From 6f6e2a7b690b47089d7b05833d1edce2017828d5 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Thu, 28 Sep 2023 12:06:20 +0200 Subject: [PATCH] Change: Improve application-detection requests, The application-detection script now requests details for each report individually with minimum results, which is usually faster for gathering the host data and ensures all hosts are included. Also, only hosts where a matching app was found are output. --- scripts/application-detection.gmp.py | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/scripts/application-detection.gmp.py b/scripts/application-detection.gmp.py index 563d405c..1035d58f 100644 --- a/scripts/application-detection.gmp.py +++ b/scripts/application-detection.gmp.py @@ -39,7 +39,18 @@ def check_args(args): def print_assets(gmp, appname): - res = gmp.get_reports(details=True) + res = gmp.get_reports(details=False) + + reports = res.xpath("/get_reports_response/report") + for report in reports: + report_id = report.attrib["id"] + print_assets_for_host(gmp, appname, report_id) + + +def print_assets_for_host(gmp, appname, report_id): + res = gmp.get_report( + report_id, details=True, filter_string="rows=1 result_hosts_only=0" + ) hosts = res.xpath("/get_reports_response/report/report/host") @@ -56,11 +67,14 @@ def print_assets(gmp, appname): else: hostname = hostname[0] - print(f"{ip} ({hostname})") apps = host.xpath( 'detail/name[text() = "App"]/../value[' f'contains(text(), "{appname}")]/text()' ) + if len(apps) == 0: + continue + + print(f"{ip} ({hostname})") for app in apps: print("\t" + app) print("\n")