Closed
Description
I think I may have found a bug. If you look at the errors
, inspected
& warnings
elements you will see a combination of a string and the expected JSON object in the array's. See the results here
This happens with both 4.4.20
& 5.1.12
versions of bash on both RHEL and Solaris.
{"id":"V0216246","title":"The audit system must produce records containing sufficient information to establish the identity of any user/subject associated with the event.","description":"Enabling the audit system will produce records with accurate time stamps, source, user, and activity information. Without this information malicious activity cannot be accurately tracked.","meta":{"date":"26-Jul-2023","rule_id":"SOL-11.1-010040","version":"SV-216246r603267_rule","severity":"CAT-II","classification":"UNCLASSIFIED","legacy_id":"V0047781","CCID":"CCI-001487","remediation":"true","outage_required":"false","stability":"stable"},"errors":[Elem:1,Item:2,Key:3,Value:4,{"Elem":"1"},{"Item":"2"},{"Key":"3"},{"Value":"4"}],"inspected":[Elem:one,Item:two,Key:three,Value:four,{"Elem":"one"},{"Item":"two"},{"Key":"three"},{"Value":"four"}],"warnings":[Elem:1,Item:2,Key:3,Value:4,{"Elem":"1"},{"Item":"2"},{"Key":"3"},{"Value":"4"}],"summary":{"inspected":"8","errors":"8","failed":"100.00%"},"metrics":{"start":"1721456521","stop":"1721456534","runtime":"13Sec."}}
The calling code example (uses the below functions)
$ reporting._load_dependencies
$ reporting.gen_stig 0 1721456521 1721456534 src/stigs/Solaris/11/V0216246.sh Elem:1,Item:2,Key:3,Value:4 Elem:one,Item:two,Key:three,Value:four Elem:1,Item:2,Key:3,Value:4
The code looks like the following
################################################
# @description Load reporting dependencies
#
# @noargs
#
# @example
# $ reporting.load_dependencies
################################################
reporting._load_dependencies()
{
source ./src/deps/json.bash/json.bash
alias jb=json
alias jb-array=json.array
}
################################################
# @description Generate report header
#
# @noargs
#
# @example
# $ reporting.gen_header
# {"hostname":"solaris","os":"Solaris","version":"11","kernel":"11.4.42.111.0","arch":"i386"}
#
# @stdout string
################################################
reporting._gen_header()
{
local hostname os version kernel arch
read -r hostname os version kernel arch <<< "$(env_set_env)"
json @hostname @os @version @kernel @arch
}
################################################
# @description Generate report metrics
#
# @args $1 Integer UNIX EPOCH (start time)
# @args $2 Integer UNIX EPOCH (end time)
#
# @example
# $ reporting._gen_metrics 1721456521 1721456534
# {"start":"1721456521","stop":"1721456534","time":"13 Sec."}
#
# @stdout string
################################################
reporting._gen_metrics()
{
local seconds start stop runtime
start=${1}
stop=${2}
seconds=$(math.subtract ${start} ${stop})
[ ${seconds:=1} -gt 60 ] &&
runtime="$(math.divide ${seconds} 60)Min." ||
runtime="${seconds}Sec."
json @start @stop @runtime
}
################################################
# @description Generate report summary of module status
#
# @args $1 Integer Total number of STIG modules per OS and version
# @args $2 Integer Number of selected STIG modules for job run
# @args $3 Integer Number of modules that passed
# @args $4 Integer Number of modules that failed
#
# @example
# $ reporting._gen_summary 219 88 48 40
# {"modules":"219","selected":"88","passed":"48","failed":"40","failure_rate":"45.45%"}
#
# @stdout string
################################################
reporting._gen_summary()
{
local modules selected passed failed failure_rate
modules=${1}
selected=${2}
passed=${3}
failed=${4}
failure_rate=$(math.percent ${selected} ${failed})
json @modules @selected @passed @failed @failure_rate
}
################################################
# @description Generate summary of inspected data per STIG modules
#
# @args $1 Integer Number of inspected items
# @args $2 Integer Number of errors found
# @args $3 Integer Number of warnings
#
# @example
# $ reporting._gen_stig_summary 10 2
# {"inspected":"10","errors":"2","failed":"20.00%"}
# $ reporting._gen_stig_summary 10 2 5
# {"inspected":"10","errors":"2","warnings":"5","failed":"20.00%"}
#
# @stdout string
################################################
reporting._gen_stig_summary()
{
local inspected errors warnings failed
inspected=${1}
errors=${2}
warnings=${3}
failed="$(math.percent ${inspected} ${errors})%"
json @inspected @errors @warnings:?? @failed
}
################################################
# @description Generate STIG header
#
# @args $1 String Path to STIG module
#
# @example
# $ reporting._gen_stig_id src/stigs/Solaris/11/V0216246.sh
# V0216246
#
# @stdout string
################################################
reporting._gen_stig_id()
{
basename ${1} | sed "s|.sh||g"
