2021-12-17: initial release 2021-12-18: intgrated with cmk bakery 2021-12-19: added WATO options scan_logback, log4j_1, no_symlink, scan_zip 2021-12-20: added "HOW TO" section, changed file names to match destionation the operating system made the plugin more stable on missing scanner output added bakery options exclude_path and exclude_fs added run time to the perfometer 2021-12-21: changed scanner to version 2.5.3 added wato bakery option for syslog-udp and syslog-level added wato check plugin option for items to show on info line updated "If it doesn't work" section fixed windows powershell script missing $MK_CONFDIR variable (THX to Rene@frorum.checkmk) fixed windows powershell script missing OPTION handling (THX to Rene@frorum.checkmk) 2021-12-22: added sample desriptive config files for Linux/Windows to the package fixed unexpected values (None, ) for files_vulnerable added bakery options for file reporting, backup on fix files and debug added multiple search paths to Windows agent changed search path on Linux to multiple serach paths --> incompatible you need to reconfigure bakery rules 2021-12-23: fixed exit code other than 0 in the linux/powershell scripts (THX to cmasopust[at]greentube[dot]com) changed scanner to version 2.6.1 (fixes: Can not use --report-dir together with --report-json issue #203) reworked options handling in bakery plugin reworked structure for windows all-drives/drives/search path in wato plugin --> --> incompatible you need to reconfigure bakery rules windows agent plugin: execute scanner as cmd job to pass path/file names with spaces (THX to andreas-doehler@forum.checkmk) windows agent plugin: init powershell console (buffer/window size/encoding) (THX to andreas-doehler@forum.checkmk) 2021-12-24: linux agent plugin: changed to pass the options as arry to the scanner 2021-12-27: changed scanner to version 2.6.3 added files_skipped and errors, files/directories scanned lower levels 2021-12-29: changed scanner to version 2.6.5 (detects also CVE-2021-44832 RCE vulnerability for log4j 2.17.0, 2.12.3, 2.3.1) added step by step walk through for the enterprise/free edition of CMK to the HOWTO 2021-12-30: added bulk config for search path end exclude path 2022-01-02: changed scanner to version 2.7.1 added options for syslog facility, rfc5424 syslog message format, append reporting to file added option exclude files (bulk) NOTE: reconfiguration of backery rules necessary after updating the plugin 2022-01-03: CHECK made parse function more robust (files_potential_vulnerable = int(line[1]) if line[1].isdigit() else None) 2022-01-04: BAKERY added BAKERY_VERSION to the config file (for debugging) BAKERY added PLUGIN_TIMEOUT to the linux config (fix scanner got not killed on timeout by the agent) LINUX fixed scanner got not killed on timeout by the agent 2022-01-05: BAKERY added PLUGIN_TIMEOUT to the windows config (to match the linux variant) WINDOWS changed reading variables from file WINDOWS added timeout handling to match linux script version WATO changed display names to "CVE scanner for log4j (CVE-2021-44228-log4j)" 2022-01-06: WATO made "Silent output" enabled by default 2022-01-07: CHECK changed output of values to make it "sortable" CHECK added warn on missing agent output (see WATO) CHECK fixed run_time missing on service info (THX to doc[at]snowheaven[dot]de) INVENTOR added inventory plugin and view for reporting/sorting/filering etc. 2022-01-11: fixed missing newline on plugin section header output in Linux script added option to add json report to inventory 2022-01-12: CHECK: modified logpresso report time format to ISO861 2022-01-14: INVENTORY: added params to inventory sections BACKERY: reorganised append to log (--csv-log-path/--json-log-path) and add report to inventory options (-report-path) WATO: moved append to log outside of enable reporting WATO: removed reporting to file AGENT: join output of json report into one line for json.loads CHECK: added params to inventory sections WATO: added options for per CVE check WATO: changed display name (again) from 'CVE scanner for log4j (CVE-2021-44228-log4j)' to 'log4j CVE scanner (CVE-2021-44228-log4j)' WATO: enabled 'attach_report_to_output' in "reporting" by default for new rules 2022-01-17: CHECK: added check plugin with CVE id as item 2022-01-18: extended inventory report for additional log4j CVEs removed status_data inventory 2022-01-21: reworked report inventory plugin and per cve check 2022-01-22: Inventory view: added entry's for 'CVE-2021-42550' and 'CVE-2021-4104' 2022-01-25: BAKERY: added option --exclude-pattern WATO: added option --exclude-pattern METRICS: added metrics/graph/perfometer for files_affected