NAME

csaf-rolie - Build ROLIE (Resource-Oriented Lightweight Information Exchange) feed

SYNOPSIS

    csaf-rolie --csaf DIRECTORY [--tlp-label STRING|--feed-id STRING|--feed-title STRING|--base-url URL|--output PATH]
    csaf-rolie [--help|--man|-v]

    Options:
      -c, --conf PATH     YAML config path
      -d, --csaf DIR      CSAF documents directory
          --output PATH   Feed output file path (default {csaf}/{feed-id}.json)
          --tlp-label     TLP (Traffic Light Protocol) label (default "WHITE")
          --base-url      Feed base URL (default "https://psirt.domain.tld/advisories/csaf")
          --feed-id       Feed ID (default "csaf-feed-tlp-{tlp-label}")
          --feed-title    Feed title (default "CSAF feed (TLP:{tlp-label})")
          --stdout        Write ROLIE feed in STDOUT
          --verbose       Print verbose messages
          --test          Test the configuration and exit
          --help          Brief help message
          --man           Full documentation
      -v, --version       Print version

DESCRIPTION

csaf-rolie build a ROLIE (Resource-Oriented Lightweight Information Exchange) feed using the CSAF documents.

https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html

The Resource Oriented Lightweight Information Exchange (ROLIE) is standard (RFC-8322) for exchanging security automation information between two machines, or between a machine and a human operator.

https://tools.ietf.org/html/rfc8322

EXAMPLES

Create a new ROLIE feed

    $ csaf-rolie --csaf /var/www/html/advisories/csaf \
                 --base-url https://security.acme.tld/advisories/csaf \
                 --feed-title "ACME CSAF feed (TLP:WHITE)" \
                 --verbose

    CSAF directory : /var/www/html/advisories/csaf
    TLP label      : WHITE
    Base URL       : https://security.acme.tld/advisories/csaf
    Feed ID        : csaf-feed-tlp-white
    Feed title     : CSAF feed (TLP:WHITE)
    Feed filename  : csaf-feed-tlp-white.json
    Output file    : /var/www/html/advisories/csaf/csaf-feed-tlp-white.json

    [*] Add ACMESA-2024:0001 in ROLIE feed
    [*] Add ACMESA-2024:1337 in ROLIE feed

    [...]

    ROLIE feed saved in /var/www/html/advisories/csaf/csaf-feed-tlp-white.json

Create a new ROLIE feed using a config file

Available config items:

csaf CSAF documents directory
output Feed output file path (default {csaf}/{feed-id}.json)
tlp-label TLP (Traffic Light Protocol) label (default "WHITE")
base-url Feed base URL (default "https://psirt.domain.tld/advisories/csaf")
feed-id Feed ID (default "csaf-feed-tlp-{tlp-label}")
feed-title Feed title (default "CSAF feed (TLP:{tlp-label})")

ROLIE config file (rolie.conf):

    ---
    csaf: /var/www/html/advisories/csaf
    base_url: https://security.acme.tld/advisories/csaf
    tlp_label: WHITE
    feed_id: acme-csaf-feed-tlp-white
    feed_title: ACME CSAF feed (TLP:WHITE)

Use rolie.conf with csaf-rolie command:

    $ csaf-rolie --config /etc/csaf/rolie.conf

Schedule the refresh of ROLIE feed in crontab:

    */2 * * * * csaf-rolie --config /etc/csaf/rolie.conf 2> /dev/null

AUTHOR

Giuseppe Di Terlizzi

COPYRIGHT AND LICENSE

You may use and distribute this module according to the same terms that Perl is distributed under.

To install CSAF, copy and paste the appropriate command in to your terminal.

cpanm

cpanm CSAF

CPAN shell

perl -MCPAN -e shell
install CSAF

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)