cdcb85917d
feat(qualys/agents): audit en background thread + page d'attente auto-refresh (fix ERR_CONNECTION_RESET sur audits longs)
2026-04-27 23:25:50 +02:00
26e05d63ac
fix(qualys/agents): commandes audit adaptees multi-OS (RHEL5 SysV init, journalctl absent, chemins log Qualys multiples)
2026-04-27 23:15:50 +02:00
03229d4d08
feat(qualys/agents): bouton Check + page audit cible Qualys agent (status + version + logs agent/systeme via SSH)
2026-04-27 23:09:05 +02:00
dc9c197274
fix(qualys/dashboard): timeout 120s->300s + log erreurs sur _fetch_asset_ids_by_tag (manque ENV-PRD/REC sur gros tags)
2026-04-27 23:00:58 +02:00
5ec5271232
perf(qualys/dashboard): parallelise fetch vulns par batch IPs (8 workers, ~18min -> ~3min)
2026-04-27 17:15:44 +02:00
ad630eba99
feat(qualys/agents): tri click-to-sort sur toutes les tables (hostname, OS, check-in, etc.)
2026-04-27 16:58:06 +02:00
4bc9d6cc61
docs(qualys/duplicates): message bandeau ~1200 serveurs
2026-04-25 19:56:51 +00:00
0d4ce6dfc2
feat(qualys/duplicates): scan filtre Linux+Windows Server uniquement (~1200 vs 6244)
2026-04-25 19:56:23 +00:00
2c5c0df355
docs(qualys/duplicates): clarifie message bandeau (6000 scan total, 1300 serveurs filtres)
2026-04-25 11:05:36 +00:00
6c52d05393
fix(qualys/duplicates): renomme cle items -> groups (conflit Jinja avec dict.items)
2026-04-25 10:49:53 +00:00
cc550c2d84
fix(qualys/duplicates): scan async (background thread) + bandeau scan en cours - evite 503 HAProxy
2026-04-25 10:31:07 +00:00
e832381b68
feat(qualys/duplicates): filtre serveurs uniquement (exclut Win 10/11/7/8/XP postes)
2026-04-25 10:23:14 +00:00
3d043af194
feat(qualys): page doublons + suppression API Qualys 1-clic
2026-04-25 10:17:40 +00:00
8f406f211d
feat(qualys/dashboard): compute v2 - interroge API Qualys par tag (DB locale qualys_asset_tags souvent obsolete)
2026-04-25 00:42:29 +00:00
54c10d90de
fix(qualys/dashboard): bandeau plus voyant (gradient cyan + glow)
2026-04-25 00:27:01 +00:00
66558c4b46
fix(qualys/dashboard): compteur base sur running_since DB (survit aux auto-refresh)
2026-04-25 00:16:44 +00:00
0ab4f2d8fa
fix(qualys/dashboard): vire flag in-memory + safety net thread + flex layout 6 KPI
2026-04-25 00:13:22 +00:00
34cca6f77b
fix(qualys/dashboard): user est un dict, utiliser user.get(sub) au lieu de .username
2026-04-25 00:09:15 +00:00
9a7f446637
fix(qualys/dashboard): insert pending row dans la route avant spawn thread (no race)
2026-04-25 00:07:22 +00:00
daf87891a7
feat(qualys/dashboard): is_running base sur DB (multi-worker safe) + bouton Annuler
2026-04-25 00:05:49 +00:00
17f508c1d1
feat(qualys/dashboard): bandeau spinner persistant + auto-refresh pendant recalcul
2026-04-24 23:55:24 +00:00
8f8e8c4d8f
feat(qualys): dashboard vulnerabilites avec KPI + historique
2026-04-24 23:49:46 +00:00
b06aedfc3b
fix(qualys): force vuln cache refresh on bulk resync redirect
2026-04-24 22:51:11 +00:00
392c8f4fe5
fix(qualys/search): KPI vuln_map est dict total/severityN, pas int
2026-04-24 22:34:16 +00:00
3c00f05263
feat(qualys/agents): colonne Version OS dans table sans-agent
2026-04-24 22:30:39 +00:00
c57ef61adb
feat(qualys/search): KPI total/avec-vuln/sans-vuln + filtre vuln_filter
2026-04-24 22:27:55 +00:00
c258d6091a
fix(qualys): resync_all_tags HTTP 400 - limitResults 10000 trop grand, capper a 1000
...
Qualys QPS API rejette limitResults au-dela de 1000 (HTTP 400 Bad Request).
Aligne sur les autres requetes du service (5, 20, 100, 200, 1000) et sur
qualys_tags_service.list_qualys_tags qui utilise deja 1000.
Reproductible via /qualys/tags > bouton Resync (msg=resync_ko_HTTP+400).
