SteveMcGrath
commented
3 months ago Can you adjust the max workers parameter to "1" and rerun with the same parameters and let me know the traceback?
Closed kmplngj closed 3 months ago
SteveMcGrath
commented
3 months ago Can you adjust the max workers parameter to "1" and rerun with the same parameters and let me know the traceback?
kmplngj
commented
3 months ago
INFO INFO:Processor:Subtask d4a4cd86-ead2-3ec9-8b88-4813503a8f76 is not in the SQL cache and is not open. Skipping. processor.py:282
╭─────────────────────────────── Traceback (most recent call last) ────────────────────────────────╮
│ /usr/local/lib/python3.12/site-packages/tenb2jira/cli.py:144 in sync │
│ │
│ 141 │ │ │ │ │ │ jira_table(config) │
│ 142 │ │ │ │ │ │ ])) │
│ 143 │ console.print(field_definition_table(processor.jira)) │
│ ❱ 144 │ processor.sync(cleanup=cleanup) │
│ 145 │ if update: │
│ 146 │ │ with open(configfile, 'w', encoding='utf-8') as f: │
│ 147 │ │ │ tomlkit.dump(config, f) │
│ │
│ ╭─────────────────────────────────────────── locals ───────────────────────────────────────────╮ │
│ │ cleanup = True │ │
│ │ config = {'tenable': {'platform': 'tvm', 'access_key': │ │
│ │ 'xxx', │ │
│ │ 'secret_key': │ │
│ │ 'xxx', 'url': │ │
│ │ 'https://cloud.tenable.com', 'severities': ['critical'], 'vuln_age': 120, │ │
│ │ 'tsc_page_size': 1000, 'tvm_chunk_size': 1000, 'platforms': {'tvm': │ │
│ │ 'Tenable Vulnerability Management', 'tsc': 'Tenable Security Center'}}, │ │
│ │ 'mapping_database': {'path': 'mapping.db'}, 'jira': {'api_token': │ │
│ │ 'xxx │ │
│ │ 'api_username': 'xxx', 'url': │ │
│ │ 'https://xxx.atlassian.net', 'closed': 'Fertig', 'closed_map': │ │
│ │ ['Closed', 'Done', 'Resolved'], 'manage_screens': True, 'closed_message': │ │
│ │ 'Tenable identified the issue as resolved.', 'severity_map': {'critical': │ │
│ │ 1, 'high': 2, 'medium': 3, 'low': 4}, 'state_map': {'open': True, │ │
│ │ 'reopened': True, 'fixed': False}, 'max_workers': 1, 'closed_id': '21', │ │
│ │ 'project': {'key': 'VULN', 'lead_account_id': 'xxx', │ │
│ │ 'name': 'Vulnerability Management', 'description': 'Managing │ │
│ │ vulnerabilities discovered from Tenable.', 'assignee': 'UNASSIGNED', │ │
│ │ 'url': 'https://tenable.com', 'type_key': 'business', 'template_key': │ │
│ │ 'com.atlassian.jira-core-project-templates:jira-core-simplified-task-trac… │ │
│ │ 'task': {'id': 10012, 'name': 'Task', 'type': 'standard', 'search': │ │
│ │ {'tsc': ['Tenable Plugin ID'], 'tvm': ['Tenable Plugin ID']}, 'summary': │ │
│ │ {'tsc': '[{f[pluginID]}] {f[pluginName]}', 'tvm': '[{f[plugin.id]}] │ │
│ │ {f[plugin.name]}'}, 'description': {'tvm': [{'name': 'Description', │ │
│ │ 'attr': 'plugin.description'}, {'name': 'Solution', 'attr': 'solution'}], │ │
│ │ 'tsc': [{'name': 'Description', 'attr': 'description'}, {'name': │ │
│ │ 'Solution', 'attr': 'solution'}]}}, 'subtask': {'id': 10014, 'name': │ │
│ │ 'Sub-task', 'type': 'subtask', 'search': {'tvm': ['Tenable Platform', │ │
│ │ 'Tenable Plugin ID', 'Tenable Asset UUID', 'Vulnerability Port', │ │
