You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Markus Bergholz d43e2e1892 Update '' 2 years ago
grafana add ansible playbook to deploy lynis grafana dashboard draft 2 years ago
Dockerfile use multistage and a non-root user 2 years ago
LICENSE add license file 2 years ago
Makefile add openssl to generate self-signed on request, add '/' route 2 years ago Update '' 2 years ago add licence and comment to source 2 years ago
lynis_grafana.png update screenshot 2 years ago add 3rd view 2 years ago write key to /tmp 2 years ago


Accept lynis-report.dat files (upload), transform it into json and put it into a mariadb to visualize the result with grafana.


docker deployment

env default value
SSL value does not matter, if set, https is enabled

When the env variable SSL is set, the container looks for /tmp/key.pem and /tmp/key.cert.
When they are not found, it will generate a self signed certificate on the fly.

Gunicorn is started with 5 worker processes.

client notes

When using lynis-cron, you can post the result to your lynis-bridge with curl (yes, the user-agent must be set to lynis-bridge, otherwise the lynis-bridge will response http code 403).

curl -A "lynis-bridge" -F data=@lynis-report.dat http://<lynis-bridge>:8080/upload


Currently only Mariadb >= 10.3 is supported.
The table reports is using WITH SYSTEM VERSIONING. So you got a report history about your hosts.
You just need to query them ;)

When /opt/mariadb.pem is given, lynis-bridge will use encrypted in transit using the Transport Layer Security (TLS) protocol to the mariadb host.

credits. is taken from


host category origin pull mirror push mirror