RE: Report Template sharing -- XSL by Vuln

To:	nessus@list.nessus.org
Subject:	RE: Report Template sharing -- XSL by Vuln
From:	Mike.Vasquez@cityofmesa.org
Date:	Thu, 17 May 2007 12:47:52 -0700
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	nessus-list1@securepoint.com
Delivered-to:	nessus@list.nessus.org
In-reply-to:	<169658C0C845EC438759DB8B8BC706540A0D8ED9@NOC-EXCH1.24hourfit.com>
List-archive:	<http://mail.nessus.org/pipermail/nessus>
List-help:	<mailto:nessus-request@list.nessus.org?subject=help>
List-id:	Discussion of Nessus software <nessus.list.nessus.org>
List-post:	<mailto:nessus@list.nessus.org>
List-subscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=subscribe>
List-unsubscribe:	<http://mail.nessus.org/mailman/listinfo/nessus>, <mailto:nessus-request@list.nessus.org?subject=unsubscribe>
Sender:	nessus-bounces@list.nessus.org

Here's the corresponding template that I modified, that shows the "higher level" issues, by vulnerability, as opposed to by host.

It strips out the alert IDs that have no Hole/Info level warnings at the top, and just shows you the "meat".

1st pair of changes: Strips out the unused IDs at the top of the report
2nd pair of changes: Filters out the note level issues from the report body.

Brief how-to:
There are 3 classifications: INFO, HOLE, and NOTE, shown in the XML.
"<xsl:if >" checks for the condition, and if "test" is true, does the tasks/formatting, etc, until </xsl:if>

I used: <xsl:if test = "(level='INFO') or (level='HOLE')">
which checks for the level (a variable in the XML file) being equal to either "INFO" or "HOLE". I could have restricted the report to just the highest level of issues by removing the "INFO line, and leaving "hole", as follows: <xsl:if test = "level='HOLE'">
The parens () are included because of the "OR" statement. Position/syntax matter. (i.e. ("level='INFO'") or ("level='HOLE'") failed when I tried, as I recall)

<xsl:if> needs to go after the <xsl:for-each> -- and if a <xsl:sort select> is present, after that as well.

The XML is below: cut,paste, (and remove the added >>>), and save. :-)

<?xml version='1.0' encoding='utf-8' ?>

<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
<xsl:import href="">
<xsl:output method="html" indent="yes"/>

<xsl:key name="report" match="host/*/alert" use="id"/>

<xsl:template match="/">
<xsl:apply-templates/>
</xsl:template>

<xsl:template name="_report_summary">
<tr>
<td width="100%" class="border">
<div class="summary_text">
<xsl:for-each select="host/*/alert[generate-id(.)=generate-id(key('report',id))]">
<xsl:sort select="id" order="ascending"/>
>>> <xsl:if test = "(level='INFO') or (level='HOLE')">
<a>
<xsl:attribute name="href"><![CDATA[#]]><xsl:value-of select="id"/></xsl:attribute>
<xsl:value-of select="id"/>
</a>


<xsl:text> </xsl:text>
>>> </xsl:if>
</xsl:for-each>
</div>
</td>
</tr>
</xsl:template>

<xsl:template match="results">

<xsl:call-template name="report_html_head"/>

<body>
<table width="100%" cellspacing="0" cellpadding="0">
<tr>
<td align="center" colspan="2" width="100%">
<table width="90%" height="100%" cellspacing="0" align="center">

<xsl:call-template name="report_header"/>
<xsl:call-template name="report_time"/>
<tr><td height="40"></td></tr>
<xsl:call-template name="report_target"/>
<xsl:call-template name="report_error"/>
<xsl:call-template name="_report_summary"/>
<tr><td height="40"></td></tr>

</table>
</td>
</tr>
</table>


<xsl:for-each select="host/*/alert[generate-id(.)=generate-id(key('report',id))]">
<xsl:sort select="id" order="ascending"/>
<xsl:if test = "(level='INFO') or (level='HOLE')">
<table width="90%" align="center">

<xsl:call-template name="report_sub_header">
<xsl:with-param name="mode" select="'view_by_id'"/>
</xsl:call-template>


<xsl:for-each select="key('report',id)">
<xsl:sort select="id"/>
<xsl:for-each select=".">
>>> <xsl:if test = "(level='INFO') or (level='HOLE')">
<tr>
<td width="100%">
<table width="100%" cellspacing="0" cellpadding="0">

<tr>
<xsl:call-template name="report_showhostport">
<xsl:with-param name="showhost" select="'yes'"/>
<xsl:with-param name="showport" select="'yes'"/>
</xsl:call-template>

<td class="left_open_border" height="100%">
<table width="100%" height="100%" cellspacing="0" cellpadding="0">

<xsl:call-template name="report_showalert">
<xsl:with-param name="donot_print_id" select="'yes'"/>
</xsl:call-template>

</table>
</td>
</tr>

</table>
</td>
</tr>
<tr><td height="5"></td></tr>
>>> </xsl:if>
</xsl:for-each>
</xsl:for-each>

</table>


<table width="100%"><tr><td align="right" height="40"></td></tr></table>
</xsl:if>
</xsl:for-each>

<xsl:call-template name="report_footer"/>

</body>
</xsl:template>

</xsl:stylesheet>

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

<Prev in Thread]	Current Thread	[Next in Thread>
Problem running local security checks, Jon Macfarlane Re: Problem running local security checks, Renaud Deraison Report Template sharing --, Mike . Vasquez Re: Report Template sharing --, Mike . Vasquez RE: Report Template sharing --, John Scherff RE: Report Template sharing -- XSL by Vuln, Mike . Vasquez <=

Previous by Date:	Re: Nessus 3 windows : brute force missing, George A. Theall
Next by Date:	RE: picking a plugin for a particular CVE?, John Scherff
Previous by Thread:	RE: Report Template sharing --, John Scherff
Next by Thread:	64-bit version, jfvanmeter
Indexes:	[Date] [Thread] [Top] [All Lists]