Brandon Reeves

API XML Sorting and Counting Examples

Discussion created by Brandon Reeves on Jun 17, 2011

I Posted these to assist someone on another forum. Wanted to ensure others in the developer community had availability to the content.

 

The Link is:

https://community.qualys.com/message/3721#3721

Topic:Counting Hosts by Vulnerability and Sorting Hosts.

 

Code Snippets Below:

##Begin XML Transform of Report Data to Count Host Vulns

###Begin Code

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

<xsl:output indent="no" method="text"/>

<xsl:template match="/">

  <xsl:apply-templates select="/ASSET_DATA_REPORT/HOST_LIST/HOST"/>

</xsl:template>

<!-- write out comma separated file -->

<xsl:template match="/ASSET_DATA_REPORT/HOST_LIST/HOST">

   <xsl:value-of select="IP"/>

   <xsl:text>,</xsl:text>

   <xsl:value-of select="count(child::VULN_INFO_LIST/VULN_INFO)"/>

   <xsl:text>

   </xsl:text>

</xsl:template>

</xsl:stylesheet>

###End Code--->

 

##Final Code to List Hosts and Vulnerabilities by Severity Level Using Above XML Output and Get_Host_Info Calls

##Begin Code##

#!/usr/local/bin/bash

##Ensure Proper Paths

. /root/.profile

script_dir=$(pwd)

qualys_user="qualys_user"

qualys_pass="qualys_pass"

ag_xml="$script_dir/ag_xml"

final_out="$script_dir/finalout.txt"

##MSP Action Listing API Quick Reference

##Derived From http://www.qualys.com/docs/QualysGuard_API_User_Guide.pdf

## Begin script

input="$script_dir/hostcount.txt"

host="$(strings $input | cut -f2 -d",")"

 

for ip in $host ; do

curl -u $qualys_user:$qualys_pass -s -k -H 'Requested-With: Browser' $script_dir/headers.00 "https://qualysapi.qualys.com/msp/get_host_info.php?host_ip=$ip"

sleep 2

xsltproc $script_dir/count $ag_xml >> $final_out

done

##End Code

 

##Begin XML

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

<xsl:output indent="no" method="text"/>

<xsl:template match="/">

  <xsl:apply-templates select="*"/>

</xsl:template>

 

<!-- write out comma separated file -->

<xsl:template match="*">

   <xsl:for-each select="/HOST">

   <xsl:value-of select="IP"/>

   <xsl:text>,</xsl:text>

   <xsl:value-of select="VULNS/SEVERITY_LEVEL_5/COUNT + POTENTIAL_VULNS/SEVERITY_LEVEL_5/COUNT"/>

   <xsl:text>,</xsl:text>

   <xsl:value-of select="VULNS/SEVERITY_LEVEL_4/COUNT + POTENTIAL_VULNS/SEVERITY_LEVEL_4/COUNT"/>

   <xsl:text>,</xsl:text>

   <xsl:value-of select="VULNS/SEVERITY_LEVEL_3/COUNT + POTENTIAL_VULNS/SEVERITY_LEVEL_3/COUNT"/>

   <xsl:text>,</xsl:text>

   <xsl:value-of select="VULNS/SEVERITY_LEVEL_2/COUNT + POTENTIAL_VULNS/SEVERITY_LEVEL_2/COUNT"/>

   <xsl:text>,</xsl:text>

   <xsl:value-of select="VULNS/SEVERITY_LEVEL_1/COUNT + POTENTIAL_VULNS/SEVERITY_LEVEL_1/COUNT"/>

   <xsl:text>

   </xsl:text>

</xsl:for-each>

   </xsl:template>

</xsl:stylesheet>

##End XML

##End Code Snippets

Outcomes