From 93ae090f331974a1ab0b63f731c208eff34463b1 Mon Sep 17 00:00:00 2001 From: dataking Date: Tue, 28 Mar 2017 12:04:25 -0700 Subject: [PATCH] minor bug fix; some style updates --- lynis-report-converter.pl | 360 +++++++++++++++++++++----------------- 1 file changed, 203 insertions(+), 157 deletions(-) diff --git a/lynis-report-converter.pl b/lynis-report-converter.pl index 75e03f8..3f7a9a6 100755 --- a/lynis-report-converter.pl +++ b/lynis-report-converter.pl @@ -1,6 +1,8 @@ -#!/usr/bin/perl -w +#!/usr/bin/perl use strict; +# turn off warnings so as not to confuse people +# unless debugging, etc. use warnings; use feature qw( switch ); require 5.010; @@ -25,6 +27,8 @@ GetOptions( &usage if ($help); &usage if ((!$output) and (!$json)); + +#if ($verbose) { use warnings; } my %to_bool = ( 0 => 'false', 1 => 'true', "" => 'false' ); my %vm_mode = ( 0 => 'false', 1 => 'guest', 2 => 'host' ); @@ -1113,6 +1117,7 @@ if ($json) { table#lynis_plugins_table {width:100%;} table#scoreauditor {border-collapse:collapse;border:none;width:90%;} td {padding:2px 5px 2px 5px;vertical-align:top;border:1px solid gray;} + td.field_label {font-size:1.1em;font-weight:bold;color:#555;} td.good {background-color: #006400; color: #fff; font-weight: bold;} td.fair {background-color: #ffd700; color: #000; font-weight: bold;} td.poor {background-color: #ffa500; color: #000; font-weight: bold;} @@ -1316,43 +1321,48 @@ END print OUT <
+

lynis info:

END - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; print OUT < END if (($lynis_report_data{'lynis_update_available'} == 0) or ($lynis_report_data{'lynis_update_available'} == 1)) { - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; } elsif ($lynis_report_data{'lynis_update_available'} == -1) { - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; } else { warn colored("Unexpected result from lynis update available check!", "yellow"); print Dumper($lynis_report_data{'lynis_update_available'}); } - print OUT "\n\n\n\n\n\n\n"; + print OUT "\n\n\n\n\n\n\n"; print OUT < - + - - + + - - + + END - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; } } print OUT "\t\t\t\t
lynis version:$lynis_report_data{'lynis_version'}lynis tests done:$lynis_report_data{'lynis_tests_done'}lynis version:$lynis_report_data{'lynis_version'}lynis tests done:$lynis_report_data{'lynis_tests_done'}
lynis update available:$to_bool{$lynis_report_data{'lynis_update_available'}}lynis update available:$to_bool{$lynis_report_data{'lynis_update_available'}}lynis update available:N/A - There was an unexpected error trying to retrieve update status.lynis update available:N/A - There was an unexpected error trying to retrieve update status.license key:$lynis_report_data{'license_key'}license key:$lynis_report_data{'license_key'}
report version:$lynis_report_data{'report_version_major'}.$lynis_report_data{'report_version_minor'}report version:$lynis_report_data{'report_version_major'}.$lynis_report_data{'report_version_minor'}
test category:$lynis_report_data{'test_category'}test group:$lynis_report_data{'test_group'}test category:$lynis_report_data{'test_category'}test group:$lynis_report_data{'test_group'}
number of plugins enabled:$lynis_report_data{'plugins_enabled'}plugin directory:$lynis_report_data{'plugin_directory'}number of plugins enabled:$lynis_report_data{'plugins_enabled'}plugin directory:$lynis_report_data{'plugin_directory'}
phase 1 plugins enabled:\n"; + print OUT "\t\t\t\t\t\tphase 1 plugins enabled:\n"; print OUT "\t\t\t\t\t\t\t\n"; foreach my $plug ( sort @{$lynis_report_data{'plugin_enabled_phase1[]'}} ) { my ($n,$v) = split(/\|/, $plug); @@ -1364,10 +1374,10 @@ END print OUT < - + - - + + END if (ref($lynis_report_data{'plugin_firewall_iptables_list'}) eq 'ARRAY') { print OUT "\t\t\t\t\t\n"; @@ -1390,6 +1400,9 @@ END } } } +########################### +### HOST INFO +########################### print OUT <
@@ -1397,92 +1410,109 @@ END
report start time:$lynis_report_data{'report_datetime_start'}report end time:$lynis_report_data{'report_datetime_end'}report start time:$lynis_report_data{'report_datetime_start'}report end time:$lynis_report_data{'report_datetime_end'}
hostid:$lynis_report_data{'hostid'}
hostid:$lynis_report_data{'hostid2'}
hostid:$lynis_report_data{'hostid'}
hostid:$lynis_report_data{'hostid2'}
Plugin-firewall iptables list:".join("
\n", @{$lynis_report_data{'plugin_firewall_iptables_list'}})."
