search

CISOfy / lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
https://cisofy.com/lynis/
GNU General Public License v3.0
13.47k stars 1.49k forks source link

System Warnings no longer showing Low, Medium or High (L,M,H) rating - version 2.3.3 #271

Closed ghost closed 8 years ago

ghost commented 8 years ago

lynis-report.dat no longer contains L,M or H ratings.

e.g. High rated item Version 2.3.3 KRNL-5830|Reboot of system is most likely needed|-|-|

full line looks like: warning[]=KRNL-5830|Reboot of system is most likely needed|-|-|

Version 2.2.0 KRNL-5830|Reboot of system is most likely needed|H|-|

Is this a bug or intended behaviour? I was using the rating to "Find All" from a summary report I wrote that aggregated the results from many servers into one log but can no longer quickly skip results of scans :-(

Is this a setting I need to enable to bring these values back or is it simply a bug?

All Warnings and suggestions appear to be "|-|-|"

I am running the command with only --cronjob parameter

mboelen commented 8 years ago

Hi. It is intended behavior, as part of an ongoing rewrite. The rating was never really used, so as part of our simplicity principle, we stripped it from the output. Another reason is that a warning for one system could be high priority, while the same warning for another system could be fine.

Tip: Have a look in the ReportWarning and ReportSuggestion functions for the details regarding the fields if you like to know more about the last fields.