Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
184
Views
1
Helpful
1
Comments

Schedule tasks related to the Cisco Vulnerability Management platform

lewiso
Cisco Employee
Cisco Employee

on ‎05-31-2024 10:53 AM

The Cisco Vulnerability Management (CVM) platform is a risk-based vulnerability management (RBVM) solution that at its core, provides organization with proven threat intelligence and prioritization for vulnerabilities within their environment. Along with this prioritization, the platform also contains a lot of functionality that helps vulnerability management programs at all levels of maturity.

Among these features are the ability to ingest structured data sets via the Cisco Data Importer (KDI) connector, as well as a robust set of well-documented API endpoints that can help with task automation on the CVM platform. Some customers leverage this functionality as part of their daily VM operations and while they can be initiated manually on demand, a preferred option would be to have such tasks run automatically on a schedule. This blog aims to provide such customers with a foundation for setting up these automated tasks in both Windows and Linux platforms.

 

At a high-level, the sequence of steps would be something of the sort:

  1. Make available the vulnerability file for processing as part of the script execution.
  2. Run the task / script with the required parameters.
  3. Optionally make a backup / delete the source file.
  4. Optionally log relevant information and the outcome of the task execution.

 

For the purpose of this blog post, we would develop a solution to execute a CVM-related task. The sample task is a csv2kdi conversion which converts the scan data in the input file, using an available meta file, and then uploads the results into the specified CVM data importer connector. The solution would execute the following activities.

  1. Search for the input file.
  2. If the input file does not exist, log this message, and exit the script.  If the file exists, proceed to 3 .
  3. If the input file exists, carry on with script execution.
  4. Upon successful completion of the script, make a backup of the source file. The backup is named with the date and time of execution for easy tracking.
  5. Log the start and end time of the script as well as the outcome of the script to a log file.

The following parts of the article would document a solution for achieving this in both Windows and Linux systems.

 

Windows Automation Solution

A batch (.bat) template file is provided in the ZIP archive attachment that can be tweaked to the user’s requirements. Variables have been used so that such tweaks can be done very easily. Save the .bat file in a location for which script execution is to be done.

To ensure this blog doesn’t become overly complex, the credentials are to be input as part of the batch file. Please use secure options, depending on your environment and existing password solutions, to make any secrets available to the batch file during execution.

You can follow the steps below to to run the task at a selected time of your choosing

 

1. Open the Windows Task Scheduler program.

 

lewiso_1-1717173293940.png
 
2. Create a new task.
 
lewiso_2-1717173412801.png
 
3. Configure the ‘General’ settings in the task scheduler interface.

 

lewiso_3-1717173995899.png

 

4. In the ‘Trigger’ section, click on ‘New’ and configure a schedule for when the Task should be executed. Make sure the task is Enabled.

 

lewiso_4-1717174052879.png

 

5. In the ‘Actions’ tab, click on ‘New’ and configure the Action to ‘Start a program’ and then browse to the location of your created batch file. Also recommended to configure what folder you would like the program to start in by configuring the 'Start in (Optional)' field. 

lewiso_5-1717174189374.png

 

6. Configure the ‘Conditions’ and ‘Settings’ tabs as per your requirements.

lewiso_6-1717174230183.png

 

7. Click ‘Ok’ when done with the setup.

 

It is recommended to run the batch file manually at least once to ensure it runs properly before setting up the scheduler to implement the automated tasks based on the created schedule.

Once this has been configured, the task should run in an automated fashion as long as the source file is available. Logging is done in the log files which can be used to view historical execution of the associated task.

 

Linux Automation Solution

We would setup a similar automated process for the Linux system which uses cron jobs instead for scheduling. A script (.sh) template file is provided in the ZIP archive attachment which implements the logic specified earlier. Variables have also been used so that modifications can be done very easily. Save the bash (.sh) file in a location from which the script execution is to be done.

To ensure this blog doesn’t become overly complex, the credentials are to be input as part of the script file, however, please use secure options, depending on your environment and existing password solutions, to make any secrets available to the script file during execution.

Next would be to setup your cron job for executing the script at predetermined times. The process would be similar to the following:

 

1. Ensure that the cron service is started and running. It is also recommended that the cron service is also configured to run at boot up. Use the relevant commands for your Linux system to confirm

 

2. Setup a cron job by following a similar procedure as shown below:

    • Open a Terminal window and type ‘crontab -e’. This opens up the crontab editor.
    • Scroll down to the end of the file and configure the details of the cron job similar to the example below. Specify the location of the created bash file as the command to be run.

 

lewiso_7-1717174438742.png

3. Save the file and exit.

 

It is recommended to run the script file manually at least once to ensure it runs properly before setting up the cron job to implement the automated tasks based on the created schedule.

Once this has been configured, the task should run in an automated fashion as long as the source file is available. Logging is done in the log file which can be used to view historical execution of the associated task.

 

 

Disclaimer:

Please note that this blog provides general guidance on script automation. It is crucial to handle passwords and credentials with the utmost care. For production environments, we advise implementing more robust security measures, such as secret management tools or encryption, to protect sensitive information.

 

Closing:

In conclusion, automating KDI connectors and scripts can significantly reduce manual overhead and improve the efficiency of your vulnerability management process. With these instructions and considerations, both Windows and Linux users can set up reliable automation for operational tasks / activities, freeing up valuable time to focus on what matters most – keeping your systems secure.

Remember, the key to successful automation lies in not just setting it up, but also in continuously monitoring and updating your scripts to adapt to new challenges. Stay secure and automate wisely!

 

batch and script files.zip
Comments
gladys1258williams
Level 1
Level 1
‎06-05-2024 01:52 AM

Thanks for sharing this post. It is informative for me. vanilla card balance

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents