Added preprocess script and enhanced Wazuh parser

1. Introduced wazuh-vulns-extractor.py to preprocess and improve Wazuh reporting.\n2. Modified the Wazuh parser to support endpoint creation based on agent_ip, enabling multi-agent support and better vulnerability-to-host correlation.
DefectDojo · Sep 28, 2023 · 45d81af · 45d81af
1 parent e387452
commit 45d81af
Showing 1 changed file with 3 additions and 6 deletions.
diff --git a/dojo/tools/wazuh/parser.py b/dojo/tools/wazuh/parser.py
@@ -4,12 +4,12 @@
 
 class WazuhParser(object):
     """
-    IMPORTANT: Please use the 'wazuh-vulns-extractor.py' script to generate 
+    IMPORTANT: Please use the 'wazuh-vulns-extractor.py' script to generate
     the report for DefectDojo. This script enhances the reporting by:
     1. Handling multiple agents, thus allowing consolidated reporting.
     2. Introducing the 'agent_ip' field, which DefectDojo uses to create distinct endpoints.
     3. Correlating individual vulnerabilities with their respective vulnerable host.
-    All these improvements are combined into a single, comprehensive report for streamlined 
+    All these improvements are combined into a single, comprehensive report for streamlined
     integration with DefectDojo.
 
     The vulnerabilities with condition "Package unfixed" are skipped because there is no fix out yet.
@@ -55,10 +55,7 @@ def get_findings(self, file, test):
                     else:
                         references = None
 
-                    title = (
-                        item.get("title") +
-                        " (version: " + package_version + ")"
-                    )
+                    title = item.get("title") + " (version: " + package_version + ")"
                     dupe_key = title
 
                     if dupe_key in dupes: