cloud-design-dev
diff --git a/‎jobs/account-port-scan/port-scan-report.py‎
Lines changed: 79 additions & 8 deletions b/‎jobs/account-port-scan/port-scan-report.py‎
Lines changed: 79 additions & 8 deletions
@@ -27,7 +27,7 @@
 from ibm_cloud_sdk_core.authenticators import IAMAuthenticator
 
 """
-Pull IBM Cloud API key and Logging endpoint from environment. If not set, raise an error. 
+Pull IBM Cloud API key from environment. If not set, raise an error. 
 """
 ibmcloud_api_key = os.environ.get('IBMCLOUD_API_KEY')
 if not ibmcloud_api_key:
@@ -37,6 +37,7 @@
 if not cloud_logging_endpoint:
     raise ValueError("IBM_CLOUD_LOGGING_ENDPOINT environment variable not found")
 
+
 """
 Create an IAM authenticator object for use with the VPC API.
 """
@@ -179,6 +180,50 @@ def get_iam_token():
         return None
 
 
+def format_ports_json(vpc_results, vg_results, bm_results):
+    """
+    Format all results into a single JSON array in the specified format
+    
+    Args:
+        vpc_results (dict): Dictionary with IP addresses as keys and lists of open ports as values for VPC
+        vg_results (dict): Dictionary with IP addresses as keys and lists of open ports as values for Virtual Guests
+        bm_results (dict): Dictionary with IP addresses as keys and lists of open ports as values for Bare Metal servers
+    
+    Returns:
+        list: List of formatted entries in the specified format
+    """
+    all_ports_json = []
+    
+    # Process VPC floating IPs
+    for ip, ports in vpc_results.items():
+        for port in ports:
+            all_ports_json.append({
+                "server-ip": ip,
+                "open-port": str(port),
+                "environment": "VPC"
+            })
+    
+    # Process Classic Virtual Guests
+    for ip, ports in vg_results.items():
+        for port in ports:
+            all_ports_json.append({
+                "server-ip": ip,
+                "open-port": str(port),
+                "environment": "Classic"
+            })
+    
+    # Process Classic Bare Metal servers
+    for ip, ports in bm_results.items():
+        for port in ports:
+            all_ports_json.append({
+                "server-ip": ip,
+                "open-port": str(port),
+                "environment": "Classic"
+            })
+    
+    return all_ports_json
+
+
 def format_scan_results(target_type, results):
     """
     Format scan results to be sent to IBM Cloud Logging
@@ -191,7 +236,10 @@ def format_scan_results(target_type, results):
         list: List of formatted log entries
     """
     log_entries = []
+    
+    # Get computer name from environment variable or fall back to local system name
     computer_name = os.environ.get('CE_PROJECT_ID', socket.gethostname())
+    
     for ip, ports in results.items():
         if ports:  # Only include IPs with open ports
             log_entry = {
@@ -202,20 +250,21 @@ def format_scan_results(target_type, results):
                     "ip_address": ip,
                     "open_ports": ports,
                     "target_type": target_type,
-                    "message": f"Open ports detected on {target_type} {ip}: {ports}"
+                    "message": f"Open-Port-Detected: Open ports detected on {target_type} {ip}: {ports}"
                 }
             }
             log_entries.append(log_entry)
 
     return log_entries
 
 
-def send_to_ibm_cloud_logging(log_entries):
+def send_to_ibm_cloud_logging(log_entries, all_ports_json):
     """
     Send log entries to IBM Cloud Logging
     
     Args:
         log_entries (list): List of formatted log entries
+        all_ports_json (list): List of all open ports in the specified JSON format
     
     Returns:
         bool: True if logs were sent successfully, False otherwise
@@ -236,6 +285,21 @@ def send_to_ibm_cloud_logging(log_entries):
         "Authorization": f"Bearer {token}"
     }
 
+    # Add a summary log entry with the full JSON of all open ports
+    computer_name = os.environ.get('CE_PROJECT_ID', socket.gethostname())
+    summary_entry = {
+        "applicationName": "account-port-scan",
+        "subsystemName": "summary-scan",
+        "computerName": computer_name,
+        "text": {
+            "message": "Open-Port-Detected: Summary of all open ports across all environments",
+            "open_ports_summary": all_ports_json
+        }
+    }
+    
+    # Add the summary entry to the log entries
+    log_entries.append(summary_entry)
+    
     try:
         response = requests.post(log_endpoint, headers=headers, json=log_entries)
         response.raise_for_status()
@@ -286,18 +350,25 @@ def main():
             print(f"Open ports on {target}: {open_ports}")
     print("Classic Bare Metals Scan complete.")
 
-    # Format and send results to IBM Cloud Logging
+    # Create the consolidated JSON object for all open ports
+    all_ports_json = format_ports_json(
+        floating_ip_results, 
+        virtual_guest_results, 
+        bare_metal_results
+    )
+    
+    # Format the individual log entries
     floating_ip_logs = format_scan_results("floating_ip", floating_ip_results)
     virtual_guest_logs = format_scan_results("virtual_guest", virtual_guest_results)
     bare_metal_logs = format_scan_results("bare_metal", bare_metal_results)
 
-    # Combine all logs into a single list
+    # Combine all individual logs into a single list
     all_logs = floating_ip_logs + virtual_guest_logs + bare_metal_logs
 
     # Send logs to IBM Cloud Logging
-    if all_logs:
-        print(f"Sending {len(all_logs)} log entries to IBM Cloud Logging...")
-        success = send_to_ibm_cloud_logging(all_logs)
+    if all_logs or all_ports_json:
+        print(f"Sending {len(all_logs)} log entries and a summary to IBM Cloud Logging...")
+        success = send_to_ibm_cloud_logging(all_logs, all_ports_json)
         if success:
             print("Successfully sent logs to IBM Cloud Logging")
         else: