Renaming tenable terms + refactor enable logic

tonur · Jan 19, 2024 · 48a03e8 · 48a03e8
1 parent f12bed2
commit 48a03e8
Showing 1 changed file with 32 additions and 39 deletions.
diff --git a/src/app.py b/src/app.py
@@ -7,20 +7,22 @@
 
 app = Flask(__name__)
 
-# Define Prometheus metrics
-enable_scan_metric = os.environ.get('ENABLE_SCAN_METRIC', 'true').lower() == 'true'
-enable_vuln_metric = os.environ.get('ENABLE_VULN_METRIC', 'true').lower() == 'true'
+tio_variables = ['TIO_ACCESS_KEY', 'TIO_SECRET_KEY']
+sc_variables = ['SECURITYCENTER_NETWORK_ADDRESS', 'SC_USERNAME', 'SC_PASSWORD']
 
-scan_metric = Gauge('tenable_scans', 'Tenable Scans', ['id', 'uuid', 'name', 'status'])
-vuln_metric = Gauge('tenable_vulnerabilities', 'Tenable Vulnerabilities', ['ip', 'pluginID', 'pluginName'])
+missing_tio_variables = [variable for variable in tio_variables if os.environ.get(variable) is None]
+missing_sc_variables = [variable for variable in sc_variables if os.environ.get(variable) is None]
 
-def check_environment_variables():
-    tio_variables = ['TIO_ACCESS_KEY', 'TIO_SECRET_KEY']
-    sc_variables = ['SECURITYCENTER_NETWORK_ADDRESS', 'SC_USERNAME', 'SC_PASSWORD']
+def enable_metrics():
+    if missing_tio_variables:
+        logging.info("Tenable Cloud metrics is enabled.")
+    if missing_sc_variables:
+        logging.info("Tenable Security Center metric is enabled.")
 
-    missing_tio_variables = [variable for variable in tio_variables if os.environ.get(variable) is None]
-    missing_sc_variables = [variable for variable in sc_variables if os.environ.get(variable) is None]
+tenable_cloud_metrics = Gauge('tenable_cloud_metrics', 'Tenable Cloud Scans', ['id', 'uuid', 'name', 'status'])
+security_center_metrics = Gauge('security_center_metrics', 'Tenable Security Center Vulnerabilities', ['ip', 'pluginID', 'pluginName'])
 
+def verify_environment_variables():
     if missing_tio_variables:
         logging.warning(f"Missing environment variables for Tenable.io: {', '.join(missing_tio_variables)}")
 
@@ -32,50 +34,41 @@ def check_environment_variables():
         return False
     return True
 
-def enable_metrics():
-    if enable_scan_metric:
-        logging.info("Tenable Scan Status metric is enabled.")
-    if enable_vuln_metric:
-        logging.info("Tenable Vulnerability metric is enabled.")
-
-def scans(tio_access_key, tio_secret_key):
+def tenable_cloud_metrics(tio_access_key, tio_secret_key):
     # Tenable.io
     tio = TenableIO(tio_access_key, tio_secret_key)
     for scan in tio.scans.list():
-        scan_metric.labels(id=scan['id'], uuid=scan['uuid'], name=scan['name'], status=scan['status']).set(1)
+        tenable_cloud_metrics.labels(id=scan['id'], uuid=scan['uuid'], name=scan['name'], status=scan['status']).set(1)
 
-def vulns(sc_network_address, sc_username, sc_password):
+def security_center_metrics(sc_network_address, sc_username, sc_password):
     # Tenable.sc
     sc = TenableSC(sc_network_address)
     sc.login(sc_username, sc_password)
     for vuln in sc.analysis.vulns():
-        vuln_metric.labels(ip=vuln['ip'], pluginID=vuln['pluginID'], pluginName=vuln['pluginName']).set(1)
+        security_center_metrics.labels(ip=vuln['ip'], pluginID=vuln['pluginID'], pluginName=vuln['pluginName']).set(1)
 
 @app.route('/metrics')
 def metrics():
-    try:
-        if not check_environment_variables():
-            return Response("ERROR: Missing environment variables", status=500)
-
-        enable_metrics()
-
-        if enable_scan_metric:
-            tio_access_key = os.environ['TIO_ACCESS_KEY']
-            tio_secret_key = os.environ['TIO_SECRET_KEY']
-            scans(tio_access_key, tio_secret_key)
-
-        if enable_vuln_metric:
-            sc_network_address = os.environ['SECURITYCENTER_NETWORK_ADDRESS']
-            sc_username = os.environ['SC_USERNAME']
-            sc_password = os.environ['SC_PASSWORD']
-            vulns(sc_network_address, sc_username, sc_password)
-    except:
-        print("Fuc")
+    if not verify_environment_variables():
+        return Response("ERROR: Missing environment variables", status=500)
+
+    enable_metrics()
+
+    if missing_tio_variables:
+        tio_access_key = os.environ['TIO_ACCESS_KEY']
+        tio_secret_key = os.environ['TIO_SECRET_KEY']
+        tenable_cloud_metrics(tio_access_key, tio_secret_key)
+
+    if missing_sc_variables:
+        sc_network_address = os.environ['SECURITYCENTER_NETWORK_ADDRESS']
+        sc_username = os.environ['SC_USERNAME']
+        sc_password = os.environ['SC_PASSWORD']
+        security_center_metrics(sc_network_address, sc_username, sc_password)
     return Response(generate_latest(), mimetype='text/plain')
 
 @app.route('/healthz')
 def healthz():
-    if not check_environment_variables():
+    if not verify_environment_variables():
         return Response("ERROR: Missing environment variables", status=500)
     return Response("OK", status=200)