Hi, how can we get vulnerable software per host no...
# fleetm
Mystery Incorporated
10/16/2021, 3:11 AMHi, how can we get vulnerable software per host not using the UI? Is it possible?
s
spookerlabs
10/16/2021, 8:22 AMWe talked about this in previous thread but using this endpoint https://fleetdm.com/docs/using-fleet/rest-api#get-host you will get
m
Mystery Incorporated
10/17/2021, 4:27 AMOh I should have specified without having to write code that queries an API. So like is it possible to have fleet write to a log or something like that, something that I can ship to elastic so I can alert anytime a vulnerability is detected
t
Tomas Touceda
10/18/2021, 11:00 AMhi!
fleetctl get softwarem
Mystery Incorporated
10/18/2021, 1:56 PM@Tomas Touceda I guess I could run fleetctl on a cronjob and pipe the output to a file I can ingest into elastic?
s
spookerlabs
10/18/2021, 2:06 PMWith --json you can easily ingest but there is no host information in this output, Just all software vulnerabilities aggregated
m
Mystery Incorporated
10/18/2021, 2:28 PMOh that's not going to be useful I need to know the host with the vulnerability!
t
Tomas Touceda
10/18/2021, 2:41 PMcould you tell me more about the use case you are trying to cover?
4 Views