IBM QRadar

Hi ,We tried to run a custom QRadar app via the pre-Validation tool 1.2.0.

I'm getting error like this:

==============================================

Skipped files:

./SampleApp_01042021.txt-ContentExport-20210401150554/1101/app/app_proxyservice.py

reason:

syntax error while parsing AST from file

./SampleApp_01042021.txt-ContentExport-20210401150554/1101/app/arielsearchclient.py

reason:

syntax error while parsing AST from file

./SampleApp_01042021.txt-ContentExport-20210401150554/1101/app/daemon_methods.py

reason:

syntax error while parsing AST from file

./SampleApp_01042021.txt-ContentExport-20210401150554/1101/app/dbclient.py

reason:

syntaxerror while parsing AST from file

./SampleApp_01042021.txt-ContentExport-20210401150554/1101/app/models.py

reason:

syntaxerror while parsing AST from file

./SampleApp_01042021.txt-ContentExport-20210401150554/1101/app/utils.py

reason:

syntax errorwhile parsing AST from file

./SampleApp_01042021.txt-ContentExport-20210401150554/1101/app/views.py

reason:

syntax errorwhile parsing AST from file

==============================================

We observed the pre-Validation tool 1.2.0 is using 1.6.2 bandit which is not latest.

Is there some issue in the tool? Or please let us know if we are missing out something.

Thanks.

Hi Daniel,

Yes. This is an issue of the bandit tool.

Note that the pre-validation tool 1.2.0 is still running on python 2.7/CentOS6. If your app is developing with Python3, it has chances that the bandit running on python2.7 cannot recognize all the python codes. A quick solution is you can install bandit in your development environment and scan your app codebase with the same python version.

Regards,

- Wayne