cmcdevitt · December 12, 2023 17:19
diff --git a/insert_vit_record.js b/insert_vit_record.js
 /*
 OnBefore Transform Script to support a Transform Map. (I.E. Fields that need to be transformed before insert)

 Use Case
 1. Using the ServiceNow Table API insert a "vulnerability finding" into a custom table extened from "Import Set Row"
 2. Automaticaly Run the Tranfrom Map on each insert of a record/row and insert the data on the vulnerable item table

 Note: This is intended for low volume inserts into the VIT table
 */
 (function runTransformScript(source, map, log, target /*undefined onStart*/ ) {

        var util = new sn_vul.PentestUtils();

        //-- Test for manadatory fields --
        var missing = '';
        var mandatory = util.checkMandatoryFields(source, action);
        if (mandatory.pass) {
            //passed
        } else {
            //Some of the manadatory fields are empty
            error = true;
            var objKeys = Object.keys(mandatory);
            for (i = 0; i < objKeys.length; i++) {
                if (objKeys[i] != 'pass') {
                    missing = missing + ' ' + objKeys[i];
                }
            }
            error_message = "Based on External ID " + source.u_external_id + ' these fields are missing: ' + missing;
        }

        //Test IP Address: If and IP Address field has data, make sure it is an IP Address
        var ip_address = source.u_ip_address.toString();
        if (ip_address.length > 1) {

            if (util.validIPv4(ip_address)) {
                //gs.info("***CM valid IP address: " + ip_address);
            } else {
                //gs.info("***CM invalid IP address: " + ip_address);
                error = true;
                error_message = 'The incomming IP Address is not valid: ' + ip_address;
            }

        }
        //Need to pass to getCiRef(which field(s) to consider?)


        //Get Vulnerability, CI, and Discovered Item
        var ciMatch = '';
        target.vulnerability = util.getCveRef(source.u_cve, source.u_source);
        ciMatch = util.getCiRef(source);
        target.cmdb_ci = ciMatch.sys_id;
        target.src_ci = ciMatch.disc_item_id;


        //Build and set Description
        var des = '';
        des = "Vulnerability Name: " + source.u_vulnerability_name + ' \n';
        des = des + "Vulnerability: " + source.u_cve + ' \n';
        des = des + "Vulnerability Type: " + source.u_vulnerability_type + ' \n';
        des = des + "Compliance Type: " + source.u_compliance_type + ' \n';
        des = des + "CVSS Score: " + source.u_cvss_score + ' \n';
        des = des + "Reported Severity: " + source.u_severity + ' \n';
        des = des + "Country: " + source.u_country + ' \n';
        des = des + "Short Description: " + source.u_short_description + ' \n';
        des = des + "Evidence: " + source.u_evidence + ' \n';
        des = des + "Recommended Fix: " + source.u_recommended_fix + ' \n';
        des = des + "Contact: " + source.u_contact + ' \n';
        des = des + "IP Address: " + source.u_ip_address + ' \n';

        target.description = des;


        //Test and Set Dates
        var detection_time = source.u_detection_time;
        var resolved_time = source.u_resolved_time.toString();
        var due_date = source.u_due_date;

        if (util.checkDateFormat(detection_time)) {
            target.first_found = detection_time;
        }

        if (util.checkDateFormat(resolved_time)) {
            target.closed_at = new GlideDateTime(resolved_time + ' 12:00:01');
        }

        //Due Date
        if (util.checkDateFormat(due_date)) {
            target.ttr_target_date = new GlideDateTime(due_date + ' 12:00:01');
        }


        //Check incoming Vulnerability Status
        var source_status = source.u_status.toString();
        if (source_status.toLowerCase() == 'closed') { //If source status is closed and target state is not closed, close it
            //if (source_status.toLowerCase() == 'closed' && target.state != 3) { //If source status is closed and target state is not closed, close it
            target.state = 3;
        }

        if (target.state == 101 && source.u_status.toLowerCase() == 'open') { //Check to see if resolved item needs to be reopened
            var srcLastFound = new GlideDateTime(source.u_last_found);
            var tgtResolutionDate = new GlideDateTime(target.resolution_date);
            //gs.info("Stephen Seigler: srcLastFound= " + srcLastFound + " tgtResolutionDate=" + tgtResolutionDate);
            if (srcLastFound > tgtResolutionDate) { //If last found date is after the resolution date, reopen VIT
                //gs.info("Stephen Seigler: srcLastFound was found to be greater than tgtResolutionDate.");
                target.substate = 26;
                target.state = 1;
            }
        }

 		        if (target.state == 3 && source.u_status.toLowerCase() == 'open') { //Check to see if closed item needs to be reopened
            target.substate = 26;
            target.state = 1;
        }

