | } 65 | 66 | return pk; 67 | } 68 | 69 | public List getFindings(String ref) { 70 | 71 | List f = null; 72 | 73 | try { 74 | em.flush(); 75 | 76 | Query qry = em.createQuery( 77 | "SELECT p.severity, COUNT(p) FROM PostureKubehunter p WHERE p.refId = :ref GROUP BY p.severity") 78 | .setParameter("ref", ref); 79 | // Enable forced database query 80 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 81 | 82 | f = (List) qry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | f = null; 86 | } 87 | 88 | return f; 89 | } 90 | } 91 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureNiktoFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureNikto; 25 | 26 | @Stateless 27 | public class PostureNiktoFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureNiktoFacade() { 38 | super(PostureNikto.class); 39 | } 40 | 41 | public PostureNikto findVulnerability(String ref, String node, String probe, String target, String port, String vulnId) { 42 | 43 | PostureNikto pn = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureNikto p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.target = :target AND p.port = :port AND p.vulnId = :vulnId") 50 | .setParameter("ref", ref) 51 | .setParameter("node", node) 52 | .setParameter("probe", probe) 53 | .setParameter("target", target) 54 | .setParameter("port", port) 55 | .setParameter("vulnId", vulnId); 56 | // Enable forced database query 57 | qry.setMaxResults(1); 58 | 59 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 60 | pn = (PostureNikto) qry.getSingleResult(); 61 | 62 | } catch (Exception e) { 63 | pn = null; 64 | } 65 | 66 | return pn; 67 | } 68 | 69 | public List getFindings(String ref) { 70 | 71 | List f = null; 72 | 73 | try { 74 | em.flush(); 75 | 76 | Query qry = em.createQuery( 77 | "SELECT p.severity, COUNT(p) FROM PostureNikto p WHERE p.refId = :ref GROUP BY p.severity") 78 | .setParameter("ref", ref); 79 | // Enable forced database query 80 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 81 | 82 | f = (List) qry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | f = null; 86 | } 87 | 88 | return f; 89 | } 90 | } 91 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureNmapFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureNmap; 25 | 26 | @Stateless 27 | public class PostureNmapFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureNmapFacade() { 38 | super(PostureNmap.class); 39 | } 40 | 41 | public PostureNmap findVulnerability(String ref, String node, String probe, String target, int port) { 42 | 43 | PostureNmap pn = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureNmap p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.target = :target AND p.portId = :port") 50 | .setParameter("ref", ref) 51 | .setParameter("node", node) 52 | .setParameter("probe", probe) 53 | .setParameter("target", target) 54 | .setParameter("port", port); 55 | // Enable forced database query 56 | qry.setMaxResults(1); 57 | 58 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 59 | pn = (PostureNmap) qry.getSingleResult(); 60 | 61 | } catch (Exception e) { 62 | pn = null; 63 | } 64 | 65 | return pn; 66 | } 67 | 68 | public List getFindings(String ref) { 69 | 70 | List f = null; 71 | 72 | try { 73 | em.flush(); 74 | 75 | Query qry = em.createQuery( 76 | "SELECT p.severity, COUNT(p) FROM PostureNmap p WHERE p.refId = :ref GROUP BY p.severity") 77 | .setParameter("ref", ref); 78 | // Enable forced database query 79 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 80 | 81 | f = (List) qry.getResultList(); 82 | 83 | } catch (Exception e) { 84 | f = null; 85 | } 86 | 87 | return f; 88 | } 89 | } 90 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureNucleiFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureNuclei; 25 | 26 | @Stateless 27 | public class PostureNucleiFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureNucleiFacade() { 38 | super(PostureNuclei.class); 39 | } 40 | 41 | public PostureNuclei findVulnerability(String ref, String node, String probe, String target, String alert) { 42 | 43 | PostureNuclei pn = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureNuclei p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.targetHost = :target AND p.alertName = :alert") 50 | .setParameter("ref", ref) 51 | .setParameter("node", node) 52 | .setParameter("probe", probe) 53 | .setParameter("target", target) 54 | .setParameter("alert", alert); 55 | // Enable forced database query 56 | qry.setMaxResults(1); 57 | 58 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 59 | pn = (PostureNuclei) qry.getSingleResult(); 60 | 61 | } catch (Exception e) { 62 | pn = null; 63 | } 64 | 65 | return pn; 66 | } 67 | 68 | public List getFindings(String ref) { 69 | 70 | List f = null; 71 | 72 | try { 73 | em.flush(); 74 | 75 | Query qry = em.createQuery( 76 | "SELECT p.severity, COUNT(p) FROM PostureNuclei p WHERE p.refId = :ref GROUP BY p.severity") 77 | .setParameter("ref", ref); 78 | // Enable forced database query 79 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 80 | 81 | f = (List) qry.getResultList(); 82 | 83 | } catch (Exception e) { 84 | f = null; 85 | } 86 | 87 | return f; 88 | } 89 | } 90 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureSemgrepFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureSemgrep; 25 | 26 | @Stateless 27 | public class PostureSemgrepFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureSemgrepFacade() { 38 | super(PostureSemgrep.class); 39 | } 40 | 41 | public PostureSemgrep findVulnerability(String ref, String node, String target, String component, String message, int start, int end) { 42 | 43 | PostureSemgrep ps = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureSemgrep p WHERE p.refId = :ref AND p.node = :node AND p.target = :target AND p.component = :component AND p.message = :message AND p.startLine = :start AND p.endLine = :end") 50 | .setParameter("ref", ref) 51 | .setParameter("node", node) 52 | .setParameter("target", target) 53 | .setParameter("component", component) 54 | .setParameter("message", message) 55 | .setParameter("start", start) 56 | .setParameter("end", end); 57 | // Enable forced database query 58 | qry.setMaxResults(1); 59 | 60 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 61 | ps = (PostureSemgrep) qry.getSingleResult(); 62 | 63 | } catch (Exception e) { 64 | ps = null; 65 | } 66 | 67 | return ps; 68 | } 69 | 70 | public List getFindings(String ref) { 71 | 72 | List f = null; 73 | 74 | try { 75 | em.flush(); 76 | 77 | Query qry = em.createQuery( 78 | "SELECT p.severity, COUNT(p) FROM PostureSemgrep p WHERE p.refId = :ref GROUP BY p.severity") 79 | .setParameter("ref", ref); 80 | // Enable forced database query 81 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 82 | 83 | f = (List) qry.getResultList(); 84 | 85 | } catch (Exception e) { 86 | f = null; 87 | } 88 | 89 | return f; 90 | } 91 | } 92 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureSonarqubeFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureSonarqube; 25 | 26 | @Stateless 27 | public class PostureSonarqubeFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureSonarqubeFacade() { 38 | super(PostureSonarqube.class); 39 | } 40 | 41 | public PostureSonarqube findVulnerability(String ref, String node, String probe, String target, String component, String rule) { 42 | 43 | PostureSonarqube ps = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureSonarqube p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.target = :target AND p.component = :component AND p.ruleId = :rule") 50 | .setParameter("ref", ref) 51 | .setParameter("node", node) 52 | .setParameter("probe", probe) 53 | .setParameter("target", target) 54 | .setParameter("component", component) 55 | .setParameter("rule", rule); 56 | // Enable forced database query 57 | qry.setMaxResults(1); 58 | 59 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 60 | ps = (PostureSonarqube) qry.getSingleResult(); 61 | 62 | } catch (Exception e) { 63 | ps = null; 64 | } 65 | 66 | return ps; 67 | } 68 | 69 | public List getFindings(String ref) { 70 | 71 | List f = null; 72 | 73 | try { 74 | em.flush(); 75 | 76 | Query qry = em.createQuery( 77 | "SELECT p.severity, COUNT(p) FROM PostureSonarqube p WHERE p.refId = :ref GROUP BY p.severity") 78 | .setParameter("ref", ref); 79 | // Enable forced database query 80 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 81 | 82 | f = (List) qry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | f = null; 86 | } 87 | 88 | return f; 89 | } 90 | } 91 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureTaskFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureTask; 25 | 26 | @Stateless 27 | public class PostureTaskFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureTaskFacade() { 38 | super(PostureTask.class); 39 | } 40 | 41 | public PostureTask findPosture(String uuid) { 42 | 43 | PostureTask pt = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureTask p WHERE p.taskUuid = :uuid ") 50 | .setParameter("uuid", uuid); 51 | qry.setMaxResults(1); 52 | // Enable forced database query 53 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 54 | pt = (PostureTask) qry.getSingleResult(); 55 | 56 | } catch (Exception e) { 57 | pt = null; 58 | } 