check_bundle

Plugins4387 Themes and Skins11 Add-ons732 Documentation283 Graphics and Logos36 View All Categories

New Listings Recently Updated Listings Most Favored Listings Most Popular Listings Most Rated Listings Most Reviewed Listings

RSS Feed

Newest Listings Updated Listings

Top Contributors

LAMY (7)Julien DESMAREST (6)deskwork_itunes142 (4)Davide Lemma (4)Joerg Hoerter (3)

Newest Contributors

Guillaume8723 (1)Salvo (1)SOHA-IT (1)Tsvetomir Tsvetanov (1)Igor Ru (1)

Security

0 (0)

8,120

Download Copy Page Link Login to Claim

Thank you for your review!

Your review has been submitted and is pending approval.

Description

Nagios plugin to monitor ruby applications for security vulnerabilities via bundler-audit, written in bash.

Project Details

Current Version

0.6.0

Last Release Date

2017-10-29

Owner

tommarshall

Download URL

https://github.com/tommarshall/nagios-check-bundle-audit

License

MIT

Compatible With

Nagios 1.x
Nagios 2.x
Nagios 3.x

Project Notes

Nagios plugin to monitor ruby applications for security vulnerabilities via bundler-audit.

Usage:

./check_bundle_audit -p <path> [options]

Examples:

# 'Unknown' or 'High' CVEs exit CRITICAL; 'Medium' or 'Low' exit WARNING
./check_bundle_audit -p /var/www/app

# exit CRITICAL if any CVE(s) are present
./check_bundle_audit -p /var/www/app -c all

# exit WARNING if any CVE(s) (including high) are present
./check_bundle_audit -p /var/www/app -c '' -w all

# 'High' CVEs exit CRITICAL; 'Unknown' or 'Medium' exit WARNING; 'Low' exit OK
./check_bundle_audit -p /var/www/app -c high -w medium,unknown

# 'High' CVEs exit CRITICAL; 'Medium', 'Low' or 'Unknown' exit WARNING
./check_bundle_audit -p /var/www/app -c high -w medium,low,unknown

# set full path to bundle-audit
./check_bundle_audit -p /var/www/app -b /usr/local/bin/bundle-audit

# ignore advisories CVE-2016-4658 and CVE-2014-0083
./check_bundle_audit -p /var/www/app -i "CVE-2016-4658 CVE-2014-0083"

Options:

-p, --path <path> path to project
-b --bundle-audit-path path to `bundle-audit` gem
-w, --warning <criticalities> comma seperated CVE criticalities to treat as WARNING
-c, --critical <criticalities> comma seperated CVE criticalities to treat as CRITICAL
-i, --ignore <advisory ID(s)> space seperated advisories to ignore
-V, --version output version
-h, --help output help information
Criticalities:

* -c/--critical takes priority over -w/--warning.
* -c/--critical default is high,unknown.
* -w/--warning default is low,medium,high,unknown.

* Criticality levels:
- low
- medium
- high
- unknown
- all (alias for low,medium,high,unknown)

Troubleshooting:

UNKNOWN: Unable to update ruby-advisory-db

bundler-audit downloads a copy of the Ruby Advisory Database inside the user's home directory. This can cause issues if the user running the script does not have a writable home directory. See https://github.com/tommarshall/nagios-check-bundle-audit/issues/2 for details on how to resolve this.

Dependencies:

* bash
* bundler-audit (https://github.com/rubysec/bundler-audit)

check_bundle_audit

Thank you for your review!

Description

Project Details

Project Notes

User Reviews (0)

Add a Review

check_bundle_audit

Thank you for your review!

Description

Project Details

Project Notes

User Reviews (0)

Add a Review

Recommend