borekon/lynis-report-converter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Style changes, HTML tidying, and minor bug fixes.

Browse Source
This commit is contained in:
dataking 2016-07-14 13:01:42 -07:00
parent 2e6ab3b1a6
commit 0fd0a0b0b9
1 changed files with 129 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

215
lynis_report.pl
View File

@ -3,7 +3,7 @@
use strict; use strict;
use warnings; use warnings;
use feature qw( switch ); use feature qw( switch );
#if ($] ge '5.018000') { no warnings "experimental::smartmatch"; } no if $] ge '5.018', warnings => "experimental::smartmatch";
use Term::ANSIColor; use Term::ANSIColor;
use Getopt::Long qw( :config no_ignore_case bundling ); use Getopt::Long qw( :config no_ignore_case bundling );
use Data::Dumper; use Data::Dumper;
@ -16,6 +16,8 @@ GetOptions(
'o|output=s' => \$output, 'o|output=s' => \$output,
); );
if ($help) { &usage; }
my %to_bool = ( 0 => 'false', 1 => 'true' ); my %to_bool = ( 0 => 'false', 1 => 'true' );
my %to_long_severity = ( 'C' => 'Critical', 'S' => 'Severe', 'H' => 'High', 'M' => 'Medium', 'L' => 'Low', 'I' => 'Informational' ); my %to_long_severity = ( 'C' => 'Critical', 'S' => 'Severe', 'H' => 'High', 'M' => 'Medium', 'L' => 'Low', 'I' => 'Informational' );
@ -111,6 +113,8 @@ print OUT <<END;
<meta > <meta >
<style> <style>
html,body {color: #fff; background-color: #000;} html,body {color: #fff; background-color: #000;}
div#content_section {margin: 0 10% 0 10%;}
div.content_subsection {margin: 0 5% 0 5%;}
table {border-collapse: collapse; border: 1px solid white;} table {border-collapse: collapse; border: 1px solid white;}
td.good {background-color: #006400; color: #ffffff; font-weight: bold;} td.good {background-color: #006400; color: #ffffff; font-weight: bold;}
td.fair {background-color: #ffd700; color: #000000; font-weight: bold;} td.fair {background-color: #ffd700; color: #000000; font-weight: bold;}
@ -120,69 +124,79 @@ print OUT <<END;
</style> </style>
</head> </head>
<body> <body>
<h1>lynis Asset Report</h1> <div id="content_section">
<h2><span class="title_shrink">created by</span> lynis_report</h2> <h1>lynis Asset Report</h1>
<table border="1"> <h2><span class="title_shrink">created by</span> lynis_report</h2>
<tr><td><a href="#lynis_info">lynis info</a></td><td><a href="#host_info">host info</a></td></tr> <table border="1">
</table> <tr><td><a href="#lynis_info">lynis info</a></td><td><a href="#host_info">host info</a></td></tr>
<hr /> </table>
<h4>host findings:</h4> <hr />
<table border="1"><tr><td>hardening index:</td> <h4>host findings:</h4>
<table border="1"><tr><td>hardening index:</td>
END END
given ($lynis_report_data{'hardening_index'}) { given ($lynis_report_data{'hardening_index'}) {
when (($lynis_report_data{'hardening_index'} < 100) and ($lynis_report_data{'hardening_index'} > 90)) { when (($lynis_report_data{'hardening_index'} < 100) and ($lynis_report_data{'hardening_index'} > 90)) {
# green # green
print OUT "\t\t\t<td class=\"good\">$lynis_report_data{'hardening_index'}</td>"; print OUT "\t\t\t\t<td class=\"good\">$lynis_report_data{'hardening_index'}</td>";
} }
