Jump to content


Photo
- - - - -

Automation of report generating


  • Please log in to reply
13 replies to this topic

#1 andrewskyner

andrewskyner

    Security Newbie

  • Members
  • 1 posts

Posted February 09, 2012 - 04:34 PM

Is there a way to automatically generate a report when a Retina scan has completed? Or a way a batch/vbs script can generarte a report at a certain time?

#2 ntavendale

ntavendale

    Security Newbie

  • Members
  • 1 posts

Posted February 23, 2012 - 03:21 PM

I would also like to know this. I'd like to schedule a scan, generate a report and have it emailed to me (I can do the last part with a script) when I'm not in the office.

#3 JustinM

JustinM

    Security Mastermind

  • Members
  • 83 posts
  • LocationIrvine, CA

Posted February 27, 2012 - 03:29 PM

In Retina CS you can schedule scan jobs and reports.
In Retina NSS you can schedule scan jobs, but not reports.

#4 jbeid

jbeid

    Security Hobbyist

  • Members
  • 26 posts

Posted March 01, 2012 - 05:47 PM

Retina NSS can generate reports from command line. Once you know the parameters it's not hard to do. I wrote a script that runs retina.exe from CL and produces all the reports for all the scans I've chosen. I used AutoIt, but of course any scripting language would do. I don't need to schedule the reports to be created, so you'd have to work out how to do that. Look up running Retina from command line in the user manual or in their knowledge base.

#5 chess

chess

    Security Newbie

  • Members
  • 3 posts

Posted May 23, 2012 - 01:20 PM

It seems like this feature may have been taken out in version 5? the user manual for NSS mentions that the "report" CLI command was removed.
Does this mean there is no way to generate reports via command line? Is there any other way I can automate this process so that I don't have to physically open retina and generate a report? That kind of functionality seems like it would be core to this product but it isn't really clear if this is even supported....

#6 jbeid

jbeid

    Security Hobbyist

  • Members
  • 26 posts

Posted May 24, 2012 - 10:12 AM

I've got the latest version of Retina, 5.16.1, on a Server2008 R2 system, and I am able to run retina reports from the command line. I just tested it out after reading your post. So I don't know what to tell you. Maybe the user manual is wrong?

#7 chess

chess

    Security Newbie

  • Members
  • 3 posts

Posted May 24, 2012 - 12:16 PM

mind giving me a quick example of how you do this? In the manual I have for v5 there is literally one mention of reports in the command line section, and all that says is that the argument was deprecated for v5.

#8 jbeid

jbeid

    Security Hobbyist

  • Members
  • 26 posts

Posted May 25, 2012 - 09:36 AM

No problem. The User Guide on pp. 64-65 says:

----------------------------------------------------------

Run Reports from the CLI
You can run Reports from the command line. The output types include HTML and XML.

To run reports from the command line:

Run "Retina.exe" from the Retina installation directory with the following parameters:

Retina /rpttype target rtd [jobname]

Where:
"rpttype" is disc, exec, rem, sum, vuln, acc or pci
rptdisc = Discovery
rptexec = Executive
rptrem = Remediation
rptsum = Summary
rptvuln = Vulnerability Report (HTML)
rptacc = Access
rptpci = PCI Compliance
rptvulnxml = Vulnerability Export (XML)
rptvulncsv = Vulnerability Export (CSV)
rptreg = Regulatory Compliance

"target"
HTML output full path and filename, including extension.
If spaces exist in the path, the target should display in quotes.

"rtd"
Full path and filename to the source RTD.
If spaces exist in the path, the target should display in quotes. The rtd is not
required for Discovery reports.

"jobname"
Name of the job in the RTD that generates a report. This is optional.
If this is omitted or more than one job with that name exists within the RTD,
then the latest job will be used as the source.
If spaces exist in the path, the target should display in quotes. The jobname
is not required for Discovery reports.

Examples
 Generating a summary report for the latest job in an RTD
Retina /rptsum ―c:\reports\summary\latest_job.html‖ ―c:\program files\eeye digital
security\retina 5\scans\latest.rtd‖

 Generating a Discovery report
Retina /rptdisc ―c:\reports\discovery\latest_disc.html‖
 Generating an Executive report for latest job named ―WAN‖:
Retina /rptexec ―c:\reports\executive\WAN_exec.html‖ ―c:\program files\eeye digital
security\retina 5\scans\network.rtd‖ ―WAN‖


----------------------------------------------------------

They don't mention this, but I have found that the Retina UI can't be running at the same time you're executing commands from command line. So if I need to use the Retina CL, I have to close the GUI.

Just be sure to put quotes around paths with spaces in them, such as the path to the retina 5 folder.

I can't seem to find where they put the Retina User Manual on their website. Maybe someone at eEye can answer that?

#9 eEye Joseph

eEye Joseph

    Security Explorer

  • BeyondTrust Moderators
  • 11 posts
  • LocationIrvine, CA

Posted May 29, 2012 - 04:08 PM

The Retina User Guide is not available to the public on the eeye.com website. It's only available on the customer portal at https://www.eeye.com/customers You have to be a customer and have a login to access this area. Once you're in, go to Home » Product Downloads » Product Documentation.

