From 90fa348911cebc9e1b9d911ef3713f5204d0cce9 Mon Sep 17 00:00:00 2001 From: Timo Pollmeier Date: Thu, 28 Sep 2023 12:06:20 +0200 Subject: [PATCH] Change: Improve application-detection requests, The application-detection script now requests details for each report individually with minimum results, which is usually faster for gathering the host data and ensures all hosts are included. Also, only hosts where a matching app was found are output. --- scripts/application-detection.gmp.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/scripts/application-detection.gmp.py b/scripts/application-detection.gmp.py index 563d405c..90839d78 100644 --- a/scripts/application-detection.gmp.py +++ b/scripts/application-detection.gmp.py @@ -39,7 +39,17 @@ def check_args(args): def print_assets(gmp, appname): - res = gmp.get_reports(details=True) + res = gmp.get_reports(details=False) + + reports = res.xpath("/get_reports_response/report") + for report in reports: + report_id = report.attrib["id"] + print_assets_for_host(gmp, appname, report_id) + + +def print_assets_for_host(gmp, appname, report_id): + res = gmp.get_report(report_id, details=True, + filter_string="rows=1 result_hosts_only=0") hosts = res.xpath("/get_reports_response/report/report/host") @@ -56,11 +66,14 @@ def print_assets(gmp, appname): else: hostname = hostname[0] - print(f"{ip} ({hostname})") apps = host.xpath( 'detail/name[text() = "App"]/../value[' f'contains(text(), "{appname}")]/text()' ) + if len(apps) == 0: + continue + + print(f"{ip} ({hostname})") for app in apps: print("\t" + app) print("\n")