Skip to content

Commit

Permalink
working aws audit and prowler json logging
Browse files Browse the repository at this point in the history
  • Loading branch information
josehelps committed Jul 16, 2019
1 parent 9e45298 commit a0b8ff8
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 13 deletions.
16 changes: 10 additions & 6 deletions cs.py
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
#! /usr/bin/env python
#!/usr/bin/env python
from __future__ import print_function
from getpass import getpass
import argparse
from modules import logger
import rm

def main():
""" main function """
Expand All @@ -14,15 +15,20 @@ def main():
parser.add_argument('-env', '--environment', help='The cloud on which the test-suite is to be run', choices=['aws', 'gcp', 'azure'], required=True)
parser.add_argument('-pId', '--project_name', help='Project Name for which GCP Audit needs to be run')
parser.add_argument('-o', '--output', required=False, default="cs-audit.log", help='writes a log in JSON of an audit, ideal for consumptions into SIEMS like ELK and Splunk. Defaults to cs-audit.log')
parser.add_argument("-w", "--wipe", required=False, default=True, action='store_true',
help="rm -rf reports/ folder before executing an audit")

args = parser.parse_args()

# set up logging
log = logger.setup_logging(args.output, "INFO")

#test = {"test": 1, "field": "foru"}
#log.info("starting cloud security suite", extra=test)
log.info("starting cloud security suite v1.0")

if args.wipe:
log.info("wiping reports/ folder before running")
rm.rm("reports/")

log.info("starting cloud security suite")

if args.password:
password = getpass()
Expand All @@ -39,8 +45,6 @@ def main():
log.info("completed gcp audit")
exit(0)



elif args.environment == 'aws':
from modules import awsaudit
from modules import merger
Expand Down
1 change: 0 additions & 1 deletion modules/awsaudit.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@
import boto3



def get_account_alias():
account_details = subprocess.check_output(['aws iam list-account-aliases'], shell=True)
account_details = json.loads(str(account_details))
Expand Down
2 changes: 1 addition & 1 deletion modules/logger.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,5 +33,5 @@ def setup_logging(LOG_PATH,LOG_LEVEL):
return logger

def get():
logger = logging.getLogger('autotunely')
logger = logging.getLogger('cs-audit')
return logger
7 changes: 3 additions & 4 deletions modules/merger.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
import awsaudit
from modules import logger

log = logger.setup_logging("cs-audit.log", "INFO")
log = logger.get()

account_name = awsaudit.account_name
timestmp = awsaudit.timestmp
Expand Down Expand Up @@ -110,8 +110,6 @@ def json_to_final_json():
with open('reports/AWS/aws_audit/%s/%s/delta/final_json' % (account_name, timestmp), 'w') as f:
f.write(json.dumps(script_json))

log.info("aws final report", extra=script_json)


for i in script_json['report']:
if i['check'] in ['CDN_AUDIT', 'CERT_AUDIT', 'DNS_AUDIT', 'ELB_AUDIT']:
Expand Down Expand Up @@ -142,8 +140,9 @@ def json_to_html_prowler():
f.write(line)
with open('./tools/prowler/final_json', 'r') as json_data:
final = json.load(json_data)
log.info("aws prowler report", extra=final)

for i in final['report']:
log.info("aws prowler report", extra=i)
f.write('<div class="col-xs-6 col-sm-3 col-md-3 item">\n')
f.write('<div class="thumbnail">\n')
f.write('<div class="caption">\n')
Expand Down
8 changes: 7 additions & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ botocore==1.6.2
certifi==2017.7.27.1
chardet==3.0.4
colorama==0.3.7
DateTime==4.3
docutils==0.14
futures==3.1.1
google-api-python-client==1.6.1
Expand All @@ -13,21 +14,26 @@ idna==2.6
IPy==0.83
Jinja2==2.9.5
jmespath==0.9.3
JSON-log-formatter==0.2.0
logger==1.4
MarkupSafe==1.1.1
netaddr==0.7.19
oauth2client==4.1.3
opinel==3.3.4
public==2019.4.13
pyasn1==0.4.5
pyasn1-modules==0.2.5
python-dateutil==2.6.1
python-json-logger==0.1.11
pytz==2019.1
PyYAML==3.12
requests==2.18.4
rm==2019.4.13
rsa==3.4.2
s3transfer==0.1.10
six==1.12.0
termcolor==1.1.0
tinydb==3.2.2
uritemplate==3.0.0
urllib3==1.22
values==2019.4.13
zope.interface==4.6.0

0 comments on commit a0b8ff8

Please sign in to comment.