Content-type: text/html Man page of OUTPUTPBNJ.MAN.1

OUTPUTPBNJ.MAN.1

Section: User Contributed Perl Documentation (1)
Updated: 2006-08-15
Index Return to Main Contents
 

NAME

 OutputPBNJ - a program to query a PBNJ 2.0 database.
 

SYNOPSIS

 outputpbnj [Query Options] [Database Options] [General Options]
 

DESCRIPTION

 OutputPBNJ uses a query yaml config file to execute queries against 
 the PBNJ 2.0 database. OutputPBNJ returns the result in various 
 output types (csv, tab and html).



 Apart of PBNJ 2.0 suite of tools to monitor changes on a network.
 

OPTIONS

 Usage: outputpbnj [Query Options] [Config Options] [General Options]
 Query Options:
   -q  --query <name>     Perform sql query
   -t  --type <type>      Output Type [csv,tab,html]
   -f  --file <file>      Store the result in file otherwise stdout
       --both             Print results and store them in a file
       --dir <dir>        Store the result in this directory [def .]



   -l  --lookup <name>    Lookup description based on name
       --list             List of names and descriptions
   -n  --name             Lookup all the names
   -d  --desc             Lookup all the descriptions
   -s  --sql              Lookup all the sql queries



 Config Options:
        --qconfig <file>  Config of sql queries [def query.yaml]
        --dbconfig <file> Config for accessing database [def config.yaml]        
        --dbdir <dir>     Directory for Config file [def .]



        --data <file>     SQLite Database override [def data.dbl]



 General Options:
       --test <level>     Test Level
       --debug <level>    Verbose information
   -v  --version          Display version
   -h  --help             Display this information



 Send Comments to Joshua D. Abraham ( jabra@ccs.neu.edu )
 

THINGS TO NOTE

 * OutputPBNJ requires root privileges to query a database that is
 owned by root. Thus, if you are scanning with ScanPBNJ you will need
 to run OutputPBNJ with root privileges to access the database.



 * If there are configs in the current directory, they are used
 instead of those in the user's config directory.
 

Query Options

 

-q --query <name> Perform sql query

 This option is where the actual query is specified. Therefore, once
 you know the query you wish to use simply pass it as an argument to
 this option.
 

-t --type <type> Output Type [csv,tab,html]

 This options is used to specify which output format you wish to use.
 For example, if you would like to have output that you can show
 someone else the CSV format is useful because you can simply pull the
 file into OpenOffice Calc or Excel as it is a comma delimited file.
 

-f --file <file>

 This option is used to specifiy output to a file rather than standard
 output. This is useful if you want to grow the results of queries as
 the result will be added onto the end of the file.
 

--both

 This option is used when you want both output to standard output, as
 well as to a file. This will save the result to a file if you are
 having the result sent to the screen or piped to your email which you
 may or may not disregard.
 

--dir <dir> Store the result in this directory [default .]

 This option is used with the writing to a file. This option will
 store the file in a alternative directory than the current directory.
 

-l --lookup <name>

 This options is used to lookup the description of a specific query.
 This will return the description of the query.
 

--list List of names and descriptions

 This option is used to return a list of all the queries with the
 names and descriptions. This is very useful when you are starting to
 use OutputPBNJ or using a new query config.
 

-n --name

 This option is used to print the all the query names.
 

-d --desc

 This option is used to print the all the query descriptions. This is 
 useful to find out all the queries do.
 

-s --sql

 This option is used to print the all the queries. This is useful for 
 developing new queries based on other queries.
 

Config Options

 

--qconfig <file>

 Config of sql queries [default query.yaml]



 This option is used to specify an alternative query.yaml file.
 

--dbconfig <file>

 Config for accessing results database [default config.yaml]



 This option is used to specify an alternative config.yaml file.
 

--dbdir <dir>

 Directory for Config file [default .]



 This option is used to specify an alternative directory for the
 config.yaml file.
 

GENERAL OPTIONS

 

--test <level>

 Increases the Test level, causing OutputPBNJ to print testing
 information about the Query. Using the Test level is mostly only
 using for testing. This will also print the debugging information so
 it can get rather lengthy. The greater the Test level the more output
 will be given.



 This option is also used for reporting bugs. All bug reports should
 be submitted using --test 1 and an additional report may be needed
 depending on the issue
 

--debug <level>

 Increases the Debug level, causing OutputPBNJ to print more
 information about the query in progress. The higher the debug leve
 the more output the user will receive.
 

