attack_range icon indicating copy to clipboard operation
attack_range copied to clipboard
verified publisher icon splunk

Log PurpleSharp test results to Attack Range

Open ccl0utier opened this issue 3 years ago • 0 comments

It would be nice for PurpleSharp unit tests / playbook tests output to also be logged to index = attack like Atomic Red Team test results.

This could be achieved by adding the output file to the current list of monitored files in the Universal Forwarder inputs.
E.g., for ART: https://github.com/splunk/attack_range/blob/develop/packer/ansible/roles/windows_universal_forwarder/files/atomic_red_team_execution_inputs.conf

It seems PurpleSharp already logs execution output results (in JSON format) - but only for Playbook executions, not single tests. So @mvelazc0 would probably need to modify PurpleSharp accordingly first.

image

Once done we could update the Attack Range Reporting app to integrate PurpleSharp based results.

ccl0utier avatar Nov 21 '22 20:11 ccl0utier