59 | 60 | return pt; 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureTerraformFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureTerraform; 25 | 26 | @Stateless 27 | public class PostureTerraformFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureTerraformFacade() { 38 | super(PostureTerraform.class); 39 | } 40 | 41 | public PostureTerraform findMisconfig(String ref, String node, String probe, String artifactName, String target, String avdid) { 42 | 43 | PostureTerraform pt; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query vQry = em.createQuery("SELECT p FROM PostureTerraform p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.artifactName = :artifact AND p.target = :target AND p.misconfigAvdid = :avdid") 49 | .setParameter("ref", ref) 50 | .setParameter("node", node) 51 | .setParameter("probe", probe) 52 | .setParameter("artifact", artifactName) 53 | .setParameter("target", target) 54 | .setParameter("avdid", avdid); 55 | 56 | vQry.setMaxResults(1); 57 | // Enable forced database query 58 | vQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 59 | pt = (PostureTerraform) vQry.getSingleResult(); 60 | 61 | } catch (Exception e) { 62 | pt = null; 63 | } 64 | 65 | return pt; 66 | 67 | } 68 | 69 | public List getFindings(String ref) { 70 | 71 | List f = null; 72 | 73 | try { 74 | em.flush(); 75 | 76 | Query qry = em.createQuery( 77 | "SELECT p.severity, COUNT(p) FROM PostureTerraform p WHERE p.refId = :ref GROUP BY p.severity") 78 | .setParameter("ref", ref); 79 | // Enable forced database query 80 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 81 | 82 | f = (List) qry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | f = null; 86 | } 87 | 88 | return f; 89 | } 90 | 91 | } 92 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/PostureZapFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.PostureZap; 25 | 26 | @Stateless 27 | public class PostureZapFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public PostureZapFacade() { 38 | super(PostureZap.class); 39 | } 40 | 41 | public PostureZap findVulnerability(String ref, String node, String probe, String target, String alert) { 42 | 43 | PostureZap pz = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query qry = em.createQuery( 49 | "SELECT p FROM PostureZap p WHERE p.refId = :ref AND p.node = :node AND p.probe = :probe AND p.target = :target AND p.alertRef = :alert") 50 | .setParameter("ref", ref) 51 | .setParameter("node", node) 52 | .setParameter("probe", probe) 53 | .setParameter("target", target) 54 | .setParameter("alert", alert); 55 | // Enable forced database query 56 | qry.setMaxResults(1); 57 | 58 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 59 | pz = (PostureZap) qry.getSingleResult(); 60 | 61 | } catch (Exception e) { 62 | pz = null; 63 | } 64 | 65 | return pz; 66 | } 67 | 68 | public List getFindings(String ref) { 69 | 70 | List f = null; 71 | 72 | try { 73 | em.flush(); 74 | 75 | Query qry = em.createQuery( 76 | "SELECT p.severity, COUNT(p) FROM PostureZap p WHERE p.refId = :ref GROUP BY p.severity") 77 | .setParameter("ref", ref); 78 | // Enable forced database query 79 | qry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 80 | 81 | f = (List) qry.getResultList(); 82 | 83 | } catch (Exception e) { 84 | f = null; 85 | } 86 | 87 | return f; 88 | } 89 | } 90 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/ProjectFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import javax.ejb.Stateless; 19 | import javax.persistence.CacheRetrieveMode; 20 | import javax.persistence.EntityManager; 21 | import javax.persistence.PersistenceContext; 22 | import javax.persistence.Query; 23 | import org.alertflex.entity.Project; 24 | 25 | @Stateless 26 | public class ProjectFacade extends AbstractFacade { 27 | 28 | @PersistenceContext(unitName = "alertflex_PU") 29 | private EntityManager em; 30 | 31 | @Override 32 | protected EntityManager getEntityManager() { 33 | return em; 34 | } 35 | 36 | public ProjectFacade() { 37 | super(Project.class); 38 | } 39 | 40 | public Project findProjectByName(String n) { 41 | 42 | Project p = null; 43 | 44 | try { 45 | em.flush(); 46 | 47 | Query projectQry = em.createQuery( 48 | "SELECT p FROM Project p WHERE p.name = :name").setParameter("name", n); 49 | 50 | projectQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 51 | p = (Project) projectQry.getSingleResult(); 52 | 53 | } catch (Exception e) { 54 | 55 | } 56 | 57 | return p; 58 | } 59 | 60 | public Project findProjectByRef(String r) { 61 | 62 | Project p = null; 63 | 64 | try { 65 | em.flush(); 66 | 67 | Query projectQry = em.createQuery( 68 | "SELECT p FROM Project p WHERE p.refId = :ref").setParameter("ref", r); 69 | 70 | projectQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 71 | p = (Project) projectQry.getSingleResult(); 72 | 73 | } catch (Exception e) { 74 | 75 | } 76 | 77 | return p; 78 | } 79 | 80 | } 81 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/ResponseFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.ArrayList; 19 | import java.util.List; 20 | import javax.ejb.Stateless; 21 | import javax.persistence.CacheRetrieveMode; 22 | import javax.persistence.EntityManager; 23 | import javax.persistence.PersistenceContext; 24 | import javax.persistence.Query; 25 | import org.alertflex.entity.Response; 26 | 27 | @Stateless 28 | public class ResponseFacade extends AbstractFacade { 29 | 30 | @PersistenceContext(unitName = "alertflex_PU") 31 | private EntityManager em; 32 | 33 | @Override 34 | protected EntityManager getEntityManager() { 35 | return em; 36 | } 37 | 38 | public ResponseFacade() { 39 | super(Response.class); 40 | } 41 | 42 | public Response findResponseForAction(String ref, String source, String action) { 43 | 44 | Response r = null; 45 | 46 | try { 47 | em.flush(); 48 | 49 | Query listQry = em.createQuery("SELECT r FROM Response r WHERE r.refId = :ref AND r.alertSource = :source AND r.status = :status AND r.resType = :type AND r.resCause = :action") 50 | .setParameter("ref", ref) 51 | .setParameter("status", 1) 52 | .setParameter("source", source) 53 | .setParameter("type", "action") 54 | .setParameter("action", action); 55 | // Enable forced database query 56 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 57 | r = (Response) listQry.getSingleResult(); 58 | 59 | } catch (Exception e) { 60 | 61 | r = null; 62 | } 63 | 64 | return r; 65 | } 66 | 67 | public List findResponseForEvent(String ref, String source, String event) { 68 | 69 | List l = new ArrayList(); 70 | 71 | try { 72 | em.flush(); 73 | 74 | Query listQry = em.createQuery("SELECT r FROM Response r WHERE r.refId = :ref AND r.alertSource = :source AND r.status = :status AND r.resType = :type AND r.resCause = :event") 75 | .setParameter("ref", ref) 76 | .setParameter("status", 1) 77 | .setParameter("source", source) 78 | .setParameter("type", "event") 79 | .setParameter("event", event); 80 | // Enable forced database query 81 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 82 | l = listQry.getResultList(); 83 | 84 | } catch (Exception e) { 85 | 86 | l = new ArrayList(); 87 | } 88 | 89 | return l; 90 | } 91 | 92 | public List findResponseForCat(String ref, String source, String cat) { 93 | 94 | List l = new ArrayList(); 95 | 96 | try { 97 | em.flush(); 98 | 99 | Query listQry = em.createQuery("SELECT r FROM Response r WHERE r.refId = :ref AND r.alertSource = :source AND r.status = :status AND r.resType = :type AND r.resCause = :cat") 100 | .setParameter("ref", ref) 101 | .setParameter("status", 1) 102 | .setParameter("source", source) 103 | .setParameter("type", "cat") 104 | .setParameter("cat", cat); 105 | // Enable forced database query 106 | listQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 107 | l = listQry.getResultList(); 108 | 109 | } catch (Exception e) { 110 | 111 | l = new ArrayList(); 112 | } 113 | 114 | return l; 115 | } 116 | } 117 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/facade/UsersFacade.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.facade; 17 | 18 | import java.util.List; 19 | import javax.ejb.Stateless; 20 | import javax.persistence.CacheRetrieveMode; 21 | import javax.persistence.EntityManager; 22 | import javax.persistence.PersistenceContext; 23 | import javax.persistence.Query; 24 | import org.alertflex.entity.Users; 25 | 26 | @Stateless 27 | public class UsersFacade extends AbstractFacade { 28 | 29 | @PersistenceContext(unitName = "alertflex_PU") 30 | private EntityManager em; 31 | 32 | @Override 33 | protected EntityManager getEntityManager() { 34 | return em; 35 | } 36 | 37 | public UsersFacade() { 38 | super(Users.class); 39 | } 40 | 41 | public List findUsersByRefId(String r) { 42 | 43 | List usersList = null; 44 | 45 | try { 46 | em.flush(); 47 | 48 | Query usersListQry = em.createQuery("SELECT u FROM Users u WHERE u.refId = :ref").setParameter("ref", r); 49 | 50 | // Enable forced database query 51 | usersListQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 52 | usersList = usersListQry.getResultList(); 53 | } catch (Exception e) { 54 | 55 | //FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid quety to DB", "")); 56 | } 57 | 58 | return usersList; 59 | } 60 | 61 | public Users findUserById(String tenant, String id) { 62 | 63 | Users user = null; 64 | 65 | try { 66 | em.flush(); 67 | 68 | Query usersListQry = em.createQuery("SELECT u FROM Users u WHERE u.refId = :tenant AND u.userid = :user").setParameter("tenant", tenant).setParameter("user", id); 69 | 70 | // Enable forced database query 71 | usersListQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 72 | user = (Users) usersListQry.getSingleResult(); 73 | } catch (Exception e) { 74 | 75 | //FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid quety to DB", "")); 76 | } 77 | 78 | return user; 79 | 80 | } 81 | 82 | public Users findUserByName(String name) { 83 | 84 | Users user = null; 85 | 86 | try { 87 | em.flush(); 88 | 89 | Query usersListQry = em.createQuery("SELECT u FROM Users u WHERE u.userid = :user").setParameter("user", name); 90 | 91 | // Enable forced database query 92 | usersListQry.setHint("javax.persistence.cache.retrieveMode", CacheRetrieveMode.BYPASS); 93 | user = (Users) usersListQry.getSingleResult(); 94 | } catch (Exception e) { 95 | 96 | //FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid quety to DB", "")); 97 | } 98 | 99 | return user; 100 | 101 | } 102 | 103 | } 104 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/jobs/RemoveAlerts.