when (($lynis_report_data{'hardening_index'} <= 90) and ($lynis_report_data{'hardening_index'} > 80)) { when (($lynis_report_data{'hardening_index'} <= 90) and ($lynis_report_data{'hardening_index'} > 80)) {
# yellow # yellow
print OUT "\t\t\t<td class=\"fair\">$lynis_report_data{'hardening_index'}</td>"; print OUT "\t\t\t\t<td class=\"fair\">$lynis_report_data{'hardening_index'}</td>";
} }
when (($lynis_report_data{'hardening_index'} <= 80) and ($lynis_report_data{'hardening_index'} > 65)) { when (($lynis_report_data{'hardening_index'} <= 80) and ($lynis_report_data{'hardening_index'} > 65)) {
# orange # orange
print OUT "\t\t\t<td class=\"poor\">$lynis_report_data{'hardening_index'}</td>"; print OUT "\t\t\t\t<td class=\"poor\">$lynis_report_data{'hardening_index'}</td>";
} }
when ($lynis_report_data{'hardening_index'} <= 65) { when ($lynis_report_data{'hardening_index'} <= 65) {
# red # red
print OUT "\t\t\t<td class=\"dismal\">$lynis_report_data{'hardening_index'}</td>"; print OUT "\t\t\t\t<td class=\"dismal\">$lynis_report_data{'hardening_index'}</td>";
} }
default { default {
# error # error
} }
} }
print OUT "\t\t</tr></table>\n"; print OUT "\t\t\t</tr></table>\n";
print OUT "<h4>warnings (".scalar(@{$lynis_report_data{'warning[]'}})."):</h4>\n"; if (!exists($lynis_report_data{'warning[]'})) {
print OUT <<END; print OUT "<h4>warnings (0):</h4>\n";
<table border="1">
<tr><td>Warning ID</td><td>Description</td><td>Severity</td><td>F4</td></tr>
END
if (ref($lynis_report_data{'warning[]'}) eq 'ARRAY') {
if (${$lynis_report_data{'warning[]'}}[0] =~ /\|/) { # more than one
foreach my $warn ( sort @{$lynis_report_data{'warning[]'}} ) {
my ($warn_id,$warn_desc,$warn_sev,$warn_f4) = split(/\|/, $warn);
print OUT "<tr><td>$warn_id</td><td>$warn_desc</td><td>$to_long_severity{$warn_sev}</td><td>$warn_f4</td></tr>\n";
}
} elsif (${$lynis_report_data{'warning[]'}}[0] =~ /[A-Z]{4}\-\d{4}/) { # one warning
my $warn_id = ${$lynis_report_data{'warning[]'}}[0];
my $warn_desc = ${$lynis_report_data{'warning[]'}}[1];
my $warn_sev = ${$lynis_report_data{'warning[]'}}[2];
my $warn_f4 = ${$lynis_report_data{'warning[]'}}[3];
print OUT "<tr><td>$warn_id</td><td>$warn_desc</td><td>$to_long_severity{$warn_sev}</td><td>$warn_f4</td></tr>\n";
} else {
die colored("Unexpected ARRAY format! \n", "bold red");
}
} else { } else {
die colored("warning[] not ARRAY ref!: ".ref($lynis_report_data{'warning[]'})."\n", "bold red"); print OUT "<h4>warnings (".scalar(@{$lynis_report_data{'warning[]'}})."):</h4>\n";
} }
print OUT <<END; print OUT <<END;
</table> <div class="content_subsection">
<table border="1">
<tr><td>Warning ID</td><td>Description</td><td>Severity</td><td>F4</td></tr>
END END
print OUT "\t\t<h4>suggestions (".scalar(@{$lynis_report_data{'suggestion[]'}})."):</h4>\n"; if (exists($lynis_report_data{'warning[]'})) {
if (ref($lynis_report_data{'warning[]'}) eq 'ARRAY') {
if (${$lynis_report_data{'warning[]'}}[0] =~ /\|/) { # more than one
foreach my $warn ( sort @{$lynis_report_data{'warning[]'}} ) {
my ($warn_id,$warn_desc,$warn_sev,$warn_f4) = split(/\|/, $warn);
print OUT "\t\t\t\t\t<tr><td>$warn_id</td><td>$warn_desc</td><td>$to_long_severity{$warn_sev}</td><td>$warn_f4</td></tr>\n";