}
################################################
# @description Generate STIG title
#
# @args $1 String Path to STIG module
#
# @example
# $ reporting._gen_stig_title src/stigs/Solaris/11/V0216246.sh
# Lorem ipsum dolor.
#
# @stdout string
################################################
reporting._gen_stig_title()
{
awk '$0 ~ /^\# Title: /' ${1} |
sed "s|\# Title: ||g"
}
################################################
# @description Generate STIG description
#
# @args $1 String Path to STIG module
#
# @example
# $ reporting._gen_stig_description src/stigs/Solaris/11/V0216246.sh
# Lorem ipsum dolor.
#
# @stdout string
################################################
reporting._gen_stig_description()
{
awk '$0 ~ /^\# Description: /' ${1} |
sed "s|\# Description: ||g"
}
################################################
# @description Generate STIG meta data
#
# @args $1 String Path to STIG module
#
# @example
# $ reporting._gen_stig_meta src/stigs/Solaris/11/V0216246.sh
# {"date":"26-Jul-2023","rule_id":"SOL-11.1-010040","version":"SV-216246r603267_rule","severity":"CAT-II","classification":"UNCLASSIFIED","legacy_id":"V0047781","CCID":"CCI-001487","remediation":"true","outage_required":"false","stability":"stable"}
#
# @stdout string
################################################
reporting._gen_stig_meta()
{
local file date rule_id version severity classification legacy_id CCID \
remediation_available outage_required stabilty blob
file=${1}
blob="$(sed -n '/^\# Date:/,/^\# Stability:/p' ${file} |
sed "s|\"||g")"
date="$(echo "${blob}" |
awk '$0 ~ /^\# Date: /' |
sed "s|\# Date: ||g")"
rule_id="$(echo "${blob}" |
awk '$0 ~ /^\# Rule_ID: /' |
sed "s|\# Rule_ID: ||g")"
version="$(echo "${blob}" |
awk '$0 ~ /^\# STIG_Version: /' |
sed "s|\# STIG_Version: ||g")"
severity="$(echo "${blob}" |
awk '$0 ~ /^\# Severity: /' |
sed "s|\# Severity: ||g")"
classification="$(echo "${blob}" |
awk '$0 ~ /^\# Classification: /' |
sed "s|\# Classification: ||g")"
legacy_id="$(echo "${blob}" |
awk '$0 ~ /^\# Legacy_STIG_ID: /' |
sed "s|\# Legacy_STIG_ID: ||g")"
CCID="$(echo "${blob}" |
awk '$0 ~ /^\# CCI_IDS: /' |
sed "s|\# CCI_IDS: ||g")"
remediation="$(echo "${blob}" |
awk '$0 ~ /^\# Remediation_Available: /' |
sed "s|\# Remediation_Available: ||g")"
outage_required="$(echo "${blob}" |
awk '$0 ~ /^\# Outage_Required: /' |
sed "s|\# Outage_Required: ||g")"
stability="$(echo "${blob}" |
awk '$0 ~ /^\# Stability: /' |
sed "s|\# Stability: ||g")"
json @date @rule_id @version @severity @classification @legacy_id:?? \
@CCID:?? @remediation @outage_required @stability
}
################################################
# @description Generates object of inspected data; errors, warnings etc.
#
# @args $@ Array Data used to create an array of objects
#
# @example
# $ reporting._gen_stig_object errors Elem:1,Item:2,Key:3,Value:4 Elem:one,Item:two,Key:three,Value:four
# [{"Elem":"1","Item":"2","Key":"3","Value":"4"},{"Elem":"one","Item":"2","Key":"three","Value":"four"}]
#
# @stdout string
################################################
reporting._gen_stig_objects()
{
local type
local -a args obj
args=(${@})
type="${args[0]}"
objs=(${args[@]:1})
for obj in ${objs[@]}; do
obj=${obj//:/=}
out=${type} json ...:string{}@obj
done
json @${type}:raw[]
}
################################################
# @description Generate a per STIG module JSON object
#
# @args $0 Boolean True/False value associated with module passing or not
# @args $1 Integer STIG module start time
# @args $2 Integer STIG module stop time
# @args $3 String CSV of key/value items that are errors
# @args $4 String CSV of key/value items that were inspected (optional)
# @args $5 String CSV of key/value items that were warnings (optional)
#
# @example
# $ reporting.gen_stig 0 1721456521 1721456534 \
# src/stigs/Solaris/11/V0216246.sh \
# item:1,item:2,item:3 \
# foo:one,bar:baz \
# key:val,test:result
#
#
# @stdout string
################################################
reporting.gen_stig()
{
local -a args errors inspected warnings
local id title description meta err insp warn summary metrics result start stop file
args=(${@})
result=${args[0]}
start=${args[1]}
stop=${args[2]}
file="${args[3]}"
errors=( ${args[4]//,/ } )
inspected=( ${args[5]//,/ } )
warnings=( ${args[6]//,/ } )
id="$(reporting._gen_stig_id ${file})"
title="$(reporting._gen_stig_title ${file})"
description="$(reporting._gen_stig_description ${file})"
out=meta reporting._gen_stig_meta ${file}
out=err reporting._gen_stig_objects errors ${errors[@]}
out=insp reporting._gen_stig_objects inspected ${inspected[@]}
out=warn reporting._gen_stig_objects warnings ${warnings[@]}
out=metrics reporting._gen_metrics ${start} ${stop}
out=summary reporting._gen_stig_summary ${#errors[@]} ${#inspected[@]}
json @id @title @description @meta:raw @errors:raw[]?? @inspected:raw[]?? @warnings:raw[]?? @summary:raw @metrics:raw
}
Metadata
Metadata
Assignees
Labels
No labels