KDI Importer issue

[igaralf]

I'm trying to run the KDI generic transformed script.

My csv has the following fields: artifact,date,fixedVersion,installedVersion,Vuln Description,resource,CVSS,severity,CVE,Vuln Name

I have edited default_meta as follows	Kenna Item - DON'T EDIT THESE VALUES	Associated Source File Column	Required	Description	Object Type
date_format	%d/%m/%Y	yes if dates in data	Script Only - used to format dates google ruby strftime for more info on format syntax
locator	hostname	no	Script only - field used to deduplication prior to upload - should match kenna locator syntax	Asset
file		one value per Asset is required	column name in CSV pointing to (string) path of affected file	Asset
ip_address	IP Address	one value per Asset is required	column name in CSV pointing to (string) IP of internal facing asset	Asset
mac_address		one value per Asset is required	column name in CSV pointing to (mac format-regex) MAC address asset	Asset
hostname	artifact	one value per Asset is required	column name in CSV pointing to (string) host name/domain name of affected asset	Asset
ec2		one value per Asset is required	column name in CSV pointing to (string) Amazon EC2 instance id or name	Asset
netbios		one value per Asset is required	column name in CSV pointing to(string) netbios name	Asset
url		one value per Asset is required	column name in CSV pointing to (string) URL pointing to asset	Asset
fqdn		one value per Asset is required	column name in CSV pointing to (string) fqdn of asset	Asset
external_id		one value per Asset is required	column name in CSV pointing to (string) ExtID of asset	Asset
database		one value per Asset is required	column name in CSV pointing to (string) Name of db	Asset
application	artifact	yes	column name in CSV pointing to (string) ID/app Name - label assigned to asset	Asset
tags	"Product Line,Product Business Unit,Product Division,Finder Type"	no	(string) comma separated list of columns with strings that correspond to tags on an asset - no spaces	Asset Meta
tag_prefix	"AppID:,Prod_BU:,Prod_Div:,Find_type:"	no	comma separated list of prefixes which corresponds to list in tag. Number and order of elements should match tags exactly.
owner		no	column name in CSV pointing to (string) Some string that identifies an owner of an asset	Asset Meta
os		no	column name in CSV pointing to (string) Operating system of asset	Asset Meta
os_version		no	column name in CSV pointing to (string) OS version	Asset Meta
priority		no	column name in CSV pointing to (Integer) Priority of asset (int 1 to 10).Adjusts asset score. nil for default to 10	Asset Meta
scanner_source	static	yes	declares scanner_type data as static (listed in this file) or column (pulled from the csv source file)
scanner_type	Pen Test	yes	(string) - official name of scan type - should be the same across files where appropriate can be static or pulled from column as directed in scanner_source	Vulnerability & Vuln Def
scanner_id	Issue ID	no	column name in CSV pointing to (string) - Vuln ID as defined by the scanner	Vulnerability & Vuln Def
details		no	column name in CSV pointing to (string) - Details about vuln specific to single host	Vulnerability
created		no	column name in CSV pointing to (string) - Date vuln created	Vulnerability
scanner_score	CVSS	no	column name in CSV pointing to (Integer) - scanner score used for scoring appsec vulns - informational for network vulns - translate to int 1-10 using score_map if needed	Vulnerability
score_map	"{""High"":""8"",""Critical"":""10"",""Medium"":""6"",""Low"":""3""}"	no	hash of translation scanner score values to kenna range of 1-10 if needed based on column in scanner_score
last_fixed		no	column name in CSV pointing to (string) - Last fixed date	Vulnerability
last_seen		no	column name in CSV pointing to (string) Date it was closed	Vulnerability
status	Current Status	no	"column name in CSV pointing to (string) default to ""open"" if inbound reports will only include open vulns"	Vulnerability
status_map	"{ ""Impact Statement Pending"" : ""open"", ""Closed"" : ""closed"", ""New"" : ""open"", ""Remediation Plan Pending"" : ""open"", ""Remedy in Progress"" : ""open""}"	no	Script Only - hash of translation... scanner status to Kenna status mappings if needed
closed		required if status is closed	column name in CSV pointing to (string) Date it was closed	Vulnerability
port	Port	no	column name in CSV pointing to (Integer) Port if associated with vuln	Vulnerability
cve_id	CVE	yes	column name in CSV pointing to (string) CVEs - note that this can be a comma-delimited list format CVE-000-0000	Vuln Def
wasc_id		no	column name in CSV pointing to (string) WASC - note that this can be a comma-delimited list - format WASC-00	Vuln Def
cwe_id		no	column name in CSV pointing to (string) CWE - note that this can be a comma-delimited list - format CWE-000	Vuln Def
name	Vuln Name	yes	"column name in CSV pointing to (string) Name/title of Vuln will be displayed as vuln name if no cve	cwe or wasc"	Vuln Def
description	Vuln Description	yes	column name in CSV pointing to (string) Description	Vuln Def
solution	Vuln Recommendation	no	column name in CSV pointing to (string) Solution	Vuln Def

However, on execution fails:

[~]$ ruby csv_KDI_json.rb vuln_parsed.csv has_header? default_meta.csv skip_autoclose? output.json assets_only? domain_suffix? Traceback (most recent call last): 3: from csv_KDI_json.rb:223:in '<main>' 2: from /usr/share/ruby/csv.rb:1319:in 'parse' 1: from /usr/share/ruby/csv.rb:1764:in 'each' csv_KDI_json.rb:231:in 'block in <main>': no implicit conversion of String into Integer (TypeError)

[rick-kenna]

I hope you solved this issue on your own, but it looks like some piece of data in your CSV file is a string when it should be an integer.