This tool is used to parse data from json file/restful api/socket, and save into DB (sqlite/postgres/mysql).
Then generate xml file according to DB, with filter options.
The output xml file can be used as openscap source file. Check systems whether have vulnerabilities.
Leon Wang wangl29@chinatelecom.cn
Yong Qin qiny15@chinatelecom.cn
Copyright 2024 Chinatelecom CTyun Ltd.
CTyunOS OVAL CLI
Usage:
ct-oval [flags]
ct-oval [command]
Available Commands:
completion Generate the autocompletion script for the specified shell
genxml generate xml file with given options
help Help about any command
parsedir parse security notice from dirs
parsejson parse security notice from json files
parseurl parse security notice from Restful URL API
version print the version number
Global Flags:
-d, --debug Enable debug messages
--from string include elements revised on or after this day (format: YYYY-MM-DD) (default "1990-01-01")
-h, --help help for ct_oval
--product string generate oval for a single product (eg: ctyunos-2.0.1 ctyunos-23.01 all. "all" only works for parseurl) (default "ctyunos-2.0.1")
--to string include elements revised on or before this day (format: YYYY-MM-DD)
parse security notice from json files
Usage:
ct-oval parse <json_file> ... [flags]
parse security notice from dirs
Usage:
ct-oval parsedir <json_dir> ... [flags]
parse security notice from pre-configured ct-admin restful url API
Usage:
ct-oval parseurl [--from|--to|--product|--type|--keyword] [flags]
subcommand options description:
--keyword string only match CVEs contains this keyword (eg: openssl)
--type int only match CVEs of this type (1-low 2-meduim 3-high 4-critical)
generate xml file with given options
Usage:
ct-oval genxml [--from|--to|--product|--output] [flags]
subcommand options description:
--output string the name of output xml file (default "CTyunos-oval.xml")
Generate the autocompletion script for ct-oval for the specified shell.
Usage:
ct-oval completion [command]
Available Commands:
bash Generate the autocompletion script for bash
fish Generate the autocompletion script for fish
powershell Generate the autocompletion script for powershell
zsh Generate the autocompletion script for zsh
Notice: API URL, productlist and archlist currently are hard coded in common.go.
You can change them and recompile the project if needed. These configs are:
To make sure tests passed, you need to delete sqlite.db before running unit tests in source directory
$ go test ./...
? ct-oval_tool [no test files]
? ct-oval_tool/cmd/flag [no test files]
? ct-oval_tool/pkg/ent [no test files]
? ct-oval_tool/pkg/ent/cveref [no test files]
? ct-oval_tool/pkg/ent/enttest [no test files]
? ct-oval_tool/pkg/ent/hook [no test files]
? ct-oval_tool/pkg/ent/state [no test files]
? ct-oval_tool/pkg/ent/test [no test files]
? ct-oval_tool/pkg/ent/oval [no test files]
? ct-oval_tool/pkg/ent/predicate [no test files]
? ct-oval_tool/pkg/ent/runtime [no test files]
? ct-oval_tool/pkg/ent/schema [no test files]
? ct-oval_tool/pkg/ent/migrate [no test files]
? ct-oval_tool/pkg/ent/object [no test files]
ok ct-oval_tool/cmd 0.780s
ok ct-oval_tool/pkg/logger (cached)
? ct-oval_tool/pkg/ovalxml/ovaldefinitions [no test files]
ok ct-oval_tool/pkg/ovalxml 0.143s
ok ct-oval_tool/pkg/ovalxml/common (cached)
ok ct-oval_tool/pkg/ovalxml/defintions (cached)
ok ct-oval_tool/pkg/ovalxml/generator (cached)
ok ct-oval_tool/pkg/ovalxml/objects (cached)
ok ct-oval_tool/pkg/ovalxml/states (cached)
ok ct-oval_tool/pkg/ovalxml/tests (cached)
ok ct-oval_tool/pkg/securitynotice 0.958s
PS. Some dirs don't have functions, so they don't have test. It is not a problem.
$ go run main.go genxml --from 2024-01-23
INFO[2024-04-17T20:53:29+08:00] OVAL CTyunos-oval.xml generated successfully.
go run main.go parseurl --from 2024-01-23 --type 2
INFO[2024-04-17T20:55:06+08:00] 4 CVEs are prceeded successfully.
$ go run main.go parseurl --from 2023-01-23 --to 2024-01-23 --type 2 --keyword=mysql
INFO[2024-04-17T20:55:35+08:00] 2 CVEs are prceeded successfully.
$ go run main.go parsedir example
INFO[2024-04-17T20:56:33+08:00] oval:cn.ctyun.ctyunos:def:20210207 file is prceeded
INFO[2024-04-17T20:56:33+08:00] oval:cn.ctyun.ctyunos:def:20210208 file is prceeded
$ go run main.go parsejson example/security_notice1.json
INFO[2024-04-17T20:57:10+08:00] oval:cn.ctyun.ctyunos:def:20210207 file is prceeded
oscap oval eval --report vulnerability.html CTyunOS-oval.xml
PassedIntegration with ct-admin: parse from grpc API, use postgres DB, publish xml files into web
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。