You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 lines
1.7 KiB
43 lines
1.7 KiB
#!/usr/bin/env bash |
|
|
|
die(){ |
|
echo "$@" > /dev/stderr |
|
exit 1 |
|
} |
|
|
|
printhelp(){ |
|
echo "Nessus Compliance Filter" |
|
echo "This command should be given a nessus xml file on stdin" |
|
echo "Stdout will contain a tsv file for each compliance issue (not pass)" |
|
echo "Positional Arguments can be given and each will regex match the Check Name" |
|
echo "" |
|
echo "e.g." |
|
echo "cat example.nessus | nessusComplianceFilter \"^18.\" \"Defender\"" |
|
echo "will output a tsv containing all failures (or warnings) that start with '18.' and contain the word 'Defender'" |
|
echo "" |
|
echo "It has been built with extensability in mind. It should work well with other unix-y tools" |
|
echo "" |
|
echo "e.g. Only show the name and ip addresses grouped" |
|
echo "cat example.nessus | nessusComplianceFilter | awk awk -F \$'\t' 'NR>1{arr[\$1] = arr[\$1] \$6 \", \"}END{for (a in arr) print a \"\\t\" arr[a]}'" |
|
|
|
exit 0 |
|
} |
|
|
|
type -p xq >/dev/null || die -e "You need to install xq\nhttps://github.com/kislyuk/yq" |
|
|
|
[ "$1" = "-h" ] && printhelp |
|
|
|
filters="" |
|
|
|
while [ "$#" -gt 0 ]; do |
|
filters="$filters | select( .\"cm:compliance-check-name\" | test(\"$1\"))" |
|
shift |
|
done |
|
|
|
echo "Compliance Check Compliance Result Profile Current Expected IP" |
|
cat - | xq -r ".NessusClientData_v2.Report.ReportHost | if (. | type == \"array\") then .[] else . end | |
|
(.ReportItem[] + {ip:.\"@name\"}) | |
|
select(.compliance == \"true\") | |
|
select(.\"cm:compliance-result\" != \"PASSED\") $filters | |
|
[.\"cm:compliance-check-name\", .\"cm:compliance-result\", ( .\"cm:compliance-audit-file\" | match(\"L(evel_)?[12]\").string | sub(\"_\";\" \") | sub(\"L1\"; \"Level 1\") | sub(\"L2\"; \"Level 2\") ), .\"cm:compliance-actual-value\", .\"cm:compliance-policy-value\", .ip] |
|
| @tsv" | sort -V
|
|
|