}
} elsif (${$lynis_report_data{'warning[]'}}[0] =~ /[A-Z]{4}\-\d{4}/) { # one warning
my $warn_id = ${$lynis_report_data{'warning[]'}}[0];
my $warn_desc = ${$lynis_report_data{'warning[]'}}[1];
my $warn_sev = ${$lynis_report_data{'warning[]'}}[2];
my $warn_f4 = ${$lynis_report_data{'warning[]'}}[3];
print OUT "\t\t\t\t\t<tr><td>$warn_id</td><td>$warn_desc</td><td>$to_long_severity{$warn_sev}</td><td>$warn_f4</td></tr>\n";
} else {
die colored("Unexpected ARRAY format! \n", "bold red");
}
} else {
die colored("warning[] not ARRAY ref!: ".ref($lynis_report_data{'warning[]'})."\n", "bold red");
}
}
print OUT <<END; print OUT <<END;
<table border="1"> </table>
<tr><td>Suggestion ID</td><td>Description</td><td>Severity</td><td>F4</td></tr> </div>
END
print OUT "\t\t\t<h4>suggestions (".scalar(@{$lynis_report_data{'suggestion[]'}})."):</h4>\n";
print OUT <<END;
<div class="content_subsection">
<table border="1">
<tr><td>Suggestion ID</td><td>Description</td><td>Severity</td><td>F4</td></tr>
END END
if ((ref($lynis_report_data{'suggestion[]'}) eq 'ARRAY') and if ((ref($lynis_report_data{'suggestion[]'}) eq 'ARRAY') and
(${$lynis_report_data{'suggestion[]'}}[0] =~ /\|/)) { (${$lynis_report_data{'suggestion[]'}}[0] =~ /\|/)) {
@ -191,67 +205,75 @@ if ((ref($lynis_report_data{'suggestion[]'}) eq 'ARRAY') and
if ($sug_desc eq 'Consider hardening SSH configuration') { if ($sug_desc eq 'Consider hardening SSH configuration') {
$sug_desc .= ": $sug_sev"; $sug_sev = '-'; $sug_desc .= ": $sug_sev"; $sug_sev = '-';
} }
print OUT "\t\t\t<tr><td>$sug_id</td><td>$sug_desc</td><td>$sug_sev</td><td>$sug_f4</td></tr>\n"; print OUT "\t\t\t\t\t<tr><td>$sug_id</td><td>$sug_desc</td><td>$sug_sev</td><td>$sug_f4</td></tr>\n";
} }
} }
print OUT <<END; print OUT <<END;
</table> </table>
<h4>manual checks:</h4> </div>
<ul> <h4>manual checks:</h4>
<ul>
END END
foreach my $man ( sort @{$lynis_report_data{'manual[]'}} ) { if ((exists($lynis_report_data{'manual[]'})) and (scalar(@{$lynis_report_data{'manual[]'}}) > 0)) {
#print Dumper($man); foreach my $man ( sort @{$lynis_report_data{'manual[]'}} ) {
print OUT "<li>$man</li>\n"; #print Dumper($man);
print OUT "<li>$man</li>\n";
}
} }
print OUT <<END; print OUT <<END;
</ul> </ul>
<hr /> <hr />
<a name="lynis_info"><h4>lynis info:</h4></a> <a name="lynis_info"><h4>lynis info:</h4></a>
<table border="1"> <div class="content_subsection">
<tr> <table border="1">
<td>lynis version:</td><td>$lynis_report_data{'lynis_version'}</td><td>lynis tests done:</td><td>$lynis_report_data{'lynis_tests_done'}</td> <tr>
</tr> <td>lynis version:</td><td>$lynis_report_data{'lynis_version'}</td><td>lynis tests done:</td><td>$lynis_report_data{'lynis_tests_done'}</td>
<tr> </tr>
<td>lynis update available:</td><td>$to_bool{$lynis_report_data{'lynis_update_available'}}</td><td>license key:</td><td>$lynis_report_data{'license_key'}</td> <tr>
</tr> <td>lynis update available:</td><td>$to_bool{$lynis_report_data{'lynis_update_available'}}</td><td>license key:</td><td>$lynis_report_data{'license_key'}</td>
<tr> </tr>
<td colspan="2">report version:</td><td colspan="2">$lynis_report_data{'report_version_major'}.$lynis_report_data{'report_version_minor'}</td> <tr>