- - + + END if ((defined($lynis_report_data{'resolv_conf_domain'})) and ($lynis_report_data{'resolv_conf_domain'} ne "")) { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT < - - - + + + - - - + + + - - - + + + END - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; $lynis_report_data{'locate_db'} = " " if ((!defined($lynis_report_data{'locate_db'})) or ($lynis_report_data{'locate_db'} eq "")); #print STDERR colored($lynis_report_data{'vm'}."\n", "bold magenta"); $lynis_report_data{'vm'} = 0 if ((!defined($lynis_report_data{'vm'})) or ($lynis_report_data{'vm'} eq "")); #print STDERR colored($lynis_report_data{'vm'}."\n", "bold magenta"); - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; print OUT < - + END if ((defined($lynis_report_data{'vmtype'})) and ($lynis_report_data{'vmtype'} ne "")) { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT <uptime (secs): + END - print OUT ""; - print OUT "\n"; + print OUT ""; + print OUT "\n"; print OUT < - + END if (ref($lynis_report_data{'valid_certificate[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT < END if (ref($lynis_report_data{'usb_authorized_default_device[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } if (ref($lynis_report_data{'expired_certificate[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT < END if ($verbose) { print colored("Contents of \$lynis_report_data\{\'certificates\'\}:\n".Dumper($lynis_report_data{'certificates'}), "yellow"); } - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; if (ref($lynis_report_data{'certificate[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT < + +END + if (exists($lynis_report_data{'compiler_world_executable[]'})) { + print OUT "\t\t\t\t\t\t"; + if (ref($lynis_report_data{'compiler_world_executable[]'}) eq 'ARRAY') { + print OUT "\t\t\t\t\t\t\n"; + } else { + print OUT "\t\t\t\t\t\t\n"; + } + } else { + print OUT < +END + } + print OUT < +
hostname:$lynis_report_data{'hostname'}domainname:$lynis_report_data{'domainname'}hostname:$lynis_report_data{'hostname'}domainname:$lynis_report_data{'domainname'}resolv.conf domain:$lynis_report_data{'resolv_conf_domain'}resolv.conf domain:$lynis_report_data{'resolv_conf_domain'}resolv.conf domain: resolv.conf domain: 
os:$lynis_report_data{'os'}os fullname:$lynis_report_data{'os_fullname'}os_version:$lynis_report_data{'os_version'}os:$lynis_report_data{'os'}os fullname:$lynis_report_data{'os_fullname'}os_version:$lynis_report_data{'os_version'}
GRSecurity:$to_bool{$lynis_report_data{'framework_grsecurity'}}SELinux:$to_bool{$lynis_report_data{'framework_selinux'}}memory:$lynis_report_data{'memory_size'} $lynis_report_data{'memory_units'}GRSecurity:$to_bool{$lynis_report_data{'framework_grsecurity'}}SELinux:$to_bool{$lynis_report_data{'framework_selinux'}}memory:$lynis_report_data{'memory_size'} $lynis_report_data{'memory_units'}
linux version:$lynis_report_data{'linux_version'}pae enabled:$to_bool{$lynis_report_data{'cpu_pae'}}nx enabled:$to_bool{$lynis_report_data{'cpu_nx'}}linux version:$lynis_report_data{'linux_version'}pae enabled:$to_bool{$lynis_report_data{'cpu_pae'}}nx enabled:$to_bool{$lynis_report_data{'cpu_nx'}}
Available shells:".join("
\n", @{$lynis_report_data{'available_shell[]'}})."
Available shells:".join("
\n", @{$lynis_report_data{'available_shell[]'}})."
locate db:$lynis_report_data{'locate_db'}uptime (days):$lynis_report_data{'uptime_in_days'}locate db:$lynis_report_data{'locate_db'}uptime (days):$lynis_report_data{'uptime_in_days'}
vm:$vm_mode{$lynis_report_data{'vm'}}vm:$vm_mode{$lynis_report_data{'vm'}}vm_type:$lynis_report_data{'vmtype'}vm_type:$lynis_report_data{'vmtype'}vm_type: vm_type: $lynis_report_data{'uptime_in_seconds'}uptime (secs):$lynis_report_data{'uptime_in_seconds'}
is notebook/laptop:$to_bool{$lynis_report_data{'notebook'}}is Docker container:$to_bool{$lynis_report_data{'container'}}
is notebook/laptop:$to_bool{$lynis_report_data{'notebook'}}is Docker container:$to_bool{$lynis_report_data{'container'}}
binary paths:$lynis_report_data{'binary_paths'}binary paths:$lynis_report_data{'binary_paths'}valid certificates:".join("
\n",@{$lynis_report_data{'valid_certificate[]'}})."
valid certificates:".join("
\n",@{$lynis_report_data{'valid_certificate[]'}})."
valid certificates:$lynis_report_data{'valid_certificate[]'}valid certificates:$lynis_report_data{'valid_certificate[]'}
authorized default USB devices:".join("
\n", @{$lynis_report_data{'usb_authorized_default_device[]'}})."
authorized default USB devices:".join("
\n", @{$lynis_report_data{'usb_authorized_default_device[]'}})."
authorized default USB devices:$lynis_report_data{'usb_authorized_default_device[]'}authorized default USB devices:$lynis_report_data{'usb_authorized_default_device[]'}expired certificates:".join("
\n", @{$lynis_report_data{'expired_certificate[]'}})."
expired certificates:".join("
\n", @{$lynis_report_data{'expired_certificate[]'}})."
expired certificates:$lynis_report_data{'expired_certificate[]'}expired certificates:$lynis_report_data{'expired_certificate[]'}
certificate count:$lynis_report_data{'certificates'}certificate count:$lynis_report_data{'certificates'}certificates:".join("
\n", @{$lynis_report_data{'certificate[]'}})."
certificates:".join("
\n", @{$lynis_report_data{'certificate[]'}})."
certificates:$lynis_report_data{'certificate[]'}certificates:$lynis_report_data{'certificate[]'}
world executable compiler(s):".join("
\n". @{$lynis_report_data{'compiler_world_executable[]'}})."
