A tool for monitoring the vulnerabilities of docker containers.
Project description
๐ต๏ธโโ๏ธ Counsel - A tool for monitoring and notifying the vulnerabilities of docker containers.
โ ๏ธ Counsel is alpha software and currently in development (i.e., no tests, no documentation).
Counsel is a simple application that scans running Docker containers. Counsel can send Slack notifications when specific vulnerbility levels are identified and send reminder if the countainer remains unpatched.
โน๏ธ Installation and Usage
Counsel can be installed using pip:
pip install counsel
๐ Requirements
Counsel requires a running Docker installation in order to identify the currently running containers.
Counsel uses the following two tools for scanning the vulnerabilities of the running countainers:
- Syft: A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images.
- Grype: A vulnerability scanner for container images.
๐ณ Docker
You can run a Counsel using docker as long as the host docker socket is exposed to Counsel. The easiest way to install docker is to pull the image from DockerHub and run it using the following command (you will need to use your own slack webhook url):
docker run -v /var/run/docker.sock:/var/run/docker.sock -e COUNSEL_SLACK_URL="<SLACK_WEBHOOK_URL>" evhart/counsel
You can also build the image dierctly using the following command:
docker build -t evhart/counsel .
๐ฅ๏ธ Command Line Interface (CLI)
Counsel has a simple CLI interface that be accessed using the counsel command. Counsel support migrating/exporting data from one database ot another database and showing the firs rows from databases.
Usage: python -m counsel.cli [OPTIONS]
๐ต๏ธโโ๏ธ Counsel - A tool for monitoring the vulnerabilities of docker containers.
โญโ Options โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ --scan-schedule TEXT Schedule when to run โ
โ Counsel. โ
โ [env var: โ
โ COUNSEL_SCAN_SHEDULE] โ
โ --initial-scan Run an initial scan โ
โ before starting the โ
โ scheduler. โ
โ [env var: โ
โ COUNSEL_INITIAL_SCAN] โ
โ --alert-threshold [unknown|negligible|low Minimum vulnerability โ
โ |medium|high|critical] threshold for raising โ
โ an alert. โ
โ [env var: โ
โ COUNSEL_THRESHOLD] โ
โ [default: high] โ
โ --remind-delay INTEGER When a โ
โ notification/action โ
โ reminder should be sent โ
โ (in days). โ
โ [env var: โ
โ COUNSEL_REMIND_DELAY] โ
โ [default: 10] โ
โ --kill-delay INTEGER When the final โ
โ notification/action โ
โ should be sent (in โ
โ days). โ
โ [env var: โ
โ COUNSEL_KILL_DELAY] โ
โ [default: 14] โ
โ --slack-webhook-url TEXT Slack webhook URL for โ
โ alert notifications. โ
โ [env var: โ
โ COUNSEL_SLACK_URL] โ
โ --slack-msg-template TEXT Slack Jinja2 template โ
โ for alert โ
โ notifications. โ
โ [env var: โ
โ COUNSEL_SLACK_MSG_TEMPโฆ โ
โ --install-completion Install completion for โ
โ the current shell. โ
โ --show-completion Show completion for the โ
โ current shell, to copy โ
โ it or customize the โ
โ installation. โ
โ --help Show this message and โ
โ exit. โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏ
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file counsel-0.1.0a0.tar.gz.
File metadata
- Download URL: counsel-0.1.0a0.tar.gz
- Upload date:
- Size: 12.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.4.0 CPython/3.11.2 Darwin/21.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | b87c74565e044c1f8e3b4bf7cfab8b6d6bd123c6ec659a2ee8f352f021453f63 |
|
| MD5 | 4a91f5b5dbc5e7ed5277003eea902705 |
|
| BLAKE2b-256 | a61aea8282e010b2c04254a833605587400a1d773f03ca6adafb9929b51ef930 |
File details
Details for the file counsel-0.1.0a0-py3-none-any.whl.
File metadata
- Download URL: counsel-0.1.0a0-py3-none-any.whl
- Upload date:
- Size: 12.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.4.0 CPython/3.11.2 Darwin/21.6.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c4c00029d01c1fcc75a5609b5d134e19e13fd687ba62e02b16a11b6773f14278 |
|
| MD5 | dd668c886e0eedf7e6d618ca8289150c |
|
| BLAKE2b-256 | 2432ad35d38fc4cf0037e37cdfecd2c600c9b6f96598cf83de0bf7a6beb64174 |
