Tools for conducting analysis of CVE data in Elasticsearch
Download Elasticsearch and Kibana from elastic.co
Start them (basically ./bin/elasticsearch and ./bin/kibana from the respective directories).
Run get-nvd-json.sh to download the CVE data from NVD
Run json-parse.py nvd-out.json to import the CVE data into Elasticsearch
You rerun the above commands to update your data whenever needed.
The script honors two environment variables ESURL which should be your Elasticsearch URL. For example
export ESURL='https://username:password@somehost:9200'
And the ESCERT which you should point at the ca.crt generated by Elasticsearch if TLS is enabled (which it is in 8.0 and above)
export ESCERT=/some/path/certs/ca/ca.crt