Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-18 06:28:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 46
fleet/server/fleet/software.go
Juan Fernandez 53e112d264
Feature 7494: Use the MSRC security bulletin artifacts for detecting Win OS vulnerabilities (#7889) 
Use the MSRC security bulletin artifacts for detecting Win OS vulnerabilities
2022-10-28 11:12:21 -04:00

97 lines
3.4 KiB
Go
Raw Blame History

package fleet
import (
"time"
)
// Must be kept in sync with the vendor column definition.
const SoftwareVendorMaxLength = 114
const SoftwareVendorMaxLengthFmt = "%.111s..."
type Vulnerabilities []CVE
// Software is a named and versioned piece of software installed on a device.
type Software struct {
ID uint `json:"id" db:"id"`
// Name is the reported name.
Name string `json:"name" db:"name"`
// Version is reported version.
Version string `json:"version" db:"version"`
// BundleIdentifier is the CFBundleIdentifier label from the info properties
BundleIdentifier string `json:"bundle_identifier,omitempty" db:"bundle_identifier"`
// Source is the source of the data (osquery table name).
Source string `json:"source" db:"source"`
// Release is the version of the OS this software was released on
// (e.g. "30.el7" for a CentOS package).
Release string `json:"release,omitempty" db:"release"`
// Vendor is the supplier of the software (e.g. "CentOS").
Vendor string `json:"vendor,omitempty" db:"vendor"`
// TODO: Remove this as part of the clean up of https://github.com/fleetdm/fleet/pull/7297
// DO NOT USE THIS, use 'Vendor' instead. We had to 'recreate' the vendor column because we
// needed to make it wider - the old column was left and renamed to 'vendor_old'
VendorOld string `json:"-" db:"vendor_old"`
// Arch is the architecture of the software (e.g. "x86_64").
Arch string `json:"arch,omitempty" db:"arch"`
// GenerateCPE is the CPE23 string that corresponds to the current software
GenerateCPE string `json:"generated_cpe" db:"generated_cpe"`
// Vulnerabilities lists all the found CVEs for the CPE
Vulnerabilities Vulnerabilities `json:"vulnerabilities"`
// HostsCount indicates the number of hosts with that software, filled only
// if explicitly requested.
HostsCount int `json:"hosts_count,omitempty" db:"hosts_count"`
// CountsUpdatedAt is the timestamp when the hosts count was last updated
// for that software, filled only if hosts count is requested.
CountsUpdatedAt time.Time `json:"-" db:"counts_updated_at"`
// LastOpenedAt is the timestamp when that software was last opened on the
// corresponding host. Only filled when the software list is requested for
// a specific host (host_id is provided).
LastOpenedAt *time.Time `json:"last_opened_at,omitempty" db:"last_opened_at"`
}
func (Software) AuthzType() string {
return "software"
}
// AuthzSoftwareInventory is used for access controls on software inventory.
type AuthzSoftwareInventory struct {
// TeamID is the ID of the team. A value of nil means global scope.
TeamID *uint `json:"team_id"`
}
// AuthzType implements authz.AuthzTyper.
func (s *AuthzSoftwareInventory) AuthzType() string {
return "software_inventory"
}
// HostSoftware is the set of software installed on a specific host
type HostSoftware struct {
// Software is the software information.
Software []Software `json:"software,omitempty" csv:"-"`
}
type SoftwareIterator interface {
Next() bool
Value() (*Software, error)
Err() error
Close() error
}
type SoftwareListOptions struct {
ListOptions
// HostID filters software to the specified host if not nil.
HostID *uint
TeamID *uint `query:"team_id,optional"`
VulnerableOnly bool `query:"vulnerable,optional"`
IncludeCVEScores bool
// WithHostCounts indicates that the list of software should include the
// counts of hosts per software, and include only those software that have
// a count of hosts > 0.
WithHostCounts bool
}
Reference in a new issue View git blame Copy permalink