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.jobs; 17 | 18 | import java.sql.Timestamp; 19 | import java.util.ArrayList; 20 | import java.util.Date; 21 | import java.util.List; 22 | import javax.ejb.Timeout; 23 | import javax.ejb.Timer; 24 | import javax.ejb.TimerService; 25 | import javax.annotation.PostConstruct; 26 | import javax.annotation.Resource; 27 | import javax.ejb.AccessTimeout; 28 | import javax.ejb.ConcurrencyManagement; 29 | import static javax.ejb.ConcurrencyManagementType.CONTAINER; 30 | import javax.ejb.EJB; 31 | import javax.ejb.Lock; 32 | import javax.ejb.LockType; 33 | import javax.ejb.Singleton; 34 | import javax.ejb.Startup; 35 | import org.alertflex.entity.Alert; 36 | import org.alertflex.entity.Project; 37 | import org.alertflex.facade.AlertFacade; 38 | import org.alertflex.facade.ProjectFacade; 39 | import org.slf4j.Logger; 40 | import org.slf4j.LoggerFactory; 41 | 42 | @Singleton(name = "removeAlerts") 43 | @ConcurrencyManagement(CONTAINER) 44 | @Startup 45 | 46 | public class RemoveAlerts { 47 | 48 | @Resource 49 | private TimerService timerService; 50 | 51 | @EJB 52 | private ProjectFacade projectFacade; 53 | List projectList = null; 54 | 55 | @EJB 56 | private AlertFacade alertFacade; 57 | 58 | private static final Logger logger = LoggerFactory.getLogger(RemoveAlerts.class); 59 | 60 | static final long INIT_INTERVAL = 60000; // 1min 61 | static final long PERIODIC_INTERVAL = 3600000; // 1 hour 3600000 62 | static final long DAY = 86400000; 63 | 64 | @PostConstruct 65 | public void init() { 66 | 67 | timerService.createTimer(INIT_INTERVAL, PERIODIC_INTERVAL, "removeAlerts"); 68 | } 69 | 70 | @Lock(LockType.WRITE) 71 | @AccessTimeout(value = 500) 72 | @Timeout 73 | public void removeAlertsTimer(Timer timer) throws InterruptedException, Exception { 74 | 75 | projectList = projectFacade.findAll(); 76 | 77 | if (projectList == null || projectList.isEmpty()) { 78 | return; 79 | } 80 | 81 | for (Project project : projectList) { 82 | 83 | if (project != null) { 84 | int timerange = project.getAlertTimerange(); 85 | 86 | if (timerange > 0) { 87 | Date currentDate = new Date(); 88 | long millis = currentDate.getTime() - DAY * timerange; 89 | currentDate.setTime(millis); 90 | Timestamp dt = new Timestamp(currentDate.getTime()); 91 | 92 | List alertsList = new ArrayList<>(); 93 | alertsList = alertFacade.getOldAlerts(project.getRefId(), dt); 94 | 95 | do { 96 | for (Alert a: alertsList) alertFacade.remove(a); 97 | alertsList = alertFacade.getOldAlerts(project.getRefId(), dt); 98 | 99 | } while (!alertsList.isEmpty()); 100 | } 101 | } 102 | } 103 | } 104 | } 105 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/jobs/RemoveNodeStat.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.jobs; 17 | 18 | import java.sql.Timestamp; 19 | import java.util.Date; 20 | import java.util.List; 21 | import javax.ejb.Timeout; 22 | import javax.ejb.Timer; 23 | import javax.ejb.TimerService; 24 | import javax.annotation.PostConstruct; 25 | import javax.annotation.Resource; 26 | import javax.ejb.AccessTimeout; 27 | import javax.ejb.ConcurrencyManagement; 28 | import static javax.ejb.ConcurrencyManagementType.CONTAINER; 29 | import javax.ejb.EJB; 30 | import javax.ejb.Lock; 31 | import javax.ejb.LockType; 32 | import javax.ejb.Singleton; 33 | import javax.ejb.Startup; 34 | import org.alertflex.entity.NodeAlerts; 35 | import org.alertflex.entity.NodeMonitor; 36 | import org.alertflex.entity.Project; 37 | import org.alertflex.facade.NodeAlertsFacade; 38 | import org.alertflex.facade.NodeMonitorFacade; 39 | import org.alertflex.facade.ProjectFacade; 40 | import org.slf4j.Logger; 41 | import org.slf4j.LoggerFactory; 42 | 43 | @Singleton(name = "removeNodeStat") 44 | @ConcurrencyManagement(CONTAINER) 45 | @Startup 46 | 47 | public class RemoveNodeStat { 48 | 49 | @Resource 50 | private TimerService timerService; 51 | 52 | @EJB 53 | private ProjectFacade projectFacade; 54 | List projectList = null; 55 | 56 | @EJB 57 | private NodeMonitorFacade nodeMonitorFacade; 58 | 59 | @EJB 60 | private NodeAlertsFacade nodeAlertsFacade; 61 | 62 | private static final Logger logger = LoggerFactory.getLogger(RemoveNodeStat.class); 63 | 64 | static final long INIT_INTERVAL = 60000; // 1min 65 | static final long PERIODIC_INTERVAL = 3600000; // 1 hour 66 | static final long DAY = 86400000; 67 | 68 | @PostConstruct 69 | public void init() { 70 | 71 | timerService.createTimer(INIT_INTERVAL, PERIODIC_INTERVAL, "removeNodeStat"); 72 | } 73 | 74 | @Lock(LockType.WRITE) 75 | @AccessTimeout(value = 500) 76 | @Timeout 77 | public void removeStatTimer(Timer timer) throws InterruptedException, Exception { 78 | 79 | projectList = projectFacade.findAll(); 80 | 81 | if (projectList == null || projectList.isEmpty()) { 82 | return; 83 | } 84 | 85 | for (Project project : projectList) { 86 | 87 | if (project != null) { 88 | int timerange = project.getNodeTimerange(); 89 | 90 | if (timerange > 0) { 91 | 92 | Date currentDate = new Date(); 93 | long millis = currentDate.getTime() - DAY * timerange; 94 | currentDate.setTime(millis); 95 | Timestamp dt = new Timestamp(currentDate.getTime()); 96 | 97 | // 98 | List nodemonitorList = nodeMonitorFacade.getOldStat(project.getRefId(), dt); 99 | 100 | if (nodemonitorList != null) { 101 | do { 102 | for (NodeMonitor n: nodemonitorList) nodeMonitorFacade.remove(n); 103 | 104 | nodemonitorList = nodeMonitorFacade.getOldStat(project.getRefId(), dt); 105 | 106 | } while (nodemonitorList != null && !nodemonitorList.isEmpty()); 107 | } 108 | 109 | // 110 | List nodealertsList = nodeAlertsFacade.getOldStat(project.getRefId(), dt); 111 | 112 | if (nodealertsList != null) { 113 | do { 114 | for (NodeAlerts n: nodealertsList) nodeAlertsFacade.remove(n); 115 | 116 | nodealertsList = nodeAlertsFacade.getOldStat(project.getRefId(), dt); 117 | 118 | } while (nodealertsList != null && nodealertsList.isEmpty()); 119 | } 120 | 121 | } 122 | } 123 | } 124 | } 125 | } 126 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/logserver/FromElasticPool.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.logserver; 17 | 18 | import static java.lang.annotation.ElementType.TYPE; 19 | import static java.lang.annotation.ElementType.FIELD; 20 | import static java.lang.annotation.ElementType.PARAMETER; 21 | import static java.lang.annotation.ElementType.METHOD; 22 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 23 | import java.lang.annotation.Retention; 24 | import java.lang.annotation.Target; 25 | import javax.inject.Qualifier; 26 | 27 | @Qualifier 28 | @Retention(RUNTIME) 29 | @Target({TYPE, METHOD, FIELD, PARAMETER}) 30 | public @interface FromElasticPool { 31 | } 32 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/logserver/FromGraylogPool.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.logserver; 17 | 18 | import static java.lang.annotation.ElementType.TYPE; 19 | import static java.lang.annotation.ElementType.FIELD; 20 | import static java.lang.annotation.ElementType.PARAMETER; 21 | import static java.lang.annotation.ElementType.METHOD; 22 | import static java.lang.annotation.RetentionPolicy.RUNTIME; 23 | import java.lang.annotation.Retention; 24 | import java.lang.annotation.Target; 25 | import javax.inject.Qualifier; 26 | 27 | 28 | @Qualifier 29 | @Retention(RUNTIME) 30 | @Target({TYPE, METHOD, FIELD, PARAMETER}) 31 | public @interface FromGraylogPool { } 32 | 33 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/logserver/PooledGraylogProducer.