| line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
|
1
|
|
|
|
|
|
|
package XML::IODEF::Simple; |
|
2
|
|
|
|
|
|
|
|
|
3
|
1
|
|
|
1
|
|
43050
|
use 5.008008; |
|
|
1
|
|
|
|
|
4
|
|
|
|
1
|
|
|
|
|
30
|
|
|
4
|
1
|
|
|
1
|
|
5
|
use strict; |
|
|
1
|
|
|
|
|
1
|
|
|
|
1
|
|
|
|
|
29
|
|
|
5
|
1
|
|
|
1
|
|
4
|
use warnings; |
|
|
1
|
|
|
|
|
5
|
|
|
|
1
|
|
|
|
|
56
|
|
|
6
|
|
|
|
|
|
|
|
|
7
|
|
|
|
|
|
|
our $VERSION = '0.02'; |
|
8
|
|
|
|
|
|
|
$VERSION = eval $VERSION; # see L |
|
9
|
|
|
|
|
|
|
|
|
10
|
|
|
|
|
|
|
require XML::IODEF; |
|
11
|
1
|
|
|
1
|
|
894
|
use Module::Pluggable require => 1; |
|
|
1
|
|
|
|
|
11815
|
|
|
|
1
|
|
|
|
|
7
|
|
|
12
|
|
|
|
|
|
|
|
|
13
|
|
|
|
|
|
|
# Preloaded methods go here. |
|
14
|
|
|
|
|
|
|
|
|
15
|
|
|
|
|
|
|
sub new { |
|
16
|
0
|
|
|
0
|
|
|
my ($class,$info) = @_; |
|
17
|
|
|
|
|
|
|
|
|
18
|
0
|
|
0
|
|
|
|
my $description = lc($info->{'description'}) || 'unknown'; |
|
19
|
0
|
|
|
|
|
|
my $confidence = $info->{'confidence'}; |
|
20
|
0
|
|
|
|
|
|
my $severity = $info->{'severity'}; |
|
21
|
0
|
|
0
|
|
|
|
my $source = $info->{'source'} || 'localhost'; |
|
22
|
0
|
|
|
|
|
|
my $relatedid = $info->{'relatedid'}; |
|
23
|
0
|
|
|
|
|
|
my $alternativeid = $info->{'alternativeid'}; |
|
24
|
0
|
|
0
|
|
|
|
my $alternativeid_restriction = $info->{'alternativeid_restriction'} || 'private'; |
|
25
|
0
|
|
0
|
|
|
|
my $purpose = $info->{'purpose'} || 'mitigation'; |
|
26
|
0
|
|
|
|
|
|
my $reporttime = $info->{'reporttime'}; |
|
27
|
0
|
|
0
|
|
|
|
my $lang = $info->{'lang'} || $info->{'language'} || 'EN'; |
|
28
|
|
|
|
|
|
|
|
|
29
|
0
|
|
|
|
|
|
my $dt = $info->{'detecttime'}; |
|
30
|
|
|
|
|
|
|
# default it to the hour |
|
31
|
0
|
0
|
|
|
|
|
unless($dt){ |
|
32
|
0
|
|
|
|
|
|
require DateTime; |
|
33
|
0
|
|
|
|
|
|
$dt = DateTime->from_epoch(epoch => time()); |
|
34
|
0
|
|
|
|
|
|
$dt = $dt->ymd().'T'.$dt->hour().':00:00Z'; |
|
35
|
|
|
|
|
|
|
} |
|
36
|
0
|
0
|
|
|
|
|
if($dt =~ /^(\d{4})(\d{2})(\d{2})$/){ |
|
37
|
0
|
|
|
|
|
|
$dt = $1.'-'.$2.'-'.$3.'T00:00:00Z'; |
|
38
|
|
|
|
|
|
|
} |
|
39
|
0
|
|
|
|
|
|
$info->{'detecttime'} = $dt; |
|
40
|
|
|
|
|
|
|
|
|
41
|
0
|
0
|
|
|
|
|
unless($reporttime){ |
|
42
|
0
|
|
|
|
|
|
require DateTime; |
|
43
|
0
|
|
|
|
|
|
$reporttime = DateTime->from_epoch(epoch => time()); |
|
44
|
0
|
|
|
|
|
|
$reporttime = $reporttime->ymd().'T00:00:00Z'; |
|
45
|
|
|
|
|
|
|
} |
|
46
|
0
|
0
|
|
|
|
|
if($reporttime =~ /^(\d{4})(\d{2})(\d{2})$/){ |
|
47
|
0
|
|
|
|
|
|
$reporttime = $1.'-'.$2.'-'.$3.'T00:00:00Z'; |
|
48
|
|
|
|
|
|
|
} |
|
49
|
|
|
|
|
|
|
|
|
50
|
0
|
|
|
|
|
|
my $iodef = XML::IODEF->new(); |
|
51
|
0
|
|
|
|
|
|
$iodef->add('Incidentlang',$lang); |