$lynis_report_data{'compiler_world_executable[]'}

cron jobs:

END @@ -1499,8 +1529,8 @@ END

logging info:

- - + + END @@ -1508,16 +1538,16 @@ END my $i = 0; foreach my $e ( @{$lynis_report_data{'syslog_daemon_present'}} ) { $i += $e; } if ($i >= 1) { - print OUT "\n"; + print OUT "\n"; } else { - print OUT "\n"; + print OUT "\n"; } } else { - print OUT "\n"; + print OUT "\n"; } print OUT < - + END if (ref($lynis_report_data{'syslog_daemon[]'}) eq 'ARRAY') { print OUT "\t\t\t\t\t\t\n"; @@ -1559,6 +1589,9 @@ END foreach my $elf ( @{$lynis_report_data{'open_empty_log_file[]'}} ) { print OUT "\t\t\t\t\t\t
log rotation tool:$lynis_report_data{'log_rotation_tool'}log rotation config found:$to_bool{$lynis_report_data{'log_rotation_config_found'}}log rotation tool:$lynis_report_data{'log_rotation_tool'}log rotation config found:$to_bool{$lynis_report_data{'log_rotation_config_found'}}
syslog daemon detected:$to_bool{1}
syslog daemon detected:$to_bool{1}
syslog daemon detected:$to_bool{0}
syslog daemon detected:$to_bool{0}
syslog daemon detected:$to_bool{$lynis_report_data{'syslog_daemon_present'}}
syslog daemon detected:$to_bool{$lynis_report_data{'syslog_daemon_present'}}
syslog daemon(s):syslog daemon(s):".join("
\n", @{$lynis_report_data{'syslog_daemon[]'}})."
- - + + END - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; print OUT "\t\t\t\t\t\n"; #print STDERR "Should be ARRAY: |".ref($lynis_report_data{'network_mac_address[]'})."|\n"; if (ref($lynis_report_data{'network_mac_address[]'}) eq "ARRAY") { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } elsif ((defined($lynis_report_data{'network_mac_address[]'})) and ($lynis_report_data{'network_mac_address[]'} ne "")) { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT <Name Cache Used: + END if (ref($lynis_report_data{'nameserver[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT < - + END if (ref($lynis_report_data{'resolv_conf_search_domain[]'}) eq 'ARRAY') { print OUT "\t\t\t\t\t\t\n"; @@ -1624,6 +1657,9 @@ END } print OUT "\t\t\t\t\t\n"; } +####################################### +### SECURITY INFO +####################################### print OUT < @@ -1634,117 +1670,117 @@ END END $lynis_report_data{'firewall_installed'} = 0 if ((!defined($lynis_report_data{'firewall_installed'})) or ($lynis_report_data{'firewall_installed'} eq '')); - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; $lynis_report_data{'firewall_software'} = " " if ((!defined($lynis_report_data{'firewall_software'})) or ($lynis_report_data{'firewall_software'} eq '')); - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; $lynis_report_data{'firewall_empty_ruleset'} = 0 if ((!defined($lynis_report_data{'firewall_empty_ruleset'})) or ($lynis_report_data{'firewall_empty_ruleset'} eq '')); - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; $lynis_report_data{'firewall_active'} = 0 if ((!defined($lynis_report_data{'firewall_active'})) or ($lynis_report_data{'firewall_active'} eq '')); - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; print OUT < END - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; print OUT < END $lynis_report_data{'authentication_two_factor_enabled'} = 0 if ((!defined($lynis_report_data{'authentication_two_factor_enabled'})) or ($lynis_report_data{'authentication_two_factor_enabled'} eq '')); - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; $lynis_report_data{'authentication_two_factor_required'} = 0 if ((!defined($lynis_report_data{'authentication_two_factor_required'})) or ($lynis_report_data{'authentication_two_factor_required'} eq '')); - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; print OUT < END $lynis_report_data{'minimum_password_length'} = 0 if ((!defined($lynis_report_data{'minimum_password_length'})) or ($lynis_report_data{'minimum_password_length'} eq '')); - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; $lynis_report_data{'password_max_days'} = 0 if ((!defined($lynis_report_data{'password_max_days'})) or ($lynis_report_data{'password_max_days'} eq '')); - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; $lynis_report_data{'password_min_days'} = 0 if ((!defined($lynis_report_data{'password_min_days'})) or ($lynis_report_data{'password_min_days'} eq '')); - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; $lynis_report_data{'max_password_retry'} = 0 if ((!defined($lynis_report_data{'max_password_retry'})) or ($lynis_report_data{'max_password_retry'} eq '')); - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; print OUT < END - printf OUT "\t\t\t\t\t\t\n", $pass_score; - print OUT "\t\t\t\t\t\t\n"; + printf OUT "\t\t\t\t\t\t\n", $pass_score; + print OUT "\t\t\t\t\t\t\n"; $lynis_report_data{'password_strength_tested'} = 0 if ((!defined($lynis_report_data{'password_strength_tested'})) or ($lynis_report_data{'password_strength_tested'} eq '')); - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; print OUT < END if (exists($lynis_report_data{'file_integrity_tool_installed'})) { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } if (exists($lynis_report_data{'file_integrity_tool'})) { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; if (ref($lynis_report_data{'automation_tool_running[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } elsif ((defined($lynis_report_data{'automation_tool_running[]'})) and ($lynis_report_data{'automation_tool_running[]'} ne "")) { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT < - + END if (ref($lynis_report_data{'malware_scanner[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT <compiler installed: + END if (ref($lynis_report_data{'compiler[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT < END if (ref($lynis_report_data{'ids_ips_tooling[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; if (ref($lynis_report_data{'fail2ban_config'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } if (ref($lynis_report_data{'fail2ban_enabled_service[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT "\n"; - print OUT "\n"; - print OUT "\n"; - print OUT "\n"; - print OUT "\n"; + print OUT "\n"; + print OUT "\n"; + print OUT "\n"; + print OUT "\n"; print OUT <
IPv6 Mode:$lynis_report_data{'ipv6_mode'}IPv6 Only:$to_bool{$lynis_report_data{'ipv6_only'}}IPv6 Mode:$lynis_report_data{'ipv6_mode'}IPv6 Only:$to_bool{$lynis_report_data{'ipv6_only'}}
network interfaces:".join("
\n", @{$lynis_report_data{'network_interface[]'}})."
localhost mapped to:$lynis_report_data{'localhost-mapped-to'}
ipv4 addresses:".join("
\n", @{$lynis_report_data{'network_ipv4_address[]'}})."
ipv6 addresses:".join("
\n", @{$lynis_report_data{'network_ipv6_address[]'}})."
Default Gateway$lynis_report_data{'default_gateway[]'}
network interfaces:".join("
\n", @{$lynis_report_data{'network_interface[]'}})."
localhost mapped to:$lynis_report_data{'localhost-mapped-to'}
ipv4 addresses:".join("
\n", @{$lynis_report_data{'network_ipv4_address[]'}})."
ipv6 addresses:".join("
\n", @{$lynis_report_data{'network_ipv6_address[]'}})."
Default Gateway$lynis_report_data{'default_gateway[]'}
MAC Address:".join("
\n", @{$lynis_report_data{'network_mac_address[]'}})."
MAC Address:".join("
\n", @{$lynis_report_data{'network_mac_address[]'}})."
MAC Address:$lynis_report_data{'network_mac_address[]'}MAC Address:$lynis_report_data{'network_mac_address[]'}MAC Address: MAC Address: $to_bool{$lynis_report_data{'name_cache_used'}}Name Cache Used:$to_bool{$lynis_report_data{'name_cache_used'}}
name servers:".join("
\n", @{$lynis_report_data{'nameserver[]'}})."
name servers:".join("
\n", @{$lynis_report_data{'nameserver[]'}})."
name servers:$lynis_report_data{'nameserver[]'}
name servers:$lynis_report_data{'nameserver[]'}
resolv.conf search domain:resolv.conf search domain:".join("
\n",@{$lynis_report_data{'resolv_conf_search_domain[]'}})."
$ip$port$proto$daemon$dunno
Host Firewall Installed:$to_bool{$lynis_report_data{'firewall_installed'}}Host Firewall Installed:$to_bool{$lynis_report_data{'firewall_installed'}}Firewall Software:$lynis_report_data{'firewall_software'}Firewall Software:$lynis_report_data{'firewall_software'}Firewall Empty Ruleset:$to_bool{$lynis_report_data{'firewall_empty_ruleset'}}Firewall Empty Ruleset:$to_bool{$lynis_report_data{'firewall_empty_ruleset'}}Firewall Active:$to_bool{$lynis_report_data{'firewall_active'}}Firewall Active:$to_bool{$lynis_report_data{'firewall_active'}}
Package Audit Tools Found:$to_bool{$lynis_report_data{'package_audit_tool_found'}}Package Audit Tool:$lynis_report_data{'package_audit_tool'}Vulnerable Packages Found:$lynis_report_data{'vulnerable_packages_found'}Package Manager:$lynis_report_data{'package_manager[]'}Package Audit Tools Found:$to_bool{$lynis_report_data{'package_audit_tool_found'}}Package Audit Tool:$lynis_report_data{'package_audit_tool'}Vulnerable Packages Found:$lynis_report_data{'vulnerable_packages_found'}Package Manager:$lynis_report_data{'package_manager[]'}
