How It Works

Navigation:  Kcare-nexpose >

How It Works

Previous pageReturn to chapter overviewNext page

The script finds related CVE in KernelCare ePortal and reports to Nexpose. If all CVE is patched for one vulnerability in KernelCare, then the script adds this vulnerability as exception to Nexpose. The script also can approve this exception in Nexpose (approved by default, if you do not want to approve,  please set to false is_approve in the config).

 

The first you should generate report in Nexpose (see supported type below) and to specify it in the config file. Also you need to specify other parameters:

 

$ cp /usr/local/etc/kcare-nexpose.yml.template /usr/local/etc/kcare-nexpose.yml

$ vim /usr/local/etc/kcare-nexpose.yml

 

Note. IP address in Nexpose and one in Kernelcare ePortal should be the same. If you use Nexpose and KC ePortal on different instances you should make sure that Nexpose and KC ePortal are not using localhost (127.0.0.1). Otherwise kcare-nexpose can mark vulnerability wrong, as it just analyzes IP addresses from Nexpose and KC ePortal.

 

Supported types of reports

 

ns-xml