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.logserver; 17 | 18 | import java.net.DatagramSocket; 19 | import java.net.InetAddress; 20 | import java.net.SocketException; 21 | import java.net.UnknownHostException; 22 | import java.util.List; 23 | 24 | import javax.annotation.PostConstruct; 25 | import javax.annotation.PreDestroy; 26 | import javax.ejb.EJB; 27 | import javax.ejb.Startup; 28 | import javax.enterprise.context.ApplicationScoped; 29 | import javax.enterprise.inject.Produces; 30 | import org.alertflex.entity.Project; 31 | import org.alertflex.facade.ProjectFacade; 32 | 33 | @ApplicationScoped 34 | @Startup 35 | public class PooledGraylogProducer { 36 | 37 | @EJB 38 | private ProjectFacade projectFacade; 39 | List projectList; 40 | private Project prj = null; 41 | 42 | DatagramSocket socket = null; 43 | String logHost = null; 44 | InetAddress iaHost = null; 45 | int logPort = 0; 46 | 47 | private GrayLog grayLog = null; 48 | 49 | @PostConstruct 50 | public void initPool() { 51 | 52 | try { 53 | 54 | projectList = projectFacade.findAll(); 55 | 56 | if(projectList == null || projectList.isEmpty()) return; 57 | 58 | prj = projectList.get(0); 59 | 60 | if(prj == null) return; 61 | 62 | logHost = prj.getGraylogHost(); 63 | logPort = prj.getGraylogPort(); 64 | 65 | if (logHost != null && !logHost.isEmpty() && !logHost.equals("indef")) { 66 | 67 | iaHost = InetAddress.getByName(logHost); 68 | socket = new DatagramSocket(); 69 | 70 | grayLog = new GrayLog(socket, iaHost, logPort); 71 | } 72 | 73 | } catch (UnknownHostException | SocketException e) { 74 | 75 | 76 | } 77 | 78 | } 79 | 80 | 81 | @Produces 82 | @FromGraylogPool 83 | public GrayLog get() { 84 | 85 | if (grayLog != null) { 86 | return grayLog; 87 | } 88 | 89 | return null; 90 | } 91 | 92 | @PreDestroy 93 | public void close() { 94 | if (grayLog != null) { 95 | try { 96 | socket.close(); 97 | } catch (Exception e) { 98 | grayLog = null; 99 | } 100 | } 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/posture/AppSbom.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.posture; 17 | 18 | import java.io.File; 19 | import java.nio.file.Files; 20 | import java.nio.file.Path; 21 | import java.nio.file.Paths; 22 | import java.nio.file.StandardOpenOption; 23 | import java.util.Date; 24 | import org.alertflex.controller.InfoMessageBean; 25 | import org.alertflex.entity.Project; 26 | import org.alertflex.entity.Node; 27 | import org.alertflex.entity.PostureTask; 28 | import org.alertflex.supp.ProjectRepository; 29 | import org.apache.http.HttpEntity; 30 | import org.apache.http.HttpResponse; 31 | import org.apache.http.client.HttpClient; 32 | import org.apache.http.client.methods.HttpPost; 33 | import org.apache.http.entity.mime.content.FileBody; 34 | import org.apache.http.entity.mime.MultipartEntityBuilder; 35 | import org.apache.http.impl.client.HttpClientBuilder; 36 | import java.util.UUID; 37 | import org.apache.http.util.EntityUtils; 38 | import org.apache.logging.log4j.LogManager; 39 | import org.apache.logging.log4j.Logger; 40 | 41 | public class AppSbom { 42 | 43 | private static final Logger logger = LogManager.getLogger(AppSbom.class); 44 | 45 | private InfoMessageBean eventBean; 46 | Project project; 47 | Node node; 48 | 49 | public AppSbom(InfoMessageBean eb) { 50 | this.eventBean = eb; 51 | this.project = eventBean.getProject(); 52 | 53 | } 54 | 55 | public void saveReport(String results, String target, String uuid, String alertCorr, int alertType) { 56 | 57 | String r = eventBean.getRefId(); 58 | String n = eventBean.getNode(); 59 | String p = eventBean.getHost() + ".trivy"; 60 | Date date = new Date(); 61 | 62 | try { 63 | 64 | ProjectRepository pr = new ProjectRepository(project); 65 | String posturePath = pr.getCtrlPostureDir() + uuid + ".json"; 66 | Path pp = Paths.get(posturePath); 67 | Files.write(pp, results.getBytes(), StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING); 68 | 69 | 70 | PostureTask pt = new PostureTask (); 71 | 72 | pt.setRefId(r); 73 | pt.setNode(n); 74 | pt.setProbe(p); 75 | pt.setPostureType("AppSbom"); 76 | pt.setTarget(target); 77 | pt.setTaskUuid(uuid); 78 | pt.setReportAdded(date); 79 | 80 | eventBean.getPostureTaskFacade().create(pt); 81 | 82 | String trackUrl = project.getTrackUrl(); 83 | String trackKey = project.getTrackKey(); 84 | String trackProject = project.getTrackProject(); 85 | String trackVersion = project.getTrackVersion(); 86 | 87 | HttpClient client = HttpClientBuilder.create().disableContentCompression().build(); 88 | HttpPost post = new HttpPost(trackUrl); 89 | String boundary = "---------------"+UUID.randomUUID().toString(); 90 | 91 | post.setHeader("accept", "application/json"); 92 | post.setHeader("X-Api-Key", trackKey); 93 | post.setHeader("Content-Type", org.apache.http.entity.ContentType.MULTIPART_FORM_DATA.getMimeType()+"; boundary="+boundary); 94 | 95 | MultipartEntityBuilder builder = MultipartEntityBuilder.create(); 96 | 97 | builder.setBoundary(boundary); 98 | 99 | builder.addTextBody("projectName", trackProject, org.apache.http.entity.ContentType.TEXT_PLAIN); 100 | builder.addTextBody("projectVersion", trackVersion, org.apache.http.entity.ContentType.TEXT_PLAIN); 101 | builder.addTextBody("autoCreate", "false", org.apache.http.entity.ContentType.TEXT_PLAIN); 102 | 103 | File file = new File(posturePath); 104 | FileBody fileBody = new FileBody(file, org.apache.http.entity.ContentType.APPLICATION_OCTET_STREAM); 105 | builder.addPart("bom", fileBody); 106 | 107 | final HttpEntity entity = builder.build(); 108 | 109 | post.setEntity(entity); 110 | 111 | HttpResponse response = client.execute(post); 112 | 113 | if (response != null) { 114 | 115 | String json = EntityUtils.toString(response.getEntity(), "UTF-8"); 116 | 117 | } 118 | } catch (Exception e) { 119 | logger.error("alertflex_ctrl_exception", e); 120 | } 121 | } 122 | } 123 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/posture/DockerSbom.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.posture; 17 | 18 | import java.io.File; 19 | import java.nio.file.Files; 20 | import java.nio.file.Path; 21 | import java.nio.file.Paths; 22 | import java.nio.file.StandardOpenOption; 23 | import java.util.Date; 24 | import org.alertflex.controller.InfoMessageBean; 25 | import org.alertflex.entity.Project; 26 | import org.alertflex.entity.Node; 27 | import org.alertflex.entity.PostureTask; 28 | import org.alertflex.supp.ProjectRepository; 29 | import org.apache.http.HttpEntity; 30 | import org.apache.http.HttpResponse; 31 | import org.apache.http.client.HttpClient; 32 | import org.apache.http.client.methods.HttpPost; 33 | import org.apache.http.entity.mime.content.FileBody; 34 | import org.apache.http.entity.mime.MultipartEntityBuilder; 35 | import org.apache.http.impl.client.HttpClientBuilder; 36 | import java.util.UUID; 37 | import org.apache.http.util.EntityUtils; 38 | import org.apache.logging.log4j.LogManager; 39 | import org.apache.logging.log4j.Logger; 40 | 41 | 42 | public class DockerSbom { 43 | 44 | private static final Logger logger = LogManager.getLogger(DockerSbom.class); 45 | 46 | private InfoMessageBean eventBean; 47 | Project project; 48 | Node node; 49 | 50 | public DockerSbom(InfoMessageBean eb) { 51 | this.eventBean = eb; 52 | this.project = eventBean.getProject(); 53 | 54 | } 55 | 56 | public void saveReport(String results, String target, String uuid, String alertCorr, int alertType) { 57 | 58 | String r = eventBean.getRefId(); 59 | String n = eventBean.getNode(); 60 | String p = eventBean.getHost() + ".trivy"; 61 | Date date = new Date(); 62 | 63 | try { 64 | 65 | ProjectRepository pr = new ProjectRepository(project); 66 | String posturePath = pr.getCtrlPostureDir() + uuid + ".json"; 67 | Path pp = Paths.get(posturePath); 68 | Files.write(pp, results.getBytes(), StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING); 69 | 70 | PostureTask pt = new PostureTask (); 71 | 72 | pt.setRefId(r); 73 | pt.setNode(n); 74 | pt.setProbe(p); 75 | pt.setPostureType("DockerSbom"); 76 | pt.setTarget(target); 77 | pt.setTaskUuid(uuid); 78 | pt.setReportAdded(date); 79 | 80 | eventBean.getPostureTaskFacade().create(pt); 81 | 82 | String trackUrl = project.getTrackUrl(); 83 | String trackKey = project.getTrackKey(); 84 | String trackProject = project.getTrackProject(); 85 | String trackVersion = project.getTrackVersion(); 86 | 87 | HttpClient client = HttpClientBuilder.create().disableContentCompression().build(); 88 | HttpPost post = new HttpPost(trackUrl); 89 | String boundary = "---------------"+UUID.randomUUID().toString(); 90 | 91 | post.setHeader("accept", "application/json"); 92 | post.setHeader("X-Api-Key", trackKey); 93 | post.setHeader("Content-Type", org.apache.http.entity.ContentType.MULTIPART_FORM_DATA.getMimeType()+"; boundary="+boundary); 94 | 95 | MultipartEntityBuilder builder = MultipartEntityBuilder.create(); 96 | 97 | builder.setBoundary(boundary); 98 | 99 | builder.addTextBody("projectName", trackProject, org.apache.http.entity.ContentType.TEXT_PLAIN); 100 | builder.addTextBody("projectVersion", trackVersion, org.apache.http.entity.ContentType.TEXT_PLAIN); 101 | builder.addTextBody("autoCreate", "false", org.apache.http.entity.ContentType.TEXT_PLAIN); 102 | 103 | File file = new File(posturePath); 104 | FileBody fileBody = new FileBody(file, org.apache.http.entity.ContentType.APPLICATION_OCTET_STREAM); 105 | builder.addPart("bom", fileBody); 106 | 107 | final HttpEntity entity = builder.build(); 108 | 109 | post.setEntity(entity); 110 | 111 | HttpResponse response = client.execute(post); 112 | 113 | if (response != null) { 114 | 115 | String json = EntityUtils.toString(response.getEntity(), "UTF-8"); 116 | 117 | } 118 | } catch (Exception e) { 119 | logger.error("alertflex_ctrl_exception", e); 120 | } 121 | } 122 | } 123 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/posture/nmap/NmapJson.java: -------------------------------------------------------------------------------- 1 | package org.alertflex.posture.nmap; 2 | 3 | import java.io.IOException; 4 | import java.io.InputStream; 5 | import java.util.List; 6 | import javax.xml.parsers.ParserConfigurationException; 7 | import javax.xml.parsers.SAXParserFactory; 8 | import javax.xml.parsers.SAXParser; 9 | import org.xml.sax.SAXException; 10 | 11 | public class NmapJson { 12 | 13 | public List getResult(InputStream xmlData) { 14 | 15 | SAXParserFactory factory = SAXParserFactory.newInstance(); 16 | 17 | factory.setValidating(true); 18 | factory.setNamespaceAware(false); 19 | 20 | try { 21 | 22 | SAXParser parser = factory.newSAXParser(); 23 | NmapParser ns = new NmapParser(); 24 | 25 | parser.parse(xmlData, ns); 26 | 27 | xmlData.close(); 28 | 29 | return ns.getResult(); 30 | 31 | } catch (ParserConfigurationException | SAXException | IOException e) { 32 | 33 | return null; 34 | } 35 | 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/posture/nmap/NmapParser.