将45个Fortify .fpr文件转换为.csv(BuildFolder,ProjectName,Critical,High,Medium,Low)

时间:2019-02-13 01:40:18

标签: xml powershell parsing fortify

我需要什么:按严重性将〜45 ReportGenerator.bat .fpr Fortify Report输出文件(转换为XML然后进行解析)转换为SCA问题计数。每个项目一行输出为CSV(或至少以表格形式显示为屏幕输出)。

所需的输出:

BuildFolder,ProjectName,Critical,High,Medium,Low
ScaBuild1,Project1,1,1,2,13
ScaBuild1,Project2,0,0,7,500
ScaBuild2,Project3,0,0,5,10
...

问题(下面是我当前的脚本问题)

1:如何对解析后的XML节点顺序进行排序(关键,高,中,低)(在缺少结果的地方插入0)?

Note the default XML output is tricky to parse (GroupingSection has count attribute followed by groupTitle Element containing the severity title).
Example:  <GroupingSection count="4484"><groupTitle>Low</groupTitle></GroupingSection>

我将使用Q1来获得有效答案(但对#2和#3的评论/答案是有力的奖励和值得赞扬的内容)

2:转换当前的“ Select-XML…Select-Object…| Format-Table”管道输出,以代替填充数组对象(与BuildFolder和ProjectName合并)?

3:构建结果数组后,如何输出到.csv文件,然后输出到屏幕(如标签表一样)?

在此先感谢您的帮助!

更多信息

示例路径和文件结构(用于45个项目):

c:\FortifyResults\ScaBuild1\  Project1.fpr, Project2.fpr
c:\FortifyResults\ScaBuild2\  Project3.fpr, Project4.fpr, Project5.fpr
…

当前使用的脚本(将每个.fpr文件转换为XML(默认Fortify模板),并从GroupingSection输出计数作为每个.xml的表)

#Parameters
$FprFilePath="d:\HPFortifyBuild1\2019.02.06"

#HPF References
    $FortifyInstallPath       ="C:\Program Files\HP_Fortify\HP_Fortify_SCA_and_Apps_16.11"
    $FortifyReportGenerator   ="$FortifyInstallPath\ReportGenerator.bat"
    $FortifyXmlReportTemplate ="$FortifyInstallPath\Core\config\reports\DefaultReportDefinition.xml"

CD $FprFilePath
    Get-ChildItem "$FprFilePath" -Filter *.fpr | 
    Foreach-Object {
        $NameFpr=$_.Name
        $NameXml=($_.BaseName+".xml")

        Write-Host "$NameFpr - Generating $NameXml report..."
        & "C:\Program Files\HP_Fortify\HP_Fortify_SCA_and_Apps_16.11\bin\ReportGenerator.bat" -format xml -f $NameXml -source $NameFpr -template DefaultReportDefinition.xml

        #Write-Host "$FprFilePath\$NameXml RESULTS:"
        Select-XML -Path $FprFilePath\$NameXml -Xpath "/ReportDefinition[1]/ReportSection[1]/SubSection[2]/IssueListing[1]/Chart[1]/GroupingSection" | Select-Object -ExpandProperty Node | Format-Table -AutoSize
        #Write-Host " "
    }

当前脚本输出示例:

Project1.fpr - Generating Project1.xml report...

count groupTitle
----- ----------
13    Low       
2     Medium    
1     Critical  
1     High      


Project2.fpr - Generating Project2.xml report...

count groupTitle
----- ----------
500   Low       
7     Medium
…

Project1.xml的摘录(通过脚本从Project1.fpr解析)

脚本命令:ReportGenerator.bat”-格式xml -f $ NameXml-源$$ NameFpr-模板DefaultReportDefinition.xml

Project1.xml摘录:

<Description>A table summarizing the number of issues found and the breakdown of issues in each Fortify Priority Level</Description>
    <IssueListing listing="false" limit="-1">
    <Refinement/>
        <Chart chartType="table">
            <Axis>Fortify Priority Order</Axis>
            <MajorAttribute>Analysis</MajorAttribute>
            <GroupingSection count="4484"><groupTitle>Low</groupTitle></GroupingSection>
            <GroupingSection count="431"><groupTitle>Medium</groupTitle></GroupingSection>
            <GroupingSection count="114"><groupTitle>High</groupTitle></GroupingSection>
            <GroupingSection count="13"><groupTitle>Critical</groupTitle></GroupingSection>
        </Chart>
    </IssueListing>

请注意,默认的XML输出很难解析(GroupingSection具有count属性,后跟包含严重性标题的groupTitle Element)。示例:

<GroupingSection count="4484"><groupTitle>Low</groupTitle></GroupingSection>

SSC是不适用:我没有可用于此隔离构建环境的SSC,因此SSC API或相关解决方案不适用于此问题。

已审查的有关StackOverflow的相关问题(到目前为止):

1 个答案:

答案 0 :(得分:0)

这似乎可以回答您的第一个问题:

window.addEventListener('scroll', function(e){
    if (this.pageYOffset > 855) {
        header_a.style.transform = 'translateY(-81px)';
        header_b.style.transform = 'translateY(-81px)';
    } else {
        header_a.style.transform = 'translateY(0)';
        header_b.style.transform = 'translateY(0)';
    }
});

这会产生格式较差的输出,但会让您入门:

$xml = [xml]Get-Content Project1.xml
Foreach ($status in @("Critical", "High", "Medium", "Low"))
{
    $node = $xml.SelectNodes("//GroupingSection[groupTitle=""$status""]").Item(0)
    Write-Host $node.groupTitle, ",", $node.count;
}
相关问题
最新问题