9.5.4. plugins/plugin_patch.py¶

from collections import OrderedDict

VERSION = "1.1.0"
"""Version of this set of plugin definitions."""

MINIMUM_THAT_VERSION = "1.1.0"
"""Minimum THAT version required to run these plugin definitions."""

NAME = "patch"
PRIORITY = 3
ANALYZE_DATA = OrderedDict()
GET_TANIUM_DATA = OrderedDict()

GET_INTERNET_DATA = [
]

# ask the question 'Get Has Patch Tools from all machines'
# and store results in "haspatchtools.csv"
GET_TANIUM_DATA["haspatchtools.csv"] = {
    "filters": [],
    "sensors": ["Has Patch Tools"],
}

# ask the question 'Get Available Patches from all machines'
# and store results in "patches.csv"
GET_TANIUM_DATA["patches.csv"] = {
    "filters": [],
    "sensors": ["Available Patches"],
}

# ask the question 'Get Available Patch Status from all machines'
# and store results in "patchstatus.csv"
GET_TANIUM_DATA["patchstatus.csv"] = {
    "filters": [],
    "sensors": ["Available Patch Status"],
}

# ask the question 'Get Reboot Required from all machines'
# and store results in "patchreboot.csv"
GET_TANIUM_DATA["patchreboot.csv"] = {
    "filters": [],
    "sensors": ["Reboot Required"],
}


ANALYZE_DATA["extra_clean_values"] = """
# set extra clean values to be used for df cleaning
result = ["Scan Error", "N/A on Mac", "N/A on Solaris", "N/A on Linux", "N/A on AIX"]
"""

ANALYZE_DATA["cleaned_haspatchtools_df"] = """
# clean out noise from haspatchtools.csv

csv = "haspatchtools.csv"
df = self.load_csv_as_df(csv)
extra_clean_values = self.get_result("extra_clean_values")

result = self.clean_df(df, columns=["Has Patch Tools"], add_values=extra_clean_values)
"""

ANALYZE_DATA["cleaned_patches_df"] = """
# clean out noise from patches.csv

csv = "patches.csv"
df = self.load_csv_as_df(csv)
extra_clean_values = self.get_result("extra_clean_values")

result = self.clean_df(df, columns=["Title"], add_values=extra_clean_values)
"""

ANALYZE_DATA["cleaned_patchstatus_df"] = """
# clean out noise from patchstatus.csv

csv = "patchstatus.csv"
df = self.load_csv_as_df(csv)
extra_clean_values = self.get_result("extra_clean_values")

result = self.clean_df(df, columns=["Available Patch Status"], add_values=extra_clean_values)
"""

ANALYZE_DATA["cleaned_patchreboot_df"] = """
# clean out noise from patchreboot.csv

csv = "patchreboot.csv"
df = self.load_csv_as_df(csv)
extra_clean_values = self.get_result("extra_clean_values")

result = self.clean_df(df, columns=["Reboot Required"], add_values=extra_clean_values)
"""

ANALYZE_DATA["total_targets"] = """
# has patch tools (targets)

df = self.get_result("cleaned_haspatchtools_df")

result = df.loc[df['Has Patch Tools'] == 'Yes', 'Count'].sum()
"""

ANALYZE_DATA["any_patch_count"] = """
# Total Number of Missing Patches (Any Severity)

df = self.get_result("cleaned_patches_df")

result = df['Title'].count()
"""

ANALYZE_DATA["critical_patch_count"] = """
# Total Number of Missing Patches (Critical Severity)

df = self.get_result("cleaned_patches_df")

result = df.loc[df['Severity'] == 'Critical', 'Title'].count()
"""

ANALYZE_DATA["any_req_patch"] = """
# Total Required Patches Across Endpoints (any Severity)

df = self.get_result("cleaned_patches_df")

result = df['Count'].sum()
"""

ANALYZE_DATA["critical_req_patch"] = """
# Total Required Patches Across Endpoints (Critical Severity)

df = self.get_result("cleaned_patches_df")

result = df.loc[df['Severity'] == 'Critical', 'Count'].sum()
"""

ANALYZE_DATA["any_req_patch_avg"] = """
# Required Patches Across Endpoints Average (any Severity)

df = self.get_result("cleaned_patches_df")

result = df['Count'].mean()
"""

ANALYZE_DATA["oldest_patch"] = """
# Oldest Date Any Severity Patch

df = self.get_result("cleaned_patches_df")

result = df['Date'].min()
"""

ANALYZE_DATA["msft_prod_affected"] = """
# Approximate Number of Products Affected (Unique Product Count)

df = self.get_result("cleaned_patches_df")

result = len(df['Filename'].str.replace('\\\\-kb.*', '').unique())
"""

ANALYZE_DATA["five_critical"] = """
# More than 5 Critical Patches Required

df = self.get_result("cleaned_patchstatus_df")

result = df.loc[df['Available Patch Status'] == 'More than 5 Critical Patches Required', 'Count'].sum()
"""

ANALYZE_DATA["reboot_req"] = """
# Reboot Required

df = self.get_result("cleaned_patchreboot_df")

result = df.loc[df['Reboot Required'] == 'Yes', 'Count'].sum()
"""