-v --version

 Prints the OutputPBNJ version number and exits.
 

-h --help Display this information

 Prints a help screen with the command flags.
 Running OutputPBNJ without any arguments does the same thing.
 

FILES

 PBNJ's data files are stored in ScanPBNJ and OutputPBNJ. When either
 of these programs is run the configuration files will be generated
 for the user if they do not already exists and placed in the
 $HOME/.pbnj-2.0 directory. Again, if there is a configuration file in
 the current directory it is used instead of the version in the
 configuration directory.



 $HOME/.pbnj-2.0/config.yaml - holds settings for connecting to the
 database which store the information from PBNJ scans.



 $HOME/.pbnj-2.0/query.yaml - lists all queries that can be used to
 retrieve information from the database. Also, includes the name and
 description for each query. This is only generated when you executed
 OutputPBNJ.



 For Windows, the pbnj-2.0 config directory is in the APPDATA
 directory, which contains both config.yaml and query.yaml. Depending
 on your environment, the APPDATA directory may be a different location
 from other environments. Therefore, when the configs are executed for
 the first time they will display the path where the configs were 
 generated.
 

QUERY

 The query.yaml file contains the list of various names, descriptions
 and sql queries that can be executed by OutputPBNJ.



 Here is one example:



 - name: vulnssh
   desc: list all of the services that have old ssh running
   sql: |-
    select S.updated_on,M.ip,S.service,S.port,S.version from services
    as S, machines as M where service='ssh' and state='up' and
    version!='4.1p1'



 This examples shows how the name description and sql are layed out in
 the yaml format. Therefore, we know the name of the query is vulnssh
 and it's purpose is to list SSH servers which are not running
 a version 4.1p1. It is very easy to create another script that would
 check for the latest version of a given service and therefore the
 user would be able to verify that that particular service needed to
 be updated on the machine that was scanned.
 

FEATURE REQUESTS

 Any feature requests should be reported to the online
 feature-request-tracking system available on the web at: 
 http://sourceforge.net/tracker/?func=add&group_id=149390&atid=774489
 Before requesting a feature, please check to see if the features has
 already been requested.
 

BUG REPORTS

 Any bugs found should be reported to the online bug-tracking system 
 available on the web at :  
 http://sourceforge.net/tracker/?func=add&group_id=149390&atid=774488.  
 Before reporting bugs, please check to see if the bug has already been
 reported.



 When reporting PBNJ bugs, it is important to include a reliable way
 to reproduce the bug, version number of PBNJ (and probably Nmap), OS
 name and version, and any relevant hardware specs. And of course,
 patches to rectify the bug are even better.
 

SUPPORTED DATABASES

 The following databases are supported:



 * SQLite [default]
 * MySQL
 * Postgres
 * CSV
 

DATABASE SCHEMA

 The following is the SQLite version of the database schema:



 CREATE TABLE machines (
            mid INTEGER PRIMARY KEY AUTOINCREMENT,
            ip TEXT,
            host TEXT,
            localh INTEGER,
            os TEXT,
            machine_created TEXT,
            created_on TEXT);
 CREATE TABLE services (
            mid INTEGER,
            service TEXT,
            state TEXT,
            port INTEGER,
            protocol TEXT,
            version TEXT,
            banner TEXT,
            machine_updated TEXT,
            updated_on TEXT);
 

SEE ALSO

 scanpbnj(1), genlist(1), nmap(1)
 

AUTHORS

 Joshua D. Abraham ( jabra@ccs.neu.edu )

 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
THINGS TO NOTE
Query Options
-q --query <name> Perform sql query
-t --type <type> Output Type [csv,tab,html]
-f --file <file>
--both
--dir <dir> Store the result in this directory [default .]
-l --lookup <name>
--list List of names and descriptions
-n --name
-d --desc
-s --sql
Config Options
--qconfig <file>
--dbconfig <file>
--dbdir <dir>
GENERAL OPTIONS
--test <level>
--debug <level>
-v --version
-h --help Display this information
FILES
QUERY
FEATURE REQUESTS
BUG REPORTS
SUPPORTED DATABASES
DATABASE SCHEMA
SEE ALSO
AUTHORS
This document was created by man2html, using the manual pages.
Time: 05:25:39 GMT, August 16, 2006