Skip to content

Risk meter average scores for time period script #242

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lonyejiaka merged 2 commits into from
Apr 21, 2025
Merged

Risk meter average scores for time period script #242

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
520806b
Create README.md
lonyejiaka Apr 21, 2025
8f379f1
Script upload
lonyejiaka Apr 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 55 additions & 0 deletions Average risk meter scores for period/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
# Average Risk Meter scores for Time Period

This script queries the Cisco VM API, and for the provided risk meter ID, retrieves the historical risk meter scores for a time period and calculates the average risk meter score for that time period.

## Usage Instructions
Use the --help or -h argument to view the help page below.

```
Usage: risk_meter_average.rb -t YOUR_API_TOKEN -i ASSET_GROUP_ID [options]
-t, --token=TOKEN Mandatory argument. API token for the account making API calls
-i, --id=ID Mandatory argument. Asset group ID for querying risk meter scores
-b, --base_url=URL Optional argument. Custom base URL (e.g., api.kennasecurity.com)
-s, --start_date=DATE Optional argument. Custom start date (YYYY-MM-DD)
-e, --end_date=DATE Optional argument. Custom end date (YYYY-MM-DD)
```

The `-t`, `--token` and `-i`, `--id` arguments are mandatory for running the script. By default, the script calculates the average risk meter score for the specified risk meter for the last 7 days, however, you can also provide a start and an end date for the calculation. The API endpoint defaults to 'api.kennasecurity.com' but you can provide your applicable base API URL using the '-b' parameter.


### Sample output
**Running the script without optional parameters **
```
ruby risk_meter_average.rb -t YOUR_API_TOKEN -i ASSET_GROUP_ID

# Output:
Average risk meter score for the period YYYY-MM-DD to YYYY-MM-DD: SCORE

```

**Running the script with a custom base URL and custom date range **
```
ruby risk_meter_average.rb -t YOUR_API_TOKEN -i ASSET_GROUP_ID -b api.customurl.com -s 2025-04-02 -e 2025-04-09

# Output:
Average risk meter score for the period 2025-04-02 to 2025-04-09: SCORE

```

**Running the script for a risk meter with no results in the time-frame **
```
# Output:
Risk meter does not have any results for the specified date range YYYY-MM-DD to YYYY-MM-DD.

```


## Dependencies
### language
- ruby

### gems/classes
- json
- rest-client
- optparse
- date
68 changes: 68 additions & 0 deletions Average risk meter scores for period/risk_meter_average.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
require 'json'
require 'rest-client'
require 'optparse'
require 'date'

# Initialize parser for API token, asset group ID, custom base URL, and date range
options = {}
parser = OptionParser.new do |parser|
parser.banner = "\nUsage: risk_meter_average.rb -t YOUR_API_TOKEN -i ASSET_GROUP_ID [options]"
parser.on('-t', '--token=TOKEN', 'Mandatory argument. API token for the account making API calls') do |t|
options[:token] = t
end
parser.on('-i', '--id=ID', 'Mandatory argument. Asset group ID for querying risk meter scores') do |i|
options[:id] = i
end
parser.on('-b', '--base_url=URL', 'Optional argument. Custom base URL (defaults to api.kennasecurity.com)') do |b|
options[:base_url] = b
end
parser.on('-s', '--start_date=DATE', 'Optional argument. Custom start date (YYYY-MM-DD)') do |s|
options[:start_date] = Date.parse(s) rescue nil
end
parser.on('-e', '--end_date=DATE', 'Optional argument. Custom end date (YYYY-MM-DD)') do |e|
options[:end_date] = Date.parse(e) rescue nil
end
end

begin
parser.parse!
rescue OptionParser::ParseError => e
puts e.message
abort(parser.help)
end

if options[:token].nil? || options[:id].nil?
puts "Missing token or asset group ID!"
abort(parser.help)
end

# Default to last 7 days if no date is provided
end_date = options[:end_date] || Date.today
start_date = options[:start_date] || (end_date - 7)

# Construct full API endpoint from base URL
base_url = options[:base_url] || "api.kennasecurity.com"
api_endpoint = "https://#{base_url}/asset_groups/#{options[:id]}/report_query/historical_risk_meter_scores?start_date=#{start_date}&end_date=#{end_date}"
headers = { 'content-type' => 'application/json', 'X-Risk-Token' => options[:token] }

begin
# Make the API request
response = RestClient::Request.execute(
method: :get,
url: api_endpoint,
headers: headers
)
data = JSON.parse(response.body)

# Check if risk_meter_scores is empty
risk_scores = data['risk_meter_scores'].values
if risk_scores.empty?
puts "Risk meter does not have any results for the specified date range #{start_date} to #{end_date}."
else
# Calculate average risk meter score for the specified date range
average_score = risk_scores.sum.to_f / risk_scores.size
puts "Average risk meter score for the period #{start_date} to #{end_date}: #{average_score.round(2)}"
end
rescue RestClient::Exception => e
puts "An error occurred: #{e.message}"
end