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.posture.nmap; 17 | 18 | import java.util.ArrayList; 19 | import java.util.List; 20 | import org.xml.sax.Attributes; 21 | import org.xml.sax.helpers.DefaultHandler; 22 | 23 | public class NmapParser extends DefaultHandler { 24 | 25 | Boolean inPorts = false; 26 | Boolean inPort = false; 27 | Boolean inState = false; 28 | Boolean inService = false; 29 | 30 | List nsrList = new ArrayList<>(); 31 | 32 | NmapReport nsr; 33 | 34 | String result = null; 35 | 36 | public List getResult() { 37 | return nsrList; 38 | } 39 | 40 | @Override 41 | public void startElement(String uri, String localName, String qName, Attributes attributes) { 42 | 43 | switch (qName) { 44 | case "ports": 45 | inPorts = true; 46 | break; 47 | 48 | case "port": 49 | if (inPorts) { 50 | 51 | inPort = true; 52 | 53 | nsr = new NmapReport(); 54 | 55 | if (attributes.getQName(0).equals("protocol")) { 56 | nsr.setProtocol(attributes.getValue(0)); 57 | } 58 | 59 | if (attributes.getQName(1).equals("portid")) { 60 | nsr.setPortid(attributes.getValue(1)); 61 | } 62 | } 63 | break; 64 | 65 | case "state": 66 | if (inPort) { 67 | 68 | inState = true; 69 | 70 | if (attributes.getQName(0).equals("state")) { 71 | nsr.setState(attributes.getValue(0)); 72 | } 73 | 74 | } 75 | break; 76 | 77 | case "service": 78 | if (inState) { 79 | 80 | inService = true; 81 | 82 | if (attributes.getQName(0).equals("name")) { 83 | nsr.setName(attributes.getValue(0)); 84 | nsrList.add(nsr); 85 | } 86 | 87 | } 88 | break; 89 | 90 | default: 91 | break; 92 | } 93 | } 94 | 95 | @Override 96 | public void endElement(String uri, String localName, String qName) { 97 | switch (localName) { 98 | case "ports": 99 | inPort = false; 100 | break; 101 | 102 | case "port": 103 | inPorts = false; 104 | break; 105 | 106 | case "state": 107 | inState = false; 108 | break; 109 | 110 | case "service": 111 | inService = false; 112 | break; 113 | 114 | default: 115 | break; 116 | } 117 | } 118 | } 119 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/posture/nmap/NmapReport.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.posture.nmap; 17 | 18 | public class NmapReport { 19 | 20 | String protocol; 21 | String portid; 22 | String state; 23 | String name; 24 | 25 | public void setProtocol(String p) { 26 | this.protocol = p; 27 | } 28 | 29 | public String getProtocol() { 30 | return protocol; 31 | } 32 | 33 | public void setPortid(String p) { 34 | this.portid = p; 35 | } 36 | 37 | public String getPortid() { 38 | return portid; 39 | } 40 | 41 | public void setState(String s) { 42 | this.state = s; 43 | } 44 | 45 | public String getState() { 46 | return state; 47 | } 48 | 49 | public void setName(String n) { 50 | this.name = n; 51 | } 52 | 53 | public String getName() { 54 | return name; 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/reports/AlertsBar.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.reports; 17 | 18 | import java.util.Date; 19 | 20 | public class AlertsBar { 21 | 22 | private String type; 23 | private Integer count; 24 | private Date period; 25 | 26 | public AlertsBar( 27 | String t, 28 | Integer c, 29 | Date p 30 | ) { 31 | type = t; 32 | count = c; 33 | period = p; 34 | } 35 | 36 | public AlertsBar getMe() { 37 | return this; 38 | } 39 | 40 | public String getType() { 41 | return type; 42 | } 43 | 44 | public Integer getCount() { 45 | return count; 46 | } 47 | 48 | public Date getPeriod() { 49 | return period; 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/reports/AlertsPie.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.reports; 17 | 18 | public class AlertsPie { 19 | 20 | private String type; 21 | private Integer count; 22 | 23 | public AlertsPie( 24 | String t, 25 | Integer c 26 | ) { 27 | type = t; 28 | count = c; 29 | } 30 | 31 | public AlertsPie getMe() { 32 | return this; 33 | } 34 | 35 | public String getType() { 36 | return type; 37 | } 38 | 39 | public Integer getCount() { 40 | return count; 41 | } 42 | 43 | } 44 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/reports/CounterInterval.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.reports; 17 | 18 | import org.joda.time.DateTime; 19 | import org.joda.time.Interval; 20 | 21 | public class CounterInterval { 22 | 23 | String alertType; 24 | Integer counter; 25 | Interval interval; 26 | 27 | public CounterInterval(String t) { 28 | counter = 0; 29 | alertType = t; 30 | } 31 | 32 | public CounterInterval(String t, DateTime s, DateTime e) { 33 | counter = 0; 34 | alertType = t; 35 | interval = new Interval(s, e); 36 | } 37 | 38 | public String getAlertType() { 39 | return alertType; 40 | } 41 | 42 | public void setAlertType(String at) { 43 | alertType = at; 44 | } 45 | 46 | public DateTime getStart() { 47 | return interval.getStart(); 48 | } 49 | 50 | public DateTime getEnd() { 51 | return interval.getEnd(); 52 | } 53 | 54 | public Long getStartMillis() { 55 | return interval.getStartMillis(); 56 | } 57 | 58 | public Long getEndMillis() { 59 | return interval.getEndMillis(); 60 | } 61 | 62 | public Integer getCounter() { 63 | return counter; 64 | } 65 | 66 | public void setCounter() { 67 | counter++; 68 | } 69 | 70 | public void setCounter(Integer c) { 71 | counter = counter + c; 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/reports/Finding.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.reports; 17 | 18 | /** 19 | * 20 | * @author root 21 | */ 22 | public class Finding { 23 | /** 24 | * 25 | */ 26 | private String finding; 27 | private Integer count; 28 | 29 | /** 30 | * 31 | */ 32 | public Finding( 33 | String f, 34 | Integer c 35 | ) { 36 | finding = f; 37 | count = c; 38 | } 39 | 40 | 41 | /** 42 | * 43 | */ 44 | public Finding getMe() { 45 | return this; 46 | } 47 | 48 | 49 | /** 50 | * 51 | */ 52 | public String getFinding() { 53 | return finding; 54 | } 55 | 56 | 57 | /** 58 | * 59 | */ 60 | public Integer getCount() { 61 | return count; 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/reports/JasperDataCloud.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.reports; 17 | 18 | import java.util.ArrayList; 19 | import java.util.Collection; 20 | import java.util.Date; 21 | import java.util.List; 22 | import org.alertflex.entity.Alert; 23 | import org.joda.time.DateTime; 24 | 25 | /** 26 | * 27 | * @author root 28 | */ 29 | public class JasperDataCloud { 30 | 31 | DateTime start; 32 | DateTime end; 33 | int numIntervals; 34 | 35 | List alertsList; 36 | 37 | private List dataPie; 38 | 39 | List inspectorFindings; 40 | List cformationFindings; 41 | List terraformFindings; 42 | 43 | 44 | public JasperDataCloud(List lif, List lcf, List ltf, List al, Date s, Date e, int n) { 45 | 46 | inspectorFindings = lif; 47 | cformationFindings = lcf; 48 | terraformFindings = ltf; 49 | 50 | start = new DateTime(s); 51 | end = new DateTime(e); 52 | numIntervals = n; 53 | alertsList = al; 54 | } 55 | 56 | public void createDataPie() { 57 | 58 | dataPie = new ArrayList(); 59 | 60 | CounterInterval ciSev0 = new CounterInterval("Sev0"); 61 | CounterInterval ciSev1 = new CounterInterval("Sev1"); 62 | CounterInterval ciSev2 = new CounterInterval("Sev2"); 63 | CounterInterval ciSev3 = new CounterInterval("Sev3"); 64 | 65 | if ((alertsList != null) && (alertsList.size() > 0)) { 66 | 67 | for (Alert a : alertsList) { 68 | 69 | switch (a.getAlertSeverity()) { 70 | case 0: 71 | ciSev0.setCounter(); 72 | break; 73 | case 1: 74 | ciSev1.setCounter(); 75 | break; 76 | case 2: 77 | ciSev2.setCounter(); 78 | break; 79 | case 3: 80 | ciSev3.setCounter(); 81 | break; 82 | } 83 | } 84 | 85 | dataPie.add(new AlertsPie("Sev0", ciSev0.getCounter())); 86 | dataPie.add(new AlertsPie("Sev1", ciSev1.getCounter())); 87 | dataPie.add(new AlertsPie("Sev2", ciSev2.getCounter())); 88 | dataPie.add(new AlertsPie("Sev3", ciSev3.getCounter())); 89 | 90 | } else { 91 | dataPie.add(new AlertsPie("none", 1)); 92 | } 93 | } 94 | 95 | public List getBeanCollectionPie() { 96 | createDataPie(); 97 | return dataPie; 98 | } 99 | 100 | public Collection getInspectorFindings() { 101 | return inspectorFindings; 102 | } 103 | 104 | public Collection getCformationFindings() { 105 | return cformationFindings; 106 | } 107 | 108 | public Collection getTerraformFindings() { 109 | return terraformFindings; 110 | } 111 | 112 | } 113 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/reports/JasperDataMisconfig.