Skip to content

Understanding benchmarks.py

Jump to bottom
Deepak Balaji edited this page Apr 4, 2020 · 3 revisions

This page explains what benchmarks.py does

To start off, this module is the heart of the tool and has the definitions of how to perform the control's test.

variables

  • log_file This is a global variable that contains the path to the folder where the log files are to be created. This is assigned whenever the test function is called and is used by the check function

  • benchmark_ These variables contain the following

    • recommendation number
    • Scored (1) [OR] Not Scored (0)
    • Server Profile -> Level 1 (1) [OR] Level 2 (2) [OR] N/A (0)
    • Workstation Profile -> Level 1 (1) [OR] Level 2 (2) [OR] N/A (0)
    • Control Explanation

functions

  • check This function performs the test by executing the command it receives as argument. It returns the test result. It also writes the result, execution start and end times in a log file named after the time stamp of when the function was called. To know more about logging, read this wiki.

  • _recommendation_number_distro These make up the bulk of the code in this script. This function performs the actual test. It calls the check function, passing the command as defined in the CIS Benchmark document. The result that was returned is checked against the requirements as laid out by the CIS Benchmark document. Based on the findings, the following is returned as a list called return_value

    • Message (less than 45 characters to prevent overflow in the report)
    • Result (PASS, FAIL [or] CHEK)
    • Explanation (description of what was done and the appropriate result)

  • test This function is called from SeBAz.py and performs the test as requested in the function call. The test is identified by it's recommendation number r and distro dist. The global variable log_file is assigned to log, so as to be accessed by check. The given recommendation is evaluated using eval, with the recommendation number enclosed with _ and suffixed with dist. In the return_value that is returned, the recommendation number is prefixed and the time taken to perform the test is suffixed. Then, this is converted into the second value of a 2-D list, with the first value being 2 if the test PASSED and is SCORED, 1 if the test PASSED and is NOT SCORED, and 0 if the test FAILED or needs to be CHECKED. If verbosity is True, then the corresponding print_ function is called with the recommendation number, message, result, and width argument, which uses HuePy to display colored text on the terminal.

  • print_ These functions print the recommendation number, message, and result on the terminal in the color as specified. len specifies how much space message can take on the terminal, so that the result would be right aligned to the end of the terminal

Clone this wiki locally