#10 chess

chess

    Security Newbie

  • Members
  • 3 posts

Posted May 30, 2012 - 05:33 AM

No problem. The User Guide on pp. 64-65 says:

----------------------------------------------------------

Run Reports from the CLI
You can run Reports from the command line. The output types include HTML and XML.

To run reports from the command line:

Run "Retina.exe" from the Retina installation directory with the following parameters:

Retina /rpttype target rtd [jobname]

Where:
"rpttype" is disc, exec, rem, sum, vuln, acc or pci
rptdisc = Discovery
rptexec = Executive
rptrem = Remediation
rptsum = Summary
rptvuln = Vulnerability Report (HTML)
rptacc = Access
rptpci = PCI Compliance
rptvulnxml = Vulnerability Export (XML)
rptvulncsv = Vulnerability Export (CSV)
rptreg = Regulatory Compliance

"target"
HTML output full path and filename, including extension.
If spaces exist in the path, the target should display in quotes.

"rtd"
Full path and filename to the source RTD.
If spaces exist in the path, the target should display in quotes. The rtd is not
required for Discovery reports.

"jobname"
Name of the job in the RTD that generates a report. This is optional.
If this is omitted or more than one job with that name exists within the RTD,
then the latest job will be used as the source.
If spaces exist in the path, the target should display in quotes. The jobname
is not required for Discovery reports.

Examples
 Generating a summary report for the latest job in an RTD
Retina /rptsum ―c:\reports\summary\latest_job.html‖ ―c:\program files\eeye digital
security\retina 5\scans\latest.rtd‖

 Generating a Discovery report
Retina /rptdisc ―c:\reports\discovery\latest_disc.html‖
 Generating an Executive report for latest job named ―WAN‖:
Retina /rptexec ―c:\reports\executive\WAN_exec.html‖ ―c:\program files\eeye digital
security\retina 5\scans\network.rtd‖ ―WAN‖


----------------------------------------------------------

They don't mention this, but I have found that the Retina UI can't be running at the same time you're executing commands from command line. So if I need to use the Retina CL, I have to close the GUI.

Just be sure to put quotes around paths with spaces in them, such as the path to the retina 5 folder.

I can't seem to find where they put the Retina User Manual on their website. Maybe someone at eEye can answer that?


Very awesome post, thanks man!

The Retina User Guide is not available to the public on the eeye.com website. It's only available on the customer portal at https://www.eeye.com/customers You have to be a customer and have a login to access this area. Once you're in, go to Home » Product Downloads » Product Documentation.

Ah. Weird, but alright.

#11 bitzer

bitzer

    Security Newbie

  • Members
  • 1 posts

Posted February 13, 2013 - 11:34 AM

When I attempt to do this, I get an error screen that says:
 
Can not use this database for output: Unknown Database Type - Error:
GetEeyeDatabaseVersion of DataSource::Database Type=FILE -
-2147217843 Authentication failed.

 

Does anyone have any experience with this?
 
Edit: I should include the following (the command I'm using)

 

c:\path_to_retina\retina /rptvulncvs -c:\retina_reports\test.csv -c:\retina_reports\test.rtd

 

Originally, I'd tried the actual paths (making sure to use quotes due to spaces in the paths), but removed as many variables as possible before finally giving up and coming here. I've tried smaller scans (single machines) and I'm seeing the same thing.

Edited by bitzer, February 13, 2013 - 12:53 PM.


#12 dhunter

dhunter

    Security Newbie

  • Members
  • 2 posts

Posted March 08, 2013 - 05:34 PM

When I attempt to do this, I get an error screen that says:

 
Does anyone have any experience with this?

 

Yes I'm seeing the same error.  Have you found solution yet?



#13 Billtill

Billtill

    Security Newbie

  • Members
  • 8 posts

Posted March 11, 2013 - 12:18 PM

In your quote, you state:

 

c:\path_to_retina\retina /rptvulncvs -c:\retina_reports\test.csv -c:\retina_reports\test.rtd

 

I notice you have /rptvulncvs but you need to put /rptvulncsv to create a csv..



#14 dhunter

dhunter

    Security Newbie

  • Members
  • 2 posts

Posted March 12, 2013 - 04:04 PM

Found out the problem after many tries, originally I have:

D:\Program Files (x86)\BeyondTrust\Retina 5\Retina.exe /rptvuln D:\test.html "D:\Program Files (x86)\BeyondTrust\Retina 5\Scans\test.rtd"

 

And I kept getting the database error no matter which rpttype I tried, then I moved the rtd file to D:\

D:\Program Files (x86)\BeyondTrust\Retina 5\Retina.exe /rptvuln D:\test.html D:\test.rtd

 

Then it started working without space in the rtd file path, $@#! Windows and Retina example...

Hope this helps others.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users