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.reports; 17 | 18 | import java.util.Collection; 19 | import java.util.List; 20 | 21 | /** 22 | * 23 | * @author root 24 | */ 25 | public class JasperDataMisconfig { 26 | 27 | List appSecretsFindings; 28 | List dockerFilesFindings; 29 | List hostsFindings; 30 | List kubernetesFindings; 31 | 32 | 33 | public JasperDataMisconfig(List laf, List ldf, List lhf, List lkf) { 34 | 35 | appSecretsFindings = laf; 36 | dockerFilesFindings = ldf; 37 | hostsFindings = lhf; 38 | kubernetesFindings = lkf; 39 | 40 | } 41 | 42 | 43 | public Collection getAppSecretsFindings() { 44 | return appSecretsFindings; 45 | } 46 | 47 | public Collection getDockerFilesFindings() { 48 | return dockerFilesFindings; 49 | } 50 | 51 | public Collection getHostFindings() { 52 | return hostsFindings; 53 | } 54 | 55 | public Collection getKubernetesFindings() { 56 | return kubernetesFindings; 57 | } 58 | 59 | } 60 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/reports/JasperDataScanners.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.reports; 17 | 18 | import java.util.Collection; 19 | import java.util.List; 20 | 21 | /** 22 | * 23 | * @author root 24 | */ 25 | public class JasperDataScanners { 26 | 27 | 28 | List kubehunterFindings; 29 | List zapFindings; 30 | List nmapFindings; 31 | List nucleiFindings; 32 | 33 | public JasperDataScanners(List lkf, List lzf, List lnmf, List lnuf) { 34 | 35 | kubehunterFindings = lkf; 36 | 37 | zapFindings = lzf; 38 | 39 | nmapFindings = lnmf; 40 | 41 | nucleiFindings = lnuf; 42 | } 43 | 44 | /** 45 | * 46 | */ 47 | public Collection getKubehunterFindings() { 48 | return kubehunterFindings; 49 | } 50 | 51 | public Collection getZapFindings() { 52 | return zapFindings; 53 | } 54 | 55 | public Collection getNmapFindings() { 56 | return nmapFindings; 57 | } 58 | 59 | public Collection getNucleiFindings() { 60 | return nucleiFindings; 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/reports/JasperDataVuln.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.reports; 17 | 18 | import java.util.Collection; 19 | import java.util.List; 20 | 21 | /** 22 | * 23 | * @author root 24 | */ 25 | public class JasperDataVuln { 26 | 27 | List applicationsFindings; 28 | List dockerImagesFindings; 29 | List hostsFindings; 30 | List kubernetesFindings; 31 | 32 | 33 | public JasperDataVuln(List laf, List ldf, List lhf, List lkf) { 34 | 35 | applicationsFindings = laf; 36 | dockerImagesFindings = ldf; 37 | hostsFindings = lhf; 38 | kubernetesFindings = lkf; 39 | 40 | } 41 | 42 | 43 | public Collection getApplicationsFindings() { 44 | return applicationsFindings; 45 | } 46 | 47 | public Collection getDockerImagesFindings() { 48 | return dockerImagesFindings; 49 | } 50 | 51 | public Collection getHostFindings() { 52 | return hostsFindings; 53 | } 54 | 55 | public Collection getKubernetesFindings() { 56 | return kubernetesFindings; 57 | } 58 | 59 | } 60 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/rest/PlaybookREST.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.rest; 17 | 18 | import java.io.ByteArrayOutputStream; 19 | import java.io.IOException; 20 | import java.io.ObjectOutputStream; 21 | import java.util.UUID; 22 | import javax.ejb.EJB; 23 | import javax.ejb.Stateless; 24 | import javax.jms.BytesMessage; 25 | import javax.jms.Connection; 26 | import javax.jms.DeliveryMode; 27 | import javax.jms.Destination; 28 | import javax.jms.JMSException; 29 | import javax.jms.MessageProducer; 30 | import javax.ws.rs.Path; 31 | import javax.ws.rs.PathParam; 32 | import javax.ws.rs.Produces; 33 | import javax.ws.rs.core.Context; 34 | import javax.ws.rs.core.MediaType; 35 | import javax.ws.rs.core.Response; 36 | import javax.ws.rs.core.SecurityContext; 37 | import org.apache.logging.log4j.LogManager; 38 | import org.apache.logging.log4j.Logger; 39 | import javax.ws.rs.POST; 40 | import org.alertflex.common.PojoAlertLogic; 41 | import org.alertflex.entity.Playbook; 42 | import org.alertflex.facade.PlaybookFacade; 43 | import org.apache.activemq.ActiveMQConnectionFactory; 44 | 45 | @Stateless 46 | @Path("playbook") 47 | public class PlaybookREST { 48 | 49 | private static final Logger logger = LogManager.getLogger(PlaybookREST.class); 50 | 51 | @EJB 52 | private PlaybookFacade playbookFacade; 53 | 54 | public PlaybookREST() { 55 | 56 | } 57 | 58 | @POST 59 | @Path("{id}") 60 | @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) 61 | public Response push(@PathParam("id") String id, @Context SecurityContext sc) { 62 | 63 | if (id != null && !id.isEmpty()) { 64 | 65 | Playbook p = playbookFacade.findPlaybookByWebhook(id); 66 | 67 | String reportUuid = UUID.randomUUID().toString(); 68 | 69 | if (p != null) { 70 | 71 | sendPlaybookToMQ(p, reportUuid); 72 | 73 | return Response 74 | .status(Response.Status.OK) 75 | .entity(reportUuid) 76 | .build(); 77 | } 78 | } 79 | 80 | return Response.status(Response.Status.BAD_REQUEST).build(); 81 | } 82 | 83 | public void sendPlaybookToMQ(Playbook p, String r) { 84 | 85 | PojoAlertLogic a = new PojoAlertLogic(); 86 | 87 | try { 88 | 89 | String strConnFactory = System.getProperty("AmqUrl", ""); 90 | String user = System.getProperty("AmqUser", ""); 91 | String pass = System.getProperty("AmqPwd", ""); 92 | 93 | // Create a ConnectionFactory 94 | ActiveMQConnectionFactory connectionFactory = new ActiveMQConnectionFactory(strConnFactory); 95 | 96 | // Create a Connection 97 | Connection connection = connectionFactory.createConnection(user, pass); 98 | connection.start(); 99 | 100 | // Create a Session 101 | javax.jms.Session session = connection.createSession(false, javax.jms.Session.AUTO_ACKNOWLEDGE); 102 | 103 | // Create the destination (Topic or Queue) 104 | Destination destination = session.createQueue("jms/alertflex/playbooks"); 105 | 106 | // Create a MessageProducer from the Session to the Topic or Queue 107 | MessageProducer producer = session.createProducer(destination); 108 | producer.setDeliveryMode(DeliveryMode.NON_PERSISTENT); 109 | 110 | BytesMessage message = session.createBytesMessage(); 111 | 112 | message.setStringProperty("ref_id", p.getRefId()); 113 | message.setStringProperty("playbook_id", p.getName()); 114 | message.setStringProperty("report_uuid", r); 115 | 116 | ByteArrayOutputStream bos = new ByteArrayOutputStream(); 117 | ObjectOutputStream oos = new ObjectOutputStream(bos); 118 | 119 | oos.writeObject(a); 120 | oos.close(); 121 | bos.close(); 122 | 123 | message.writeBytes(bos.toByteArray()); 124 | producer.send(message); 125 | 126 | // Clean up 127 | session.close(); 128 | connection.close(); 129 | 130 | } catch (JMSException e) { 131 | logger.error("alertflex_mc_exception", e); 132 | } catch (IOException e) { 133 | logger.error("alertflex_mc_exception", e); 134 | } 135 | } 136 | } -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/supp/GeoIp.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.supp; 17 | 18 | public class GeoIp { 19 | 20 | String ip; 21 | String cc; 22 | float lat; 23 | float lon; 24 | 25 | public GeoIp(String ip) { 26 | this.ip = ip; 27 | this.cc = "indef"; 28 | this.lat = 0; 29 | this.lon = 0; 30 | } 31 | 32 | public GeoIp(String ip, String cc, float lat, float lon) { 33 | this.ip = ip; 34 | this.cc = cc; 35 | this.lat = lat; 36 | this.lon = lon; 37 | } 38 | 39 | public String getIp() { 40 | return ip; 41 | } 42 | 43 | public void setIp(String ip) { 44 | this.ip = ip; 45 | } 46 | 47 | public String getCc() { 48 | return cc; 49 | } 50 | 51 | public void setCc(String cc) { 52 | this.cc = cc; 53 | } 54 | 55 | public Float getLat() { 56 | return lat; 57 | } 58 | 59 | public void setLat(Float lat) { 60 | this.lat = lat; 61 | } 62 | 63 | public Float getLon() { 64 | return lon; 65 | } 66 | 67 | public void setLon(Float lon) { 68 | this.lon = lon; 69 | } 70 | 71 | public String getSrcIp() { 72 | String srcip = "{ \"ip\":\"" 73 | + ip 74 | + "\",\"country_code\":\"" 75 | + cc 76 | + "\",\"latitude\":" 77 | + lat 78 | + ",\"longitude\":" 79 | + lon 80 | + "}"; 81 | 82 | return srcip; 83 | } 84 | 85 | public String getDstIp() { 86 | String dstip = "{ \"ip\":\"" 87 | + ip 88 | + "\",\"country_code\":\"" 89 | + cc 90 | + "\",\"latitude\":" 91 | + lat 92 | + ",\"longitude\":" 93 | + lon 94 | + "}"; 95 | 96 | return dstip; 97 | } 98 | } 99 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/supp/PosturePostBody.