search

Ar0xA / nessus2es

Send your nessus compliance and vulnerability scan data to ElasticSearch
27 stars 6 forks source link

reference information in fields #7

Closed Ar0xA closed 6 years ago

Ar0xA commented 6 years ago

The reference information should be included in seperate fields.

Especially handy for CIS scans, where results are mapped to CSCV6, NIST 800-171, PCI-DSS, HIPAA, ISO-27001, etc.

Ar0xA commented 6 years ago

Valid reference fields from a CIS scan, that I think would add something: NIST 800-171 PCI-DSSv3.1 CSCv6 CSF ITSG-33 NIST 800-53 PCI-DSSv3.2 SWIFT-CSCv1 HIPAA CN-L3 ITSG-33 TBA-FIISB ISO/IEC-27001 CIP

Ar0xA commented 6 years ago

will require change in the index. Info is found in

formatted as follows: {standard}|{reference},{standard2}|{reference2},{standard3}|{standard3} etc. when there are multiple references for the same standard, the standard and reference are added multiple times.

Ar0xA commented 6 years ago

example: `

800-53|CM-7,PCI-DSSv3.1|12.3.7,PCI-DSSv3.2|12.3.7,800-171|3.4.8,CSF|PR.IP-1,CSF|PR.PT-3,ISO/IEC-27001|A.12.5.1,ISO/IEC-27001|A.12.6.2,SWIFT-CSCv1|2.3,CSCv6|13,LEVEL|2S`
Ar0xA commented 6 years ago

Done.