Upload Multiple Test Case files - Import Multiple Logs
paraknell opened this issue · comments
Describe the Feature Request
I am attempting to run RedCanary's Atomic RedTeam Tests (ART) and output them to ATTiRE format and import them into Vectr for further analysis and collaboration. The upload option requires that each file be uploaded individually, if you run the suggested method in a foreach loop this can output quite a lot of files.
To Reproduce
Based on the instructions in this Repository:
https://github.com/redcanaryco/invoke-atomicredteam/wiki/Execute-Atomic-Tests-(Local)
I run the suggested foreach loop:
$techniques = gci C:\AtomicRedTeam\atomics\* -Recurse -Include T*.yaml | Get-AtomicTechnique
foreach ($technique in $techniques) {
foreach ($atomic in $technique.atomic_tests) {
if ($atomic.supported_platforms.contains("windows") -and ($atomic.executor -ne "manual")) {
# Get Prereqs for test
Invoke-AtomicTest $technique.attack_technique -TestGuids $atomic.auto_generated_guid -GetPrereqs
# Invoke
Invoke-AtomicTest $technique.attack_technique -TestGuids $atomic.auto_generated_guid
# Sleep then cleanup
Start-Sleep 3
Invoke-AtomicTest $technique.attack_technique -TestGuids $atomic.auto_generated_guid -Cleanup
}
}
}
Based on the GUI interface:
It looks like multiple file uploads are possible, but when you click/drag files it only allows one at a time.
Steps to reproduce the behavior:
- Go to 'Campaign Dashboard'
- Click on 'Assessment Actions'
- Scroll down to 'Import Log'
- Click on 'Drag & Drop your files or browse'
- Attempt to upload more than one file.
Expected behavior
I expect to be able to import multiple files directly into the assessment based on the text inside the upload function.
Desktop (please complete the following information):
- OS:
Windows 10runningdocker compose upondocker 4.18.0 - Browser:
Firefox 112 - Vectr Version:
8.8.0-ce(latest release)
Additional context
n/a
This would be a large enhancement given the current functionality. Noted for future consideration.
I have written a quick script to merge multiple logs into 1 file for easier upload. This merges the procedures of all files in a directory and will take a predefined execution-data values for all procedures. For more information see the README.
https://github.com/Retrospected/attire-merger
Importing these logs via an API would be very useful as well for automated test environments.
I have written a quick script to merge multiple logs into 1 file for easier upload. This merges the procedures of all files in a directory and will take a predefined
execution-datavalues for all procedures. For more information see the README.https://github.com/Retrospected/attire-merger
Importing these logs via an API would be very useful as well for automated test environments.
Awesome, thanks for publishing and sharing this! We do plan on allowing ingestion of these logs via API. There are some technical limitations regarding how this log data was stored that we're reworking as part of major backend changes we're addressing now. We expect to expose this functionality via the API sometime soon after that's completed.
take a predefined execution-data values for all procedures
It'll be better if we can record/write multiple <execution-data, procedures[]> items in one AttireLog.json file, but it has to change the attire schema to support this need.
Like,
{
"$schema": "http://json-schema.org/draft-07/schema",
...
"required": [
"test-cases"
],
"properties": {
"test-cases": {
"type": "array",
"properties": {
"execution-data": {
"$id": "#/properties/execution-data",
"type": "object",
...
},
"procedures": {
"$id": "#/properties/procedures",
"type": "array",
...
},
...
}
...
}
}
}
how do you run the command for the attire-merger.py?
is it run like below?
python attire-merger.py -json /input/*json
how do you run the command for the attire-merger.py? is it run like below? python attire-merger.py -json /input/*json
If you want to ask questions about the python project you should open an issue there.
https://github.com/Retrospected/attire-merger
This issue is for the feature request at hand.