Add on to update vulnerabilities?

[andrewatmacys]

Forgive me if this is listed somewhere, but I couldn't find it. Is there an add on that updates vulnerabilities in Nagios?

Like a security newsletter or something like that, that updates monthly or so? It seems all I can find are individual plugins to check for security compliance.

Thank you!

[cdienger]

The UI has a built in check for Nagios updates. If an update is available you'll see a Red ! in the default Home Dashboard or a yellow ! in the Footer(just left of the About link). You can also check for updates under the Admin section of the UI.

For system vulnerabilities I'm not aware of any checks but I do see redhat recently made an API available to their CVE database https://access.redhat.com/documentation ... t_all_cves so creating a plugin do to something like that looks do-able. I'll try to make some time tomorrow to poke around it some more since I can see this being a benefit for a lot of people.

[cdienger]

A lot could be done for improvement(logic to check installed packages, date handling, file/folder existence and storage location, adding actual nagios return code logic, OS detection, etc....) but it's a rough draft:

Code: Select all

#!/bin/bash

before=2018-03-17
after=2018-02-28

declare -a cve

cve=($(curl https://access.redhat.com/labs/securitydataapi/cve.json?product=Red%20Hat%20Enterprise%20Linux%206\&before=$before\&after=$after -m 30 -s | jq .[].CVE | sed s/\"//g))

#echo ${#cve[@]}

for (( counter=0; counter<${#cve[@]}; counter++ )); do

mkdir ${cve[$counter]}

curl https://access.redhat.com/labs/securitydataapi/cve/${cve[$counter]}.json -m 30 -s | jq .[] > ${cve[$counter]}/${cve[$counter]}.txt

done

The above will search for CVEs released between 3/17 and 2/28 of this year that impact RHEL 6, create a folder for each CVE it finds and saves the details in the folder.

[andrewatmacys]

Thank you for your help, I'll definitely be checking into that!

[npolovenko]

@andrewatmacys, Let us know if it's it ok to lock the thread?