vulnerability-detection

This section covers the configuration for the Vulnerability detection module.

Options

Options

Allowed values

enabled

yes, no

feed-update-interval

Positive number + Time unit suffix

index-status

yes, no

offline-url

file://</ABSOLUTE_PATH_TO/OFFLINE_CONTENT>, http[s]://<CONTENT_URL>

enabled

Enables the vulnerability detection module.

Default

yes

Allowed values

yes, no

feed-update-interval

Time interval for periodic feed updates.

Default

60m

Allowed values

A positive number containing a time unit suffix character. For example 2h for 2 hours

index-status

Enables indexing of vulnerability inventory data.

Default

yes

Allowed values

yes, no

offline-url

New in version 4.8.0.

File path or URL for offline content access.

Default

Empty

Allowed values

file://</ABSOLUTE_PATH_TO/OFFLINE_CONTENT>, http[s]://<CONTENT_URL>

Where:

  • file://</ABSOLUTE_PATH_TO/OFFLINE_CONTENT>: File path pointing to offline content. For example, file:///path/to/the/cves.file.zip

  • http[s]://<CONTENT_URL>: URL starting with either http:// or https://, pointing to local network content or online content accessible via the internet.

interval

Deprecated since version 4.8.0.

run_on_start

Deprecated since version 4.8.0.

retry_interval

Deprecated since version 4.8.0.

provider

Deprecated since version 4.8.0.

Example of configuration

<vulnerability-detection>
   <enabled>yes</enabled>
   <index-status>yes</index-status>
   <feed-update-interval>60m</feed-update-interval>
   <offline-url>file:///path/to/the/cves.file.zip</offline-url> <!-- Optional -->
</vulnerability-detection>

Note

Supported compression formats include zip, xz, and gzip. The module also accepts raw JSON content in plain text files.