</tr> <td colspan="2">report version:</td><td colspan="2">$lynis_report_data{'report_version_major'}.$lynis_report_data{'report_version_minor'}</td>
<tr> </tr>
<td>number of plugins enabled:</td><td>$lynis_report_data{'plugins_enabled'}</td><td>plugin directory:</td><td>$lynis_report_data{'plugin_directory'}</td> <tr>
</tr> <td>number of plugins enabled:</td><td>$lynis_report_data{'plugins_enabled'}</td><td>plugin directory:</td><td>$lynis_report_data{'plugin_directory'}</td>
<tr> </tr>
<tr>
END END
print OUT "\t\t\t\t<td>phase 1 plugins enabled:</td><td colspan=\"3\">"; print OUT "\t\t\t\t\t\t<td>phase 1 plugins enabled:</td><td colspan=\"3\">\n";
print OUT "\t\t\t\t\t<table border=\"1\">\n"; print OUT "\t\t\t\t\t\t\t<table border=\"1\">\n";
foreach my $plug ( sort @{$lynis_report_data{'plugin_enabled_phase1[]'}} ) { foreach my $plug ( sort @{$lynis_report_data{'plugin_enabled_phase1[]'}} ) {
my ($n,$v) = split(/\|/, $plug); my ($n,$v) = split(/\|/, $plug);
print OUT "\t\t\t\t\t\t<tr><td>name:</td><td>$n</td><td>version:</td><td>$v</td></tr>\n"; print OUT "\t\t\t\t\t\t\t\t<tr><td>name:</td><td>$n</td><td>version:</td><td>$v</td></tr>\n";
} }
print OUT "\t\t\t\t\t</table>\n"; print OUT "\t\t\t\t\t\t\t</table>\n";
print OUT "</td>\n"; print OUT "\t\t\t\t\t\t</td>\n";
print OUT <<END; print OUT <<END;
</tr> </tr>
<tr> <tr>
<td>report start time:</td><td>$lynis_report_data{'report_datetime_start'}</td><td>report end time:</td><td>$lynis_report_data{'report_datetime_end'}</td> <td>report start time:</td><td>$lynis_report_data{'report_datetime_start'}</td><td>report end time:</td><td>$lynis_report_data{'report_datetime_end'}</td>
</tr> </tr>
<tr><td>hostid:</td><td colspan="3">$lynis_report_data{'hostid'}</td></tr> <tr><td>hostid:</td><td colspan="3">$lynis_report_data{'hostid'}</td></tr>
<tr><td>hostid:</td><td colspan="3">$lynis_report_data{'hostid2'}</td></tr> <tr><td>hostid:</td><td colspan="3">$lynis_report_data{'hostid2'}</td></tr>
</table> </table>
<hr /> </div>
<h4><a name="host_info">host info:</a></h4> <hr />
<table border="1"> <h4><a name="host_info">host info:</a></h4>
<tr><td>hostname:</td><td>$lynis_report_data{'hostname'}</td><td>domainname:</td><td>$lynis_report_data{'domainname'}</td><td>resolv.conf domain:</td><td>$lynis_report_data{'resolv_conf_domain'}</td></tr> <div class="content_subsection">
<tr><td>os:</td><td>$lynis_report_data{'os'}</td><td>os fullname:</td><td>$lynis_report_data{'os_fullname'}</td><td>os_version:</td><td>$lynis_report_data{'os_version'}</td></tr> <table border="1">
<tr><td>GRSecurity:</td><td>$to_bool{$lynis_report_data{'framework_grsecurity'}}</td><td>SELinux:</td><td>$to_bool{$lynis_report_data{'framework_selinux'}}</td><td>memory:</td><td>$lynis_report_data{'memory_size'} $lynis_report_data{'memory_units'}</td></tr> <tr><td>hostname:</td><td>$lynis_report_data{'hostname'}</td><td>domainname:</td><td>$lynis_report_data{'domainname'}</td><td>resolv.conf domain:</td><td>$lynis_report_data{'resolv_conf_domain'}</td></tr>
