amaturehr
commented
3 years ago I get the same issue as well
Open krynn1 opened 3 years ago
amaturehr
commented
3 years ago I get the same issue as well
rsherron1973
commented
3 years ago I am seeing the same issue. I get a partial report using the csv option. It looks like the process is making it into the EC2 plugins. before it fails. I can run specific plugins for S3 for example. I am not versed in js so I am just beginning to get into the files. I have found the specific error message on line 138 of engine.js. I have not run any kind of debugging to see why the results or length of results is null.
amaturehr
commented
3 years ago I am getting partial output by just specifying compliance options. It seems to still say nothing to report if I use CSV output, but don't specify compliance options. This give me about 65 checks:
./index.js --compliance=cis1 --compliance=cis2 --compliance=pci --compliance=cis --compliance=hipaa
amaturehr
commented
3 years ago While I was able to get AWS working by providing specific compliance flags, AZURE seems to still say "Nothing To Report" after running for a bit
amaturehr
commented
3 years ago well for Azure to work, I have to specify the config file:
./index.js --config=./config.js --console=table --csv=filename.csv
For AWS if I specify the same options, i again get the nothing to report, if i specify the compliance options like before i get AWS specific check output.
dave-pollock
commented
3 years ago I saw this error due to a bug in one of the plugins which was causing it to report no results back to the engine. Using the --compliance flag may help because that may cause whichever plugin is causing the issue to be ignored.
In engine.js you can change line 138 from
if (!results || !results.length) return console.log('ERROR: Nothing to report...');to
if (!results || !results.length) return console.log(`Plugin ${plugin.title} returned no results. There may be a problem with this plugin.`);This allowed me to see which plugin was causing the problem.
D00gs
commented
3 years ago If you replace line 138 to:
if (!results || !results.length) console.log(Plugin ${plugin.title} returned no results. There may be a problem with this plugin.);
Instead (ie remove the return part), it will fix the problem and give you the extra info.
Created pull request at https://github.com/aquasecurity/cloudsploit/pull/486
I get this when trying to run cloudsploit security scan on my aws instance. I've set credentials within the config.js file using access_key, secret_access_key and session_token
./index.js --config ./config.js
CloudSploit by Aqua Security, Ltd. Cloud security auditing for AWS, Azure, GCP, Oracle, and GitHub
INFO: Using CloudSploit config file: ./config.js INFO: Skipping AWS pagination mode INFO: Determining API calls to make... INFO: Found 159 API calls to make for aws plugins INFO: Collecting metadata. This may take several minutes... INFO: Metadata collection complete. Analyzing... INFO: Analysis complete. Scan report to follow... ERROR: Nothing to report... ERROR: Nothing to report... ERROR: Nothing to report... ERROR: Nothing to report... ERROR: Nothing to report... ERROR: Nothing to report... ERROR: Nothing to report... ERROR: Nothing to report... ERROR: Nothing to report... ERROR: Nothing to report...