You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Markus Bergholz d43e2e1892 Update '' 4 months ago
grafana add ansible playbook to deploy lynis grafana dashboard draft 4 months ago
Dockerfile use multistage and a non-root user 4 months ago
LICENSE add license file 4 months ago
Makefile add openssl to generate self-signed on request, add '/' route 4 months ago Update '' 4 months ago add licence and comment to source 4 months ago
lynis_grafana.png update screenshot 4 months ago add 3rd view 4 months ago write key to /tmp 4 months ago


Accept lynis-report.dat files (upload), transform it into json and put it into a mariadb to visualize the result with grafana.


docker deployment

env default value
SSL value does not matter, if set, https is enabled

When the env variable SSL is set, the container looks for /tmp/key.pem and /tmp/key.cert.
When they are not found, it will generate a self signed certificate on the fly.

Gunicorn is started with 5 worker processes.

client notes

When using lynis-cron, you can post the result to your lynis-bridge with curl (yes, the user-agent must be set to lynis-bridge, otherwise the lynis-bridge will response http code 403).

curl -A "lynis-bridge" -F data=@lynis-report.dat http://<lynis-bridge>:8080/upload


Currently only Mariadb >= 10.3 is supported.
The table reports is using WITH SYSTEM VERSIONING. So you got a report history about your hosts.
You just need to query them ;)

When /opt/mariadb.pem is given, lynis-bridge will use encrypted in transit using the Transport Layer Security (TLS) protocol to the mariadb host.

credits. is taken from


host category origin pull mirror push mirror