Is it possible to export Issues and Evidence in one API call?


#1

Hello,

I have been trying for a couple of hours, but I can’t find a satisfying solution to my problem. Using the get all nodes API call, I have only been getting partial results. The output from evidence and issues is great, but merging them together into one JSON is more trouble than it’s worth. Is there any way for me to construct my own API call?

Thanks


#2

@xRestriction that isn’t possible at this time but we can add it into the idea backlog to investigate adding in the future. For now, would a script possibly work instead? https://github.com/securityroots/dradispro-scripting


#3

Another option could be a customised version of the standard dradis-json export plugin?


#4

@rachkor I didn’t find any adequate script for this.

@etd I’ve been trying to edit the exporter.rb but didn’t really get it to work, the closest thing I got is:

module Dradis::Plugins::Json

class Exporter < Dradis::Plugins::Export::Base
def export(args={})

  issues = content_service.all_issues

  issue  = issues.map

  evidence = issues.map do |issue|

  result = issue.evidence.map
    { issue: issue.fields }
  end

   JSON.pretty_generate(result)
end

end
end


#5

@xRestriction I don’t think that a script currently exists that would match your use case but I was thinking that you might be able to use that repo as a jumping-off point. What output are you aiming for with the JSON exporter?


#6

I’d like to have the issue fields ( title, description, solution etc.) and then the evidence showing me which assets are affected and how it was tested.


#7

Hello @xRestriction. Apologies for the late reply, but have you tried something like this:

module Dradis::Plugins::Json

  class Exporter < Dradis::Plugins::Export::Base
    def export(args={})

      issues = content_service.all_issues

      result = issues.map do |issue|
	    evidences = issue.evidence.map do |evidence|
	      { evidence: evidence.content, node: evidence.node.label }
	    end
        { issue: issue.fields, evidence: evidences}
      end

      JSON.pretty_generate(result)
    end
  end
end

This should output all the issues with their evidence, and the evidence with their associated node/host.