File Coverage

blib/lib/Armadito/Agent/Antivirus/Eset/Task/Scan.pm

Criterion	Covered	Total	%
statement	18	52	34.6
branch			n/a
condition			n/a
subroutine	6	8	75.0
pod	1	1	100.0
total	25	61	40.9

line	stmt	sub	pod	time	code
1					package Armadito::Agent::Antivirus::Eset::Task::Scan;
2
3	1	1		12344726	use strict;
	1			12
	1			66
4	1	1		12	use warnings;
	1			3
	1			86
5	1	1		11	use base 'Armadito::Agent::Task::Scan';
	1			45
	1			664
6	1	1		8	use IPC::System::Simple qw(capture);
	1			2
	1			65
7	1	1		616	use Armadito::Agent::Patterns::Matcher;
	1			4
	1			15
8	1	1		609	use Armadito::Agent::Task::Alerts;
	1			3
	1			9
9
10					#name="/home/malwares/contagio-malware/jar/MALWARE_JAR_200_files/Mal_Java_64FD14CEF0026D4240A4550E6A6F9E83.jar Â» ZIP Â» a/kors.class", threat="a variant of Java/Exploit.Agent.OKJ trojan", action="action selection postponed until scan completion", info=""
11
12					# Scan completed at: mer. 23 nov. 2016 15:05:32 CET
13					# Scan time: 9 sec (0:00:09)
14					# Total: files - 232, objects 1699
15					# Infected: files - 188, objects 886
16					# Cleaned: files - 0, objects 0
17
18					sub _parseScanOutput {
19	0	0			my ( $self, $output ) = @_;
20
21	0				my $parser = Armadito::Agent::Patterns::Matcher->new( logger => $self->{logger} );
22	0				$parser->addPattern( 'end_time', '^Scan completed at: (.*)' );
23	0				$parser->addPattern( 'duration', '^Scan time:.+?$(.*?)$' );
24	0				$parser->addPattern( 'scanned_count', '^Total:\s+files - (\d+)' );
25	0				$parser->addPattern( 'malware_count', '^Infected:\s+files - (\d+)' );
26	0				$parser->addPattern( 'cleaned_count', '^Cleaned:\s+files - (\d+)' );
27
28	0				my $labels = [ 'filepath', 'name', 'action', 'info' ];
29	0				my $pattern = '^name="(.?)", threat="(.?)", action="(.?)", info="(.?)"';
30	0				$parser->addExclusionPattern(', threat="is OK",');
31	0				$parser->addExclusionPattern(', threat="",');
32	0				$parser->addExclusionPattern(', threat="multiple threats",');
33	0				$parser->addPattern( 'alerts', $pattern, $labels );
34
35	0				$parser->run( $output, '\n' );
36
37	0				return $parser->getResults();
38					}
39
40					sub run {
41	0	0	1		my ( $self, %params ) = @_;
42
43	0				$self = $self->SUPER::run(%params);
44
45	0				my $bin_path = $self->{agent}->{antivirus}->{scancli_path};
46	0				my $scan_path = $self->{job}->{obj}->{scan_path};
47	0				my $scan_options = $self->{job}->{obj}->{scan_options};
48
49	0				my $output = capture( [ 0, 1, 10, 50 ], $bin_path . " " . $scan_options . " " . $scan_path );
50	0				$self->{logger}->debug2($output);
51
52	0				my $results = $self->_parseScanOutput($output);
53	0				$results->{start_time} = "";
54	0				$results->{suspicious_count} = 0;
55	0				$results->{progress} = 100;
56	0				$results->{job_id} = $self->{job}->{job_id};
57	0				$results->{duration}[0] = "0" . $results->{duration}[0];
58
59	0				my $alert_task = Armadito::Agent::Task::Alerts->new( agent => $self->{agent} );
60	0				my $alert_jobj = { "alerts" => $results->{alerts} };
61
62	0				delete( $results->{alerts} );
63	0				$self->sendScanResults($results);
64	0				$alert_task->run();
65	0				$alert_task->_sendAlerts($alert_jobj);
66					}
67
68					1;
69
70					__END__
71
72					=head1 NAME
73
74					Armadito::Agent::Antivirus::Eset::Task::Scan - Scan Task for ESET Antivirus.
75
76					=head1 DESCRIPTION
77
78					This task inherits from L<Armadito::Agent::Task:Scan>. Launch an Antivirus on-demand scan and then send a brief report in a json formatted POST request to Armadito plugin for GLPI.
79
80					=head1 FUNCTIONS
81
82					=head2 run ( $self, %params )
83
84					Run the task.
85
86					=head2 new ( $self, %params )
87
88					Instanciate Task.
89