From 98a84af5d0a3d5cab5f619b05cf2918a1c90aaf2 Mon Sep 17 00:00:00 2001
From: pemontto <pemontto@gmail.com>
Date: Wed, 1 May 2019 20:50:41 +0100
Subject: [PATCH] use web_application_name as asset

---
 resources/elk6/pipeline/2000_qualys_web_scans.conf | 6 ------
 vulnwhisp/frameworks/qualys_web.py                 | 4 ++--
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/resources/elk6/pipeline/2000_qualys_web_scans.conf b/resources/elk6/pipeline/2000_qualys_web_scans.conf
index e19f6f3..ce28f17 100644
--- a/resources/elk6/pipeline/2000_qualys_web_scans.conf
+++ b/resources/elk6/pipeline/2000_qualys_web_scans.conf
@@ -33,12 +33,6 @@ filter {
       remove_field => ["scan_time"]
     }
 
-    if "qualys_web" in [tags] {
-      mutate {
-        add_field => { "asset" => "%{web_application_name}" }
-      }
-    }
-
     mutate {
       convert => { "cvss" => "float"}
       convert => { "cvss_base" => "float"}
diff --git a/vulnwhisp/frameworks/qualys_web.py b/vulnwhisp/frameworks/qualys_web.py
index 6905074..40b80e5 100644
--- a/vulnwhisp/frameworks/qualys_web.py
+++ b/vulnwhisp/frameworks/qualys_web.py
@@ -527,8 +527,8 @@ class qualysScanReport:
         df['dns'] = df['url'].str.extract('https?://([^/]+)', expand=False)
         df.loc[df['uri'] != '','dns'] = df.loc[df['uri'] != '','uri'].str.extract('https?://([^/]+)', expand=False)
 
-        # Set asset to dns
-        df['asset'] = df['dns']
+        # Set asset to web_application_name
+        df['asset'] = df['web_application_name']
 
         df.fillna('', inplace=True)
         return df