|
52
|
0
|
|
|
|
|
|
$iodef->add('Incidentpurpose',$purpose); |
|
53
|
0
|
|
|
|
|
|
foreach($class->plugins()){ |
|
54
|
0
|
0
|
|
|
|
|
if($_->prepare($info)){ |
|
55
|
0
|
|
|
|
|
|
$iodef = $_->convert($info,$iodef); |
|
56
|
|
|
|
|
|
|
} |
|
57
|
|
|
|
|
|
|
} |
|
58
|
|
|
|
|
|
|
|
|
59
|
0
|
0
|
|
|
|
|
if($info->{'IncidentID'}){ |
|
60
|
0
|
|
|
|
|
|
my $xid = $info->{'IncidentID'}; |
|
61
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentIncidentIDrestriction',$xid->{'restriction'}) if($xid->{'restriction'}); |
|
62
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentIncidentIDname',$xid->{'name'}) if($xid->{'name'}); |
|
63
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentIncidentIDinstance',$xid->{'instance'}) if($xid->{'instance'}); |
|
64
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentIncidentID',$xid->{'content'}) if($xid->{'content'}); |
|
65
|
|
|
|
|
|
|
} else { |
|
66
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentIncidentIDname',$source) if($source); |
|
67
|
|
|
|
|
|
|
} |
|
68
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentReportTime',$reporttime) if($reporttime); |
|
69
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentDetectTime',$dt) if($dt); |
|
70
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentRelatedActivityIncidentID',$relatedid) if($relatedid); |
|
71
|
0
|
0
|
|
|
|
|
if($alternativeid){ |
|
72
|
0
|
|
|
|
|
|
$iodef->add('IncidentAlternativeIDIncidentID',$alternativeid); |
|
73
|
0
|
|
|
|
|
|
$iodef->add('IncidentAlternativeIDIncidentIDrestriction',$alternativeid_restriction); |
|
74
|
|
|
|
|
|
|
} |
|
75
|
0
|
|
0
|
|
|
|
$iodef->add('Incidentrestriction',$info->{'restriction'} || 'private'); |
|
76
|
0
|
0
|
|
|
|
|
$iodef->add('IncidentDescription',$description) if($description); |
|
77
|
0
|
0
|
|
|
|
|
if($confidence){ |
|
78
|
0
|
|
|
|
|
|
$iodef->add('IncidentAssessmentConfidencerating','numeric'); |
|
79
|
0
|
|
|
|
|
|
$iodef->add('IncidentAssessmentConfidence',$confidence); |
|
80
|
|
|
|
|
|
|
} |
|
81
|
0
|
|
|
|
|
|
my $impact = $info->{'impact'}; |
|
82
|
0
|
0
|
0
|
|
|
|
$iodef->add('IncidentAssessmentImpact',$impact) if($impact && !$iodef->get('IncidentAssessmentImpact')); |
|
83
|
|
|
|
|
|
|
|
|
84
|
0
|
0
|
0
|
|
|
|
if(!$iodef->get('IncidentAssessmentImpactseverity') && $severity && $severity =~ /(low|medium|high)/){ |
|
|
|
|
0
|
|
|
|
|
|
85
|
0
|
|
|
|
|
|
warn 'adding sev'; |
|
86
|
0
|
|
|
|
|
|
$iodef->add('IncidentAssessmentImpactseverity',$severity); |
|
87
|
|
|
|
|
|
|
} |
|
88
|
|
|
|
|
|
|
|
|
89
|
0
|
|
|
|
|
|
return $iodef; |
|
90
|
|
|
|
|
|
|
} |
|
91
|
|
|
|
|
|
|
|
|
92
|
|
|
|
|
|
|
|
|
93
|
|
|
|
|
|
|
1; |
|
94
|
|
|
|
|
|
|
__END__ |