mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
87 lines
1.7 KiB
Go
87 lines
1.7 KiB
Go
package main
|
|
|
|
import (
|
|
"errors"
|
|
"os"
|
|
|
|
"github.com/fleetdm/fleet/v4/pkg/fleethttp"
|
|
"github.com/fleetdm/fleet/v4/server/vulnerabilities"
|
|
"github.com/urfave/cli/v2"
|
|
)
|
|
|
|
func vulnerabilityDataStreamCommand() *cli.Command {
|
|
var dir string
|
|
return &cli.Command{
|
|
Name: "vulnerability-data-stream",
|
|
Usage: "Download the vulnerability data stream",
|
|
UsageText: `
|
|
fleetctl vulnerability-data-stream [options]
|
|
|
|
Downloads (if needed) the data streams that can be used by the Fleet server to process software for vulnerabilities.
|
|
`,
|
|
Flags: []cli.Flag{
|
|
&cli.StringFlag{
|
|
Name: "dir",
|
|
EnvVars: []string{"DIR"},
|
|
Value: "",
|
|
Destination: &dir,
|
|
Usage: "Directory to place the data streams in",
|
|
},
|
|
configFlag(),
|
|
contextFlag(),
|
|
debugFlag(),
|
|
},
|
|
Action: func(c *cli.Context) error {
|
|
if dir == "" {
|
|
return errors.New("No directory provided")
|
|
}
|
|
|
|
err := os.MkdirAll(dir, 0o700)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
log(c, "[-] Downloading CPE database...")
|
|
|
|
client := fleethttp.NewClient()
|
|
err = vulnerabilities.DownloadCPEDatabase(dir, client)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
log(c, " Done\n")
|
|
|
|
log(c, "[-] Downloading NVD CVE feed...")
|
|
|
|
err = vulnerabilities.DownloadNVDCVEFeed(dir, "")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
log(c, " Done\n")
|
|
|
|
log(c, "[-] Downloading EPSS feed...")
|
|
|
|
err = vulnerabilities.DownloadEPSSFeed(dir, client)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
log(c, " Done\n")
|
|
|
|
log(c, "[-] Downloading CISA known exploits feed...")
|
|
|
|
err = vulnerabilities.DownloadCISAKnownExploitsFeed(dir, client)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
log(c, " Done\n")
|
|
|
|
log(c, "[+] Data streams successfully downloaded!\n")
|
|
|
|
return nil
|
|
},
|
|
}
|
|
}
|