Adds 'json-asff' and 'securityhub' output modes

json-asff mode outputs JSON, similar to the standard 'json' mode with one check per line, but in AWS Security Finding Format - used by AWS Security Hub Currently uses a generic Type, Resources and ProductArn value, but sets the Id to a unique value that includes the details of the message, in order to separate out checks that run against multiple resources and output one result per resource per check. This ensures that findings can be updated, should the resource move in or out of compliance securityhub mode generates the ASFF JSON and then passes it to an 'aws securityhub batch-import-findings' call, once per resource per check. Output to the screen is similar to the standard mode, but prints whether or not the finding was submitted successfully Fixes #524
2026-02-10 23:05:05 +00:00 · 2020-04-07 16:08:07 +01:00
parent b5e1c9002a
commit 92e1f17a80
5 changed files with 127 additions and 101 deletions
--- a/include/colors
+++ b/include/colors
@@ -11,15 +11,15 @@
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.

-if [[ $MODE != "mono" && $MODE != "text" && $MODE != "csv" && $MODE != "json" ]]; then
+if [[ "$MODE" != "mono" && "$MODE" != "text" && "$MODE" != "csv" && "$MODE" != "json" && "$MODE" != "json-asff" && "$MODE" != "securityhub" ]]; then
  echo ""
-  echo "$OPTRED ERROR!$OPTNORMAL Invalid output mode.  Choose text, mono, or csv."
+  echo "$OPTRED ERROR!$OPTNORMAL Invalid output mode.  Choose text, mono, csv, json, json-asff or securityhub."
  usage
  EXITCODE=1
  exit $EXITCODE
 fi

-if [[ "$MODE" == "mono" || "$MODE" == "csv" || "$MODE" == "json" ]]; then
+if [[ "$MODE" == "mono" || "$MODE" == "csv" || "$MODE" == "json" || "$MODE" == "json-asff" ]]; then
  MONOCHROME=1
 fi