│ │ 'Vulnerability Protocol'], 'tsc': ['Tenable Platform', 'Tenable Plugin │ │
│ │ ID', 'Tenable Asset UUID', 'Device IPv4 Addresses', 'Device IPv6 │ │
│ │ Addresses', 'Vulnerability Port', 'Vulnerability Protocol']}, 'summary': │ │
│ │ {'tvm': '[{f[asset.hostname]}/{f[port.port]}/{f[port.protocol]}] │ │
│ │ [{f[plugin.id]}] {f[plugin.name]}', 'tsc': │ │
│ │ '[{f[ip]}/{f[port]}/{f[protocol]}] [{f[pluginID]}] {f[pluginName]}'}, │ │
│ │ 'description': {'tvm': [{'name': 'Description', 'attr': │ │
│ │ 'plugin.description'}, {'name': 'Solution', 'attr': 'solution'}, {'name': │ │
│ │ 'Output', 'attr': 'output'}], 'tsc': [{'name': 'Description', 'attr': │ │
│ │ 'description'}, {'name': 'Solution', 'attr': 'solution'}, {'name': │ │
│ │ 'Output', 'attr': 'pluginOutput'}]}}, 'fields': [{'name': 'Tenable Asset │ │
│ │ UUID', 'screen_tab': 'Asset', 'type': 'labels', 'searcher': │ │
│ │ 'labelsearcher', 'task_types': ['subtask'], 'attr': {'tvm': 'asset.uuid', │ │
│ │ 'tsc': 'asset.uuid'}, 'id': 'customfield_10287'}, {'name': 'Tenable Asset │ │
│ │ Tags', 'screen_tab': 'Asset', 'type': 'labels', 'searcher': │ │
│ │ 'labelsearcher', 'task_types': ['subtask'], 'attr': {'tvm': 'asset.tags'}, │ │
│ │ 'id': 'customfield_10288'}, {'name': 'Tenable Platform', 'screen_tab': │ │
│ │ 'Asset', 'type': 'readonlyfield', 'searcher': 'textsearcher', │ │
│ │ 'platform_id': True, 'task_types': ['subtask'], 'id': │ │
│ │ 'customfield_10275'}, {'name': 'Device Hostname', 'screen_tab': 'Asset', │ │
│ │ 'type': 'labels', 'searcher': 'labelsearcher', 'task_types': ['subtask'], │ │
│ │ 'attr': {'tvm': 'asset.hostname', 'tsc': 'dnsName'}, 'id': │ │
│ │ 'customfield_10292'}, {'name': 'Device NetBIOS Name', 'screen_tab': │ │
│ │ 'Asset', 'type': 'readonlyfield', 'searcher': 'textsearcher', │ │
│ │ 'task_types': ['subtask'], 'attr': {'tsc': 'netbiosName'}, 'id': │ │
│ │ 'customfield_10293'}, {'name': 'Device DNS Name', 'screen_tab': 'Asset', │ │
│ │ 'type': 'readonlyfield', 'searcher': 'textsearcher', 'task_types': │ │
│ │ ['subtask'], 'attr': {'tvm': 'asset.fqdn', 'tsc': 'dnsName'}, 'id': │ │
│ │ 'customfield_10294'}, {'name': 'Device IPv4 Addresses', 'screen_tab': │ │
│ │ 'Asset', 'type': 'labels', 'searcher': 'labelsearcher', 'task_types': │ │
│ │ ['subtask'], 'attr': {'tvm': 'asset.ipv4', 'tsc': 'asset.ip'}, 'id': │ │
│ │ 'customfield_10290'}, {'name': 'Device IPv6 Addresses', 'screen_tab': │ │
│ │ 'Asset', 'type': 'labels', 'searcher': 'labelsearcher', 'task_types': │ │
│ │ ['subtask'], 'attr': {'tvm': 'asset.ipv6'}, 'id': 'customfield_10291'}, │ │
│ │ {'name': 'Device Network ID', 'screen_tab': 'Asset', 'type': │ │
│ │ 'readonlyfield', 'searcher': 'textsearcher', 'task_types': ['subtask'], │ │
│ │ 'attr': {'tvm': 'asset.network_id'}, 'id': 'customfield_10295'}, {'name': │ │
│ │ 'Vulnerability Repository ID', 'screen_tab': 'Asset', 'type': │ │
│ │ 'readonlyfield', 'searcher': 'textsearcher', 'task_types': ['subtask'], │ │
