JetPatch vulnerability parser can support any report from a Vulnerability Scanner by uploading the report into JetPatch. In this article, you will find how to import a vulnerability csv report from Tenable.io
Report Type: The report must be in a CSV type
Report Rows: Must include the following columns:
- Name - The name of the plugin that detected the vulnerability.
- Solution - Remediation information for the vulnerability.
- FQDN - The fully-qualified domain name of the host that the vulnerability was detected on
- IP Address
- CVE (optional) - space-separated list of CVEs
- The report should include the headers row
- The report information should be divided into columns (not a single column with all the information inside the cell)
After you verified that the report is valid for the JetPatch Tenable.io Vulnerability Scanner, the Vulnerability Parser can be customized.
The JetPatch Vulnerability Parser located in the "conf" folder, usually in /usr/share/tomcat/default/conf/intigua_vulnerability_parser.conf.json
To support the Tenable.io vulnerability report, replace the "intigua_vulnerability_parser.conf.json" file with the file attached to this article.
In order to do so perform the next steps -
1. Download the attached file
2. SSH to JetPatch server
3. Stop the tomcat service
systemctl stop tomcat
4. Remove the intigua_vulnerability parser.conf.json file:
rm -rf /usr/share/tomcat/default/conf/intigua_vulnerability_parser.conf.json
5. Insert the new configuration file to the same path
6. Start tomcat
systemctl start tomcat
7. Go to the JetPatch application > Patches Catalog > Vulnerabilities. You should be able to see that there is a "Tenable.io csv" report option. Use it to upload your vulnerability scan report.