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.supp; 17 | 18 | import javax.xml.bind.annotation.XmlElement; 19 | import javax.xml.bind.annotation.XmlRootElement; 20 | 21 | /** 22 | * 23 | * @author root 24 | */ 25 | @XmlRootElement 26 | public class PosturePostBody { 27 | 28 | @XmlElement public Integer delay; 29 | @XmlElement public String alertCorr; 30 | @XmlElement public String postureType; 31 | @XmlElement public String target; 32 | @XmlElement public String host; 33 | @XmlElement public String vrn; 34 | @XmlElement public String project; 35 | 36 | public Integer getDelay() { 37 | return delay; 38 | } 39 | 40 | public void setDelay(Integer delay) { 41 | this.delay = delay; 42 | } 43 | 44 | public String getAlertCorr() { 45 | return alertCorr; 46 | } 47 | 48 | public void setAlertCorr(String alertCorr) { 49 | this.alertCorr = alertCorr; 50 | } 51 | 52 | public String getPostureType() { 53 | return postureType; 54 | } 55 | 56 | public void setPostureType(String postureType) { 57 | this.postureType = postureType; 58 | } 59 | 60 | public String getTarget() { 61 | return target; 62 | } 63 | 64 | public void setTarget(String target) { 65 | this.target = target; 66 | } 67 | 68 | public String getHost() { 69 | return host; 70 | } 71 | 72 | public void setHost(String host) { 73 | this.host = host; 74 | } 75 | 76 | public String getVrn() { 77 | return vrn; 78 | } 79 | 80 | public void setVrn(String vrn) { 81 | this.vrn = vrn; 82 | } 83 | 84 | public String getProject() { 85 | return project; 86 | } 87 | 88 | public void setProject(String project) { 89 | this.project = project; 90 | } 91 | } 92 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/supp/ProjectRepository.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.supp; 17 | 18 | import java.nio.file.Files; 19 | import java.nio.file.Path; 20 | import java.nio.file.Paths; 21 | import org.alertflex.entity.Node; 22 | import org.alertflex.entity.Project; 23 | 24 | public class ProjectRepository { 25 | 26 | Project project; 27 | Boolean status = true; 28 | 29 | String projectDir; 30 | Path projectPath; 31 | 32 | String ctrlDir; 33 | Path ctrlPath; 34 | 35 | String ctrlPostureDir; 36 | Path ctrlPosturePath; 37 | 38 | Node node; 39 | String nodeDir; 40 | Path nodePath; 41 | 42 | public ProjectRepository(Project p) { 43 | 44 | this.project = p; 45 | if (p == null) { 46 | status = false; 47 | return; 48 | } 49 | 50 | projectDir = project.getProjectPath(); 51 | projectPath = Paths.get(projectDir); 52 | 53 | if (Files.notExists(projectPath)) { 54 | try { 55 | Files.createDirectory(projectPath); 56 | } catch (Exception e) { 57 | status = false; 58 | return; 59 | } 60 | } 61 | 62 | try { 63 | ctrlDir = projectDir + "controller/"; 64 | ctrlPath = Paths.get(ctrlDir); 65 | 66 | if (Files.notExists(ctrlPath)) { 67 | Files.createDirectory(ctrlPath); 68 | } 69 | 70 | ctrlPostureDir = ctrlDir + "posture/"; 71 | ctrlPosturePath = Paths.get(ctrlPostureDir); 72 | 73 | if (Files.notExists(ctrlPosturePath)) { 74 | Files.createDirectory(ctrlPosturePath); 75 | } 76 | 77 | } catch (Exception e) { 78 | status = false; 79 | return; 80 | } 81 | } 82 | 83 | public Boolean getStatus() { 84 | return status; 85 | } 86 | 87 | public String getProjectDir() { 88 | return projectDir; 89 | } 90 | 91 | public Path getProjectPath() { 92 | return projectPath; 93 | } 94 | 95 | public String getCtrlDir() { 96 | return ctrlDir; 97 | } 98 | 99 | public Path getCtrlPath() { 100 | return ctrlPath; 101 | } 102 | 103 | public String getCtrlPostureDir() { 104 | return ctrlPostureDir; 105 | } 106 | 107 | public Path getCtrlPosturePath() { 108 | return ctrlPosturePath; 109 | } 110 | 111 | public String getNodeDir() { 112 | return nodeDir; 113 | } 114 | 115 | public Path getNodePath() { 116 | return nodePath; 117 | } 118 | 119 | public Boolean initNode(String nodeName) { 120 | 121 | nodeDir = project.getProjectPath() + nodeName + "/"; 122 | 123 | nodePath = Paths.get(nodeDir); 124 | if (Files.notExists(nodePath)) { 125 | try { 126 | Files.createDirectory(nodePath); 127 | } catch (Exception e) { 128 | status = false; 129 | return status; 130 | } 131 | } 132 | 133 | return status; 134 | } 135 | } 136 | -------------------------------------------------------------------------------- /controller/src/main/java/org/alertflex/supp/RestResponseFilter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2021 Oleg Zharkov 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"). 5 | * You may not use this file except in compliance with the License. 6 | * A copy of the License is located at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * or in the "license" file accompanying this file. This file is distributed 11 | * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 | * express or implied. See the License for the specific language governing 13 | * permissions and limitations under the License. 14 | */ 15 | 16 | package org.alertflex.supp; 17 | 18 | import java.io.IOException; 19 | import javax.ws.rs.container.ContainerRequestContext; 20 | import javax.ws.rs.container.ContainerResponseContext; 21 | import javax.ws.rs.container.ContainerResponseFilter; 22 | import javax.ws.rs.ext.Provider; 23 | 24 | @Provider 25 | public class RestResponseFilter implements ContainerResponseFilter{ 26 | 27 | @Override 28 | public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException{ 29 | responseContext.getHeaders().putSingle("Access-Control-Allow-Origin", "*"); 30 | responseContext.getHeaders().putSingle("Access-Control-Allow-Credentials", "true"); 31 | responseContext.getHeaders().putSingle("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT"); 32 | responseContext.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type, Accept"); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /controller/src/main/resources/META-INF/persistence.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | jdbc/alertflex_auth_jndi 5 | org.alertflex.entity.Agent 6 | org.alertflex.entity.AgentMisconfig 7 | org.alertflex.entity.AgentVul 8 | org.alertflex.entity.Container 9 | org.alertflex.entity.Pod 10 | org.alertflex.entity.Node 11 | org.alertflex.entity.NodePK 12 | org.alertflex.entity.Probe 13 | org.alertflex.entity.ProbePK 14 | org.alertflex.entity.AlertPriority 15 | org.alertflex.entity.AlertCategory 16 | org.alertflex.entity.Networks 17 | org.alertflex.entity.Hosts 18 | org.alertflex.entity.Project 19 | org.alertflex.entity.Users 20 | org.alertflex.entity.Response 21 | org.alertflex.entity.Playbook 22 | org.alertflex.entity.PostureTask 23 | org.alertflex.entity.PostureAppsecret 24 | org.alertflex.entity.PostureAppvuln 25 | org.alertflex.entity.PostureCloudformation 26 | org.alertflex.entity.PostureDockerconfig 27 | org.alertflex.entity.PostureDockervuln 28 | org.alertflex.entity.PostureInspector 29 | org.alertflex.entity.PostureK8sconfig 30 | org.alertflex.entity.PostureK8svuln 31 | org.alertflex.entity.PostureKubehunter 32 | org.alertflex.entity.PostureTerraform 33 | org.alertflex.entity.PostureZap 34 | org.alertflex.entity.PostureNmap 35 | org.alertflex.entity.PostureNuclei 36 | org.alertflex.entity.PostureNikto 37 | org.alertflex.entity.PostureSemgrep 38 | org.alertflex.entity.PostureSonarqube 39 | org.alertflex.entity.PostureCloudsploit 40 | true 41 | NONE 42 | 43 | 44 | 45 | 46 | 47 | jdbc/afevents_auth_jndi 48 | org.alertflex.entity.Alert 49 | org.alertflex.entity.NodeMonitor 50 | org.alertflex.entity.NodeAlerts 51 | true 52 | NONE 53 | 54 | 55 | 56 | 57 | 58 | jdbc/misp_auth_jndi 59 | org.alertflex.entity.Events 60 | org.alertflex.entity.Attributes 61 | true 62 | NONE 63 | 64 | 65 | -------------------------------------------------------------------------------- /controller/src/main/webapp/WEB-INF/beans.xml: -------------------------------------------------------------------------------- 1 | 2 | 7 | -------------------------------------------------------------------------------- /controller/src/main/webapp/WEB-INF/glassfish-ejb-jar.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | InfoMessageBean 7 | 8 | jms/activeMQConnectionFactory 9 | 10 | 11 | activemq-rar 12 | 13 | 14 | 15 | AlertsMessageBean 16 | 17 | jms/activeMQConnectionFactory 18 | 19 | 20 | activemq-rar 21 | 22 | 23 | 24 | ReportsMessageBean 25 | 26 | jms/activeMQConnectionFactory 27 | 28 | 29 | activemq-rar 30 | 31 | 32 | 33 | -------------------------------------------------------------------------------- /controller/src/main/webapp/WEB-INF/glassfish-web.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | Keep a copy of the generated servlet class' java code. 8 | 9 | 10 | /alertflex-ctrl 11 | 12 | admin 13 | admin 14 | 15 | 16 | user 17 | user 18 | 19 | 20 | 21 | -------------------------------------------------------------------------------- /controller/src/main/webapp/WEB-INF/web.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Jersey Web Application 6 | org.glassfish.jersey.servlet.ServletContainer 7 | 8 | jersey.config.server.provider.packages 9 | org.alertflex 10 | 11 | 1 12 | 13 | 14 | 15 | 16 | Jersey Web Application 17 | /rest/* 18 | 19 | 20 | BASIC 21 | JDBCRealm 22 | 23 | 24 | 25 | 26 | Public REST interface 27 | 28 | Posture area 29 | /rest/posture/* 30 | /rest/vrn/* 31 | 32 | 33 | NONE 34 | 35 | 36 | 37 | Private REST interface 38 | 39 | STIX area 40 | /rest/stix-alerts/* 41 | 42 | 43 | 44 | admin 45 | user 46 | 47 | 48 | NONE 49 | 50 | 51 | 52 | 53 | admin 54 | 55 | 56 | 57 | user 58 | 59 | 60 | -------------------------------------------------------------------------------- /env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | #################################### 4 | # Technical project data for Cnode # 5 | #################################### 6 | 7 | export INSTALL_PATH=/home/xxxxx/cnode 8 | export PROJECT_PATH=/home/xxxxx/ 9 | 10 | # Settings for connection to ActiveMQ broker, 11 | # The Common Name (AKA CN) represents the server name protected by the SSL certificate. 