│ │ 'attr': {'tsc': 'repository.id'}, 'id': 'customfield_10302'}, {'name': │ │
│ │ 'Vulnerability Repository Name', 'screen_tab': 'Asset', 'type': │ │
│ │ 'readonlyfield', 'searcher': 'textsearcher', 'task_types': ['subtask'], │ │
│ │ 'attr': {'tsc': 'repository.name'}, 'id': 'customfield_10303'}, {'name': │ │
│ │ 'CVEs', 'screen_tab': 'Vulnerability', 'type': 'labels', 'searcher': │ │
│ │ 'labelsearcher', 'task_types': ['task'], 'attr': {'tvm': 'pluvin.cve', │ │
│ │ 'tsc': 'cve'}, 'id': 'customfield_10276'}, {'name': 'Tenable VPR Score', │ │
│ │ 'screen_tab': 'Vulnerability', 'type': 'float', 'searcher': 'numberrange', │ │
│ │ 'task_types': ['task', 'subtask'], 'attr': {'tvm': 'plugin.vpr.score', │ │
│ │ 'tsc': 'vprScore'}, 'id': 'customfield_10304'}, {'name': 'CVSSv2 Base │ │
│ │ Score', 'screen_tab': 'Vulnerability', 'type': 'float', 'searcher': │ │
│ │ 'numberrange', 'task_types': ['task', 'subtask'], 'attr': {'tvm': │ │
│ │ 'plugin.cvss_base_score', 'tsc': 'baseScore'}, 'id': 'customfield_10277'}, │ │
│ │ {'name': 'CVSSv2 Temporal Score', 'screen_tab': 'Vulnerability', 'type': │ │
│ │ 'float', 'searcher': 'numberrange', 'task_types': ['task', 'subtask'], │ │
│ │ 'attr': {'tvm': 'plugin.cvss_temporal_score', 'tsc': 'temporalScore'}, │ │
│ │ 'id': 'customfield_10278'}, {'name': 'CVSSv3 Base Score', 'screen_tab': │ │
│ │ 'Vulnerability', 'type': 'float', 'searcher': 'numberrange', 'task_types': │ │
│ │ ['task', 'subtask'], 'attr': {'tvm': 'plugin.cvss3_base_score', 'tsc': │ │
│ │ 'cvssV3BaseScore'}, 'id': 'customfield_10279'}, {'name': 'CVSSv3 Temporal │ │
│ │ Score', 'screen_tab': 'Vulnerability', 'type': 'float', 'searcher': │ │
│ │ 'numberrange', 'task_types': ['task', 'subtask'], 'attr': {'tvm': │ │
│ │ 'plugin.cvss3_temporal_score', 'tsc': 'cvssV3TemporalScore'}, 'id': │ │
│ │ 'customfield_10280'}, {'name': 'Tenable Plugin ID', 'screen_tab': │ │
│ │ 'Vulnerability', 'type': 'readonlyfield', 'searcher': 'textsearcher', │ │
│ │ 'task_types': ['task', 'subtask'], 'attr': {'tvm': 'plugin.id', 'tsc': │ │
│ │ 'pluginID'}, 'id': 'customfield_10282'}, {'name': 'Tenable Plugin Family', │ │
│ │ 'screen_tab': 'Vulnerability', 'type': 'readonlyfield', 'searcher': │ │
│ │ 'textsearcher', 'task_types': ['task', 'subtask'], 'attr': {'tvm': │ │
│ │ 'plugin.family', 'tsc': 'family.name'}, 'id': 'customfield_10283'}, │ │
│ │ {'name': 'Tenable Plugin Name', 'screen_tab': 'Vulnerability', 'type': │ │
│ │ 'readonlyfield', 'searcher': 'textsearcher', 'task_types': ['task', │ │
│ │ 'subtask'], 'attr': {'tvm': 'plugin.name', 'tsc': 'pluginName'}, 'id': │ │
│ │ 'customfield_10284'}, {'name': 'Vulnerability Severity', 'screen_tab': │ │
│ │ 'Vulnerability', 'type': 'readonlyfield', 'searcher': 'textsearcher', │ │
│ │ 'task_types': ['task', 'subtask'], 'attr': {'tvm': 'plugin.risk_factor', │ │
│ │ 'tsc': 'severity.name'}, 'map_to_priority': True, 'id': │ │
│ │ 'customfield_10285'}, {'name': 'Vulnerability First Seen', 'screen_tab': │ │
│ │ 'Vulnerability', 'type': 'datetime', 'searcher': 'datetimerange', │ │
