Version 2.4

- Changed Imperva authorization to use header method. - Added limitation to number of parallel requests to origin servers to accommodate for limit of open sockets. - Added periodic â��Retrieving dataâ�� notification to users so they will know the tool is still working. - Added more granular error message.
imperva · Jun 24, 2021 · f3d3abf · f3d3abf
1 parent a5f0264
commit f3d3abf
Show file tree

Hide file tree

Showing 6 changed files with 36 additions and 21 deletions.
diff --git a/checkOriginReached.js b/checkOriginReached.js
@@ -23,10 +23,18 @@ function getOriginServerInfo(originData, originDataOutpt, informCaller)
 	if(printDebugInfo)
 		console.time("Check Origin Servers - total time");
 
+    var numRequests = 0;
 
-	async.forEach(originData, function(site, cb){
-		checkOriginServer(site.subAccountId, site.siteId, site.Name, site.serverName, site.Protocol, site.portNum, originDataOutpt, cb);
-	}, function(err){
+    //Limit number of parallel requests as there is a limit in the Operating system
+    async.forEachLimit(originData, settings.originServerReqSize ,function(site, cb){    
+		  checkOriginServer(site.subAccountId, site.siteId, site.Name, site.serverName, site.Protocol, site.portNum, originDataOutpt, cb);
+
+      //Let user know it is still working
+      if (numRequests % settings.originServerReqSize == 0)
+        console.log("Retrieving data...");
+      numRequests++;
+
+    }, function(err){
 		if (err){
 			//deal with the error
 			console.log("error in checking sites")

diff --git a/getAccountSub.js b/getAccountSub.js
@@ -1,6 +1,7 @@
 var request = require('request-promise');
 var querystring = require('querystring');
 var async = require('async');
+var util = require('util');
 var settings = require('./settings.js');
 
 function getAccountSubInfoList(commonPostData, accountList, accountSubInfoOutput, informCaller)
@@ -28,8 +29,6 @@ function getAccountSubInfoList(commonPostData, accountList, accountSubInfoOutput
 function getAccountSubInfo(commonPostData, accountId, accountSubInfoOutput, informCaller)
 {
 	var postData = {};
-	postData.api_id = commonPostData.api_id;
-	postData.api_key = commonPostData.api_key;
 	postData.account_id = accountId;
 
 // form data
@@ -46,19 +45,22 @@ function getAccountSubInfo(commonPostData, accountId, accountSubInfoOutput, info
 		path: '/api/prov/v1/accounts/subscription',
 		headers: {
 			'Content-Type': 'application/x-www-form-urlencoded',
+            'x-API-Id': commonPostData.api_id,  //Imperva Authorization
+            'x-API-Key': commonPostData.api_key, //Imperva Authorization
 			'Content-Length': postData.length
 		},
 	}
-
 	request(options)
 	.then(function (response) {
 		var isWebVolDDosPurchased = false;
 		var isAttackAnalyticsPurchased = false;
 		var jResponse = JSON.parse(response);
 		if (jResponse.res != 0)
         {
-          console.log("Error retreiving information - " + jResult.res_message);
-          return;
+		  console.log("Error retreiving information");
+		  console.log(util.inspect(jResponse, {depth: null}));
+		  return;
+
         }
 
 		// Get Volumetric DDoS purchase status

diff --git a/getAttackAnalyticsInfo.js b/getAttackAnalyticsInfo.js
@@ -30,8 +30,7 @@ function getAAInfoList(timeNow, commonPostData, accountList, aASubAccountOutput,
 function getAaAccountInfo(timeNow, commonPostData, accountId, aAAccountOutput, informCaller)
 {
 	var dayInMs = 86400000;
-	var urlString = 'https://api.imperva.com/analytics/v1/incidents?caid=' + accountId +
-		'&api_key=' + commonPostData.api_key + '&api_id=' + commonPostData.api_id;
+	var urlString = 'https://api.imperva.com/analytics/v1/incidents?caid=' + accountId
 
