Monday, June 25, 2012

Nessus Compliance - Transposed

Code:
https://github.com/JasonMOliver/Java_Parsers/blob/master/XMLCompTableTranspose.java

-----

I got an email a few days ago posing an interesting question -

How difficult would it be to switch columns with rows? (in the XMLComplianceTable.java)

As a guy that always enjoys fun challenges such as this, I wanted to put a bit of time and thought into the solution. The rationale for this was sound (i.e Excel supports far more rows than columns) so, why not?

With that being said, here is the modified code -

This bit of java will read .nessus files for the pluginIDs associated with Windows and UNIX compliance scans and restructure the data.

With this code you get an x (tests scanned) , y  (hosts conducted) view of the data contained in the file. When scanning many hosts this allows you to identify trends in baselines much quicker in addition to a simple way of spotting misconfigured hosts.

It will build the data sets dynamically from the .nessus file and supports output of html and xls.

You can run this code with the following command-line:

java XMLCompTableTranspose input-file.nessus > output-file.[xls/html]

One side note - if you scan the same machine more than one time this current version will put the results in the right row, but due to having two sets of results it kills the links to the headers for that row.

cheers

JSN

P.S. A big thanks to Roger Grimes at InfoWorld for the question / challenge, it was fun.

No comments:

Post a Comment