Security

check_bundle_audit

Write a Review

Description:

Nagios plugin to monitor ruby applications for security vulnerabilities via bundler-audit, written in bash.

Current Version

0.6.0

Last Release Date

2017-10-29

Compatible With

  • Nagios 1.x
  • Nagios 2.x
  • Nagios 3.x

Owner

tommarshall

Download URL

https://github.com/tommarshall/nagios-check-bundle-audit

License

MIT

Copy Page Link Recommend Login to Add to Favorites
Project Files
FileDescription
check_bundle_audit.sh
Project Notes
Nagios plugin to monitor ruby applications for security vulnerabilities via bundler-audit. Usage: ./check_bundle_audit -p [options] Examples: # 'Unknown' or 'High' CVEs exit CRITICAL; 'Medium' or 'Low' exit WARNING ./check_bundle_audit -p /var/www/app # exit CRITICAL if any CVE(s) are present ./check_bundle_audit -p /var/www/app -c all # exit WARNING if any CVE(s) (including high) are present ./check_bundle_audit -p /var/www/app -c '' -w all # 'High' CVEs exit CRITICAL; 'Unknown' or 'Medium' exit WARNING; 'Low' exit OK ./check_bundle_audit -p /var/www/app -c high -w medium,unknown # 'High' CVEs exit CRITICAL; 'Medium', 'Low' or 'Unknown' exit WARNING ./check_bundle_audit -p /var/www/app -c high -w medium,low,unknown # set full path to bundle-audit ./check_bundle_audit -p /var/www/app -b /usr/local/bin/bundle-audit # ignore advisories CVE-2016-4658 and CVE-2014-0083 ./check_bundle_audit -p /var/www/app -i "CVE-2016-4658 CVE-2014-0083" Options: -p, --path path to project -b --bundle-audit-path path to `bundle-audit` gem -w, --warning comma seperated CVE criticalities to treat as WARNING -c, --critical comma seperated CVE criticalities to treat as CRITICAL -i, --ignore space seperated advisories to ignore -V, --version output version -h, --help output help information Criticalities: * -c/--critical takes priority over -w/--warning. * -c/--critical default is high,unknown. * -w/--warning default is low,medium,high,unknown. * Criticality levels: - low - medium - high - unknown - all (alias for low,medium,high,unknown) Troubleshooting: UNKNOWN: Unable to update ruby-advisory-db bundler-audit downloads a copy of the Ruby Advisory Database inside the user's home directory. This can cause issues if the user running the script does not have a writable home directory. See https://github.com/tommarshall/nagios-check-bundle-audit/issues/2 for details on how to resolve this. Dependencies: * bash * bundler-audit (https://github.com/rubysec/bundler-audit)
Reviews (0) Add a Review
Add a Review

You must be logged in to submit a review.

Thank you for your review!

Your review has been submitted and is pending approval.

Recommend

To:


From:


Thank you for your recommendation!

Your recommendation has been sent.

Page Sections
Project Overview Project Files Project Notes Reviews
Project Stats
Rating
0 (0)
Favorites
0
Views
7,342