Two-Factor Authentication Enabled:$to_bool{$lynis_report_data{'authentication_two_factor_enabled'}}Two-Factor Authentication Enabled:$to_bool{$lynis_report_data{'authentication_two_factor_enabled'}}Two-Factor Authentication Required:$to_bool{$lynis_report_data{'authentication_two_factor_required'}}LDAP PAM Module Enabled:$to_bool{$lynis_report_data{'ldap_pam_enabled'}}LDAP Auth Enabled:$to_bool{$lynis_report_data{'ldap_auth_enabled'}}Two-Factor Authentication Required:$to_bool{$lynis_report_data{'authentication_two_factor_required'}}LDAP PAM Module Enabled:$to_bool{$lynis_report_data{'ldap_pam_enabled'}}LDAP Auth Enabled:$to_bool{$lynis_report_data{'ldap_auth_enabled'}}
Minimum Password Length:$lynis_report_data{'minimum_password_length'}Minimum Password Length:$lynis_report_data{'minimum_password_length'}Maximum Password Days:$lynis_report_data{'password_max_days'}Maximum Password Days:$lynis_report_data{'password_max_days'}Minimum Password Days:$lynis_report_data{'password_min_days'}Minimum Password Days:$lynis_report_data{'password_min_days'}Maximum Password Retries:$lynis_report_data{'max_password_retry'}Maximum Password Retries:$lynis_report_data{'max_password_retry'}
Password Complexity Score:%#bPAM Cracklib Found:$to_bool{$lynis_report_data{'pam_cracklib'}}Password Complexity Score:%#bPAM Cracklib Found:$to_bool{$lynis_report_data{'pam_cracklib'}}Password Strength Tested:$to_bool{$lynis_report_data{'password_strength_tested'}}PAM Password Quality:$lynis_report_data{'pam_pwquality'}Password Strength Tested:$to_bool{$lynis_report_data{'password_strength_tested'}}PAM Password Quality:$lynis_report_data{'pam_pwquality'}
File Integrity Tool Installed:$to_bool{$lynis_report_data{'file_integrity_tool_installed'}}File Integrity Tool Installed:$to_bool{$lynis_report_data{'file_integrity_tool_installed'}}File Integrity Tools Installed:falseFile Integrity Tools Installed:falseFile Integrity Tool:$lynis_report_data{'file_integrity_tool'}File Integrity Tool:$lynis_report_data{'file_integrity_tool'}File Integrity Tool:NAFile Integrity Tool:NAAutomation Tool Present:$to_bool{$lynis_report_data{'automation_tool_present'}}Automation Tool Present:$to_bool{$lynis_report_data{'automation_tool_present'}}Automation Tool:".join("
\n", @{$lynis_report_data{'automation_tool_running[]'}})."
Automation Tool:".join("
\n", @{$lynis_report_data{'automation_tool_running[]'}})."
Automation Tool:$lynis_report_data{'automation_tool_running[]'}Automation Tool:$lynis_report_data{'automation_tool_running[]'}Automation Tool: Automation Tool: 
Malware Scanner Installed:$to_bool{$lynis_report_data{'malware_scanner_installed'}}Malware Scanner Installed:$to_bool{$lynis_report_data{'malware_scanner_installed'}}Malware Scanner(s):".join("
\n", @{$lynis_report_data{'malware_scanner[]'}})."
Malware Scanner(s):".join("
\n", @{$lynis_report_data{'malware_scanner[]'}})."
Malware Scanner(s):$lynis_report_data{'malware_scanner[]'}Malware Scanner(s):$lynis_report_data{'malware_scanner[]'}$to_bool{$lynis_report_data{'compiler_installed'}}compiler installed:$to_bool{$lynis_report_data{'compiler_installed'}}compilers:".join("
\n", @{$lynis_report_data{'compiler[]'}})."
compilers:".join("
\n", @{$lynis_report_data{'compiler[]'}})."
compilers:$lynis_report_data{'compiler[]'}compilers:$lynis_report_data{'compiler[]'}
IDS/IPS Tooling".join("
\n", @{$lynis_report_data{'ids_ips_tooling[]'}})."
IDS/IPS Tooling".join("
\n", @{$lynis_report_data{'ids_ips_tooling[]'}})."
IDS/IPS Tooling$lynis_report_data{'ids_ips_tooling[]'}IDS/IPS Tooling$lynis_report_data{'ids_ips_tooling[]'}Failed Logins Logged:$lynis_report_data{'auth_failed_logins_logged'}Failed Logins Logged:$lynis_report_data{'auth_failed_logins_logged'}fail2ban config file(s):".join("
\n", @{$lynis_report_data{'fail2ban_config'}})."
fail2ban config file(s):".join("
\n", @{$lynis_report_data{'fail2ban_config'}})."
fail2ban config file(s):$lynis_report_data{'fail2ban_config'}fail2ban config file(s):$lynis_report_data{'fail2ban_config'}fail2ban enabled service(s):".join("
\n", @{$lynis_report_data{'fail2ban_enabled_service[]'}})."
fail2ban enabled service(s):".join("
\n", @{$lynis_report_data{'fail2ban_enabled_service[]'}})."