│ │ 'task_types': ['task', 'subtask'], 'attr': {'tvm': 'first_found', 'tsc': │ │
│ │ 'firstSeen'}, 'id': 'customfield_10296'}, {'name': 'Vulnerability Last │ │
│ │ Seen', 'screen_tab': 'Vulnerability', 'type': 'datetime', 'searcher': │ │
│ │ 'datetimerange', 'task_types': ['task', 'subtask'], 'attr': {'tvm': │ │
│ │ 'last_found', 'tsc': 'lastSeen'}, 'id': 'customfield_10297'}, {'name': │ │
│ │ 'Vulnerability Last Fixed', 'screen_tab': 'Vulnerability', 'type': │ │
│ │ 'datetime', 'searcher': 'datetimerange', 'task_types': ['task', │ │
│ │ 'subtask'], 'attr': {'tvm': 'last_fixed'}, 'id': 'customfield_10298'}, │ │
│ │ {'name': 'Vulnerability State', 'screen_tab': 'Vulnerability', 'type': │ │
│ │ 'readonlyfield', 'searcher': 'textsearcher', 'task_types': ['task', │ │
│ │ 'subtask'], 'attr': {'tvm': 'state', 'tsc': 'integration_state'}, │ │
│ │ 'map_to_state': True, 'id': 'customfield_10299'}, {'name': 'Vulnerability │ │
│ │ Port', 'screen_tab': 'Vulnerability', 'type': 'readonlyfield', 'searcher': │ │
│ │ 'textsearcher', 'task_types': ['task', 'subtask'], 'attr': {'tvm': │ │
│ │ 'port.port', 'tsc': 'port'}, 'id': 'customfield_10300'}, {'name': │ │
│ │ 'Vulnerability Protocol', 'screen_tab': 'Vulnerability', 'type': │ │
│ │ 'readonlyfield', 'searcher': 'textsearcher', 'task_types': ['task', │ │
│ │ 'subtask'], 'attr': {'tvm': 'port.protocol', 'tsc': 'protocol'}, 'id': │ │
│ │ 'customfield_10301'}, {'name': 'Patch Publication Date', 'screen_tab': │ │
│ │ 'Vulnerability', 'type': 'datepicker', 'searcher': 'daterange', │ │
│ │ 'task_types': ['task', 'subtask'], 'attr': {'tvm': │ │
│ │ 'plugin.patch_publication_date', 'tsc': 'patchPubDate'}, 'id': │ │
│ │ 'customfield_10281'}, {'name': 'Finding Severity', 'screen_tab': │ │
│ │ 'Vulnerability', 'type': 'readonlyfield', 'searcher': 'textsearcher', │ │
│ │ 'task_types': ['task', 'subtask'], 'attr': {'tvm': 'severity', 'tsc': │ │
│ │ 'severity.name'}, 'id': 'customfield_10286'}, {'name': 'Tenable Finding │ │
│ │ ID', 'screen_tab': 'Vulnerability', 'type': 'readonlyfield', 'searcher': │ │
│ │ 'textsearcher', 'task_types': ['subtask'], 'attr': {'tvm': │ │
│ │ 'integration_finding_id', 'tsc': 'integration_finding_id'}, 'id': │ │
│ │ 'customfield_10375'}]}} │ │
│ │ configfile = PosixPath('/config.toml') │ │
│ │ fobj = <_io.TextIOWrapper name='/config.toml' mode='r' encoding='utf-8'> │ │
│ │ ignore_last_run = True │ │
│ │ processor = │ │
│ │ update = True │ │
│ │ verbose = True │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────────╯ │
│ │
│ /usr/local/lib/python3.12/site-packages/tenb2jira/processor.py:427 in sync │
│ │
│ 424 │ │ # threaded execution worker. │
│ 425 │ │ if self.max_workers <= 1: │
│ 426 │ │ │ for finding in findings: │
│ ❱ 427 │ │ │ │ self.finding_job(finding) │
│ 428 │ │ │
│ 429 │ │ # Using as many threads as we need (up to the max configured) │
│ 430 │ │ # go ahead and process the findings. We will store the job results │
│ │
│ ╭─────────────────────────────────────────── locals ───────────────────────────────────────────╮ │
