Tools for conducting analysis of CVE data in Elasticsearch
cd into the docker directory. Then run
docker-compose up
This will take a while to run as all the NVD data is downloaded and loaded into Elasticsearch.
You should be able to access Kibana on http://localhost:5601
This also loads a basic dashboard into Kibana
Download Elasticsearch and Kibana from elastic.co You will need version 7 or above
Start them (basically ./bin/elasticsearch and ./bin/kibana from the respective directories).
Run get-cve-json.sh
to download the CVE data from NVD
Run update-es.sh
to import the CVE data into Elasticsearch
You rerun the above commands to update your data whenever needed.
Now navigate your web browser to http://localhost:5601
The script honors two environment variables ESURL which should be your Elasticsearch URL. For example
export ESURL='https://username:password@somehost:9200'
And the ESCERT which you should point at the ca.crt generated by Elasticsearch if TLS is enabled (which it is in 8.0 and above)
export ESCERT=/some/path/certs/ca/ca.crt