Vuls Beater for Elasticsearch - connecting vuls

vulsbeat

Welcome to vulsbeat.Please push Star.

This software allows you Vulnerability scan results of vuls can be imported to Elastic Stack. You can do various things with elasticsearch. For example, analyze or detect complex threats with SIEM.

Ensure that this folder is at the following location: ${GOPATH}/src/github.com/kazuminn/vulsbeat

Getting Started with vulsbeat

Requirements

Config

change path: in vulsbeat.yml.

path: "/path/to/results/"

Init Project

To get running with vulsbeat and also install the dependencies, run the following command:

make setup

It will create a clean git history for each major step. Note that you can always rewrite the history if you wish before pushing your changes.

To push vulsbeat in the git repository, run the following commands:

git remote set-url origin https://github.com/kazuminn/vulsbeat
git push origin master

For further development, check out the beat developer guide.

Build

To build the binary for vulsbeat run the command below. This will generate a binary in the same directory with the name vulsbeat.

make

Run

To run vulsbeat with debugging output enabled, run:

./vulsbeat -c vulsbeat.yml -e -d "*"

Test

To test vulsbeat, run the following command:

make testsuite

alternatively:

make unit-tests
make system-tests
make integration-tests
make coverage-report

The test coverage is reported in the folder ./build/coverage/

Update

Each beat has a template for the mapping in elasticsearch and a documentation for the fields which is automatically generated based on fields.yml by running the following command.

make update

Cleanup

To clean vulsbeat source code, run the following command:

make fmt

To clean up the build directory and generated artifacts, run:

make clean

Clone

To clone vulsbeat from the git repository, run the following commands:

mkdir -p ${GOPATH}/src/github.com/kazuminn/vulsbeat
git clone https://github.com/kazuminn/vulsbeat ${GOPATH}/src/github.com/kazuminn/vulsbeat

For further development, check out the beat developer guide.

Packaging

The beat frameworks provides tools to crosscompile and package your beat for different platforms. This requires docker and vendoring as described above. To build packages of your beat, run the following command:

make release

This will fetch and create all images required for the build process. The whole process to finish can take several minutes.

Owner
kazuminn
kazuminn
https://github.com/kazuminn/vulsbeat
Similar Resources

A simple Go POP3 client library for connecting and reading mails from POP3 servers.

go-pop3 A simple Go POP3 client library for connecting and reading mails from POP3 servers. This is a full rewrite of TheCreeper/go-pop3 with bug fixe

Dec 17, 2022

tfacon is a CLI tool for connecting Test Management Platforms and Test Failure Analysis Classifier.

Test Failure Classifier Connector Description tfacon is a CLI tool for connecting Test Management Platforms and Test Failure Analysis Classifier. Test

Jun 23, 2022

Golang library for connecting to EOSIO SHIP

go-eosio-ship go-eosio-ship is a golang library built on top of go-eosio for con

Jan 3, 2022

Simple tool for connecting to remote hosts via ssh written on GO.

sshmenu is a simple tool for connecting to remote hosts via ssh written on GO. Great if you have trouble remembering IP addresses, hostnames, usernames or path to a key file.

Jul 21, 2022

A kubernetes cni, connecting containers to neutron virtual networks.

A kubernetes cni, connecting containers to neutron virtual networks.

neutron-cni A kubernetes cni, connecting containers to neutron virtual networks. Network Topology Architecture Quick Start Build make build-dev-im

May 5, 2022

Sync MySQL data into elasticsearch

Sync MySQL data into elasticsearch

go-mysql-elasticsearch is a service syncing your MySQL data into Elasticsearch automatically. It uses mysqldump to fetch the origin data at first, the

Dec 30, 2022

Парсер технологического журнала, основанный на стеке технологий Golang goroutines + Redis + Elasticsearch.

Парсер технологического журнала, основанный на стеке технологий Golang goroutines + Redis + Elasticsearch.

go-techLog1C Парсер технологического журнала, основанный на стеке технологий Golang goroutines + Redis + Elasticsearch. Стек является кросс-платформен

Nov 30, 2022

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

The open-source platform for monitoring and observability. Grafana allows you to query, visualize, alert on and understand your metrics no matter wher

Jan 3, 2023

convert sql to elasticsearch DSL in golang(go)

_____ _ _ ____ _____ ___ ____ ____ ___ _ | ____| | / \ / ___|_ _|_ _|/ ___|/ ___| / _ \ | | | _| | | / _ \ \___ \ |

Jan 7, 2023

An idiomatic Go query builder for ElasticSearch

esquery A non-obtrusive, idiomatic and easy-to-use query and aggregation builder for the official Go client for ElasticSearch. Table of Contents Descr

Jan 5, 2023

a go daemon that syncs MongoDB to Elasticsearch in realtime. you know, for search.

monstache a go daemon that syncs mongodb to elasticsearch in realtime Version 6 This version of monstache is designed for MongoDB 3.6+ and Elasticsear

Dec 28, 2022

Elastic is an Elasticsearch client for the Go programming language.

Elastic is an Elasticsearch client for the Go programming language.

