McaFee time format changes and version update (#896)

Author: ayushlimaye

Makefile

@@ -541,7 +541,7 @@ nxOMSGenerateInventoryMof:
 
 nxOMSPlugin:
 	rm -rf output/staging; \
-	VERSION="3.70"; \
+	VERSION="3.71"; \
 	PROVIDERS="nxOMSPlugin"; \
 	STAGINGDIR="output/staging/$@/DSCResources"; \
 	cat Providers/Modules/$@.psd1 | sed "s@<MODULE_VERSION>@$${VERSION}@" > intermediate/Modules/$@.psd1; \

Providers/Modules/Plugins/Antimalware/plugin/collectmcafeeinfo.rb

@@ -14,7 +14,7 @@ def self.findMcAfeePath()
         paths = ['/opt/McAfee/ens/tp/bin/mfetpcli','/opt/isec/ens/threatprevention/bin/isecav']   
         for path in paths 
             if File.file?(path)
-                @detectedPath = path
+				@detectedPath = path
                 detectioncmd = `#{path} --version 2>&1`.lines.map(&:chomp)
 				@mcafeeName = detectioncmd[0]
                 @mcafeeVersion = detectioncmd[1].split(" : ")[1]
@@ -25,22 +25,22 @@ def self.findMcAfeePath()
 
     def self.detect()  
         begin
-            findMcAfeePath()
+			findMcAfeePath()
             if !File.file?(@detectedPath)
-                return false
+				return false
             end                             
-            if ( @mcafeeName == nil || @mcafeeName != "McAfee Endpoint Security for Linux Threat Prevention")                   
-                return false
-            elsif ( @mcafeeVersion == nil || @mcafeeVersion.split(".")[0].to_i  < 10)                   
-                return false
+            if (@mcafeeName == nil)	
+				return false
+            elsif (@mcafeeVersion == nil || @mcafeeVersion.split(".")[0].to_i  < 10)                   
+            	return false
             end
             return true
-        rescue => e                
-            return false            
+        rescue => e
+			return false            
         end
     end
 
-	def self.getprotectionstatus()		 
+	def self.getprotectionstatus() 
 		ret = {}
 
 		mcafeeName = @mcafeeName
@@ -93,7 +93,7 @@ def self.getprotectionstatus()
 						else
 							quickscanarray = taskcmd[$i].split(" ")
 							quickscanStatus = 'NA'
-							quickscan, quickscanStatus = parseMcAfeeDateTime(quickscanarray , @mcafeeVersion)
+							quickscan, quickscanStatus = parseMcAfeeDateTime(taskcmd[$i], quickscanarray , @mcafeeVersion)
 							if quickscan == "NA"
 								protectionStatusDetailsArray.push("Fail to parse quickscan date: " + taskcmd[$i])
 							end
@@ -108,7 +108,7 @@ def self.getprotectionstatus()
 						else		
 							fullscanarray = taskcmd[$i].split(" ")
 							fullscanStatus = 'NA'
-							fullscan, fullscanStatus = parseMcAfeeDateTime(fullscanarray, @mcafeeVersion)						
+							fullscan, fullscanStatus = parseMcAfeeDateTime(taskcmd[$i], fullscanarray, @mcafeeVersion)						
 							if fullscan == "NA"
 								protectionStatusDetailsArray.push("Fail to parse fullscan date: " + taskcmd[$i])
 							end
@@ -122,7 +122,7 @@ def self.getprotectionstatus()
 						else
 							datengupdatearray = taskcmd[$i].split(" ")
 							datengupdateStatus = 'NA'
-							datengupdate, datengupdateStatus = parseMcAfeeDateTime(datengupdatearray, @mcafeeVersion)
+							datengupdate, datengupdateStatus = parseMcAfeeDateTime(taskcmd[$i], datengupdatearray, @mcafeeVersion)
 							if datengupdate == "NA"
 								protectionStatusDetailsArray.push("Fail to parse DAT Engine update date: " + taskcmd[$i])
 							end
@@ -249,11 +249,11 @@ def self.getprotectionstatus()
 		return ret
 	end
 