│ │ asset_cleanup = │ │
│ │ cleanup = True │ │
│ │ finding = { │ │
│ │ │ 'asset.device_type': 'general-purpose', │ │
│ │ │ 'asset.fqdn': 'xxx', │ │
│ │ │ 'asset.hostname': 'mc11', │ │
│ │ │ 'asset.uuid': 'xxx', │ │
│ │ │ 'asset.ipv4': ['xxx'], │ │
│ │ │ 'asset.last_authenticated_results': '2024-07-05T21:36:05.999Z', │ │
│ │ │ 'asset.mac_address': 'xxx', │ │
│ │ │ 'asset.operating_system': [ │ │
│ │ │ │ 'xxxx' │ │
│ │ │ ], │ │
│ │ │ 'asset.network_id': 'xxx', │ │
│ │ │ 'asset.tracked': True, │ │
│ │ } │ │
│ │ findings = │ │
│ │ self = │ │
│ │ ts = 1720535646 │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────────╯ │
│ │
│ /usr/local/lib/python3.12/site-packages/tenb2jira/processor.py:405 in finding_job │
│ │
│ 402 │ │ A simple worker method for updating a task & subtask │
│ 403 │ │ """ │
│ 404 │ │ with Session(self.engine) as session: │
│ ❱ 405 │ │ │ task_id = self.upsert_task(s=session, finding=finding) │
│ 406 │ │ │ self.upsert_subtask(s=session, task_id=task_id, finding=finding) │
│ 407 │ │ │ session.commit() │
│ 408 │
│ │
│ ╭───────────────────────────────────────── locals ─────────────────────────────────────────╮ │
│ │ finding = { │ │
│ │ │ 'asset.device_type': 'general-purpose', │ │
│ │ │ 'asset.fqdn': 'xxx', │ │
│ │ │ 'asset.hostname': 'xx', │ │
│ │ │ 'asset.uuid': 'xxx', │ │
│ │ │ 'asset.ipv4': ['xxx'], │ │
│ │ │ 'asset.last_authenticated_results': 'xxx', │ │
│ │ │ 'asset.mac_address': 'xxx', │ │
│ │ │ 'asset.operating_system': [ │ │
│ │ │ │ 'xxx' │ │
│ │ │ ], │ │
│ │ │ 'asset.network_id': 'xxx', │ │
│ │ │ 'asset.tracked': True, │ │
│ │ } │ │
│ │ self = │ │
│ │ session = │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────╯ │
│ │
│ /usr/local/lib/python3.12/site-packages/tenb2jira/processor.py:160 in upsert_task │
│ │
│ 157 │ │ determine if the task is a new issue or an existing and performs the │
│ 158 │ │ associated action. │
│ 159 │ │ """ │
│ ❱ 160 │ │ task = self.jira.task.generate(finding) │
│ 161 │ │ │
│ 162 │ │ # If the finding related to this task is not in an open state, then │
│ 163 │ │ # there is no reason to continue. Return back a NoneType value. │
│ │
│ ╭───────────────────────────────────────── locals ─────────────────────────────────────────╮ │
│ │ finding = { │ │
│ │ │ 'asset.device_type': 'general-purpose', │ │
│ │ │ 'asset.fqdn': 'xxx', │ │
│ │ │ 'asset.hostname': 'xx', │ │
│ │ │ 'asset.uuid': 'xxx', │ │
│ │ │ 'asset.ipv4': ['xxx'], │ │
│ │ │ 'asset.last_authenticated_results': '2024-07-05T21:36:05.999Z', │ │
│ │ │ 'asset.mac_address': 'xxx', │ │
│ │ │ 'asset.operating_system': [ │ │
│ │ │ │ 'xxx' │ │
│ │ │ ], │ │
│ │ │ 'asset.network_id': '00000000-0000-0000-0000-000000000000', │ │
│ │ │ 'asset.tracked': True, │ │
│ │ } │ │
│ │ s = │ │
│ │ self = │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────╯ │
│ │
│ /usr/local/lib/python3.12/site-packages/tenb2jira/jira/task.py:176 in generate │
│ │
│ 173 │ │ │ if field.name in self.search: │