fail2ban enabled service(s):$lynis_report_data{'fail2ban_enabled_service[]'}fail2ban enabled service(s):$lynis_report_data{'fail2ban_enabled_service[]'}
AppArmor Enabled:$to_bool{$lynis_report_data{'apparmor_enabled'}}AppArmor Policy Loaded:$to_bool{$lynis_report_data{'apparmor_policy_loaded'}}SELinux Status:$to_bool{$lynis_report_data{'selinux_status'}}SELinux mode:$lynis_report_data{'selinux_mode'}
AppArmor Enabled:$to_bool{$lynis_report_data{'apparmor_enabled'}}AppArmor Policy Loaded:$to_bool{$lynis_report_data{'apparmor_policy_loaded'}}SELinux Status:$to_bool{$lynis_report_data{'selinux_status'}}SELinux mode:$lynis_report_data{'selinux_mode'}
@@ -1777,6 +1813,9 @@ END print OUT "\n"; } if ((!defined($lynis_report_data{'boot_service_tool'})) or ($lynis_report_data{'boot_service_tool'} eq "")) { $lynis_report_data{'boot_service_tool'} = " "; } +#################################### +### BOOT INFO +#################################### print OUT < @@ -1786,12 +1825,12 @@ END
- - + + - - + +
UEFI booted:$to_bool{$lynis_report_data{'boot_uefi_booted'}}UEFI booted secure:$to_bool{$lynis_report_data{'boot_uefi_booted_secure'}}UEFI booted:$to_bool{$lynis_report_data{'boot_uefi_booted'}}UEFI booted secure:$to_bool{$lynis_report_data{'boot_uefi_booted_secure'}}
default runlevel:$lynis_report_data{'linux_default_runlevel'}boot service tool:$lynis_report_data{'boot_service_tool'}default runlevel:$lynis_report_data{'linux_default_runlevel'}boot service tool:$lynis_report_data{'boot_service_tool'}
END @@ -1817,6 +1856,9 @@ END $lynis_report_data{'linux_kernel_io_scheduler'} = " " if ((!defined($lynis_report_data{'linux_kernel_io_scheduler'})) or ($lynis_report_data{'linux_kernel_io_scheduler'} eq "")); $lynis_report_data{'linux_amount_of_kernels'} = " " if ((!defined($lynis_report_data{'linux_amount_of_kernels'})) or ($lynis_report_data{'linux_amount_of_kernels'} eq "")); #print Dumper($lynis_report_data{'linux_kernel_io_scheduler'}); +########################################## +### KERNEL INFO +########################################## print OUT <
@@ -1825,24 +1867,24 @@ END END - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; print OUT < END - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; if (ref($lynis_report_data{'linux_kernel_io_scheduler[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; } print OUT < END - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; print OUT <
kernel version:$lynis_report_data{'linux_kernel_version'}full kernel version:$lynis_report_data{'os_kernel_version_full'}kernel version:$lynis_report_data{'linux_kernel_version'}full kernel version:$lynis_report_data{'os_kernel_version_full'}
kernel release version:$lynis_report_data{'linux_kernel_release'}kernel release version:$lynis_report_data{'linux_kernel_release'}kernel IO scheduler:".join("
\n", @{$lynis_report_data{'linux_kernel_io_scheduler[]'}})."
kernel IO scheduler:".join("
\n", @{$lynis_report_data{'linux_kernel_io_scheduler[]'}})."
kernel IO scheduler:$lynis_report_data{'linux_kernel_io_scheduler[]'}kernel IO scheduler:$lynis_report_data{'linux_kernel_io_scheduler[]'}
linux kernel type:$lynis_report_data{'linux_kernel_type'}number of kernels available:$lynis_report_data{'linux_amount_of_kernels'}linux kernel type:$lynis_report_data{'linux_kernel_type'}number of kernels available:$lynis_report_data{'linux_amount_of_kernels'}
@@ -1867,14 +1909,14 @@ END END - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; print OUT < END - print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; print OUT < @@ -1883,9 +1925,9 @@ END print OUT "\t\t\t\t\t\t\n"; } else { if (defined($lynis_report_data{'file_systems_ext[]'})) { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } } if ((exists($lynis_report_data{'swap_partition[]'})) and (ref($lynis_report_data{'swap_partition[]'}) eq "ARRAY")) { @@ -1899,11 +1941,11 @@ END } else { @{$lynis_report_data{'swap_partition[]'}} = &dedup_array(@{$lynis_report_data{'swap_partition[]'}}); } - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { if ((($verbose) and ($verbose > 1)) or ($debug)) { warn colored("swap_partition[] is a string.", "yellow") if ($verbose); - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } } $lynis_report_data{'journal_bootlogs'} = 0 if ((!defined($lynis_report_data{'journal_bootlogs'})) or ($lynis_report_data{'journal_bootlogs'} eq "")); @@ -1911,19 +1953,19 @@ END END if (ref($lynis_report_data{'lvm_volume_group[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t"; + print OUT "\t\t\t\t\t\t"; } else { - print OUT "\t\t\t\t\t\t"; + print OUT "\t\t\t\t\t\t"; } if (ref($lynis_report_data{'lvm_volume[]'}) eq 'ARRAY') { - print OUT "\n"; + print OUT "\n"; } else { - print OUT "\n"; + print OUT "\n"; } print OUT < - - + +
oldest boot date:$lynis_report_data{'journal_oldest_bootdate'}journal errors:$to_bool{$lynis_report_data{'journal_contains_errors'}}oldest boot date:$lynis_report_data{'journal_oldest_bootdate'}journal errors:$to_bool{$lynis_report_data{'journal_contains_errors'}}
journal disk size:$lynis_report_data{'journal_disk_size'}last cordumps:$lynis_report_data{'journal_coredumps_lastday'}journal disk size:$lynis_report_data{'journal_disk_size'}last cordumps:$lynis_report_data{'journal_coredumps_lastday'}
filesystems:".join("
\n", @{$lynis_report_data{'file_systems_ext[]'}})."
