Skip to content

Commit e6bb261

Browse files
hazcodhazcod
authored
Merge pull request #62 from hazcod/feat/warnings
feat: add new warnings for hosts missing in MDM and/or EDR
2 parents 127b835 + 79d872e commit e6bb261

File tree

6 files changed

+389
-30
lines changed

6 files changed

+389
-30
lines changed

cmd/main.go

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -53,16 +53,25 @@ func main() {
5353

5454
// ---
5555

56-
falconMessages, usersWithSensors, err := falcon.GetMessages(config, ctx)
56+
falconMessages, usersWithSensors, securityErrors, err := falcon.GetMessages(config, ctx)
5757
if err != nil {
5858
logrus.WithError(err).Fatal("could not get falcon messages")
5959
}
6060

61-
ws1Messages, usersWithDevices, err := ws1.GetMessages(config, ctx)
61+
ws1Messages, usersWithDevices, mdmSecurityErrors, err := ws1.GetMessages(config, ctx)
6262
if err != nil {
6363
logrus.WithError(err).Fatal("could not get WS1 messages")
6464
}
6565

66+
securityErrors = append(securityErrors, mdmSecurityErrors...)
67+
if len(securityErrors) > 0 {
68+
for _, secError := range securityErrors {
69+
logrus.WithField("module", "falcon").Warn(secError.Error())
70+
}
71+
}
72+
73+
usersWithMDMOrEDR := append(usersWithDevices, usersWithSensors...)
74+
6675
// ---
6776

6877
slackClient := slack.New(config.Slack.Token)
@@ -94,7 +103,7 @@ func main() {
94103

95104
logrus.WithField("users", len(slackUsers)).Info("found Slack users")
96105

97-
var errorsToReport []error
106+
errorsToReport := securityErrors
98107

99108
for _, slackUser := range slackUsers {
100109
userEmail := strings.ToLower(slackUser.Profile.Email)
@@ -114,7 +123,7 @@ func main() {
114123

115124
// check if every slack user has a device in MDM
116125
hasDevice := false
117-
for _, userWDevice := range usersWithDevices {
126+
for _, userWDevice := range usersWithMDMOrEDR {
118127
if strings.EqualFold(userWDevice, userEmail) {
119128
hasDevice = true
120129
break

go.mod

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -3,21 +3,23 @@ module github.com/hazcod/crowdstrike-spotlight-slacker
33
go 1.16
44

55
require (
6-
github.com/crowdstrike/gofalcon v0.2.22
7-
github.com/go-openapi/analysis v0.21.3 // indirect
8-
github.com/go-openapi/spec v0.20.6 // indirect
6+
github.com/crowdstrike/gofalcon v0.2.26
7+
github.com/go-openapi/loads v0.21.2 // indirect
8+
github.com/go-openapi/spec v0.20.7 // indirect
9+
github.com/go-openapi/swag v0.22.3 // indirect
910
github.com/golang/protobuf v1.5.2 // indirect
1011
github.com/gorilla/websocket v1.5.0 // indirect
1112
github.com/kelseyhightower/envconfig v1.4.0
1213
github.com/mitchellh/mapstructure v1.5.0 // indirect
1314
github.com/pkg/errors v0.9.1
14-
github.com/sirupsen/logrus v1.8.1
15-
github.com/slack-go/slack v0.10.3
16-
go.mongodb.org/mongo-driver v1.9.1 // indirect
17-
golang.org/x/net v0.0.0-20220526153639-5463443f8c37 // indirect
18-
golang.org/x/oauth2 v0.0.0-20220524215830-622c5d57e401 // indirect
15+
github.com/sirupsen/logrus v1.9.0
16+
github.com/slack-go/slack v0.11.3
17+
go.mongodb.org/mongo-driver v1.10.2 // indirect
18+
golang.org/x/net v0.0.0-20220909164309-bea034e7d591 // indirect
19+
golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1
20+
golang.org/x/sys v0.0.0-20220913175220-63ea55921009 // indirect
1921
google.golang.org/appengine v1.6.7 // indirect
20-
google.golang.org/protobuf v1.28.0 // indirect
22+
google.golang.org/protobuf v1.28.1 // indirect
2123
gopkg.in/errgo.v2 v2.1.0
22-
gopkg.in/yaml.v3 v3.0.0
24+
gopkg.in/yaml.v3 v3.0.1
2325
)

0 commit comments

Comments
 (0)