2026-04-23 12:19:31 +00:00
5fedfb5f80
Add page Tour de garde SecOps : import xlsx + table + vue hebdo + competences
2026-04-17 23:39:11 +00:00
9a72fa7eb7
Optim: fix N+1 queries itop_service (pre-load batch) + macros Jinja2 badges
2026-04-17 23:23:32 +00:00
a0f90cd719
Optim: logging structure + query_helpers.py + fix exceptions silencieuses routers
2026-04-17 23:19:18 +00:00
9097872e57
Secu: verif permissions can_view/can_edit sur endpoints HTMX detail/edit
2026-04-17 23:15:04 +00:00
2bf2fa5042
patch_history: tolere parametres vides dans les filtres (week=, source=, etc.)
2026-04-17 12:42:58 +00:00
2ab2ceabba
Historique patching : filtres OS/zone/domaine/intervenant + colonnes table
2026-04-17 12:10:45 +00:00
cfb9cf865c
Register patch_history router in main.py
2026-04-17 09:41:14 +00:00
4b1794d4d1
Add page Historique patching : vue unifiee import xlsx + campagnes + quickwin
2026-04-17 08:47:25 +00:00
MOUTAOUAKIL-ext Khalid
e2fb34f115
Sync SANEF : audit_service + schema.sql + data deploy + gitignore
2026-04-17 09:20:57 +02:00
1c661e2dc5
qualys_tags: respect qualys_bypass_proxy flag
...
_get_creds() ignorait le flag bypass_proxy et retournait toujours
qualys_proxy meme si l'utilisateur avait coche bypass en settings.
Comportement desormais aligne avec qualys_service._get_qualys_creds().
2026-04-17 00:28:57 +02:00
617bf94e31
Qualys agents sync: optims perf majeures (~3-5x plus rapide)
...
Refactor _refresh_all_agents_impl() avec 4 optimisations:
1. Pre-chargement des servers en dict Python au debut (hostname + IP)
-> elimine 2 queries SQL par asset (gain principal)
2. UPSERT 'INSERT ... ON CONFLICT DO UPDATE' + RETURNING (xmax=0)
-> une seule query au lieu de SELECT + INSERT/UPDATE
-> compte created/updated via xmax
3. HTTP Session reutilisee (requests.Session)
-> keep-alive, pas de handshake SSL a chaque page
4. ThreadPoolExecutor(5) pour executer les 5 filtres tagName en parallele
-> dedup par asset_id pour eviter traitement double
Bonus:
- max_pages 30 -> 500 par filtre (evite syncs incomplets silencieux)
- FQDN backfill cible via cache 'servers_need_fqdn' (pas d'UPDATE inutile)
- Commit unique en fin de traitement (suppression savepoint par asset)
- Retrait age-check redondant en mode diff (deja filtre cote API)
2026-04-16 23:34:51 +02:00
f1a1ca9c7b
Qualys Tags V3: unescape entites XML dans ruleText/name
...
Qualys renvoie les entites XML dans ruleText deja echappees (Bip&Go,
<?xml...). Jinja auto-escape les ressortait en double (&lt;...).
Unescape iteratif (jusqu'a 3 passes) pour couvrir le double-escape.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-15 15:40:04 +02:00
79a2cc896e
Qualys diff: format ISO sans microsec YYYY-MM-DDTHH:MM:SSZ (compat API QPS)
2026-04-15 14:28:57 +02:00
7924e64616
Qualys diff: filtre 'updated' (searchable) au lieu de 'lastCheckedIn' (non recunu API)
2026-04-15 14:06:27 +02:00
8b212df7a1
Qualys 'sans agent': match via server_id (couvre alias hostname Qualys != iTop)
2026-04-15 13:54:07 +02:00
245777fd46
Qualys agents: exclut Win10/11/Workstation de la liste 'Sans agent'
2026-04-15 13:49:05 +02:00
4a5a1f6716
Qualys: bouton Sync complete vert (#22c55e) bien visible
2026-04-15 13:42:58 +02:00
6824fee081
Qualys deploy UI: ActivationId/CustomerId masques (type password) + toggle œil
2026-04-15 13:37:15 +02:00
a3a1ec7e6d
Qualys deploy: bouton 'Sauvegarder ces valeurs' (ActivationId/Customer/Uri persistes)
2026-04-15 13:34:24 +02:00
0ebf72d789
Qualys diff sync: sauve le timestamp DES LE DEBUT (resilient si annulation)
2026-04-15 13:29:36 +02:00
5b6e113792
Qualys deploy: filtre s.os_family=linux + retire dropdown OS du UI
2026-04-15 13:18:09 +02:00
206cc813f6
Qualys deploy: simplifie UI = ActivationId Linux uniquement (Windows hidden, persiste backend)
2026-04-15 13:14:23 +02:00
55d08921f9
Qualys deploy: persiste activation_ids/customer/uri en secrets + selection auto Linux/Windows
2026-04-15 13:12:15 +02:00
