Use custom analyses

Custom analyses allow you to add analysis scripts to those provided by Cyberwatch. The results of these analysis scripts will be reported into the information of the associated assets.

The interest may be to add system information, packages or applications, etc., to the asset. The properties that can be reported and the syntax of the script results are described in the declarative data documentation.

Activation of the feature

The feature can be activated by going to the menu Administration and switching on “Custom analyses”. If the “Custom Scripts” menu is not available in the settings, it may mean that this feature is not active in your Cyberwatch license. You can contact us at support@cyberwatch.fr so that we can activate it (no additional cost).

Custom analysis creation

  1. Go to Settings > Analysis scripts.
  2. Click on the button + Add.
  3. Complete the creation form.
  4. Save.

Associate a custom analysis to a scanning policy

  1. Select a scanning policy in the list Settings > Scanning policies.
  2. Click on the edit button (pencil icon) corresponding to the scanning policy to edit.
  3. In the “Custom analyses” line of the form, click on the “Add a custom analysis” button.
  4. Select the analysis as well as its period of recurrence.
  5. Save.

Dissociate a custom analysis from a scanning policy

  1. Select a scanning policy in the list Settings > Scanning policies.
  2. Click on the edit button (pencil icon) corresponding to the scanning policy to edit.
  3. In the “Custom analyses” line of the form, click on the trash icon corresponding to the custom analysis to dissociate.
  4. Save.

Custom analysis script example

This analysis script adds PostgreSQL client to the asset’s applications:

VERSION=`psql -V | sed -nE "s/^psql \(PostgreSQL\) ([0-9.]++).*$/\1/p"`
echo "APPLICATION:postgresql|$VERSION"

Table of contents