 	if (settings.attackAnalyticsPeriodInDays != 0)
 		urlString += '&from_timestamp=' + (timeNow._created - (dayInMs * settings.attackAnalyticsPeriodInDays));
@@ -49,6 +48,8 @@ function getAaAccountInfo(timeNow, commonPostData, accountId, aAAccountOutput, i
 				},
 		path: '/api.imperva.com/analytics/v1/incidents',
 		headers: {
+            'x-API-Id': commonPostData.api_id, //Imperva Authorization 
+            'x-API-Key': commonPostData.api_key, //Imperva Authorization
 			'Content-Type': 'application/x-www-form-urlencoded'
 		},
 	}

diff --git a/package.json b/package.json
@@ -9,6 +9,7 @@
     "async": "^2.6.1",
     "node-datetime": "^2.0.6",
     "request": "^2.88.0",
-    "request-promise": "^4.2.2"
+    "request-promise": "^4.2.2",
+    "util": "^0.12.3"
   }
 }
diff --git a/settings.js b/settings.js
@@ -37,7 +37,7 @@ module.exports = Object.freeze({
 	//When origin servers are checked, if an http code is returned, it implies that the origin server was NOT reached - it is protected.
 	// For example, we are aware that in several cases, http code 403 implies that actual server can't be accessed.
 	originServerHttpProtectedCode: [
-	//	for example 403
+		//403
 	],
 
     /* These ports will be scanned in the origin server check. You can add/remove per your need. 
@@ -128,9 +128,9 @@ module.exports = Object.freeze({
 	originServerConnectionTimeout: 10000, //(In milliseconds)
 
 //Internal usage	
-	version: "2.3",
-	pageSize: 100
-
+	version: "2.4",
+	pageSize: 100, 
+    originServerReqSize: 50 //Used for number of parallel requests to origin servers (due to limit of operating system)
 });
 
 
diff --git a/spv.js b/spv.js
@@ -2,6 +2,7 @@ var https = require('https');
 var querystring = require('querystring');
 var fs = require('fs')
 var async = require('async');
+var util = require('util');
 var dateTime = require('node-datetime');
 var settings = require('./settings.js');
 
@@ -33,8 +34,8 @@ var genericPostData = {
 };
 
 /**/ 
- var appVersion = "2.3";
- var requiredSettingsVersion = 2.3;
+ var appVersion = "2.4";
+ var requiredSettingsVersion = 2.4;
 /**/
 
 //Colored html status
@@ -120,8 +121,6 @@ getAllData(genericPostData, accountId, 0);
 function getAllData(commonPostData, accountId, pageNum)
 {
   var postData = {};
-  postData.api_id = commonPostData.api_id;
-  postData.api_key = commonPostData.api_key;
   postData.page_num = pageNum;
   postData.account_id = accountId;
   postData.page_size = pageSize;
@@ -138,12 +137,15 @@ function getAllData(commonPostData, accountId, pageNum)
         path: '/api/prov/v1/sites/list',
         headers: {
           'Content-Type': 'application/x-www-form-urlencoded',
+          'x-API-Id': commonPostData.api_id, //Imperva Authorization
+          'x-API-Key': commonPostData.api_key, //Imperva Authorization
           'Content-Length': postData.length
         }
       };
-      
+
     var req = https.request(options, function (res) {
     var result = '';
+    console.log("Retrieving data...");
     res.on('data', function (chunk) {
         result += chunk;
     });
@@ -153,7 +155,8 @@ function getAllData(commonPostData, accountId, pageNum)
         var jResult = JSON.parse(result);
         if (jResult.res != 0)
         {
-          console.log("Error retreiving information - " + jResult.res_message);
+          console.log("Error retreiving information");
+          console.log(util.inspect(jResult, {depth: null}));
           return;
         }