Add nexpose collector.

[alienth]

Looking for an initial review pass on this collector.

Collector is configured as follows:

[[Nexpose]]
Username = "nexposeacct"
Password = "nexposesucks"
Host = "nexposehost.blah.com"
Insecure = false

For each monitored asset, it sends metrics with the vuln count, malware count, risk score, exploit count, and last scan time (represented in seconds since last scan). The asset name is either the detected hostname, or the IP address of the host.

For each site, it sends nexpose.site metrics which are an aggregate of the aforementioned device metrics.

It also sends a nexpose.scan.running metric indicating if a scan is currently running on a site.

Note that not all of the defined functions are used at this time. They'll probably come in handy for other metrics, so I'd like to keep em in. I'll probably end up creating a generic Go package for nexpose and rip a lot of that stuff out of this collector.

👓 @kylebrandt @captncraig

[nickman]

Very cool. Forwarding to my infosec group...
On Oct 20, 2015 19:23, "Jason Harvey" notifications@github.com wrote:

Looking for an initial review pass on this collector.

Collector is configured as follows:

[[Nexpose]]
Username = "nexposeacct"
Password = "nexposesucks"
Host = "nexposehost.blah.com"
Insecure = false

For each monitored asset, it sends metrics with the vuln count, malware
count, risk score, exploit count, and last scan time (represented in
seconds since last scan). The asset name is either the detected hostname,
or the IP address of the host.

For each site, it sends nexpose.site metrics which are an aggregate of
the aforementioned device metrics.

It also sends a nexpose.scan.running metric indicating if a scan is
currently running on a site.

[image: 👓] @kylebrandt https://github.com/kylebrandt

@captncraig https://github.com/captncraig

You can view, comment on, or merge this pull request online at:

#1407
Commit Summary

• Add nexpose collector.

File Changes

• A cmd/scollector/collectors/nexpose.go
  https://github.com/bosun-monitor/bosun/pull/1407/files#diff-0 (405)
• M cmd/scollector/conf/conf.go
  https://github.com/bosun-monitor/bosun/pull/1407/files#diff-1 (8)
• M metadata/metadata.go
  https://github.com/bosun-monitor/bosun/pull/1407/files#diff-2 (154)

Patch Links:

• https://github.com/bosun-monitor/bosun/pull/1407.patch
• https://github.com/bosun-monitor/bosun/pull/1407.diff

—
Reply to this email directly or view it on GitHub
#1407.

[captncraig]

Just noting the irony of even having an insecure option for a vulnerability tool. If insecure is false, you can just use http.DefaultClient.

[captncraig]

For dealing with 2 versions of xml apis and the worst json api I've ever seen, I'd say it looks pretty good.

[alienth]

@captncraig Requested changes made. I've left the fixup commits separate to facilitate easy review. Will squash before merge.

[captncraig]

@alienth I really like how you address individual issues with separate commits. Good call. Merge at will.