blackstork-io / fabric

An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as-Code
https://blackstork.io/fabric/
Apache License 2.0
37 stars 2 forks source link
compliance compliance-reporting cti cybersecurity pentesting reporting secops security-reporting
Fabric logo

[Releases](https://github.com/blackstork-io/fabric/releases) | [Docs](https://blackstork.io/fabric/docs/) | [Slack](https://fabric-community.slack.com/) ![GitHub Repository stars](https://img.shields.io/github/stars/blackstork-io/fabric?style=social) ![GitHub Release](https://img.shields.io/github/v/release/blackstork-io/fabric) [![Join Slack](https://img.shields.io/badge/slack-join-8F87F7)](https://fabric-community.slack.com/)

Fabric is an open-source Command-Line Interface (CLI) tool with a configuration language designed to encode and automate content generation for cybersecurity and compliance.

The diagram illustrates a Fabric template and the corresponding rendered document

Fabric generates documents from templates written in Fabric Configuration Language (FCL). The templates are modular and reusable. By including data requirements and content structure definitions in the templates, the template authors can significantly reduce the manual effort of data consolidation and document build-up.

See Tutorial for an introduction to FCL and Fabric.

Fabric templates can include static content, dynamic templates (powered by Go templates) or rely on GenAI for content generation (with openai plugin, for example).

[!NOTE]
Fabric is currently in the early stages of development, and there may be some issues. If you have any suggestions, ideas, or bug reports, please share them in Fabric Community slack.

Plugins

Fabric supports plugins that offer integrations with various platforms, data stores, and security solutions, including JSON/CSV files, Elastic, OpenCTI, Splunk Cloud, GitHub, and more.

You can find the full list of supported plugins in the documentation.

Templates

You can find open-source templates for CTI, pentesting and SecOps use cases in Fabric Templates repository.

Installing Fabric

Homebrew

To install Fabric on macOS with Homebrew, run these commands:

# Install Fabric from the tap
brew install blackstork-io/tools/fabric

# Verify the version installed
fabric --version

The tap is updated automatically with every release.

Docker

The Docker images for Fabric are hosted in Docker Hub.

To run Fabric as a Docker image use a name blackstorkio/fabric:

docker run blackstorkio/fabric

GitHub releases

Fabric binaries for Windows, macOS, and Linux are available at "Releases" page in the project's GitHub.

To install Fabric:

For example, the steps for macOS (arm64) are:

# Create a folder
mkdir fabric-bin

# Download the latest release of Fabric
wget https://github.com/blackstork-io/fabric/releases/latest/download/fabric_darwin_arm64.tar.gz -O ./fabric_darwin_arm64.tar.gz

# Unpack Fabric release archive into `fabric-bin` folder
tar -xvzf ./fabric_darwin_arm64.tar.gz -C ./fabric-bin

# Verify that `fabric` runs
./fabric-bin/fabric --help

Usage

The core fabric commands are:

For more details, run fabric --help:

$ ./fabric --help
Usage:
  fabric [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  data        Execute a single data block
  help        Help about any command
  install     Install plugins
  render      Render the document

Flags:
      --color               enables colorizing the logs and diagnostics (if supported by the terminal and log format) (default true)
  -h, --help                help for fabric
      --log-format string   format of the logs (plain or json) (default "plain")
      --log-level string    logging level ('debug', 'info', 'warn', 'error') (default "info")
      --source-dir string   a path to a directory with *.fabric files (default ".")
  -v, --verbose             a shortcut to --log-level debug
      --version             version for fabric

Use "fabric [command] --help" for more information about a command.

Documentation

Visit https://blackstork.io/fabric/docs/ to see full documentation for Fabric.

Security

If you suspect any vulnerabilities within Fabric, please report them using GitHub's security advisory reporting. We treat every report with the utmost seriousness and commit to conducting a thorough investigation.

We kindly request that you task with us before making any public disclosures. This precautionary step ensures that no excessive information is shared prematurely, allowing us to prepare a patch. It also gives users enough time to upgrade.

License

Fabric is licensed under Apache-2.0 license. See the LICENSE file for the details.