go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/resources/windows_security.go

go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/resources/windows_security.go (about)

     1  // Copyright (c) Mondoo, Inc.
     2  // SPDX-License-Identifier: BUSL-1.1
     3  
     4  package resources
     5  
     6  import (
     7  	"go.mondoo.com/cnquery/llx"
     8  	"go.mondoo.com/cnquery/providers-sdk/v1/plugin"
     9  	"go.mondoo.com/cnquery/providers-sdk/v1/util/convert"
    10  	"go.mondoo.com/cnquery/providers/os/connection/shared"
    11  	"go.mondoo.com/cnquery/providers/os/resources/windows"
    12  )
    13  
    14  func (w *mqlWindowsSecurity) products() ([]interface{}, error) {
    15  	conn := w.MqlRuntime.Connection.(shared.Connection)
    16  
    17  	products, err := windows.GetSecurityProducts(conn)
    18  	if err != nil {
    19  		return nil, err
    20  	}
    21  
    22  	res := []interface{}{}
    23  	for i := range products {
    24  		p := products[i]
    25  
    26  		mqlProduct, err := CreateResource(w.MqlRuntime, "windows.security.product", map[string]*llx.RawData{
    27  			"type":           llx.StringData(p.Type),
    28  			"guid":           llx.StringData(p.Guid),
    29  			"name":           llx.StringData(p.Name),
    30  			"state":          llx.IntData(p.State),
    31  			"productState":   llx.StringData(p.ProductStatus),
    32  			"signatureState": llx.StringData(p.SignatureStatus),
    33  			"timestamp":      llx.TimeData(p.Timestamp),
    34  		})
    35  		if err != nil {
    36  			return nil, err
    37  		}
    38  		res = append(res, mqlProduct)
    39  	}
    40  
    41  	return res, nil
    42  }
    43  
    44  func (w *mqlWindowsSecurityProduct) id() (string, error) {
    45  	return "windows.security.product/" + w.Guid.Data, nil
    46  }
    47  
    48  func initWindowsSecurityHealth(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[string]*llx.RawData, plugin.Resource, error) {
    49  	if len(args) > 2 {
    50  		return args, nil, nil
    51  	}
    52  
    53  	if args == nil {
    54  		args = map[string]*llx.RawData{}
    55  	}
    56  
    57  	conn := runtime.Connection.(shared.Connection)
    58  
    59  	health, err := windows.GetSecurityProviderHealth(conn)
    60  	if err != nil {
    61  		return nil, nil, err
    62  	}
    63  
    64  	firewall, _ := convert.JsonToDict(health.Firewall)
    65  	autoupdate, _ := convert.JsonToDict(health.AutoUpdate)
    66  	antivirus, _ := convert.JsonToDict(health.AntiVirus)
    67  	antispyware, _ := convert.JsonToDict(health.AntiSpyware)
    68  	internetsettings, _ := convert.JsonToDict(health.InternetSettings)
    69  	uac, _ := convert.JsonToDict(health.Uac)
    70  	securitycenterservice, _ := convert.JsonToDict(health.SecurityCenterService)
    71  
    72  	args["firewall"] = llx.DictData(firewall)
    73  	args["autoUpdate"] = llx.DictData(autoupdate)
    74  	args["antiVirus"] = llx.DictData(antivirus)
    75  	args["antiSpyware"] = llx.DictData(antispyware)
    76  	args["internetSettings"] = llx.DictData(internetsettings)
    77  	args["uac"] = llx.DictData(uac)
    78  	args["securityCenterService"] = llx.DictData(securitycenterservice)
    79  
    80  	return args, nil, nil
    81  }