Getting a list of vulnerabilities of all agents
111 views
Skip to first unread message
Cézar
May 8, 2024, 4:57:41 PM5/8/24
to Wazuh | Mailing List
Hello guys, how have you been?
I am trying list all the vulnerabilities of all agents in a single file, like a csv sheet.
I was using until now the API:
However it seems that this endpoint in particular has been deprecated. And my script is kind of slow because it make a lot of sequential requests to get the vulnerabilities of all agents.
So I have come to ask if there is another endpoint that I can use (that maybe can do the trick in one go) or another solution for my problem. Is there another way for me to list all vulnerabilities in a file?
Thank you!
Thank you!
Yours faithfully,
Cézar
Manuel Alejandro Roldan Mella
May 8, 2024, 10:41:59 PM5/8/24
to Wazuh | Mailing List
Hi Cezar,
The specific API endpoint you used to retrieve vulnerabilities has indeed been deprecated with Wazuh 4.7. However, you can still use the existing API to query CVE information for the agents until further updates are released. In future releases, vulnerability data will be directly indexed, and you could use the OpenSearch API to query these indexed documents following the ECS schema. This method should be available soon and will allow more efficient data retrieval.
Meanwhile, I recommend optimizing your current script to handle queries more efficiently:
Parallelization: Implement parallel requests instead of sequential ones to speed up the data retrieval process significantly.
Smart Pagination: Ensure you use the API's pagination feature effectively to reduce the number of API calls.
These adjustments should help maintain your workflow until the new API capabilities are fully integrated.
The specific API endpoint you used to retrieve vulnerabilities has indeed been deprecated with Wazuh 4.7. However, you can still use the existing API to query CVE information for the agents until further updates are released. In future releases, vulnerability data will be directly indexed, and you could use the OpenSearch API to query these indexed documents following the ECS schema. This method should be available soon and will allow more efficient data retrieval.
Meanwhile, I recommend optimizing your current script to handle queries more efficiently:
Parallelization: Implement parallel requests instead of sequential ones to speed up the data retrieval process significantly.
Smart Pagination: Ensure you use the API's pagination feature effectively to reduce the number of API calls.
These adjustments should help maintain your workflow until the new API capabilities are fully integrated.
Reply all
Reply to author
Forward
0 new messages