 })(source, map, log, target);
	/*
	OnBefore Transform Script to support a Transform Map. (I.E. Fields that need to be transformed before insert)

	Use Case
	1. Using the ServiceNow Table API insert a "vulnerability finding" into a custom table extened from "Import Set Row"
	2. Automaticaly Run the Tranfrom Map on each insert of a record/row and insert the data on the vulnerable item table

	Note: This is intended for low volume inserts into the VIT table
	*/
	(function runTransformScript(source, map, log, target /undefined onStart/ ) {

	var util = new sn_vul.PentestUtils();

	//-- Test for manadatory fields --
	var missing = '';
	var mandatory = util.checkMandatoryFields(source, action);
	if (mandatory.pass) {
	//passed
	} else {
	//Some of the manadatory fields are empty
	error = true;
	var objKeys = Object.keys(mandatory);
	for (i = 0; i < objKeys.length; i++) {
	if (objKeys[i] != 'pass') {
	missing = missing + ' ' + objKeys[i];
	}
	}
	error_message = "Based on External ID " + source.u_external_id + ' these fields are missing: ' + missing;
	}

	//Test IP Address: If and IP Address field has data, make sure it is an IP Address
	var ip_address = source.u_ip_address.toString();
	if (ip_address.length > 1) {

	if (util.validIPv4(ip_address)) {
	//gs.info("***CM valid IP address: " + ip_address);
	} else {
	//gs.info("***CM invalid IP address: " + ip_address);
	error = true;
	error_message = 'The incomming IP Address is not valid: ' + ip_address;
	}

	}
	//Need to pass to getCiRef(which field(s) to consider?)


	//Get Vulnerability, CI, and Discovered Item
	var ciMatch = '';
	target.vulnerability = util.getCveRef(source.u_cve, source.u_source);
	ciMatch = util.getCiRef(source);
	target.cmdb_ci = ciMatch.sys_id;
	target.src_ci = ciMatch.disc_item_id;


	//Build and set Description
	var des = '';
	des = "Vulnerability Name: " + source.u_vulnerability_name + ' \n';
	des = des + "Vulnerability: " + source.u_cve + ' \n';
	des = des + "Vulnerability Type: " + source.u_vulnerability_type + ' \n';
	des = des + "Compliance Type: " + source.u_compliance_type + ' \n';
	des = des + "CVSS Score: " + source.u_cvss_score + ' \n';
	des = des + "Reported Severity: " + source.u_severity + ' \n';
	des = des + "Country: " + source.u_country + ' \n';
	des = des + "Short Description: " + source.u_short_description + ' \n';
	des = des + "Evidence: " + source.u_evidence + ' \n';
	des = des + "Recommended Fix: " + source.u_recommended_fix + ' \n';
	des = des + "Contact: " + source.u_contact + ' \n';
	des = des + "IP Address: " + source.u_ip_address + ' \n';

	target.description = des;


	//Test and Set Dates
	var detection_time = source.u_detection_time;
	var resolved_time = source.u_resolved_time.toString();
	var due_date = source.u_due_date;

	if (util.checkDateFormat(detection_time)) {
	target.first_found = detection_time;
	}

	if (util.checkDateFormat(resolved_time)) {
	target.closed_at = new GlideDateTime(resolved_time + ' 12:00:01');
	}

	//Due Date
	if (util.checkDateFormat(due_date)) {
	target.ttr_target_date = new GlideDateTime(due_date + ' 12:00:01');
	}


	//Check incoming Vulnerability Status
	var source_status = source.u_status.toString();
	if (source_status.toLowerCase() == 'closed') { //If source status is closed and target state is not closed, close it
	//if (source_status.toLowerCase() == 'closed' && target.state != 3) { //If source status is closed and target state is not closed, close it
	target.state = 3;
	}

	if (target.state == 101 && source.u_status.toLowerCase() == 'open') { //Check to see if resolved item needs to be reopened
	var srcLastFound = new GlideDateTime(source.u_last_found);
	var tgtResolutionDate = new GlideDateTime(target.resolution_date);
	//gs.info("Stephen Seigler: srcLastFound= " + srcLastFound + " tgtResolutionDate=" + tgtResolutionDate);
	if (srcLastFound > tgtResolutionDate) { //If last found date is after the resolution date, reopen VIT
	//gs.info("Stephen Seigler: srcLastFound was found to be greater than tgtResolutionDate.");
	target.substate = 26;
	target.state = 1;
	}
	}

	if (target.state == 3 && source.u_status.toLowerCase() == 'open') { //Check to see if closed item needs to be reopened
	target.substate = 26;
	target.state = 1;
	}

	})(source, map, log, target);