|
4 months ago | |
---|---|---|
grafana | 4 months ago | |
Dockerfile | 4 months ago | |
LICENSE | 4 months ago | |
Makefile | 4 months ago | |
README.md | 4 months ago | |
lynis-report-converter.pl | 4 months ago | |
lynis_grafana.png | 4 months ago | |
main.py | 4 months ago | |
prod.sh | 4 months ago |
Accept lynis-report.dat files (upload), transform it into json and put it into a mariadb to visualize the result with grafana.
env | default value |
---|---|
DATABASE_HOST |
mariadb |
DATABASE_USER |
lynis |
DATABASE_PASSWORD |
lynis |
DATABASE |
lynis |
SSL |
value does not matter, if set, https is enabled |
When the env variable SSL
is set, the container looks for /tmp/key.pem
and /tmp/key.cert
.
When they are not found, it will generate a self signed certificate on the fly.
Gunicorn is started with 5 worker processes.
When using lynis-cron, you can post the result to your lynis-bridge with curl (yes, the user-agent must be set to lynis-bridge
, otherwise the lynis-bridge will response http code 403).
curl -A "lynis-bridge" -F data=@lynis-report.dat http://<lynis-bridge>:8080/upload
Currently only Mariadb >= 10.3 is supported.
The table reports
is using WITH SYSTEM VERSIONING
. So you got a report history about your hosts.
You just need to query them ;)
When /opt/mariadb.pem
is given, lynis-bridge
will use encrypted in transit using the Transport Layer Security (TLS) protocol to the mariadb host.
lynis-report-converter.pl
is taken from https://github.com/d4t4king/lynis-report-converter
host | category |
---|---|
https://git.osuv.de/m/lynis-bridge | origin |
https://gitlab.com/markuman/lynis-bridge | pull mirror |
https://github.com/markuman/lynis-bridge | push mirror |