12 | # NOTE! CN is the Fully Qualified Domain Name (FQDN), do not use IP address for CN 13 | # NOTE! password policy require to use a not short length of the password 14 | export AMQ_CN=xxxxx 15 | export AMQ_USER=xxxxx 16 | export AMQ_PWD=***** 17 | 18 | # web admin user and password for Alertflex Web console, Glassfish and ActiveMQ 19 | # NOTE! please, do not change ADMIN_USER (keeps the user name as admin) 20 | export ADMIN_HOST=xxxxx 21 | export ADMIN_USER=admin 22 | export ADMIN_PWD=***** 23 | 24 | # user and password for MySQL database (Alertflex and Afevents DB) 25 | # password DB_PWD also will be used as root password for MySQL 26 | # NOTE! some of MySQL password policy require to use password special char in password for example - ! or &. 27 | # Installation procedures can be interrupted if the password does not suite the policy 28 | export DB_HOST=xxxxx 29 | export DB_PORT=3306 30 | export DB_USER=xxxxx 31 | export DB_PWD=***** 32 | 33 | # install Alertflex Management console 34 | export INSTALL_MC=no 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | -------------------------------------------------------------------------------- /env_appliance.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ##################################################### 4 | # Technical project data for Alertflex Central node # 5 | ##################################################### 6 | 7 | export INSTALL_PATH=/home/xxxxx/cnode 8 | export PROJECT_PATH=/home/xxxxx/ 9 | 10 | # Settings for connection to ActiveMQ broker, 11 | # The Common Name (AKA CN) represents the server name protected by the SSL certificate. 12 | # NOTE! CN is the Fully Qualified Domain Name (FQDN), do not use IP address for CN 13 | # NOTE! password policy require to use a not short length of the password 14 | export AMQ_CN=alertflex 15 | export AMQ_USER=admin 16 | export AMQ_PWD=***** 17 | 18 | # web admin user and password for Alertflex Web console, Glassfish and ActiveMQ 19 | # NOTE! please, do not change ADMIN_USER (keeps the user name as admin) 20 | export ADMIN_HOST=localhost 21 | export ADMIN_USER=admin 22 | export ADMIN_PWD=***** 23 | 24 | # user and password for MySQL database (Alertflex and Afevents DB) 25 | # password DB_PWD also will be used as root password for MySQL 26 | # NOTE! some of MySQL password policy require to use password special char in password for example - ! or &. 27 | # Installation procedures can be interrupted if the password does not suite the policy 28 | export DB_HOST=127.0.0.1 29 | export DB_PORT=3306 30 | export DB_USER=admin 31 | export DB_PWD=***** 32 | 33 | # install Alertflex Management console 34 | export INSTALL_MC=no -------------------------------------------------------------------------------- /html/fonts/FontAwesome.otf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/html/fonts/FontAwesome.otf -------------------------------------------------------------------------------- /html/fonts/fontawesome-webfont.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/html/fonts/fontawesome-webfont.eot -------------------------------------------------------------------------------- /html/fonts/fontawesome-webfont.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/html/fonts/fontawesome-webfont.ttf -------------------------------------------------------------------------------- /html/fonts/fontawesome-webfont.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/html/fonts/fontawesome-webfont.woff -------------------------------------------------------------------------------- /html/fonts/fontawesome-webfont.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/html/fonts/fontawesome-webfont.woff2 -------------------------------------------------------------------------------- /html/img/box.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/html/img/box.ico -------------------------------------------------------------------------------- /html/index.html: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | CSM solution 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 48 | 49 |
50 |
51 | 52 |
53 |
54 |
55 | 73 |
74 |
75 |
76 |
77 | 78 | 79 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | -------------------------------------------------------------------------------- /img/arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/img/arch.png -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 3 | 4.0.0 4 | 5 | 6 | org.alertflex 7 | cnode 8 | 1.0 9 | pom 10 | 11 | 12 | 13 | controller 14 | 15 | 16 | 17 | -------------------------------------------------------------------------------- /reports/alerts_report.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/alerts_report.jasper -------------------------------------------------------------------------------- /reports/alerts_subrep1.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/alerts_subrep1.jasper -------------------------------------------------------------------------------- /reports/alerts_subrep2.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/alerts_subrep2.jasper -------------------------------------------------------------------------------- /reports/alerts_subrep3.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/alerts_subrep3.jasper -------------------------------------------------------------------------------- /reports/alerts_subrep4.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/alerts_subrep4.jasper -------------------------------------------------------------------------------- /reports/cloud_cform.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/cloud_cform.jasper -------------------------------------------------------------------------------- /reports/cloud_gd.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/cloud_gd.jasper -------------------------------------------------------------------------------- /reports/cloud_ins.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/cloud_ins.jasper -------------------------------------------------------------------------------- /reports/cloud_report.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/cloud_report.jasper -------------------------------------------------------------------------------- /reports/cloud_terra.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/cloud_terra.jasper -------------------------------------------------------------------------------- /reports/misconfig_app.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/misconfig_app.jasper -------------------------------------------------------------------------------- /reports/misconfig_docker.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/misconfig_docker.jasper -------------------------------------------------------------------------------- /reports/misconfig_host.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/misconfig_host.jasper -------------------------------------------------------------------------------- /reports/misconfig_k8s.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/misconfig_k8s.jasper -------------------------------------------------------------------------------- /reports/misconfig_report.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/misconfig_report.jasper -------------------------------------------------------------------------------- /reports/scanner_kubehunter.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/scanner_kubehunter.jasper -------------------------------------------------------------------------------- /reports/scanner_nmap.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/scanner_nmap.jasper -------------------------------------------------------------------------------- /reports/scanner_nuclei.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/scanner_nuclei.jasper -------------------------------------------------------------------------------- /reports/scanner_zap.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/scanner_zap.jasper -------------------------------------------------------------------------------- /reports/scanners_report.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/scanners_report.jasper -------------------------------------------------------------------------------- /reports/vuln_app.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/vuln_app.jasper -------------------------------------------------------------------------------- /reports/vuln_docker.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/vuln_docker.jasper -------------------------------------------------------------------------------- /reports/vuln_host.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/vuln_host.jasper -------------------------------------------------------------------------------- /reports/vuln_k8s.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/vuln_k8s.jasper -------------------------------------------------------------------------------- /reports/vuln_report.jasper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/alertflex/cnode/612fac5c16cfe499d7ca4b420e36a04a7d73bf17/reports/vuln_report.jasper --------------------------------------------------------------------------------