ERROR:ZTC about zabbix-threat-control HOT 9 CLOSED

api_key parameter must be a string value

Fixed in vulnersCom/api@4364aef

from zabbix-threat-control.

Yes, it will only update once per day.
But you can change the "Scheduling interval" as you need

from zabbix-threat-control.

Hi.

• What version of the Vulners API python module do you have installed? Requires version > = 1.3.1.

• What version of the scan.py do you have installed? Actual version = 1.3.4.

• Try to specify not your API key, but a demo key from the configuration file. Will the error change to "Wrong Vulners API key"?
  Example:

  [MANDATORY]
  ### Option: VulnersApiKey
  #   Used to access the API.
  #   To get it follow the steps bellow:
  #   Log in to vulners.com. Navigate to userinfo space https://vulners.com/userinfo.
  #   Choose "API KEYS" section. Select "scan" in scope menu and click "Generate new key".
  #   Example api key = RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
  #
  # Mandatory: yes
  # Default:
  VulnersApiKey = RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
  
  
  ./scan.py
  INFO:ZTC:Start.
  ERROR:ZTC:Error: Used API key: RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK. Wrong Vulners API key. Please, follow https://vulners.com to obtain correct one.
  

from zabbix-threat-control.

Hi Samosvat,

here is the output of pip show vulners:

Metadata-Version: 2.0
Name: vulners
Version: 1.3.4
Summary: Python library and command-line utility for Vulners (https://vulners.com)
Home-page: https://github.com/vulnersCom/api
Author: Kirill Ermakov
Author-email: [email protected]
Installer: pip
License: UNKNOWN
Location: /usr/lib/python2.7/site-packages
Requires: requests
Classifiers:
Development Status :: 5 - Production/Stable
Operating System :: OS Independent
Programming Language :: Python
Topic :: Software Development :: Libraries :: Python Modules
Intended Audience :: Developers
Intended Audience :: Information Technology
License :: OSI Approved :: GNU General Public License v3 (GPLv3)
Topic :: Software Development :: Version Control
Topic :: Utilities

and for the scan.py version:
version = '1.3.4

I've tried using the demo key and the error is the same..
the error is not the expected "Wrong Vulners API key"...

thank you!!

from zabbix-threat-control.

Works now! thanks!!

from zabbix-threat-control.

Got it :)

from zabbix-threat-control.

hi Vulners,

i got 1 more issue, no information displayed on the vulners dashboard,

hosts created by the script shows unavailable status,

what should be linked?

from zabbix-threat-control.

After installation, you need to do this: https://github.com/vulnersCom/zabbix-threat-control#configuration

Also check the following:
Сheck the hosts in Zabbix: do you have this data in hosts latest data?

Script are run once a day. The start-up time is selected randomly during the installation. Check after this time.

Run: zabbix_get -s HOST_IP -k "system.run[/opt/monitoring/os-report/report.py package]"
Must return a list of packages installed on a server HOST_IP to the console.

Run: zabbix_sender -z ZABBIX_SRV_IP -s vulners.statistics -k vulners.scoreMin -o 0
Сheck the host "Vulners - Statistics" in Zabbix: do you have this data in host latest data?

from zabbix-threat-control.

Hi Samosvat,

its working now,. thanks!! btw is there a way to manually trigger the updated package vulnerability list in the dashboard after updating the vulnerable packages? or it will only update once per day?

from zabbix-threat-control.