<tr><td>linux version:</td><td>$lynis_report_data{'linux_version'}</td><td>pae enabled:</td><td>$to_bool{$lynis_report_data{'cpu_pae'}}</td><td>nx enabled:</td><td>$to_bool{$lynis_report_data{'cpu_nx'}}</td></tr> <tr><td>os:</td><td>$lynis_report_data{'os'}</td><td>os fullname:</td><td>$lynis_report_data{'os_fullname'}</td><td>os_version:</td><td>$lynis_report_data{'os_version'}</td></tr>
<tr><td>GRSecurity:</td><td>$to_bool{$lynis_report_data{'framework_grsecurity'}}</td><td>SELinux:</td><td>$to_bool{$lynis_report_data{'framework_selinux'}}</td><td>memory:</td><td>$lynis_report_data{'memory_size'} $lynis_report_data{'memory_units'}</td></tr>
<tr><td>linux version:</td><td>$lynis_report_data{'linux_version'}</td><td>pae enabled:</td><td>$to_bool{$lynis_report_data{'cpu_pae'}}</td><td>nx enabled:</td><td>$to_bool{$lynis_report_data{'cpu_nx'}}</td></tr>
END END
print OUT "\t\t\t<tr><td>network interfaces:</td><td>".join("<br />\n", @{$lynis_report_data{'network_interface[]'}})."</td><td>ipv4 addresses:</td><td>".join("<br />\n", @{$lynis_report_data{'network_ipv4_address[]'}})."</td><td>ipv6 addresses:</td><td>".join("<br />\n", @{$lynis_report_data{'network_ipv6_address[]'}})."</td></tr>\n"; print OUT "\t\t\t\t\t<tr><td>network interfaces:</td><td>".join("<br />\n", @{$lynis_report_data{'network_interface[]'}})."</td><td>ipv4 addresses:</td><td>".join("<br />\n", @{$lynis_report_data{'network_ipv4_address[]'}})."</td><td>ipv6 addresses:</td><td>".join("<br />\n", @{$lynis_report_data{'network_ipv6_address[]'}})."</td></tr>\n";
print OUT <<END; print OUT <<END;
<tr><td>kernel version:</td><td>$lynis_report_data{'linux_kernel_version'}</td><td>kernel release version:</td><td>$lynis_report_data{'linux_kernel_release'}</td><td>uptime (days):</td><td>$lynis_report_data{'uptime_in_days'}</td></tr> <tr><td>kernel version:</td><td>$lynis_report_data{'linux_kernel_version'}</td><td>kernel release version:</td><td>$lynis_report_data{'linux_kernel_release'}</td><td>uptime (days):</td><td>$lynis_report_data{'uptime_in_days'}</td></tr>
<tr><td>vm:</td><td>$to_bool{$lynis_report_data{'vm'}}</td><td>vm_type:</td><td>$lynis_report_data{'vmtype'}</td><td>uptime (secs):</td><td>$lynis_report_data{'uptime_in_seconds'}</td></tr> <tr><td>vm:</td><td>$to_bool{$lynis_report_data{'vm'}}</td><td>vm_type:</td><td>$lynis_report_data{'vmtype'}</td><td>uptime (secs):</td><td>$lynis_report_data{'uptime_in_seconds'}</td></tr>
</table> </table>
</div>
</div>
</body> </body>
</html> </html>
@ -264,3 +286,24 @@ foreach my $idx ( sort @indexes ) {
delete($lynis_report_data{$idx}); delete($lynis_report_data{$idx});
} }
print Dumper(\%lynis_report_data); print Dumper(\%lynis_report_data);
###############################################################################
# subs
###############################################################################
sub usage {
print <<END;
$0 -h|--help -v|--verbose -E|--excel -o|--output
Where:
-h|--help Display this useful message, then exit.
-v|--verbose Display more detailed output. This is typically used for
debugging, but may provide insight when running into problems.
-E|--excel Output the report in Microsoft Excel binary format. This
options is not yet implemented (NYI).
-o|--output Specifies the output file to print the report to.
END
exit 0;
}