Closed josehelps closed 5 years ago
Hi @d1vious
The feature regarding cleaning reports. We would actually still need the reports, as we have a DIFF
feature
Where after consequent runs on the same account
We look at the differences from the current scan and the one but last scan
and show out the differences
That can be seen on the last tile of the output.
@shivankar-madaan the idea of wipe breaks diffing reports, but of course it is an optional flag which is False by default, similarly to how g-scout has an overwrite flag.
@shivankar-madaan moved G-Scout to a submodule, as I updated it to also produce JSON reports for JSON logging. Furthermore I improved docs for GCP, it is a bit simpler now that I updated the auth flow for G-Scout.
@d1vious after running the local audit after the AWS scan, I see the reports for AWS accounts are cleared up. I think we might have to fix that. This is honestly great work @d1vious. Thank you for this, testing out for more bugs.
I think the wiping is happening as default is true
parser.add_argument("-w", "--wipe", required=False, default=True, action='store_true',
help="rm -rf reports/ folder before executing an audit")
Implements JSON logging in order to index the data using any SIEMs (ELK/Splunk), also
-w
or--wipe
feature to clean up reports/ automatically after each run. Found this to be useful in consistent executions-o
or --output` feature that outputs a JSON log of a cs-suite audit executionscripts/audit_aws_dns.sh