-	def self.parseMcAfeeDateTime(datearray , mcafeeVersion)
+	def self.parseMcAfeeDateTime(taskcmd, datearray , mcafeeVersion)
 		begin
 			mcafeeVersionSplit = mcafeeVersion.to_s.split(".")
 			if (mcafeeVersionSplit[1].to_i > 6) || (mcafeeVersionSplit[1].to_i == 6 && mcafeeVersionSplit[2].to_i >=6 )
-				return parseMcAfeeDateTimeForSixPointSixVersionAndNewer(datearray)
+				return parseMcAfeeDateTimeForSixPointSixVersionAndNewer(taskcmd, datearray)
 			else
 				return parseMcAfeeDateTimeSixPointFiveVersionAndOlder(datearray) 
 			end
@@ -285,14 +285,18 @@ def self.parseMcAfeeDateTimeSixPointFiveVersionAndOlder(datearray)
 		return scandate, scanstatus
 	end
 
-	def self.parseMcAfeeDateTimeForSixPointSixVersionAndNewer(datearray)		
-		$l = datearray.length
-		scandate = 'NA'
-		scanstatus = 'NA'
-		scandate = datearray[$l-6] + " " + datearray[$l-5] + " " + datearray[$l-4] + " " + datearray[$l-3] + " " + datearray[$l-2] + " " + datearray[$l-1]
-		scandate = Time.strptime(scandate, '%a %b %d %H:%M:%S %Y')
-		scandate.utc.strftime("%d/%m/%y %H:%M:%S %Z")
-		scanstatus = datearray[9]
-		return scandate, scanstatus
+	# function to handle version 10.6.6 and above for mcafee
+	def self.parseMcAfeeDateTimeForSixPointSixVersionAndNewer(taskcmd, datearray)
+		begin
+			$l = datearray.length
+			scandate = 'NA'
+			scanstatus = 'NA'
+			regularexpressionforscanstatus = /\b(Not Started|Running|Completed|Aborted)\b/
+			scandatestring = datearray[$l-6] + " " + datearray[$l-5] + " " + datearray[$l-4] + " " + datearray[$l-3] + " " + datearray[$l-2] + " " + datearray[$l-1]
+			scandateparsed = Time.parse(scandatestring)
+			scandateparsed.utc.strftime('%m/%d/%Y %H:%M:%S')
+			scanstatus = (regularexpressionforscanstatus.match(taskcmd))
+			return scandateparsed, scanstatus.to_s
+		end
 	end
 end

installbuilder/datafiles/Base_DSC.data

@@ -102,7 +102,7 @@ SHLIB_EXT: 'so'
 /opt/microsoft/omsconfig/module_packages/nxOMSContainers_1.0.zip; release/nxOMSContainers_1.0.zip; 755; ${{RUN_AS_USER}}; root
 /opt/microsoft/omsconfig/module_packages/nxOMSCustomLog_1.0.zip; release/nxOMSCustomLog_1.0.zip; 755; ${{RUN_AS_USER}}; root
 /opt/microsoft/omsconfig/module_packages/nxOMSGenerateInventoryMof_1.5.zip; release/nxOMSGenerateInventoryMof_1.5.zip; 755; ${{RUN_AS_USER}}; root
-/opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.70.zip; release/nxOMSPlugin_3.70.zip; 755; ${{RUN_AS_USER}}; root
+/opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.71.zip; release/nxOMSPlugin_3.71.zip; 755; ${{RUN_AS_USER}}; root
 /opt/microsoft/omsconfig/module_packages/nxOMSWLI_1.46.zip; release/nxOMSWLI_1.46.zip; 755; ${{RUN_AS_USER}}; root
 #endif
 
@@ -418,7 +418,7 @@ if [ "$pythonVersion" = "python3" ]; then
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSContainers_1.0.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSCustomLog_1.0.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSGenerateInventoryMof_1.5.zip 0"
-	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.70.zip 0"
+	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.71.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/python3/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSWLI_1.46.zip 0"
 else
   echo "Running python2 python version is ", $pythonVersion
@@ -428,7 +428,7 @@ else
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSContainers_1.0.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSCustomLog_1.0.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSGenerateInventoryMof_1.5.zip 0"
-	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.70.zip 0"
+	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSPlugin_3.71.zip 0"
 	su - omsagent -c "/opt/microsoft/omsconfig/Scripts/InstallModule.py /opt/microsoft/omsconfig/module_packages/nxOMSWLI_1.46.zip 0"
 #endif