│ 174 │ │ │ │ issue.jql.append(field.parse_jql(issue.fields[field.id])) │
│ 175 │ │ │ if field.map_to_priority: │
│ ❱ 176 │ │ │ │ issue.gen_priority(field.id) │
│ 177 │ │ │ if field.map_to_state: │
│ 178 │ │ │ │ issue.gen_state(field.id) │
│ 179 │ │ return issue │
│ │
│ ╭─────────────────────────────────────────── locals ───────────────────────────────────────────╮ │
│ │ field = Field(customfield_10285: Vulnerability Severity) │ │
│ │ finding = { │ │
│ │ │ 'asset.device_type': 'general-purpose', │ │
│ │ │ 'asset.fqdn': 'xxx', │ │
│ │ │ 'asset.hostname': 'xxx', │ │
│ │ │ 'asset.uuid': 'xxx', │ │
│ │ │ 'asset.ipv4': ['xxx'], │ │
│ │ │ 'asset.last_authenticated_results': '2024-07-05T21:36:05.999Z', │ │
│ │ │ 'asset.mac_address': 'xxx', │ │
│ │ │ 'asset.operating_system': ['xxx'], │ │
│ │ │ 'asset.network_id': '00000000-0000-0000-0000-000000000000', │ │
│ │ │ 'asset.tracked': True, │ │
│ │ } │ │
│ │ is_open = None │ │
│ │ issue = Task("['project = "VULN"', 'issuetype = "Task"', '"Tenable Plugin ID" ~ │ │
│ │ "104410"']", 14) │ │
│ │ self = │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────────╯ │
│ │
│ /usr/local/lib/python3.12/site-packages/tenb2jira/jira/task.py:45 in gen_priority │
│ │
│ 42 │ │ │ field_id (str): The field key identifier │
│ 43 │ │ """ │
│ 44 │ │ value = str(self.fields[field_id]).lower() │
│ ❱ 45 │ │ self.priority = str(self.idef.severity_map[value]) │
│ 46 │ │ self.fields['priority'] = {'id': self.priority} │
│ 47 │ │
│ 48 │ def gen_state(self, field_id: str): │
│ │
│ ╭─────────────────────────────────────────── locals ───────────────────────────────────────────╮ │
│ │ field_id = 'customfield_10285' │ │
│ │ self = Task("['project = "VULN"', 'issuetype = "Task"', '"Tenable Plugin ID" ~ │ │
│ │ "104410"']", 14) │ │
│ │ value = 'info' │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────────╯ │
│ │
│ /usr/local/lib/python3.12/site-packages/tomlkit/container.py:822 in __getitem__ │
│ │
│ 819 │ │
│ 820 │ def __getitem__(self, key: Key | str) -> Any: │
│ 821 │ │ if key not in self._internal_container: │
│ ❱ 822 │ │ │ raise NonExistentKey(key) │
│ 823 │ │ │
│ 824 │ │ return self._internal_container[key] │
│ 825 │
│ │
│ ╭───────────────────────── locals ─────────────────────────╮ │
│ │ key = 'info' │ │
│ │ self = {'critical': 1, 'high': 2, 'medium': 3, 'low': 4} │ │
│ ╰──────────────────────────────────────────────────────────╯ │
╰──────────────────────────────────────────────────────────────────────────────────────────────────╯
NonExistentKey: 'Key "info" does not exist.'
SteveMcGrath
commented
3 months ago The plugin id 104410 is an info plugin: https://www.tenable.com/plugins/nessus/104410
Curious as to why thats being reported. By chance have you recasted that risk?
kmplngj
commented
3 months ago The plugin id 104410 is an info plugin: https://www.tenable.com/plugins/nessus/104410
Curious as to why thats being reported. By chance have you recasted that risk?
Now that you ask... yes, it could well be that our security consultant changed it at some point.
