Closed josehelps closed 5 years ago
shivankar-madaan
commented
5 years ago Hi @d1vious
The feature regarding cleaning reports. We would actually still need the reports, as we have a DIFF feature
Where after consequent runs on the same account
We look at the differences from the current scan and the one but last scan
and show out the differences
That can be seen on the last tile of the output.
josehelps
commented
5 years ago @shivankar-madaan the idea of wipe breaks diffing reports, but of course it is an optional flag which is False by default, similarly to how g-scout has an overwrite flag.
josehelps
commented
5 years ago @shivankar-madaan moved G-Scout to a submodule, as I updated it to also produce JSON reports for JSON logging. Furthermore I improved docs for GCP, it is a bit simpler now that I updated the auth flow for G-Scout.
shivankar-madaan
commented
5 years ago @d1vious after running the local audit after the AWS scan, I see the reports for AWS accounts are cleared up. I think we might have to fix that. This is honestly great work @d1vious. Thank you for this, testing out for more bugs.
shivankar-madaan
commented
5 years ago I think the wiping is happening as default is true
parser.add_argument("-w", "--wipe", required=False, default=True, action='store_true',
help="rm -rf reports/ folder before executing an audit")
Implements JSON logging in order to index the data using any SIEMs (ELK/Splunk), also
-wor--wipefeature to clean up reports/ automatically after each run. Found this to be useful in consistent executions-oor --output` feature that outputs a JSON log of a cs-suite audit executionscripts/audit_aws_dns.sh