我的代码是模块中的一个功能。我的部分报告需要按相反的顺序对First Detected的输出进行排序。
我的代码:
kubectl.exe run ubuntu-test-3 --image=rm12345/ubuntutest3:latest
我需要按" FirstDetected"对输出进行排序。 in -Scending order。
我的脚本输出:
function Run-PxReport($p) {
switch ($p)
{
P1 {$template_id = 2074495}
P2 {$template_id = 2075996}
P3 {$template_id = 2075998}
P4 {$template_id = 2075999}
default {"The template ID could not be determined"}
}
# Download report in csv
Write-Host ("-" * 60)
Write-Host "Generating $p report. Please wait...`r`n"
$launchReport = ([xml](curl.exe -sS -u username:password -H 'X-Requested-With:QualysApiExplorer' 'https://qualysapi.qualys.com/api/2.0/fo/report/' -d "action=launch&template_id=$template_id&report_title=$p&output_format=csv"))
$reportID = $launchReport.SelectNodes("//SIMPLE_RETURN/RESPONSE/ITEM_LIST/ITEM/VALUE").InnerText
do{
Start-Sleep -s 15
$searchReport = ([xml](curl.exe -sS -u username:password -H 'X-Requested-With:QualysApiExplorer' 'https://qualysapi.qualys.com/api/2.0/fo/report/' -d "action=list&id=$reportID"))
$reportStatus = ($searchReport.REPORT_LIST_OUTPUT.RESPONSE.REPORT_LIST.REPORT | ? {$_.ID -eq $reportID}).STATUS.STATE
} until($reportStatus -eq "Finished")
curl.exe -sS -u username:password -H 'X-Requested-With:QualysApiExplorer' 'https://qualysapi.qualys.com/api/2.0/fo/report/' -d "action=fetch&id=$reportID" > .\report.csv
#clean up line breaks between quotes
gc .\report.csv | Out-String | % {$_.replace(",`r",",").replace(",`n",",") } | Set-Content .\report.csv
# Need to find number of rows to skip when importing csv to find end of interesting data.
$reportContent = Get-Content .\report.csv
# Need to get the number for "Hosts Matching Filters" on line 6.
$line = $reportContent | select -first 1 -skip 5
$totalHosts = $line.Split(",")[3]
$intHosts = [int]$totalHosts.Replace("`"","")
$skip = $intHosts + 14
# Import-CSV, select-object to get only interesting columns.
$csvData = Get-Content -Path .\report.csv | Select-Object -Skip $skip | ConvertFrom-Csv
# Output totals of each severity 3,4,5.
$severity5 = ($csvData | where {$_.Severity -eq 5}).Count
$severity4 = ($csvData | where {$_.Severity -eq 4}).Count
$severity3 = ($csvData | where {$_.Severity -eq 3}).Count
$totalPx = ($severity3 + $severity4 + $severity5)
# Output total Px.
Write-Host "Total $p count: $totalPx"
Write-Host "Severity 5 total: $severity5"
Write-Host "Severity 4 total: $severity4"
Write-Host "Severity 3 total: $severity3"
# Top 10 most severe vulnerabilities
Write-Host "`r`nTop 10 most severe vulnerabilities:"
$toptenseverity = $csvData | select Severity, Title -Unique | sort Severity -Descending | select -First 11
Write-Output $toptenseverity | Format-Table
# Top 10 most common vulnerabilities:
Write-Host "`r`nTop 10 most common vulnerabilities:"
$toptencommon = $csvData | Group-Object Title | sort Count -Descending | select -First 10 | select Count, Name
$toptencommon
Write-Host "`r`nLatest vulnerabilities:"
$new = $csvData | where {$_.Severity -ge 3} | sort 'First Detected' -Descending | select -First 50 | select IP,Title,'First Detected'
Write-Output $new | Format-Table
$deleteReport = ([xml](curl.exe -sS -u username:password -H 'X-Requested-With:QualysApiExplorer' 'https://qualysapi.qualys.com/api/2.0/fo/report/' -d "action=delete&id=$reportID"))
}
这是我的CSV文件(已编辑)
IP Title First Detected
-- ----- --------------
127.0.0.1 SSL/TLS use of weak RC4 cipher 12/29/2013 07:09:19
127.0.0.1 SSL/TLS use of weak RC4 cipher 12/29/2016 07:09:19
答案 0 :(得分:2)
我使用了一种称为计算属性的技术,它允许我们从管道中选择某些属性(之前的命令),然后计算一个新值。
首先,我复制了你的CSV并猜测你可能省略了前8行或10行,所以我开始使用以"IP","DNS","NetBIOS",
开头的行并将其保存在$i
中。
$i | convertfrom-csv | select IP,Severity, Title,@{Name=‘First Detected‘;Expression={$_.'First Detected' -as [DateTime]}}
完成后,我得到了我期望的正常输出,我也可以根据日期时间进行格式化!
IP Severity Title First
Detected
-- -------- ----- ----------
127.0.0.1 3 Session Cookie Does Not Contain the "Secure" Attribute 1/8/201...
127.0.0.1 3 Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32) 4/2/201...
127.0.0.1 3 SSL/TLS Server supports TLSv1.0 7/10/20...
PS C:\git> $outp | where 'First Detected' -ge (get-date '04/01/2017')
IP Severity Title First
Detected
-- -------- ----- ----------
127.0.0.1 3 Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32) 4/2/201...