Using an API
Run Trivy scan:
curl -X 'POST' \
'http://ec2-xx-xx-xx-x.compute-1.amazonaws.com:8080/alertflex-ctrl/rest/posture' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"delay": 1000,
"alertCorr": "AllFindings",
"postureType": "DockerConfig",
"target": "/home/ubuntu/docker-files",
"host": "ip-172-31-88-191",
"vrn": "vrn01",
"project": "58d74469-5741-437e-b828-8d5c760a57f4"
}'
Response:
{
"taskId": "5b262b11-78e2-4e34-b3d1-cf6c97bfadbb"
}
Get Trivy report from central repository:
curl -X 'GET' \
'http://ec2-xx-xx-xx-x.compute-1.amazonaws.com:8080/alertflex-ctrl/rest/posture/json/5b262b11-78e2-4e34-b3d1-cf6c97bfadbb' \
-H 'accept: application/json'
Get Alerts report for this scan:
curl -X 'GET' \
'http://ec2-xx-xx-xx-x.compute-1.amazonaws.com:8080/alertflex-ctrl/rest/posture/alerts/5b262b11-78e2-4e34-b3d1-cf6c97bfadbb' \
-H 'accept: application/json'
Response:
{
"date": "Mon Jul 03 21:34:37 UTC 2023",
"alert_major": "1",
"alert_critical": "2",
"alert_minor": "1",
"type": "DockerConfig",
"probe": "ip-172-31-88-191.trivy",
"alert_info": "0"
}
Get status of scanners and sensors for project:
curl -X 'GET' \
'http://ec2-xx-xx-xx-x.compute-1.amazonaws.com:8080/alertflex-ctrl/rest/vrn/status/58d74469-5741-437e-b828-8d5c760a57f4' \
-H 'accept: application/json'
Response:
[
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "AwsWaf",
"probe": "ip-172-31-88-191.aws-waf",
"status": "active"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "Falco",
"probe": "ip-172-31-88-191.crs",
"status": "inactive"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "Docker",
"probe": "ip-172-31-88-191.docker",
"status": "disable"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "Wazuh",
"probe": "ip-172-31-88-191.hids",
"status": "active"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "SuricataIPS",
"probe": "ip-172-31-88-191.ips",
"status": "disable"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "Kubernetes",
"probe": "ip-172-31-88-191.k8s",
"status": "disable"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "KubeHunter",
"probe": "ip-172-31-88-191.kube-hunter",
"status": "disable"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "Suricata",
"probe": "ip-172-31-88-191.nids",
"status": "active"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "Nmap",
"probe": "ip-172-31-88-191.nmap",
"status": "disable"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "Nuclei",
"probe": "ip-172-31-88-191.nuclei",
"status": "disable"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "Trivy",
"probe": "ip-172-31-88-191.trivy",
"status": "active"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "ModSecurity",
"probe": "ip-172-31-88-191.waf",
"status": "inactive"
},
{
"vrn": "vrn01",
"host": "ip-172-31-88-191",
"update": "Sun Jul 02 20:24:29 UTC 2023",
"type": "ZAP",
"probe": "ip-172-31-88-191.zap",
"status": "disable"
}
]