This integration is an example and may require additional configuration depending on the versions used and the specifics of the infrastructure.
Compatibility is confirmed only for KUMA 2.0 or later and RedCheck 2.6.8 or later.
The terms and conditions of premium technical support do not apply to this integration; support requests are processed without a guaranteed response time.
RedCheck is a system for monitoring and managing the information security of an organization.
You can import asset information from RedCheck network device scan reports into KUMA.
Import is available from simple "Vulnerabilities" and "Inventory" reports in CSV format, grouped by hosts.
Imported assets are displayed in the KUMA web interface in the Assets section. If necessary, you can edit the settings of assets.
Data is imported through the API using the redcheck-tool.py utility. The utility requires Python 3.6 or later and the following libraries:
To import asset information from a RedCheck report:
For more details about scan tasks and output file formats, refer to the RedCheck documentation.
The account for which the token is created must satisfy the following requirements:
chmod +x <
path to the redcheck-tool.py file
>
python3 redcheck-tool.py --kuma-rest <
address and port of the KUMA REST API server
> --token <
API token
> --tenant <
name of the tenant in which the assets must be placed
> --vuln-report <
full path to the "Vulnerabilities" report file
> --inventory-report <
full path to the "Inventory" report file
>
Example:
|
You can use additional flags and commands for import operations. For example, the -v
command displays an extended report on the received assets. A detailed description of the available flags and commands is provided in the "Flags and commands of redcheck-tool.py" table. You can also use the --help
command to view information on the available flags and commands.
The asset information is imported from the RedCheck report to KUMA. The console displays information on the number of new and updated assets.
Example:
|
Example of extended import information:
|
The tool works as follows when importing assets:
Flags and commands of redcheck-tool.py
Flags and commands |
Mandatory |
Description |
---|---|---|
|
Yes |
Port 7223 is used for API requests by default. You can change the port if necessary. |
|
Yes |
The value of the option must contain only the token. The Tenant administrator or Tier 2 analyst role must be assigned to the user account for which the API token is being generated. |
|
Yes |
Name of the KUMA tenant in which the assets from the RedCheck report will be imported. |
|
Yes |
"Vulnerabilities" report file in CSV format. |
|
No |
"Inventory" report file in CSV format. |
|
No |
Display extended information about the import of assets. |
Possible errors
Error message |
Description |
---|---|
Tenant %w not found |
The tenant name was not found. |
Tenant search error: Unexpected status Code: %d |
An unexpected HTTP response code was received while searching for the tenant. |
Asset search error: Unexpected status Code: %d |
An unexpected HTTP response code was received while searching for an asset. |
[%w import][error] Host: %w Skipped asset with FQDNlocalhost or IP 127.0.0.1 |
When importing inventory/vulnerabilities information, host cfqdn=localhost or ip=127.0.0.1 was skipped. |