filesystems:$lynis_report_data{'file_systems_ext[]'}filesystems:$lynis_report_data{'file_systems_ext[]'}filesystems: filesystems: swap partitions:".join("
\n", @{$lynis_report_data{'swap_partition[]'}})."
swap partitions:".join("
\n", @{$lynis_report_data{'swap_partition[]'}})."
swap partitions:$lynis_report_data{'swap_partition[]'}swap partitions:$lynis_report_data{'swap_partition[]'}
LVM volume group(s):".join("
\n", @{$lynis_report_data{'lvm_volume_group[]'}})."
LVM volume group(s):".join("
\n", @{$lynis_report_data{'lvm_volume_group[]'}})."
LVM volume group(s):$lynis_report_data{'lvm_volume_group[]'}
LVM volume group(s):$lynis_report_data{'lvm_volume_group[]'}LVM volume(s)".join("
\n", @{$lynis_report_data{'lvm_volume[]'}})."
LVM volume(s)".join("
\n", @{$lynis_report_data{'lvm_volume[]'}})."
LVM volume(s)$lynis_report_data{'lvm_volume[]'}
LVM volume(s)$lynis_report_data{'lvm_volume[]'}
journal boot log found:$to_bool{$lynis_report_data{'journal_bootlogs'}}journal boot log found:$to_bool{$lynis_report_data{'journal_bootlogs'}}

@@ -1954,6 +1996,10 @@ END } else { warn colored("Didn't find journal_meta_data object!", "yellow") if ((($verbose) and ($verbose > 1)) or ($debug)); } + +########################################## +### SERVICE INFO +########################################## print OUT < @@ -1964,26 +2010,26 @@ END END foreach my $prog ( sort qw( redis ntp_daemon mysql ssh_daemon dhcp_client arpwatch audit_daemon postgresql linux_auditd nginx ) ) { if ((defined($lynis_report_data{$prog.'_running'})) and ($lynis_report_data{$prog.'_running'} ne "")) { - print OUT "\t\t\t\t\t
$prog running:$to_bool{$lynis_report_data{$prog.'_running'}}
$prog running:$to_bool{$lynis_report_data{$prog.'_running'}}
$prog running:$to_bool{0}
$prog running:$to_bool{0}
\n"; print OUT "\t\t\t\t

daemon info:

\n"; print OUT "\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; if (ref($lynis_report_data{'scheduler[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } - print OUT "\t\t\t\t\t\t\n"; - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; print OUT "\t\t\t\t\t
pop3 daemon:$lynis_report_data{'pop3_daemon'}
imap daemon:$lynis_report_data{'imap_daemon'}
smtp daemon:$lynis_report_data{'smtp_daemon'}
printing daemon:$lynis_report_data{'printing_daemon'}
ntp daemon:$lynis_report_data{'ntp_daemon'}
pop3 daemon:$lynis_report_data{'pop3_daemon'}
imap daemon:$lynis_report_data{'imap_daemon'}
smtp daemon:$lynis_report_data{'smtp_daemon'}
printing daemon:$lynis_report_data{'printing_daemon'}
ntp daemon:$lynis_report_data{'ntp_daemon'}
scheduler(s):".join("
\n",@{$lynis_report_data{'scheduler[]'}})."
scheduler(s):".join("
\n",@{$lynis_report_data{'scheduler[]'}})."
scheduler(s):$lynis_report_data{'scheduler[]'}
scheduler(s):$lynis_report_data{'scheduler[]'}
service manager:$lynis_report_data{'service_manager'}
running service tool:$lynis_report_data{'running_service_tool'}
service manager:$lynis_report_data{'service_manager'}
running service tool:$lynis_report_data{'running_service_tool'}
\n"; print OUT <running services: @@ -2040,23 +2086,23 @@ END END - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; if (ref($lynis_report_data{'nginx_sub_conf_file[]'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\n"; } print OUT < END if (ref($lynis_report_data{'log_file'}) eq 'ARRAY') { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } else { - print OUT "\t\t\t\t\t\t\n"; + print OUT "\t\t\t\t\t\t\n"; } print OUT < +
main config file:$lynis_report_data{'nginx_main_conf_file'}main config file:$lynis_report_data{'nginx_main_conf_file'}other config file(s):".join("
\n", @{$lynis_report_data{'nginx_sub_conf_file[]'}})."
other config file(s):".join("
\n", @{$lynis_report_data{'nginx_sub_conf_file[]'}})."
other config file(s):$lynis_report_data{'nginx_sub_conf_file[]'}other config file(s):$lynis_report_data{'nginx_sub_conf_file[]'}
log file:".join("
\n",@{$lynis_report_data{'log_file'}})."
log file:".join("
\n",@{$lynis_report_data{'log_file'}})."
