Skip to content

Vulners Agent

Vulners Agent is open source agent, which provides vulnerability assessment for linux-based systems. Agent solution perfoms scanning with minimum commands for execution and as a result achieve extremely fast scan. Agent is developed with Python and uses OS environment variables to detect used Python version.

Agent gathers information about operating system, it's version and installed packages. These information is sent to vulners.com API and results can be viewed via audit result

Vulners Audit IP Summary

Agent installation

Configure repository for rhel-based linux:

Create file /etc/yum.repos.d/vulners.repo

For rhel6:

[vulners]
name=Vulners Agent
baseurl=https://repo.vulners.com/redhat/el6/
enabled=1
gpgcheck=1
gpgkey=https://repo.vulners.com/pubkey.txt

For rhel7:

[vulners]
name=Vulners Agent
baseurl=https://repo.vulners.com/redhat/el7/
enabled=1
gpgcheck=1
gpgkey=https://repo.vulners.com/pubkey.txt

Configure repository for debian-based linux:

First add vulners.com pubkey:

wget -O- https://repo.vulners.com/pubkey.txt | apt-key add -

After this create file /etc/apt/sources.list.d/vulners.list

deb http://repo.vulners.com/debian focal main

Install packet:

RHEL

yum install vulners-agent

Debian

apt-get update && apt-get install vulners-agent

Source code (We don't recommend this way)

You could clone source code of package and perform scans using python. According best practices you should use virtual environment * install requirements.txt with pip3 install -r vulners-agent/requirements.txt * configure agent as described below * run python3 vulners-agent/application --app Scanner

Agent configuration

Now you should get api-key for agent registration. Log in to vulners.com and go to userinfo space. Here you should choose "API Key" section. Generate new key with 'scan' scope and copy it. An api-key looks like this: RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK

It's time to write generated key into agent configuration. You can find agent configuration in file /etc/vulners/vulners_agent.conf

Here is example of config file:

[DEFAULT]
api_key = RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK
Use single api key for all your agents.

Agent execution

During first run agent will be automatically registered with configured api_key

To perform your system scan run vulners-agent --app Scanner.

After this you may look at agent status and scanning results at https://vulners.com/audit

Advanced configuration

Using /etc/vulners/vulners_agent.conf you can override part of the identification parameters.

[DEFAULT]
api_key = RGB9YPJG7CFAXP35PMDVYFFJPGZ9ZIRO1VGO9K9269B0K86K6XQQQR32O6007NUK

[Ticker]
ip_address = 10.0.0.1
fqdn = my.host.example.com
mac_address = 00:01:02:03:04:06
Back to top