qmontal
commented
4 years ago Hi @denisatanasov, currently looking at this as well on my end, as the exception that I added for allowing other scanners reporting if one failed is showing up other issues that where not visible before, but this appeared while trying to migrate to Python3 (2to3 branch), so it is bringing a bit of headaches.
gruselglatz
Describe the bug Hello guys, I implemented the VulnWhisperer solution including the Elastic Stack. Everything is working fine, however I cannot import the vulnerabilities to the JIRA Server and create an issues there, even that I am successfully connecting to the API. I already configured the frameworks_example.ini file and I am successfully gettering Nessus scans. The execution of vuln_whisperer -c /home/denis/VulnWhisperer-master/configs/frameworks_example.ini -s jira is not finishing successfully. Please check the debug below. My Scan file is normal .csv generated from Nessus Professional scanner. The same file is used for indexing and visualization to Kibana
Affected module Jira
VulnWhisperer debug trail frameworks.ini [nessus] enabled = true hostname = nessus.XXX.xx port = 443 access_key = secret_key = username = XXXX password = XXXXXXXX write_path = /opt/VulnWhisperer/data/nessus/ db_path = /opt/VulnWhisperer/data/database trash = false verbose = true
[jira] enabled = true hostname = MY_JIRA_SERVER port = 8443 username = XXXX password = XXXX write_path = /opt/VulnWhisperer/data/jira/ db_path = /opt/VulnWhisperer/data/database verbose = true
root@debian:/opt/VulnWhisperer/data/nessus# vuln_whisperer -c /home/denis/VulnWhisperer-master/configs/frameworks_example.ini -s jira -d INFO:root:main:Running vulnwhisperer for section jira DEBUG:vwConfig:get:Calling get for jira:enabled DEBUG:vwConfig:get:Calling get for jira:hostname DEBUG:vwConfig:get:Calling get for jira:username DEBUG:vwConfig:get:Calling get for jira:password DEBUG:vwConfig:get:Calling get for jira:write_path DEBUG:vwConfig:get:Calling get for jira:db_path DEBUG:vwConfig:getbool:Calling getbool for jira:verbose INFO:vulnWhispererBase:init:Connected to database at /opt/VulnWhisperer/data/database/report_tracker.db INFO:vulnWhispererJira:directory_check:Directory already exist for /opt/VulnWhisperer/data/jira/ - Skipping creation INFO:vulnWhispererJira:init:Attempting to connect to jira... DEBUG:vwConfig:get:Calling get for jira:write_path DEBUG:urllib3.connectionpool:_new_conn:Starting new HTTPS connection (1): MY_JIRA_SERVER:8443 DEBUG:urllib3.connectionpool:_make_request:https://MY_JIRA_SERVER:8443 "GET /rest/api/2/serverInfo HTTP/1.1" 200 None DEBUG:urllib3.connectionpool:_make_request:https://MY_JIRA_SERVER:8443 "GET /rest/api/2/field HTTP/1.1" 200 None INFO:JiraAPI:init:Created vjira service for https://MY_JIRA_SERVER:8443 INFO:JiraAPI:download_tickets:File /opt/VulnWhisperer/data/jira/jira_2020-03-09.json already exists, skipping ticket download INFO:JiraAPI:close_obsolete_tickets:Closing obsolete tickets older than 12 months DEBUG:urllib3.connectionpool:_make_request:https://MY_JIRA_SERVER:8443 "GET /rest/api/2/search?jql=labels%3Dvulnerability_management+AND+NOT+labels%3Dadvisory+AND+created+%3CstartOfMonth%28-12%29+and+resolution%3DUnresolved&validateQuery=True&startAt=0 HTTP/1.1" 200 None INFO:JiraAPI:decommission_cleanup:Deleting 'server_decommission' tag from tickets closed more than 3 months ago DEBUG:urllib3.connectionpool:_make_request:https://MY_JIRA_SERVER:8443 "GET /rest/api/2/search?jql=labels%3Dvulnerability_management+AND+labels%3Dserver_decommission+and+resolutiondate+%3C%3DstartOfMonth%28-3%29&validateQuery=True&startAt=0 HTTP/1.1" 200 None INFO:vulnWhispererJira:init:Connected to jira on MY_JIRA_SERVER:8443 DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX INFO:vulnWhisperer:whisper_vulnerabilities:No source/scan_name selected, all enabled scans will be synced DEBUG:vwConfig:get:Calling get for nessus:autoreport WARNING:vwConfig:get_sections_with_attribute:Section nessus has no option 'autoreport' DEBUG:vwConfig:get:Calling get for tenable:autoreport WARNING:vwConfig:get_sections_with_attribute:Section tenable has no option 'autoreport' DEBUG:vwConfig:get:Calling get for qualys_web:autoreport WARNING:vwConfig:get_sections_with_attribute:Section qualys_web has no option 'autoreport' DEBUG:vwConfig:get:Calling get for qualys_vuln:autoreport WARNING:vwConfig:get_sections_with_attribute:Section qualys_vuln has no option 'autoreport' DEBUG:vwConfig:get:Calling get for detectify:autoreport WARNING:vwConfig:get_sections_with_attribute:Section detectify has no option 'autoreport' DEBUG:vwConfig:get:Calling get for openvas:autoreport WARNING:vwConfig:get_sections_with_attribute:Section openvas has no option 'autoreport' DEBUG:vwConfig:get:Calling get for jira:autoreport WARNING:vwConfig:get_sections_with_attribute:Section jira has no option 'autoreport' DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:autoreport DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:source DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:scan_name INFO:vulnWhispererJira:jira_sync:Jira Sync triggered for source 'nessus' and scan 'XXX-SCAN-NAME-XXX' DEBUG:vwConfig:normalize_section:Normalized profile as: jira.nessus.XXX-SCAN-NAME-XXX DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:jira_project DEBUG:vwConfig:get:Calling get for jira.nessus.XXX-SCAN-NAME-XXX:source ERROR:vulnWhispererJira:sync_all:VulnWhisperer wasn't able to report the vulnerabilities from the 'nessus's source
System in which VulnWhisperer runs (please complete the following information):
**Additional context