log file:$lynis_report_data{'log_file'}log file:$lynis_report_data{'log_file'}
END @@ -2184,8 +2230,8 @@ END
- - + +
Number of packages installed:$lynis_report_data{'installed_packages'}Number of binaries found:$lynis_report_data{'binaries_count'}Number of packages installed:$lynis_report_data{'installed_packages'}Number of binaries found:$lynis_report_data{'binaries_count'}

@@ -2222,7 +2268,7 @@ END my @indexes = qw( lynis_version lynis_tests_done lynis_update_available license_key report_datetime_start report_datetime_end plugins_directory plugins_enabled finish report_version_major report_version_minor hostid hostid2 plugin_enabled_phase1[] hardening_index warning[] hostname domainname linux_kernel_version linux_config_file memory_size nameserver[] network_interface[] framework_grsecurity vm vmtype uptime_in_seconds linux_kernel_release os framework_selinux uptime_in_days os_fullname default_gateway[] cpu_nx cpu_pae linux_version os_version network_ipv6_address[] boot_loader suggestion[] manual manual[] linux_version cpu_pae cpu_nx network_ipv4_address[] network_mac_address[] os_name os_kernel_version os_kernel_version_full firewall_installed max_password_retry password_max_days password_min_days pam_cracklib password_strength_tested minimum_password_length package_audit_tool package_audit_tool_found ); my @idx2 = qw( vulnerable_packages_found firewall_active firewall_software[] firewall_software auth_failed_logins_logged authentication_two_factor_enabled memory_units default_gateway authentication_two_factor_required malware_scanner_installed file_integrity_tool_installed file_integrity_tool_installed pam_module[] ids_ips_tooling[] ipv6_mode ipv6_only name_cache_used ldap_pam_enabled ntp_daemon_running mysql_running ssh_daemon_running dhcp_client_running arpwatch_running running_service[] audit_daemon_running installed_packages binaries_count installed_packages_array crond_running network_listen_port[] firewall_empty_ruleset automation_tool_present automation_tool_running[] file_integrity_tool ldap_auth_enabled password_max_l_credit password_max_u_credit password_max_digital_credit password_max_other_credit loaded_kernel_module[] plugin_directory package_manager[] linux_kernel_io_scheduler[] linux_kernel_type ); - my @idx3 = qw( details[] available_shell[] locate_db smtp_daemon pop3_daemon ntp_daemon imap_daemon printing_daemon boot_service[] boot_uefi_boot_secure linux_default_runlevel boot_service_tool boot_uefi_booted systemctl_exit_code min_password_class session_timeout_enabled compiler_installed real_user[] home_directory[] swap_partition[] filesystem_ext[] journal_disk_size journal_coredumps_lastday journal_oldest_bootdate journal_contains_errors swap_partition[] file_systems_ext[] test_category test_group scheduler[] journal_meta_data boot_uefi_booted_secure service_manager running_service_tool binary_paths valid_certificate[] cronjob[] log_directory[] open_logfile[] journal_bootlogs log_rotation_tool log_rotation_config_found auditor deleted_file[] vulnerable_package[] malware_scanner[] file_integrity_tool[] plugin_firewall_iptables_list linux_amount_of_kernels ntp_config_type_startup ntp_config_type_scheduled ); + my @idx3 = qw( details[] available_shell[] locate_db smtp_daemon smtp_daemon[] pop3_daemon ntp_daemon imap_daemon printing_daemon boot_service[] boot_uefi_boot_secure linux_default_runlevel boot_service_tool boot_uefi_booted systemctl_exit_code min_password_class session_timeout_enabled compiler_installed real_user[] home_directory[] swap_partition[] filesystem_ext[] journal_disk_size journal_coredumps_lastday journal_oldest_bootdate journal_contains_errors swap_partition[] file_systems_ext[] test_category test_group scheduler[] journal_meta_data boot_uefi_booted_secure service_manager running_service_tool binary_paths valid_certificate[] cronjob[] log_directory[] open_logfile[] journal_bootlogs log_rotation_tool log_rotation_config_found auditor deleted_file[] vulnerable_package[] malware_scanner[] file_integrity_tool[] plugin_firewall_iptables_list linux_amount_of_kernels ntp_config_type_startup ntp_config_type_scheduled compiler_world_executable[]); my @idx4 = qw( ntp_config_type_eventbased ntp_config_type_daemon ntp_config_file[] ntp_config_found ntp_version ntp_unreliable_peer[] postgresql_running linux_auditd_running linux_kernel_io_scheduler nginx_main_conf_file log_file nginx_sub_conf_file[] nginx_config_option[] ssl_tls_protocol_enabled[] systemd systemd_builtin_components systemd_version systemd_status plugin_processes_allprocesses usb_authorized_default_device[] systemd_unit_file[] systemd_unit_not_found[] systemd_service_not_found[] resolv_conf_search_domain[] expired_certificate[] compiler[] fail2ban_config fail2ban_enabled_service[] apache_version apache_module[] resolv_conf_domain redis_running nginx_running open_empty_log_file[] notebook lvm_volume_group[] lvm_volume[] container exception_event[] certificates certificate[] localhost-mapped-to manual_event[] syslog_daemon[] syslog_daemon_present apparmor_enabled apparmor_policy_loaded pam_pwquality selinux_status selinux_mode ); push @indexes, @idx2, @idx3, @idx4; foreach my $idx ( sort @indexes ) {