GOdin
debcvescan
GOdin | debcvescan | |
---|---|---|
5 | 1 | |
2 | 24 | |
- | - | |
1.0 | 0.0 | |
about 1 year ago | about 1 year ago | |
Go | Go | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GOdin
- Godin – manage package upgrades on multiple servers
- Godin - management of package upgrades on multiple servers
-
Monitoring Linux package upgrades
I also wrote my own solution to the problem: https://github.com/Ataraxxia/godin inspired by patchman, using Grafana for data presentation and PostgreDB for storing JSON-structured client reports. Currently works for apt and yum.
-
Monthly 'Shameless Self Promotion' thread - 2021/09
https://github.com/Ataraxxia/godin https://grafana.com/grafana/dashboards/14939 <- sample Grafana dashboard
debcvescan
-
Debian/Ubuntu changelog??
So I wrote a thorough checkmk local check script to report on patch state, and we were able to then pull reports straight out of our monitoring system. You can see a lobotomised version of said script here. When it came time for me to apply the same work to Debian/Ubuntu, I found that ecosystem to be somewhat brutally lacking compared to the RHEL world. You can see in that script that I mention debsecan, and for Ubuntu you'd need to pair it with ust2dsa. What I don't clearly mention in that script, though I hinted at it, is that I was exploring a way to parse Ubuntu's security JSON feeds... and it looks like Canonical started doing that themselves with their in-house cvescan tool. There's also the debcvescan tool for the Debian world.
What are some alternatives?
patchman - Patchman is a Linux Patch Status Monitoring System
sec-cvescan - Analyzes an Ubuntu system and checks for unpatched vulnerabilities.
minitor-go - A minimal monitoring tool (Mirror)
ust2dsa - Improves Ubuntu security feed compatibility allowing it to be consumed by Debian vulnerability report tool, debsecan.
ppa - A PPA repository for my packages (Godot)
grype - A vulnerability scanner for container images and filesystems
redis-ttl-missing-alert-service - Service monitors Redis keys created without any Time To Live (TTL) and alerts based on different configurations provided by different teams.
netscan - A fast TCP port scanner
sgCheckup - sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
gpm - Barebones dependency manager for Go.
zig-deb - Package zig into an apt package for installing on debian / ubuntu