SteveMcGrath
commented
3 months ago Ok, so its something that the current codebase isn't accounting for (however i'll add it to the task list). However You have a couple of potential workarounds right now:
severity_map.critical = 1
severity_map.high = 2
severity_map.medium = 3
severity_map.low = 4
severity_map.info = 5Thanks! That fixed my run errors.
Now, I still have some Jira issues that are not being closed, but the Tenable state is fixed. How could I investigate this?
SteveMcGrath
commented
3 months ago Keep an eye on #277 for this. still investigating the root cause of that one.
SteveMcGrath
commented
3 months ago Also if you want to provide an updated debug log with the issues not being closed, that would be awesome.
kmplngj
commented
3 months ago We use the integration with severities = ['critical'] The jira issue was created last week (2. July 2024 04:39). When I now look at the plugin info https://www.tenable.com/plugins/nessus/200889 vulnerability severity it is only High.
Does the integration then does not update the jira issue since it is no longer selected from tenable?
SteveMcGrath
commented
3 months ago Can we please continue the conversation on the remaining issue on #277?
https://github.com/tenable/integration-jira-cloud/issues/277#issuecomment-2217983602
SteveMcGrath
commented
3 months ago We use the integration with
severities = ['critical']The jira issue was created last week (2. July 2024 04:39). When I now look at the plugin info https://www.tenable.com/plugins/nessus/200889 vulnerability severity it is only High.Does the integration then does not update the jira issue since it is no longer selected from tenable?
That would be correct, if the severity rating dropped, then it would no longer be pulled for updates. critical-only would refer to vulns with a CVSS score of 10.0, ANY drop would result in a high finding as well.
Hello,
I have some jira issue that are not closed by the integration and I don't know why. I now tried to run tenb2jira sync /config.toml --ignore-last-run --verbose and increased the vuln_age from 30 to 120. The issues that are not closed are older than 30 days. But the sync now runs into errors I don't unterstand.
Details Log
INFO INFO:Processor:Matched SubTask "VULN-58285" to SQL Cache and updated subtask. processor.py:274 INFO INFO:Processor:Finding related to Plugin 200351 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask 0bf41883-4642-3c74-92e3-59c02be3dca3 is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 192470 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask 7df54cbe-5083-356a-b3e9-c0297ab46a57 is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 200351 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask 482ea86e-7c6c-3720-bade-d7e9d44f8f9d is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 194969 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask 0b9e16ff-3989-336e-a1b9-b96fda96427e is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 193164 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask e8f10452-05d2-3f68-aa84-b370a3fa26d0 is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 171786 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask 47180092-ed6b-3ca8-bd28-a6b097aeb76a is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 194850 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask d37b7e8a-7ba5-3cbc-bf98-e16b683b6373 is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 197572 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask 0ecda720-b4c6-3204-9307-5b68c44ab84e is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 192578 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask 2abd3d90-226d-3c25-aae5-ad4d12424ca5 is not in the SQL cache and is not open. Skipping. processor.py:282 INFO INFO:Processor:Finding related to Plugin 195318 is closed, skipping processor.py:165 INFO INFO:Processor:Subtask b000cd81-b701-3cd6-922b-baa146c82a43 is not in the SQL cache and is not open. Skipping. processor.py:282 DEBUG DEBUG:urllib3.connectionpool:https://foobar..atlassian.net:443 "PUT connectionpool.py:546 /rest/api/3/issue/VULN-58284?notifyUsers=true&overrideScreenSecurity=false&overrideEditableFlag=false HTTP/11" 204 0 INFO INFO:Processor:Matched SubTask "VULN-58284" to SQL Cache and updated subtask. processor.py:274 DEBUG DEBUG:urllib3.connectionpool:https://foobar..atlassian.net:443 "PUT connectionpool.py:546 /rest/api/3/issue/VULN-58288?notifyUsers=true&overrideScreenSecurity=false&overrideEditableFlag=false HTTP/11" 204 0 INFO INFO:Processor:Matched SubTask "VULN-58288" to SQL Cache and updated subtask. processor.py:274 DEBUG DEBUG:urllib3.connectionpool:https://foobar..atlassian.net:443 "PUT connectionpool.py:546 /rest/api/3/issue/VULN-57807?notifyUsers=true&overrideScreenSecurity=false&overrideEditableFlag=false HTTP/11" 204 0 INFO INFO:Processor:Matched SubTask "VULN-57807" to SQL Cache and updated subtask. processor.py:274 ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:'Key "info" does not exist.' processor.py:448 NoneType: None ERROR ERROR:Processor:Refusing to continue (45 errors) & terminating sync.Perhaps someone has a tipp where to look.
