disable wazuh_monitoring_alert in scheduler

socfortress · Aug 30, 2024 · ca27494 · ca27494
1 parent c0eb010
commit ca27494
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/backend/app/agents/routes/agents.py b/backend/app/agents/routes/agents.py
@@ -464,7 +464,7 @@ async def get_agent_vulnerabilities(
     return await collect_agent_vulnerabilities(agent_id, vulnerability_severity.value)
 
 @agents_router.get(
-    "/{agent_id}/vulnerabilities/csv",
+    "/{agent_id}/csv/vulnerabilities",
     description="Get agent vulnerabilities as CSV",
     dependencies=[Security(AuthHandler().require_any_scope("admin", "analyst"))],
 )
@@ -482,10 +482,12 @@ async def get_agent_vulnerabilities_csv(agent_id: str, session: AsyncSession = D
     wazuh_new = await check_wazuh_manager_version()
     if wazuh_new is True:
         logger.info("Wazuh Manager version is 4.8.0 or higher. Fetching vulnerabilities using new API")
-        vulnerabilities = await collect_agent_vulnerabilities_new(agent_id, vulnerability_severity="Critical")
+        vulnerabilities = (await collect_agent_vulnerabilities_new(agent_id, vulnerability_severity="High")).vulnerabilities
     else:
         vulnerabilities = await collect_agent_vulnerabilities(agent_id, vulnerability_severity="Critical")
     # Create a CSV file
+    logger.info(f"Creating CSV file for agent {agent_id} with {len(vulnerabilities)} vulnerabilities")
+    logger.info(f"Vulnerabilities: {vulnerabilities}")
     output = io.StringIO()
     writer = csv.writer(output)
     # Write the header

diff --git a/backend/app/schedulers/scheduler.py b/backend/app/schedulers/scheduler.py
@@ -163,8 +163,8 @@ async def schedule_enabled_jobs(scheduler):
     Schedules jobs that are enabled in the database.
     """
     async with AsyncSession(async_engine) as session:
-        # First disable the job of `invoke_wazuh_monitoring_alert` if it is enabled
-        logger.info("Disabling job: invoke_wazuh_monitoring_alert")
+        # ! First disable the job of `invoke_wazuh_monitoring_alert` if it is enabled
+        # TODO ! Inefficient as hell but I will come back to this later
         stmt = select(JobMetadata).where(JobMetadata.job_id == "invoke_wazuh_monitoring_alert")
         result = await session.execute(stmt)
         job_metadata = result.scalars().one_or_none()