Skip to main content

vunnel ~= 'vulnerability data funnel'

Project description

vunnel

A tool for fetching, transforming, and storing vulnerability data from a variety of sources.

vunnel-demo

Supported data sources:

Installation

With pip:

pip install vunnel

With docker:

docker run \
  --rm -it \
  -v $(pwd)/data:/data \
  -v $(pwd)/.vunnel.yaml:/.vunnel.yaml \
    ghcr.io/anchore/vunnel:latest  \
      run nvd

Where:

  • the data volume keeps the processed data on the host
  • the .vunnel.yaml uses the host application config (if present)
  • you can swap latest for a specific version (same as the git tags)

See the vunnel package for a full listing of available tags.

Getting Started

List the available vulnerability data providers:

$ vunnel list

alpine
amazon
centos
debian
github
nvd
oracle
rhel
sles
ubuntu
wolfi

Download and process a provider:

$ vunnel run wolfi

2023-01-04 13:42:58 root [INFO] running wolfi provider
2023-01-04 13:42:58 wolfi [INFO] downloading Wolfi secdb https://packages.wolfi.dev/os/security.json
2023-01-04 13:42:59 wolfi [INFO] wrote 56 entries
2023-01-04 13:42:59 wolfi [INFO] recording workspace state

You will see the processed vulnerability data in the local ./data directory

$ tree data

data
└── wolfi
    ├── checksums
    ├── metadata.json
    ├── input
    │   └── secdb
    │       └── os
    │           └── security.json
    └── results
        └── wolfi:rolling
            ├── CVE-2016-2781.json
            ├── CVE-2017-8806.json
            ├── CVE-2018-1000156.json
            └── ...

Note: to get more verbose output, use -v, -vv, or -vvv (e.g. vunnel -vv run wolfi)

Delete existing input and result data for one or more providers:

$ vunnel clear wolfi

2023-01-04 13:48:31 root [INFO] clearing wolfi provider state

Example config file for changing application behavior:

# .vunnel.yaml
root: ./processed-data

log:
  level: trace

providers:
  wolfi:
    request_timeout: 125
    runtime:
      existing_input: keep
      existing_results: delete-before-write
      on_error:
        action: fail
        input: keep
        results: keep
        retry_count: 3
        retry_delay: 10

Use vunnel config to get a better idea of all of the possible configuration options.

FAQ

Can I implement a new provider?

Yes you can! See the provider docs for more information.

Why is it called "vunnel"?

This tool "funnels" vulnerability data into a single spot for easy processing... say "vulnerability data funnel" 100x fast enough and eventually it'll slur to "vunnel" :).

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vunnel-0.14.0.tar.gz (91.8 kB view hashes)

Uploaded Source

Built Distribution

vunnel-0.14.0-py3-none-any.whl (111.3 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page