Details Parameters
Tenable Parameters Jira Parameters ┏━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┏━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┃ Parameter ┃ Value ┃ ┃ Parameter ┃ Value ┃ ┡━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━┩ ┡━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩ │ Platform │ tvm │ │ Application URL │ https://xxx │ │ Severities │ critical │ │ Username │ xxx │ │ Vulnerability Age │ 120 │ │ API Token │ ATAT... │ │ Last Run │ None │ │ Closed Transition │ Fertig │ │ Access key │ xxxx...xxxx │ │ Severity Map │ {'critical': 1, 'high': 2, 'medium': 3, 'low': 4} │ │ Secret key │ xxxx...xxxx │ │ State Map │ {'open': True, 'reopened': True, 'fixed': False} │ │ TVM URL │ https://cloud.tenable.com │ │ Max Workers │ 4 │ │ Export Chunk Size │ 1000 │ │ Project Key │ VULN │ └───────────────────┴───────────────────────────┘ │ Task Name │ Task │ │ Task ID │ 10012 │ │ Sub-Task Name │ Sub-task │ │ Sub-Task ID │ 10014 │ └───────────────────┴───────────────────────────────────────────────────┘ Jira Fields ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┃ Field Name ┃ Jira Id ┃ Tenable Mapping ┃ ┡━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩ │ Tenable Asset UUID │ customfield_10287 │ asset.uuid │ │ Tenable Asset Tags │ customfield_10288 │ asset.tags │ │ Tenable Platform │ customfield_10275 │ Tenable Vulnerability Management │ │ Device Hostname │ customfield_10292 │ asset.hostname │ │ Device NetBIOS Name │ customfield_10293 │ │ │ Device DNS Name │ customfield_10294 │ asset.fqdn │ │ Device IPv4 Addresses │ customfield_10290 │ asset.ipv4 │ │ Device IPv6 Addresses │ customfield_10291 │ asset.ipv6 │ │ Device Network ID │ customfield_10295 │ asset.network_id │ │ Vulnerability Repository ID │ customfield_10302 │ │ │ Vulnerability Repository Name │ customfield_10303 │ │ │ CVEs │ customfield_10276 │ pluvin.cve │ │ Tenable VPR Score │ customfield_10304 │ plugin.vpr.score │ │ CVSSv2 Base Score │ customfield_10277 │ plugin.cvss_base_score │ │ CVSSv2 Temporal Score │ customfield_10278 │ plugin.cvss_temporal_score │ │ CVSSv3 Base Score │ customfield_10279 │ plugin.cvss3_base_score │ │ CVSSv3 Temporal Score │ customfield_10280 │ plugin.cvss3_temporal_score │ │ Tenable Plugin ID │ customfield_10282 │ plugin.id │ │ Tenable Plugin Family │ customfield_10283 │ plugin.family │ │ Tenable Plugin Name │ customfield_10284 │ plugin.name │ │ Vulnerability Severity │ customfield_10285 │ plugin.risk_factor │ │ Vulnerability First Seen │ customfield_10296 │ first_found │ │ Vulnerability Last Seen │ customfield_10297 │ last_found │ │ Vulnerability Last Fixed │ customfield_10298 │ last_fixed │ │ Vulnerability State │ customfield_10299 │ state │ │ Vulnerability Port │ customfield_10300 │ port.port │ │ Vulnerability Protocol │ customfield_10301 │ port.protocol │ │ Patch Publication Date │ customfield_10281 │ plugin.patch_publication_date │ │ Finding Severity │ customfield_10286 │ severity │ │ Tenable Finding ID │ customfield_10375 │ integration_finding_id │ └───────────────────────────────┴───────────────────┴──────────────────────────────────┘Thanks a lot Jan