nmap2nagios

Langue: en

Version: 2008-02-11 (mandriva - 01/05/08)

Section: 1 (Commandes utilisateur)

NAME

nmap2nagios.pl - Perl program to process nmap XML output into Nagios host/hostgroup/services entries

SYNOPSIS

   Note: I'm not going to go into the theory of using nmap.  Please read the nmap docs for that.
 
   ./nmap -sS -O -oX nmap.xml myserver.mydomain.com 
 
   ./nmap2nagios.pl -i -z || -d -r nmap.xml -o new.cfg
 
   That's it.
 
   What this program attempts to do is make you life easier by building your hostgroup,
   host and service entries for you.
 
   It does this by parsing the nmap XML output.
 
   Here's a sample nmap command:
 
     nmap -sS -O -oX 192.168.100.1.xml 192.168.100.1
 
   Which generates this to STDOUT:
 
   Starting Nmap 4.20 ( http://insecure.org ) at 2008-01-17 12:00 CET
   Interesting ports on victim.nagios.local (192.168.100.1):
   Not shown: 1693 closed ports
   PORT     STATE SERVICE
   135/tcp  open  msrpc
   139/tcp  open  netbios-ssn
   445/tcp  open  microsoft-ds
   3389/tcp open  ms-term-serv
   MAC Address: 00:30:05:53:47:3E (Fujitsu Siemens Computers)
   No exact OS matches for host (If you know what OS is running on it, 
   see http://insecure.org/nmap/submit/ ).
   TCP/IP fingerprint:
   OS:SCAN(V=4.20%D=1/18%OT=135%CT=1%CU=32804%PV=Y%D=1%G=Y%M=003005%TM=47909B
   OS:38%P=i686-pc-linux-gnu)SEQ(SP=106%GCD=1%ISR=10%TI=I%II=I%SS=S%TS=0)OPS(
   OS:O1=M5B4NW0NNT00NNS%O2=M5B4NW0NNT00NNS%O3=M5B4W0NNT00%O4=M5B4NW0NNT00NNS
   OS:%O5=M5B4NW0NNT00NNS%O6=M5B4NNT00NNS)WIN(W1=FFF%W2=FFFF%W3=FFFF%W4=FFFF%
   OS:W5=FFFF%W6=FFFF)ECN(R=Y%DF=Y%T=80%W=FFFF%O=M5BNW0NNS%CC=N%Q=)T1(R=Y%DF=
   OS:Y%T=80%S=O%A=S+%F=AS%RD=0%Q=)T2(R=Y%DF=N%T=80%=0%S=Z%A=S%F=AR%O=%RD=0%Q
   OS:=)T3(R=Y%DF=Y%T=80%W=FFFF%S=O%A=S+%F=AS%O=M5B4N0NNT00NNS%RD=0%Q=)T4(R=Y
   OS:%DF=N%T=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T5(R=Y%DFN%T=80%W=0%S=Z%A=S+%F=AR
   OS:%O=%RD=0%Q=)T6(R=Y%DF=N%T=80%W=0%S=A%A=O%F=R%O=RD=0%Q=)T7(R=Y%DF=N%T=80
   OS:%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=80%OS=0%IPL=B0%UN=0%RIPL=G%
   OS:RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)IE(R=Y%DFI=S%T=I=Z%CD=Z%SI=S%DLI=OS:S)
 
         Network Distance: 1 hop
 
         OS detection performed. Please report any incorrect results at 
         http://insecure.org/nmap/submit/ .
         Nmap finished: 1 IP address (1 host up) scanned in 10.000 seconds
 
 

TODO

Caching of previous runs which would allow for merging new and previous scans into a new output file.

Parseing of host/hostgroup/service entries from existing hosts.cfg for merging with new/previous scans.

Parseing of host/hostgroup/service entries from nmap-XML containing IP-range-scans.

AUTHORS

Todd A. Green <slaribartfast@awardsforfjords.com>

Michel Sigloch <mail@michel-sigloch.de>

Copyright (c) 2000-2002 Todd A. Green. Redux 2008      M. Sigloch

All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. If you do modify it though please let the author know cause he likes to hear that someone found his work useful. :)

Nagios is a registered trademark of Ethan Galstad.

DISCLAIMER

It you do something stupid with this software, like wipe out your entire 500 host, 1500 service Netsaint/Nagios configuration, it's your own fault. Backups, Backups, Backups, Backups. Be that as it may, I have beaten the crap out of the code, but I'm sure there is something goofy it will do so use it at your own risk. Please send any bug reports or suggestions to the author.

SEE ALSO

Nagios @ http://www.nagios.org

nmap @ http://www.insecure.org/nmap/

Nagios-Portal.de @ http://www.nagios-portal.de

NAGIOS

Nagios and the Nagios logo are registered trademarks of Ethan Galstad.