
* Add Qualys vulnerability scans * Use non-zero exit codes for failures * Convert to strings for Logstash * Update logstash config for vulnerability scans * Update README * Grab all scans statuses * Add Qualys vulnerability scans * Use non-zero exit codes for failures * Convert to strings for Logstash * Update logstash config for vulnerability scans * Update README * Grab all scans statuses * Fix error: "Cannot convert non-finite values (NA or inf) to integer" When trying to download the results of Qualys Vulnerability Management scans, the following error pops up: [FAIL] - Could not process scan/xxxxxxxxxx.xxxxx - Cannot convert non-finite values (NA or inf) to integer This error is due to pandas operating with the scan results json file, as the last element from the json doesn't fir with the rest of the response's scheme: that element is "target_distribution_across_scanner_appliances", which contains the scanners used and the IP ranges that each scanner went through. Taking out the last line solves the issue. Also adding the qualys_vuln scheme to the frameworks_example.ini
78 lines
2.4 KiB
INI
Executable File
78 lines
2.4 KiB
INI
Executable File
[nessus]
|
|
enabled=true
|
|
hostname=localhost
|
|
port=8834
|
|
username=nessus_username
|
|
password=nessus_password
|
|
write_path=/opt/vulnwhisperer/nessus/
|
|
db_path=/opt/vulnwhisperer/database
|
|
trash=false
|
|
verbose=true
|
|
|
|
[tenable]
|
|
enabled=true
|
|
hostname=cloud.tenable.com
|
|
port=443
|
|
username=tenable.io_username
|
|
password=tenable.io_password
|
|
write_path=/opt/vulnwhisperer/tenable/
|
|
db_path=/opt/vulnwhisperer/database
|
|
trash=false
|
|
verbose=true
|
|
|
|
[qualys]
|
|
#Reference https://www.qualys.com/docs/qualys-was-api-user-guide.pdf to find your API
|
|
enabled = true
|
|
hostname = qualysapi.qg2.apps.qualys.com
|
|
username = exampleuser
|
|
password = examplepass
|
|
write_path=/opt/vulnwhisperer/qualys/
|
|
db_path=/opt/vulnwhisperer/database
|
|
verbose=true
|
|
|
|
# Set the maximum number of retries each connection should attempt.
|
|
#Note, this applies only to failed connections and timeouts, never to requests where the server returns a response.
|
|
max_retries = 10
|
|
# Template ID will need to be retrieved for each document. Please follow the reference guide above for instructions on how to get your template ID.
|
|
template_id = 126024
|
|
|
|
[qualys_vuln]
|
|
#Reference https://www.qualys.com/docs/qualys-was-api-user-guide.pdf to find your API
|
|
enabled = true
|
|
hostname = qualysapi.qg2.apps.qualys.com
|
|
username = exampleuser
|
|
password = examplepass
|
|
write_path=/opt/vulnwhisperer/qualys/
|
|
db_path=/opt/vulnwhisperer/database
|
|
verbose=true
|
|
|
|
# Set the maximum number of retries each connection should attempt.
|
|
#Note, this applies only to failed connections and timeouts, never to requests where the server returns a response.
|
|
max_retries = 10
|
|
# Template ID will need to be retrieved for each document. Please follow the reference guide above for instructions on how to get your template ID.
|
|
template_id = 126024
|
|
|
|
[openvas]
|
|
enabled = false
|
|
hostname = localhost
|
|
port = 4000
|
|
username = exampleuser
|
|
password = examplepass
|
|
write_path=/opt/vulnwhisperer/openvas/
|
|
db_path=/opt/vulnwhisperer/database
|
|
verbose=true
|
|
|
|
#[proxy]
|
|
; This section is optional. Leave it out if you're not using a proxy.
|
|
; You can use environmental variables as well: http://www.python-requests.org/en/latest/user/advanced/#proxies
|
|
|
|
; proxy_protocol set to https, if not specified.
|
|
#proxy_url = proxy.mycorp.com
|
|
|
|
; proxy_port will override any port specified in proxy_url
|
|
#proxy_port = 8080
|
|
|
|
; proxy authentication
|
|
#proxy_username = proxyuser
|
|
#proxy_password = proxypass
|