WS Bulk Report Generator
Project description
Mend Bulk Report Generator
CLI Tool to generate reports on multiple products or projects.
- The tool allows including and excluding scopes by stating their tokens.
- Report scope (
-s, --ReportScope
) determines whether reports run on projects or products. - If included scopes (via
-i, --includedTokens
) are not specified, the tool runs reports on all scopes. - Report data exported by default in binary format (i.e., Excel or PDF) or JSON.
- Recommended using -o parameter for specifying output-dir. Otherwise, the output stored in the running dir (which is pip install cmd work with, and it depends on your OS)
Supported Operating Systems
- Linux (Bash): CentOS, Debian, Ubuntu, RedHat
- Windows (PowerShell): 10, 2012, 2016
Prerequisites
- Python 3.6+
Installation and Execution by pulling package from PyPi:
- Execute
pip install ws-bulk-report-generator
- Run report:
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -r <REPORT_NAME> -o <OUTPUT_PATH>
- Note: If installing packages as a non-root user, insure to include the path to the executables within the Operating System paths.
Examples:
Generate Due Diligence Reports (file per product) on all products within an organization in JSON format:
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r due_diligence -t json
Generate Due Diligence Reports (file per project) on all projects within an organization in JSON format:
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -s project -r due_diligence -t json
Generate Risk Reports (PDF format) on all products (file per product) within an organization:
ws_bulk_report_generator -a app-eu -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r risk
Search for log4j 3 recent vulnerabilities in the entire organization and get output in a single unified JSON:
ws_bulk_report_generator -a di.whitesourcesoftware.com -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r vulnerability -t unified_json -x vulnerability_names="CVE-2021-45046,CVE-2021-44228,CVE-2021-4104"
- Note: The output produces only if the specified CVEs were discovered.
Generate Inventory report filtered by 'libwebp-dev_0.6.1-2_amd64.deb' and get a unified JSON for the entire organization:
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r inventory -t unified_json -x lib_name=libwebp-dev_0.6.1-2_amd64.deb
Generate Security Alerts report and get a unified JSON for all organizations within a Global organization (Note: user must be defined in each organization):
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r inventory -t unified_json -y globalOrganization
Generate Vulnerability report and get a unified Excel report on 2 specific products in the organization (-s project means the API calls run on the project level behind the scenes, used when timeouts in the API response):
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r vulnerability -t unified_xlsx -i "<PRODCUCT_TOKEN_1> , <PRODCUCT_TOKEN_2> -s project"
NEW! USING ASYNCHRONOUS API for large organizations.
Supported reports:inventory
,vulnerability
,alerts
,plugin request history
The TIMEOUT is 6 minutes, meaning it's checking for the report status READY for 6 min before moving to the next one. If it's not ready in 6 minutes, the tool logs the reportStatusId for manually checking the status (and downloading), and moves along. The timeout will be configurable in the following releases.
Generate Vulnerability report using asynchronous API calls in Excel format:
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r vulnerability -t binary -c True
Search for log4j 3 recent vulnerabilities in the entire organization using asynchronous API call and get output per each Product in JSON format:
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r vulnerability -t json -x vulnerability_names="CVE-2021-45046,CVE-2021-44228,CVE-2021-4104" -c True
- Note: The output produces only if the specified CVEs were discovered.
Generate Security Alerts report using asynchronous API calls in Excel format:
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r alerts -t binary -c True
Generate Plugin Request history report using asynchronous API calls in Excel format (unlimited results):
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r request_history -t binary -c True -x plugin=True
Generate Inventory report using asynchronous API calls in Excel format:
ws_bulk_report_generator -u <USER_KEY> -k <ORG_TOKEN> -o <OUTPUT_PATH> -r inventory -t binary -c True
Full Usage:
usage: ws_bulk_report_generator [-h] -u WS_USER_KEY -k WS_TOKEN [-y {organization,globalOrganization}] -r
{alerts,ignored_alerts,resolved_alerts,inventory,lib_dependencies,vulnerability,container_vulnerability,source_files,source_file_inventory,in_house_libraries,in_house,risk,library_location,license_compatibility,due_diligence,attributes,attribution,effective_licenses,bugs,request_history(-x plugin=true)}
[-t {unified_json,unified_xlsx,binary,json}] [-s {project,product}] [-a WS_URL] [-o DIR] [-x EXTRA_REPORT_ARGS] [-i INC_TOKENS] [-e EXC_TOKENS] [-c {True,False}]
Mend Bulk Reports Generator
optional arguments:
-h, --help show this help message and exit
-u WS_USER_KEY, --userKey WS_USER_KEY
WS User Key
-k WS_TOKEN, --token WS_TOKEN
WS Token
-y {organization,globalOrganization}, --token_type
WS Token Type
-r {alerts,ignored_alerts,resolved_alerts,inventory,lib_dependencies,vulnerability,container_vulnerability,source_files,source_file_inventory,in_house_libraries,in_house,risk,library_location,license_compatibility,due_diligence,at
tributes,attribution,effective_licenses,bugs,request_history}, --report
Report Type to produce
-t {unified_json,unified_xlsx,binary(i.e., Excel or PDF),json}, --outputType
Type of output
-s {project,product}, --ReportScope
Scope of report
-a WS_URL, --wsUrl WS_URL
WS URL
-o DIR, --reportDir DIR
Report Dir
-x EXTRA_REPORT_ARGS, --extraReportArguments EXTRA_REPORT_ARGS
Extra arguments (key=value) to pass the report
-i INC_TOKENS, --includedTokens INC_TOKENS
Included token (Default: All)
-e EXC_TOKENS, --excludedTokens EXC_TOKENS
Excluded token (Default: None)
-c ASYNCR, --asynchronousCalls ASYNCR
Asynchronous API (Default: False)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
File details
Details for the file ws_bulk_report_generator-24.1.1-py3-none-any.whl
.
File metadata
- Download URL: ws_bulk_report_generator-24.1.1-py3-none-any.whl
- Upload date:
- Size: 13.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.7
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | da8d632c9f6cb3adf093eea13c808b0f98eb03730788867eca39b11b8ed6ace6 |
|
MD5 | a139b1e2644ebb789ecfea156df74b7e |
|
BLAKE2b-256 | 0d38de9c4800c3e8ac275d16b7cf90c17523daa3e57079d5c56e4caf8016fcfb |