Using an API

Run Trivy scan:

curl -X 'POST' \
'http://ec2-xx-xx-xx-x.compute-1.amazonaws.com:8080/alertflex-ctrl/rest/posture' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"delay": 1000,
"alertCorr": "AllFindings",
"postureType": "DockerConfig",
"target": "/home/ubuntu/docker-files",
"host": "ip-172-31-88-191",
"vrn": "vrn01",
"project": "58d74469-5741-437e-b828-8d5c760a57f4"
}'

Response:

{
"taskId": "5b262b11-78e2-4e34-b3d1-cf6c97bfadbb"
}

Get Trivy report from central repository:

curl -X 'GET' \
'http://ec2-xx-xx-xx-x.compute-1.amazonaws.com:8080/alertflex-ctrl/rest/posture/json/5b262b11-78e2-4e34-b3d1-cf6c97bfadbb' \
-H 'accept: application/json'

Get Alerts report for this scan:

curl -X 'GET' \
'http://ec2-xx-xx-xx-x.compute-1.amazonaws.com:8080/alertflex-ctrl/rest/posture/alerts/5b262b11-78e2-4e34-b3d1-cf6c97bfadbb' \
-H 'accept: application/json'

Response:

{
"date": "Mon Jul 03 21:34:37 UTC 2023",
"alert_major": "1",
"alert_critical": "2",
"alert_minor": "1",
"type": "DockerConfig",
"probe": "ip-172-31-88-191.trivy",
"alert_info": "0"
}

Get status of scanners and sensors for project:

curl -X 'GET' \
'http://ec2-xx-xx-xx-x.compute-1.amazonaws.com:8080/alertflex-ctrl/rest/vrn/status/58d74469-5741-437e-b828-8d5c760a57f4' \
-H 'accept: application/json'

Response:

[
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "AwsWaf",
  "probe": "ip-172-31-88-191.aws-waf",
  "status": "active"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "Falco",
  "probe": "ip-172-31-88-191.crs",
  "status": "inactive"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "Docker",
  "probe": "ip-172-31-88-191.docker",
  "status": "disable"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "Wazuh",
  "probe": "ip-172-31-88-191.hids",
  "status": "active"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "SuricataIPS",
  "probe": "ip-172-31-88-191.ips",
  "status": "disable"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "Kubernetes",
  "probe": "ip-172-31-88-191.k8s",
  "status": "disable"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "KubeHunter",
  "probe": "ip-172-31-88-191.kube-hunter",
  "status": "disable"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "Suricata",
  "probe": "ip-172-31-88-191.nids",
  "status": "active"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "Nmap",
  "probe": "ip-172-31-88-191.nmap",
  "status": "disable"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "Nuclei",
  "probe": "ip-172-31-88-191.nuclei",
  "status": "disable"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "Trivy",
  "probe": "ip-172-31-88-191.trivy",
  "status": "active"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "ModSecurity",
  "probe": "ip-172-31-88-191.waf",
  "status": "inactive"
},
{
  "vrn": "vrn01",
  "host": "ip-172-31-88-191",
  "update": "Sun Jul 02 20:24:29 UTC 2023",
  "type": "ZAP",
  "probe": "ip-172-31-88-191.zap",
  "status": "disable"
}
]