Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cvss mapping moved to vulnwhisperer

Browse Source
This commit is contained in:
pemontto
2019-04-15 22:02:33 +10:00
parent 982d51a465
commit ca5500add4
3 changed files with 0 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
resources/elk6/pipeline/1000_nessus_process_file.conf
View File

@ -52,32 +52,6 @@ filter {
convert => { "risk_number" => "integer"} convert => { "risk_number" => "integer"}
convert => { "total_times_detected" => "integer"} convert => { "total_times_detected" => "integer"}
} }
if [cvss] == 0 {
mutate {
add_field => { "cvss_severity" => "info" }
}
}
if [cvss] > 0 and [cvss] < 3 {
mutate {
add_field => { "cvss_severity" => "low" }
}
}
if [cvss] >= 3 and [cvss] < 6 {
mutate {
add_field => { "cvss_severity" => "medium" }
}
}
if [cvss] >=6 and [cvss] < 9 {
mutate {
add_field => { "cvss_severity" => "high" }
}
}
if [cvss] >= 9 {
mutate {
add_field => { "cvss_severity" => "critical" }
}
}
} }
} }

26
resources/elk6/pipeline/2000_qualys_web_scans.conf
View File

@ -49,32 +49,6 @@ filter {
convert => { "total_times_detected" => "integer"} convert => { "total_times_detected" => "integer"}
} }
if [cvss] == 0 {
mutate {
add_field => { "cvss_severity" => "info" }
}
}
if [cvss] > 0 and [cvss] < 3 {
mutate {
add_field => { "cvss_severity" => "low" }
}
}
if [cvss] >= 3 and [cvss] < 6 {
mutate {
add_field => { "cvss_severity" => "medium" }
}
}
if [cvss] >=6 and [cvss] < 9 {
mutate {
add_field => { "cvss_severity" => "high" }
}
}
if [cvss] >= 9 {
mutate {
add_field => { "cvss_severity" => "critical" }
}
}
if [first_time_detected] { if [first_time_detected] {
date { date {
match => [ "first_time_detected", "dd MMM yyyy HH:mma 'GMT'ZZ", "dd MMM yyyy HH:mma 'GMT'" ] match => [ "first_time_detected", "dd MMM yyyy HH:mma 'GMT'ZZ", "dd MMM yyyy HH:mma 'GMT'" ]

39
resources/elk6/pipeline/3000_openvas.conf
View File

@ -106,51 +106,12 @@ filter {
convert => { "total_times_detected" => "integer"} convert => { "total_times_detected" => "integer"}
} }
if [cvss] == 0 {
mutate {
add_field => { "cvss_severity" => "info" }
}
}
if [cvss] > 0 and [cvss] < 3 {
mutate {
add_field => { "cvss_severity" => "low" }
}
}
if [cvss] >= 3 and [cvss] < 6 {
mutate {
add_field => { "cvss_severity" => "medium" }
}
}
if [cvss] >=6 and [cvss] < 9 {
mutate {
add_field => { "cvss_severity" => "high" }
}
}
if [cvss] >= 9 {
mutate {
add_field => { "cvss_severity" => "critical" }
}
}
# Add your critical assets by subnet or by hostname. Comment this field out if you don't want to tag any, but the asset panel will break. # Add your critical assets by subnet or by hostname. Comment this field out if you don't want to tag any, but the asset panel will break.
if [asset] =~ "^10\.0\.100\." { if [asset] =~ "^10\.0\.100\." {
mutate { mutate {
add_tag => [ "critical_asset" ] add_tag => [ "critical_asset" ]
} }
} }
mutate {
convert => { "plugin_id" => "integer"}
convert => { "id" => "integer"}
convert => { "risk_number" => "integer"}
convert => { "risk_score" => "float"}
convert => { "total_times_detected" => "integer"}
convert => { "cvss" => "float"}
convert => { "cvss_base" => "float"}
convert => { "cvss_temporal" => "float"}
convert => { "cvss3" => "float"}
convert => { "cvss3_base" => "float"}
convert => { "cvss3_temporal" => "float"}
}
} }
} }
output { output {