Muhammad Ishaq Paracha

SQL Query for Nexpose Custom Report

Discussion created by Muhammad Ishaq Paracha on Apr 21, 2017
Latest reply on Apr 27, 2017 by Alex Brannick

Hi Fellows,

 

I am looking for a SQL query which can give me following result is CSV format

 

S.No , Vulnerability title , Score , Severity , Instances

 

We have created asset groups name for example department1, department2,department3, with multiple IP's in them and these are scanned under site1 every week

 

I have to report following types of information
1) Top 20 vulnerabilities according to severity (i have no problem in that )2) Top 20 vulnerabilities title (i have no problem in that )

3) Top 20 affected systems by departments which were scanned under 1 site , i have problem in this

to clear things i require this

Top 20 IP address , Department name (which is the asset group name)

X.X.X.X , Department 1

X.X.X.X , Department 1

X.X.X.X , Department 2

for all top 20 vulnerable assets according to total number of vulnerabilities

 

right now i am doing this manually after scan i sort list on nexpose by highest to lower number of vulnearblites and then export them in to scv but that doesnt give me the name of department or asset group from which the ip's belong so i have to check my IP list and then write its department or asset group name manually

 

4) Top 20 vulnerabilities instances on unique IP

again there is problem i am able to find the top 20 unique vulnerabilities but with total instances not the unique instances per IP

this is what i require this time not the IP but the system IP count

SQL injection -  affecting 4 unqiue systems

XSS - affecting 5 unique systems

 

Please help

Outcomes