diff --git a/lynis-report-converter.pl b/lynis-report-converter.pl index 68078d1..0a58d54 100755 --- a/lynis-report-converter.pl +++ b/lynis-report-converter.pl @@ -539,28 +539,29 @@ if ($json) { $host_ws->write('A8', 'is notebook/laptop:', $label_format); $host_ws->write('B8', uc($to_bool{$lynis_report_data{'notebook'}})); $host_ws->write('C8', 'is container:', $label_format); $host_ws->write('D8', uc($to_bool{$lynis_report_data{'container'}})); $host_ws->write('A9', 'binary paths:', $label_format); $host_ws->write('B9', $lynis_report_data{'binary_paths'}); - $host_ws->write('C9', 'certificates:', $label_format); - if (ref($lynis_report_data{'certificate[]'}) eq 'ARRAY') { - $host_ws->write('D9', join("\n", @{$lynis_report_data{'certificate[]'}})); - } else { - $host_ws->write('D9', $lynis_report_data{'certificate[]'}); - } + $host_ws->write('C9', 'certificate count:', $label_format); $host_ws->write('D9', $lynis_report_data{'certificates'}); $host_ws->write('A10', 'authorized default USB devices:', $label_format); $host_ws->write('B10', join("\n", @{$lynis_report_data{'usb_authorized_default_device[]'}})); - $host_ws->write('C10', 'valid certificates:', $label_format); - if (ref($lynis_report_data{'valid_certificate[]'}) eq 'ARRAY') { - $host_ws->write('D10', join("\n", @{$lynis_report_data{'valid_certificate[]'}})); + $host_ws->write('C10', 'certificates:', $label_format); + if (ref($lynis_report_data{'certificate[]'}) eq 'ARRAY') { + $host_ws->write('D10', join("\n", @{$lynis_report_data{'certificate[]'}})); } else { - $host_ws->write('D10', $lynis_report_data{'valid_certificate[]'}); + $host_ws->write('D10', $lynis_report_data{'certificate[]'}); } - $host_ws->write('C11', 'expired certificates:', $label_format); - if (ref($lynis_report_data{'expired_certificate[]'}) eq 'ARRAY') { - $host_ws->write('D11', join("\n", @{$lynis_report_data{'expired_certificate[]'}})); + $host_ws->write('C11', 'valid certificates:', $label_format); + if (ref($lynis_report_data{'valid_certificate[]'}) eq 'ARRAY') { + $host_ws->write('D11', join("\n", @{$lynis_report_data{'valid_certificate[]'}})); } else { - $host_ws->write('D11', $lynis_report_data{'expired_certificate[]'}); + $host_ws->write('D11', $lynis_report_data{'valid_certificate[]'}); + } + $host_ws->write('C12', 'expired certificates:', $label_format); + if (ref($lynis_report_data{'expired_certificate[]'}) eq 'ARRAY') { + $host_ws->write('D12', join("\n", @{$lynis_report_data{'expired_certificate[]'}})); + } else { + $host_ws->write('D12', $lynis_report_data{'expired_certificate[]'}); } - $host_ws->write('A12', 'cron jobs:', $label_format); - $i = 13; + $host_ws->write('A13', 'cron jobs:', $label_format); + $i = 14; if ((exists($lynis_report_data{'cronjob[]'})) and (ref($lynis_report_data{'cronjob[]'}) eq 'ARRAY')) { foreach my $job ( sort @{$lynis_report_data{'cronjob[]'}} ) { $job =~ s/\,/ /g; @@ -569,7 +570,7 @@ if ($json) { $i++; } } else { - $host_ws->write('A13', $lynis_report_data{'cronjob[]'}); + $host_ws->write("A$i", $lynis_report_data{'cronjob[]'}); } $i++; $host_ws->write("A$i", "logging info:", $subsub_format); $i++; @@ -674,44 +675,46 @@ if ($json) { $sec_ws->write('A6', 'password complexity score:', $label_format); $sec_ws->write_formula('B6', "=DEC2BIN($pass_score)"); $sec_ws->write('C6', 'PAM cracklib found:', $label_format); $sec_ws->write('D6', uc($to_bool{$lynis_report_data{'pam_cracklib'}})); $sec_ws->write('E6', 'password strength tested:', $label_format); $sec_ws->write('F6', uc($to_bool{$lynis_report_data{'password_strength_tested'}})); - $sec_ws->write('G6', 'failed logins logged:', $label_format); $sec_ws->write('H6', uc($to_bool{$lynis_report_data{'auth_failed_logins_logged'}})); - $sec_ws->write('A7', 'file integrity tool installed:', $label_format); $sec_ws->write('B7', uc($to_bool{$lynis_report_data{'file_integrity_tool_installed'}})); - $sec_ws->write('C7', 'file integreity tool(s):', $label_format); $sec_ws->write('D7', $lynis_report_data{'file_integrity_tool[]'}); - $sec_ws->write('E7', 'automation tool present:', $label_format); $sec_ws->write('F7', uc($to_bool{$lynis_report_data{'automation_tool_present'}})); - $sec_ws->write('G7', 'automation