Add air gap assets

Obtaining scripts

  1. Click on Asset Management > Air Gap Assets
  2. Click on the button Add new asset
  3. In the box at the bottom, click on the “Download” button, then “Download the analysis scripts”
  4. Unzip the previously downloaded cyberwatch-airgap.zip file. The resulting folder contains a folder called scripts, who also contains several sub-folders, representing the different operating systems compatible with the scripts.
  5. In order to run the scan, you will need to copy the cyberwatch-airgap folder to the target machine. Depending on the characteristics of the machine (we will take Windows for the example), you will need to go to the corresponding folder. Two solutions are then available to you:
  • Run the scripts using PowerShell ISE: After opening PowerShell ISE in the correct location, you will need to execute the following code:
.\run.ps1

This will provide the return of the scripts, which must be copied and pasted into the form page. On this page, there is two elements on the first bloc:

  • “Group”, that refers to the groups to assign to the asset
  • “System information”, that refers to the information interpreted by the Cyberwatch system, is where you need to paste previous copied data. Help on the expected format is available on the right of the page (see List of main properties)

Then, you will need paste previous data in the field System information and validate it by clicking on Create.

  • The other way is to run the scripts using PowerShell, but sending the script result to a file. To do this, you will need to execute the following command:
.\run.ps1 > airgap.txt

The airgap.txt file thus generated will be imported onto the form page by clicking on the Browse... button (or Select. fichiers if you use Google Chrome), then selecting it and pressing open. Finally, you will need to press the Import button in order to create the asset. Each TXT file corresponds to an asset. They must follow the Declarative data syntax.

Import Air gap assets

Using the cyberwatch-cli command

You can import air gap assets using the cyberwatch-cli command. This command is available once the cyberwatch_api library has been installed. You can find the cyberwatch_api installation and configuration procedure here.

This command is used to download analysis scripts and import the results of air gap scripts into Cyberwatch to create or modify assets.

Once the air gap exports have been created, run the following command:

cyberwatch-cli airgap upload

By default, the command will export all files in the uploads folder. You can specify the exports files by providing it in option (cyberwatch-cli airgap upload /tmp/cyberwatch-airgap/uploads/*)

More information on the cyberwatch-cli command is available at the GitHub repository

XLSX file

The first line must contain the property keys (see List of main properties). The following lines correspond to an asset to add. Columns without values will be ignored during import.

SBOM file

SBOM file import supports the following JSON formats:

Compliance Air gap

It is also possible to carry out compliance from assets created in Air gap. To do this, you must first have created the asset, as seen in the previous section.

Next, you will need to use the API. The latter one is available:

  • In PowerShell, in which case, you will need to refer to the documentation for this page
  • In Python, whose documentation is available on this page

Back to top