cve-filter.py Usage Guide

Description

Filter out patched CVEs from CSV report files, including FedRamp reports, using ePortal data. https://docs.tuxcare.com/eportal-api/#list-servers

Synopsis

usage: cve-filter.py [-h] --columns COLUMNS [--multi-cve-separator MULTI_CVE_SEPARATOR] (--eportal-url EPORTAL_URL | --eportal-report-file EPORTAL_REPORT_FILE) --csv-file-in CSV_FILE_IN [--csv-file-out CSV_FILE_OUT]

Options

-h, --help

Show this help message and exit.

--columns COLUMNS

Columns in CSV file: hostname,ip,cve. Start with 1. Use 0 for ip if the column is not present.

--multi-cve-separator MULTI_CVE_SEPARATOR

Separator if the CVE column can contain multiple CVEs.

--eportal-url EPORTAL_URL

URL to ePortal. Set EPORTAL_LOGIN and EPORTAL_PASSWORD environment variables.

--eportal-report-file EPORTAL_REPORT_FILE

File containing the output of the servers endpoint. ePortal API Documentation

--csv-file-in CSV_FILE_IN

Input CSV filename.

--csv-file-out CSV_FILE_OUT

Output CSV filename. If missing, the CSV is printed to stdout.

---

Examples:

Use column 1 for hostname, 2 for IP and 4 for CVEs. Use comma as CVE separator. Use ePortal report file. Write output to bla.csv.

$ python cve-filter.py --columns=1,2,4 --multi-cve-separator=, --eportal-report-file=servers.json --csv-file-in=testreport.csv --csv-file-out=bla.csv

Similar to above but outputs to stdout instead of a file.

$ python cve-filter.py --columns=1,2,4 --multi-cve-separator=, --eportal-report-file=servers.json --csv-file-in=testreport.csv

No IP field in CSV file, single entry per CVE column.

$ python cve-filter.py --columns=1,0,4 --eportal-report-file=servers.json --csv-file-in=testreport.csv

Use ePortal credentials/url to download ePortal server list

$ EPORTAL_LOGIN=admin EPORTAL_PASSWORD=AdminPassword python cve-filter.py --columns=1,0,4 --eportal-url=https://eportal_url --csv-file-in=testreport.csv

License

Apache License 2.0 Copyright 2023 Cloud Linux Software, Inc.