tool(s):', $label_format); $sec_ws->write('H7', $lynis_report_data{'automation_tool_running[]'}); - $sec_ws->write('A8', 'malware scanner installed', $label_format); $sec_ws->write('B8', uc($to_bool{$lynis_report_data{'malware_scanner_installed'}})); - $sec_ws->write('C8', 'malware scanner(s):', $label_format); $sec_ws->write('D8', $lynis_report_data{'malware_scanner[]'}); - $sec_ws->write('E8', 'compiler installed:', $label_format); $sec_ws->write('F8', uc($to_bool{$lynis_report_data{'compiler_installed'}})); - $sec_ws->write('G8', 'compiler(s):', $label_format); $sec_ws->write('H8', $lynis_report_data{'compiler[]'}); - $sec_ws->write('A9', 'IDS/IPS tooling', $label_format); + $sec_ws->write('G6', 'PAM password quality:', $label_format); $sec_ws->write('H6', $lynis_report_data{'pam_pwquality'}); + $sec_ws->write('A7', 'PAM brute force protection module:', $label_format); $sec_ws->write('B7', join("\n", @{$lynis_report_data{'pam_auth_brute_force_protection_module[]'}})); + $sec_ws->write('C7', 'failed logins logged:', $label_format); $sec_ws->write('D7', uc($to_bool{$lynis_report_data{'auth_failed_logins_logged'}})); + $sec_ws->write('A8', 'file integrity tool installed:', $label_format); $sec_ws->write('B8', uc($to_bool{$lynis_report_data{'file_integrity_tool_installed'}})); + $sec_ws->write('C8', 'file integreity tool(s):', $label_format); $sec_ws->write('D8', $lynis_report_data{'file_integrity_tool[]'}); + $sec_ws->write('E8', 'automation tool present:', $label_format); $sec_ws->write('F8', uc($to_bool{$lynis_report_data{'automation_tool_present'}})); + $sec_ws->write('G8', 'automation tool(s):', $label_format); $sec_ws->write('H8', $lynis_report_data{'automation_tool_running[]'}); + $sec_ws->write('A9', 'malware scanner installed', $label_format); $sec_ws->write('B9', uc($to_bool{$lynis_report_data{'malware_scanner_installed'}})); + $sec_ws->write('C9', 'malware scanner(s):', $label_format); $sec_ws->write('D9', $lynis_report_data{'malware_scanner[]'}); + $sec_ws->write('E9', 'compiler installed:', $label_format); $sec_ws->write('F9', uc($to_bool{$lynis_report_data{'compiler_installed'}})); + $sec_ws->write('G9', 'compiler(s):', $label_format); $sec_ws->write('H9', $lynis_report_data{'compiler[]'}); + $sec_ws->write('A10', 'IDS/IPS tooling', $label_format); if (exists($lynis_report_data{'ids_ips_tooling'})) { if (ref($lynis_report_data{'ids_ips_tooling'}) eq 'ARRAY') { - $sec_ws->write('B9', join("\n", @{$lynis_report_data{'ids_ips_tooling'}}), $merge_format); + $sec_ws->write('B10', join("\n", @{$lynis_report_data{'ids_ips_tooling'}}), $merge_format); } else { - $sec_ws->write('B9', $lynis_report_data{'ids_ips_tooling'}, $merge_format); + $sec_ws->write('B10', $lynis_report_data{'ids_ips_tooling'}, $merge_format); } } else { - $sec_ws->write('B9', 'N/A', $merge_format); + $sec_ws->write('B10', 'NA', $merge_format); } if (exists($lynis_report_data{'fail2ban_config'})) { - $sec_ws->write('C9', 'fail2ban config file(s):', $label_format); - $sec_ws->write('D9', $lynis_report_data{'fail2ban_config'}, $merge_format); + $sec_ws->write('C10', 'fail2ban config file(s):', $label_format); + $sec_ws->write('D10', $lynis_report_data{'fail2ban_config'}, $merge_format); } else { - $sec_ws->write('D9', 'N/A', $merge_format); + $sec_ws->write('D10', 'NA', $merge_format); } if (exists($lynis_report_data{'fail2ban_enabled_service[]'})) { - $sec_ws->write('E9', 'fail2ban enabled service(s):', $label_format); + $sec_ws->write('E10', 'fail2ban enabled service(s):', $label_format); if (ref($lynis_report_data{'fail2ban_enabled_service[]'}) eq 'ARRAY') { - $sec_ws->write('F9', join("\n", @{$lynis_report_data{'fail2ban_enabled_service[]'}}), $merge_format); + $sec_ws->write('F10', join("\n", @{$lynis_report_data{'fail2ban_enabled_service[]'}}), $merge_format); } else { - $sec_ws->write('F9', $lynis_report_data{'fail2ban_enabled_service[]'}, $merge_format); + $sec_ws->write('F10', $lynis_report_data{'fail2ban_enabled_service[]'}, $merge_format); } } - $sec_ws->write("G9", "session timeout enabled:", $label_format); - $sec_ws->write("H9", uc($to_bool{$lynis_report_data{'session_timeout_enabled'}})); - $sec_ws->merge_range('A11:B11', 'real