From 5c4cb94babb11235ff02ead9ca0bca10f3492e72 Mon Sep 17 00:00:00 2001 From: Omer Levi Hevroni Date: Wed, 27 Mar 2019 14:11:06 +0200 Subject: [PATCH] fix zap JQ pattern --- docs/dynamic_task.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/dynamic_task.md b/docs/dynamic_task.md index 88e0e56..1f37ff1 100644 --- a/docs/dynamic_task.md +++ b/docs/dynamic_task.md @@ -54,9 +54,9 @@ curl --fail $PROXY_URL/OTHER/core/other/jsonreport/?formMethod=GET --output repo ``` Than, use [jq](https://stedolan.github.io/jq/) to flatten the report so Glue can parse it: ``` -jq '{ "@name" : .site."@name", +jq '{ "@name" : .site[0]."@name", "alerts": - [.site.alerts[] as $in + [.site[] | .alerts[] as $in | $in.instances[] as $h | $in | $h * $in @@ -65,10 +65,10 @@ jq '{ "@name" : .site."@name", "source": "URI: \($h.uri) Method: \($h.method)", "detail": "\($in.name) \n Evidence: \($h.evidence) \n Solution: \($in.solution) \n Other info: \($in.otherinfo) \n Reference: \($in.reference)", "severity": $in.riskdesc | split(" ") | .[0], - "fingerprint": "\($in.pluginid)_\($h.uri)_\($h.method)" + "fingerprint": "\($in.pluginid)_\($in.name)_\($h.uri)_\($h.method)" } ] -} ' report.json > output.json +}' report.json > output.json ``` Now use Glue to process the report: ``` @@ -78,4 +78,4 @@ You can modify the jq pattern to modify the fields in Glue's results. For exampl ## Adding a new tool First, create the mapping file. After you have a working mapping file, open a PR and add it under `/lib/glue/mappings/`. -Also add a test to `dynamic_spec`, see mobsf tests for reference. \ No newline at end of file +Also add a test to `dynamic_spec`, see mobsf tests for reference.