Formatted Table Per Finding?

Error message

Warning: call_user_func_array() expects parameter 1 to be a valid callback, function 'comment_node_forum_form' not found or invalid function name in drupal_retrieve_form() (line 844 of /var/www/www.gremwell.com/includes/form.inc).

I would like to have the ability to generate a report with each finding contained within it's own table. Unfortunately, when I take the provided template to do this, report generation seems to be hung up on this and freezes without output. Each table would be autonumbered if possible...

I am trying to take the following:

High Severity
No high severity problems were identified. {{.[count(//finding[source-severity='high'])=0]|hidden}}

{{mt:unique(//finding[@status!='ignore']/source-severity[text()='high']/../@title)}}

Summary

N/A{{.[count(../synopsis)=0]|hidden}}
{{../synopsis}}

Affected systems
{{//finding[@title = $_0 and @status!='ignore']|hidden}}{{affects}}

Description
{{..}}

Recommendations
N/A{{.[count(../solution)=0]|hidden}}
{{../solution}}

References
{{../reference}} {{url}}
{{../cve}} http://cve.mitre.org/cgi-bin/cvename.cgi?name={{.|leaf}}
BID-{{../bid}} http://www.securityfocus.com/bid/{{.}}
OSVDB-{{../osvdb}} http://osvdb.org/show/osvdb/{{.}}

Details per affected system
{{//finding[@title = $_0 and @status!='ignore']|hidden}}{{affects|leaf}}
{{output|leaf}}

...and turn it into: http://postimage.org/image/53wi7vntx/

Here is a template that produces approximately what you are trying to achieve:
Table template

It produces report output that looks like this:
Report output
Note that the finding title on top formatted as a header is what makes it work.

This is a simplified template, it does not order or group the findings in any way.

Hope this helps.

Alla

So, using your above solution, if I were to edit the finding title on top from {{//finding/@title}} to {{mt:unique(//finding[@status!='ignore']/source-severity[text()='critical']/../@title)}} that would only tabulate the critical findings (using your nessus/critical fix from the other thread) ?

Yes, I think that should do it.

Now I just need to figure out how to remove duplicate tables and only have 1 table per finding with multiple hosts in it.

adding {{//finding[@title = $_0 and @status!='ignore']|hidden}}{{affects}} under Host(s) will give each IP (And port) that's affected by the vulnerability which fixes my problem, however, introducing another problem of having IP and port together and not separated such as {{ancestor::port|leaf}} does.

If I can only generate 1 table per unique finding and have only IP's listed under hosts (as ports are duplicated in another column) that will fix my issues.

The table method works great, as well as the nessus22mt edits to display critical findings.

The issue I'm having now is duplicate findings. Using the above table method I get a new table for each finding instead of generating a table with 1 finding with multiple hosts listed under it. Is it possible to group them into one table 'automagically' haha?

Thanks again for the help
- SC

The above has been very useful.

Is there a way to include the finding title inside the table? I've tried but it has worked for me.

i've used my:join to place all the CVE info in a single cell. I have not been able to get it to work with {{affects}} or {{ancestor:port|leaf}}. Any tips on how to axcomplish that?

Thank you

Add new comment

CAPTCHA
Please answer the question to prove that you are not a spammer. If it isn't working and you are not a spammer, please email us.
Fill in the blank.