users:', $subsub_format); $sec_ws->merge_range('C11:D11', 'home directories:', $subsub_format); - $sec_ws->write('A12', 'name', $label_format); $sec_ws->write('B12', 'uid', $label_format); - $i = 13; + $sec_ws->write("G10", "session timeout enabled:", $label_format); + $sec_ws->write("H10", uc($to_bool{$lynis_report_data{'session_timeout_enabled'}})); + $sec_ws->merge_range('A12:B12', 'real users:', $subsub_format); $sec_ws->merge_range('C12:D12', 'home directories:', $subsub_format); + $sec_ws->write('A13', 'name', $label_format); $sec_ws->write('B13', 'uid', $label_format); + $i = 14; if ((exists($lynis_report_data{'real_user[]'})) and (ref($lynis_report_data{'real_user[]'}) eq 'ARRAY')) { foreach my $usr ( sort @{$lynis_report_data{'real_user[]'}} ) { my ($n, $uid) = split(/\,/, $usr); @@ -1016,7 +1019,7 @@ if ($json) { my @idx2 = qw( cronjob[] log_rotation_tool log_directory[] log_rotation_config_found network_ipv4_address[] network_ipv6_address[] network_interface[] ipv6_mode ipv6_only warning[] suggestion[] network_listen_port[] usb_authorized_default_device[] network_mac_address[] default_gateway[] os_name lynis_update_available hardening_index plugin_directory plugins_enabled notebook open_logfile[] report_version_major report_version_minor valid_certificate[] min_password_class home_directory[] name_cache_used automation_tool_running[] real_user[] ntp_config_type_startup ntp_config_type_eventbased ntp_config_type_daemon ntp_config_type_scheduled ntp_version ntp_unreliable_peer[] ntp_config_file[] ntp_config_found redis_running linux_kernel_io_scheduler[] finish journal_meta_data ); my @idx3 = qw( firewall_installed firewall_software[] firewall_empty_ruleset firewall_active package_audit_tool_found package_audit_tool vulnerable_packages_found package_manager[] authentication_two_factor_enabled authentication_two_factor_required ldap_oam_enabled ldap_auth_enabled minimum_password_length password_max_days password_min_days max_password_retry pam_cracklib password_strength_tested auth_failed_logins_logged password_max_u_credit password_max_l_credit password_max_o_credit ldap_pam_enabled running_service[] pam_module[] nameserver[] password_max_digital_credit massword_max_other_credit swap_partition[] linux_kernel_io_scheduler firewall_software journal_bootlogs linux_config_file linux_auditd_running lvm_volume_group[] lvm_volume[] filesystems_ext[] manual[] ); my @idx4 = qw( compiler_installed compiler[] ids_ips_tooling file_integrity_tool_installed file_integrity_tool[] automation_tool_present automation_tool_installed[] malware_scanner installed malware_scanner[] fail2ban_config fail2ban_enabled_service[] loaded_kernel_module[] linux_default_runlevel boot_service_tool boot_urfi_booted boot_uefi_booted_secure boot_service[] linux_kernel_scheduler[] linux_amount_of_kernels linux_kernel_type linux_kernel_release linux_kernel_version os_kernel_version_full systemd_service_not_found[] systemd_unit_file[] systemd_unit_not_found[] ssh_daemon_running postgresql_running mysql_running audit_daemon_running crond_running arpwatch_running ntp_daemon_running nginx_running dhcp_client_running ntp_daemon printing_daemon pop3_daemon smtp_daemon imap_daemon ); - my @idx5 = qw( session_timeout_enabled details[] deleted_file[] file_systems_ext[] journal_contains_errors vulnerable_package[] boot_loader systemd systemd_status systemd_builtin_components service_manager systemd_version running_service_tool systemctl_exit_code plugin_firewall_iptables_list systemctl_exit_code plugin_processes_allprocesses vmtype plugin_enabled_phase1[] syslog_daemon_present syslog_daemon[] ); + my @idx5 = qw( session_timeout_enabled details[] deleted_file[] file_systems_ext[] journal_contains_errors vulnerable_package[] boot_loader systemd systemd_status systemd_builtin_components service_manager systemd_version running_service_tool systemctl_exit_code plugin_firewall_iptables_list systemctl_exit_code plugin_processes_allprocesses vmtype plugin_enabled_phase1[] syslog_daemon_present syslog_daemon[] valid_certificate[] certificate[] certificates ); push @indexes, @idx2, @idx3, @idx4, @idx5; foreach my $idx ( sort @indexes ) { delete($lynis_report_data{$idx});