Jan 9, 2023

Jenkins tracer is used to record all the Jenkins job environment variables and metrics, and send them to Elasticsearch

Jenkins Tracer Jenkins tracer is used to record all the jenkins job variables like record the build duration, build variables, repository metadata, et

Apr 22, 2021

The blackbean is a command tool for elasticsearch operations by using cobra.

The blackbean is a command tool for elasticsearch operations by using cobra.

The blackbean is a command tool for elasticsearch operations by using cobra. Besides, blackbean is the name of my lovely French bulldog.

Mar 3, 2022

This project contains an example that showcases different features from the official Go Client for Elasticsearch

This project contains an example that showcases different features from the official Go Client for Elasticsearch

Elasticsearch for Gophers This project contains an example that showcases different features from the official Go Client for Elasticsearch that you ca

Oct 12, 2022

An Elasticsearch Migration Tool.

An Elasticsearch Migration Tool Elasticsearch cross version data migration. Dec 3rd, 2020: [EN] Cross version Elasticsearch data migration with ESM Fe

Dec 19, 2022

A simple CLI tool to use the _simulate API of elasticsearch to quickly test pipelines

elasticsearch-pipeline-tester A simple CLI tool to use the _simulate API of elasticsearch to quickly test pipelines usage: pipelinetester [flags] p

Oct 19, 2021

A river for elasticsearch to automatically index mysql content using the replication feed.

Mysql River Plugin for ElasticSearch The Mysql River plugin allows to hook into Mysql replication feed using the excellent python-mysql-replication an

Jun 1, 2022

Pulumi provider for the Elasticsearch Service and Elastic Cloud Enterprise

Terraform Bridge Provider Boilerplate This repository contains boilerplate code for building a new Pulumi provider which wraps an existing Terraform p

Nov 18, 2022
Comments
  • Limit of total field in ES 7.6.1

    Limit of total field in ES 7.6.1

    Hello,

    I've update vuls to the latest version and trying to push the results to ES 7.6.1 and get this error message : "[2021-12-12T17:24:21,155][INFO ][o.e.a.b.TransportShardBulkAction] [llnelasticpoc2] [vulsbeat-8.0.0-2021.12.12][0] mapping update rejected by primary java.lang.IllegalArgumentException: Limit of total fields [10000] in index [vulsbeat-8.0.0-2021.12.12] has been exceeded "

    Do i miss something in the config, does vulsbeat works with opensearch 1.1, does vulsbeat provides dashboards ?

    Thanks for your help and for this nice project :-)

Related tags
Miscellaneous vulsbeat
Elastic is an Elasticsearch client for the Go programming language.

Elastic is an Elasticsearch client for the Go programming language.

Jan 9, 2023
An Elasticsearch Migration Tool.

An Elasticsearch Migration Tool Elasticsearch cross version data migration. Dec 3rd, 2020: [EN] Cross version Elasticsearch data migration with ESM Fe

Dec 19, 2022
This utility parses stackoverflow data and pushes it to Zinc/Elasticsearch

Gostack This utility parses stackoverflow data and pushes it to Zinc/Elasticsear

Jun 8, 2022
Quickly collect data from thousands of exposed Elasticsearch or Kibana instances and generate a report to be reviewed.
Quickly collect data from thousands of exposed Elasticsearch or Kibana instances and generate a report to be reviewed.

elasticpwn Quickly collects data from exposed Elasticsearch or Kibana instances and generates a report to be reviewed. It mainly aims for sensitive da

Nov 9, 2022
Discobeat is an elastic beat that publishes messages from Discord to elasticsearch

Discobeat Discobeat is an elastic beat that publishes messages from Discord to elasticsearch Ensure that this folder is at the following location: ${G

Apr 30, 2022
Zinc Search engine. A lightweight alternative to elasticsearch that requires minimal resources, written in Go.
 Zinc Search engine. A lightweight alternative to elasticsearch that requires minimal resources, written in Go.

Zinc Search Engine Zinc is a search engine that does full text indexing. It is a lightweight alternative to Elasticsearch and runs using a fraction of

Jan 1, 2023
A Go library for connecting to HandlerSocket (github.com/ahiguti/HandlerSocket-Plugin-for-MySQL)

handlersocket-go Go library for connecting to HandlerSocket Mysql plugin. See github.com/ahiguti/HandlerSocket-Plugin-for-MySQL/ Installation $ go get

Jan 19, 2021
Demonstration of a browser connecting to Pion WebRTC without a signaling server.
 Demonstration of a browser connecting to Pion WebRTC without a signaling server.

Offline Browser Sync WebRTC without a signaling server! This repo demonstrates how you can connect two WebRTC proccesses without signaling. No configu

Dec 29, 2022
A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers
 A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers

k8s-vault-webhook is a Kubernetes admission webhook which listen for the events related to Kubernetes resources for injecting secret directly from sec

Oct 15, 2022
scrapligo -- is a Go library focused on connecting to devices, specifically network devices (routers/switches/firewalls/etc.) via SSH and NETCONF.
 scrapligo -- is a Go library focused on connecting to devices, specifically network devices (routers/switches/firewalls/etc.) via SSH and NETCONF.

scrapligo -- scrap(e c)li (but in go!) -- is a Go library focused on connecting to devices, specifically network devices (routers/switches/firewalls/etc.) via SSH and NETCONF.

Jan 4, 2023