Comments (12)
jmanduca-psfy
commented on May 24, 2024
1
This new OCSF-JSON does not include the Compliance Info, which was previously included in the previous JSON option. It is a requirement for the Compliance Finding [2003] Class but not in the Detection Finding [2004] Class which appears to be in use per @pr3l14t0r .
We were using this field to help sort through findings for our compliance requirements, now that it is gone it will create additional work or duplication of scans to sort them out in this version.
from prowler.
jfagoagas
commented on May 24, 2024
1
@pr3l14t0r we decided to use Detection Finding since it is the most accurate event for a Prowler finding. Regarding compliance we are evaluating the option to generate a Compliance Finding since as it happens with Prowler outputs, compliance and findings cannot be mapped into the same output.
CC: @jmanduca-psfy
from prowler.
jfagoagas
commented on May 24, 2024
1
@pr3l14t0r @jmanduca-psfy We are going to include the JSON v3 Compliance key in the Detection Finding at unmapped.compliance probably tomorrow. Sorry for the incovenience.
from prowler.
jfagoagas
commented on May 24, 2024
1
from prowler.
jmanduca-psfy
commented on May 24, 2024
1
Working great, thank you @jfagoagas !
from prowler.
adv4000
commented on May 24, 2024
Same issue here, Version 4.0.1 removed support for HTML:
prowler aws -M html
prowler aws: error: argument --output-formats/--output-modes/-M: invalid choice: 'html' (choose from 'csv', 'json-asff', 'json-ocsf')
from prowler.
jfagoagas
commented on May 24, 2024
Hi @jmanduca-psfy @adv4000, since v4 we have been deprecated the following outputs:
- The HTML is replaced for the new Prowler Dashboard, you can try it with
prowler dashboard. - The native JSON is replaced for the JSON OCSF v1.1.0, common for all the providers.
Thanks for using Prowler 🚀
from prowler.
christiandavilakoobin
commented on May 24, 2024
I tried the dashboard, and is very handy, but it requieres some extra steps to view the results. The html version was very useful for a quick view.
from prowler.
pr3l14t0r
commented on May 24, 2024
@jfagoagas Thanks for that information, i have absolutely overseen the prowler dashboard functionality.
Quick question if allowed: Is there a reason why you/the team have chosen the Detection Finding [2004] Class over Compliance Finding [2003] Class in OCSF-JSON? I can't find a discussion for that anywhere.
from prowler.
pr3l14t0r
commented on May 24, 2024
@jfagoagas Thanks for the explanation, highly appreciated! :)
from prowler.
jfagoagas
commented on May 24, 2024
@jfagoagas Thanks for the explanation, highly appreciated! :)
It's nothing! Always here to help 🙌
from prowler.
jfagoagas
commented on May 24, 2024
We are going to close this issue once the above PR gets merged. Please let us know if everything works fine and feel free to reopen it if notice something not expected.
Thanks for using Prowler 🚀
from prowler.
Related Issues (20)
- [Bug]: efs_not_publicly_accessible does not consider recommended AWS condition. HOT 3
- [Bug]: Encoding issue with Dashboard on Prowler 4.1.0 - Aces High HOT 6
- Look for externally shared DynamoDB Tables HOT 1
- Add support for AWS Lightsail resource HOT 1
- [Bug]: Unable to access the prowler dashboard from aws ec2 instance which has public IP HOT 4
- [Bug]: csv output is empty (only column names) HOT 4
- Add configuration for secret related checks HOT 5
- CIS 2.1.0 output has missing checks [Bug]: HOT 4
- [Bug]: empty json-ocsf output in 4.1.0 HOT 7
- [Bug]: efs_not_publicly_accessible check based on misunderstanding? HOT 5
- [Bug]: V4 sends muted fails to Security Hub HOT 2
- Support for custom metadata fields HOT 2
- [Bug]: Security group name missing from new json-oscf format HOT 5
- [Bug]: Separate Checks for Expired and Near-Expiration ACM Certificates HOT 11
- Add Service Account impersonation in GCP as a new authentication method
- [Bug]: Kubernetes RBAC errors HOT 10
- Bring back HTML reports HOT 1
- Getting FileNotFoundError while trying to set up prowler for aws HOT 13
- Getting Error when using prowler dashboard command - UnicodeDecodeError 'utf-8' codec can't decode byte 0x92 in position 5171 HOT 17
- [Bug]: Unix timestamp not working
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prowler.