aomoriringo/README.md

## README.md

      
    Raw
  

              README.md
            
          
    config.tomlでサーバ名をZabbix上の名前と一致させておくこと
zabbix上で以下のitemを作成しておく


number of vulnerabilities

Type: Zabbix Trapper
Key: nvd_count
Type of information: Numeric (unsigned)
Data type: Decimal


max vulnerability

Type: Zabbix Trapper
Key: nvd_max
Type of information: Numeric (unsigned)
Data type: Decimal


この状態でbenri.shをcronで毎日実行とかさせるようにする

  
## benri.sh
#/bin/bash
VULS_ROOT="/root/vuls"
VULS_RESULT_DIR="$VULS_ROOT/results"

vuls scan -cve-dictionary-dbpath=$VULS_ROOT/cve.sqlite3 -report-json
files="$VULS_RESULT_DIR/current/*"
for filepath in $files; do
    TARGET_NAME=`basename $filepath .json`
    if [ "$TARGET_NAME" == "all" ]
    then
        continue
    fi
    zabbix_sender -z localhost -s $TARGET_NAME -k nvd_count -o `cat $filepath | jq '[.KnownCves[]?, .UnknownCves[]? | .CveDetail.CveID] | length'`
    zabbix_sender -z localhost -s $TARGET_NAME -k nvd_max -o `cat $filepath | jq '[.KnownCves[]?, .UnknownCves[]? | .CveDetail.Nvd.Score]+[0] | max'`
done
	#/bin/bash
	VULS_ROOT="/root/vuls"
	VULS_RESULT_DIR="$VULS_ROOT/results"

	vuls scan -cve-dictionary-dbpath=$VULS_ROOT/cve.sqlite3 -report-json
	files="$VULS_RESULT_DIR/current/*"
	for filepath in $files; do
	TARGET_NAME=`basename $filepath .json`
	if [ "$TARGET_NAME" == "all" ]
	then
	continue
	fi
	zabbix_sender -z localhost -s $TARGET_NAME -k nvd_count -o `cat $filepath \| jq '[.KnownCves[]?, .UnknownCves[]? \| .CveDetail.CveID] \| length'`
	zabbix_sender -z localhost -s $TARGET_NAME -k nvd_max -o `cat $filepath \| jq '[.KnownCves[]?, .UnknownCves[]? \| .CveDetail.Nvd.Score]+[0] \| max'`
	done