Skip to content

Report Processor Executor

Category: Generic Script: report_processor.py Integration: File import Faraday Plugin: Auto-detected (via PluginsManager / ReportAnalyzer)

Description

A generic executor that imports pre-existing security scan report files into Faraday. It reads a report file from a specified directory, auto-detects the tool that generated it (or accepts a manual tool specification), and uses the appropriate Faraday plugin to parse it.

This executor is useful for importing reports from tools that don't have a dedicated executor, or for processing reports generated outside of the agent workflow.

Prerequisites

  • The report file must already exist in the specified reports directory
  • The faraday_plugins package must support the report format

Configuration

Environment Variables (Setup)

Variable Required Description
REPORTS_PATH Yes Directory path containing report files

Execution Arguments

Parameter Type Mandatory Description
REPORT_NAME string Yes Filename of the report to import
CONFIG_TOOL string No Tool name to force a specific parser. If not set, the tool is auto-detected

YAML Configuration Example

executors:
  report_import:
    repo_executor: report_processor.py
    max_size: 65536
    varenvs:
      REPORTS_PATH: /opt/scan-reports
    params:
      REPORT_NAME:
        mandatory: true
        type: string
        base: string
      CONFIG_TOOL:
        mandatory: false
        type: string
        base: string

How It Works

  1. Reads the report file from {REPORTS_PATH}/{REPORT_NAME}
  2. If CONFIG_TOOL is specified, loads the corresponding Faraday plugin by name
  3. If CONFIG_TOOL is not specified, uses ReportAnalyzer to auto-detect the tool from the file content
  4. Parses the report using the selected plugin
  5. Outputs Faraday JSON

Supported Report Formats

Any format supported by faraday_plugins can be imported, including:

  • Nessus (.nessus), Nmap (.xml), Burp (.xml), ZAP (.xml)
  • Nuclei (.json), WPScan (.json), Nikto (.xml)
  • OpenVAS (.xml), Qualys (.xml), Nexpose (.xml)
  • And many more (see the [[plugin-list]] for the full list of supported tools)

Notes

  • Auto-detection works by analyzing file content, not file extensions
  • Use CONFIG_TOOL when auto-detection fails or when you want to force a specific parser
  • This executor is commonly used with Docker deployments where the dispatcher mounts a reports volume