In an effort to make API access to Nexpose easier, some efforts are underway to make the Nexpose Gem easier to use. For those unfamiliar with the gem, it is a Ruby library that allows for easier scripting against a Nexpose security console.

Changes to Site

Making changes to a site configuration through the gem used to be a little complex. The attributes on the configuration were locked down from editing, and sometimes buried deep in structures that mirrored the XML calls closely, but not user workflows.

Here is an example of changing the scan engine on an existing site:

nsc = Nexpose::Connection.new('host', 'user', 'password')
nsc.login
site  = Nexpose::Site.load(nsc, 142)
site.engine = 5
site.save(nsc)

This can be easily scripted against a larger set of sites. For example, if you recently added a couple scan engines and you want to divide the existing Sites among the engines, a few more lines of Ruby code and you are there.

Changes to Report

The gem was missing functionality around reporting, and in preparation for the recent reporting changes, the gem was modified to fill out those functions.

Here's a walk through of creating a new report:

config = Nexpose::ReportConfig.new("Site Audit", 'full-audit', 'html')
config.add_filter('site', 142)
config.save(nsc)

My Old Scripts?

If you have older scripts, versioning of the gem should allow you to continue using them. Put the following lines at the head of your script to use a specific version of the gem.

#!/usr/bin/env ruby
gem 'nexpose', '=0.0.98'
require 'nexpose'

If you are having trouble updating a script, just ask, and we'll see what we can do to help.