Security

check_bundle_audit

Write a Review

Description:

Nagios plugin to monitor ruby applications for security vulnerabilities via bundler-audit, written in bash.

Current Version

0.6.0

Last Release Date

2017-10-29

Compatible With

  • Nagios 1.x
  • Nagios 2.x
  • Nagios 3.x

Owner

tommarshall

Download URL

https://github.com/tommarshall/nagios-check-bundle-audit

License

MIT

Copy Page Link Recommend Login to Add to Favorites Login to Claim
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Download Now

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
Project Files
FileDescription
check_bundle_audit.sh
Project Notes
Nagios plugin to monitor ruby applications for security vulnerabilities via bundler-audit. Usage: ./check_bundle_audit -p [options] Examples: # 'Unknown' or 'High' CVEs exit CRITICAL; 'Medium' or 'Low' exit WARNING ./check_bundle_audit -p /var/www/app # exit CRITICAL if any CVE(s) are present ./check_bundle_audit -p /var/www/app -c all # exit WARNING if any CVE(s) (including high) are present ./check_bundle_audit -p /var/www/app -c '' -w all # 'High' CVEs exit CRITICAL; 'Unknown' or 'Medium' exit WARNING; 'Low' exit OK ./check_bundle_audit -p /var/www/app -c high -w medium,unknown # 'High' CVEs exit CRITICAL; 'Medium', 'Low' or 'Unknown' exit WARNING ./check_bundle_audit -p /var/www/app -c high -w medium,low,unknown # set full path to bundle-audit ./check_bundle_audit -p /var/www/app -b /usr/local/bin/bundle-audit # ignore advisories CVE-2016-4658 and CVE-2014-0083 ./check_bundle_audit -p /var/www/app -i "CVE-2016-4658 CVE-2014-0083" Options: -p, --path path to project -b --bundle-audit-path path to `bundle-audit` gem -w, --warning comma seperated CVE criticalities to treat as WARNING -c, --critical comma seperated CVE criticalities to treat as CRITICAL -i, --ignore space seperated advisories to ignore -V, --version output version -h, --help output help information Criticalities: * -c/--critical takes priority over -w/--warning. * -c/--critical default is high,unknown. * -w/--warning default is low,medium,high,unknown. * Criticality levels: - low - medium - high - unknown - all (alias for low,medium,high,unknown) Troubleshooting: UNKNOWN: Unable to update ruby-advisory-db bundler-audit downloads a copy of the Ruby Advisory Database inside the user's home directory. This can cause issues if the user running the script does not have a writable home directory. See https://github.com/tommarshall/nagios-check-bundle-audit/issues/2 for details on how to resolve this. Dependencies: * bash * bundler-audit (https://github.com/rubysec/bundler-audit)
Reviews (0) Add a Review
Add a Review

You must be logged in to submit a review.

Thank you for your review!

Your review has been submitted and is pending approval.

Recommend

To:


From:


Thank you for your recommendation!

Your recommendation has been sent.

Page Sections
Project Overview Project Files Project Notes Reviews
Project Stats
Rating
0 (0)
Favorites
0
Views
7,353