H
Herman Rarebell
I have created a bat file to run a vulnerability scanner on my network for
the msblast vulnerability and when complete I'd like to parse the outputted
logfile and ping -a -n 1 ip.addr.of.host so I can more readily
identify the hosts in need of patching.
here are some snippits. I cannot get the logfile input to read into and
parse, I'd appreciate some help. Thanks
***********
part of the bat file which takes the output and tries a single ping with -a
on the IP
the format of the log file is indicated and here are a few lines to see it.
192.168.1.41 [....] [VULN] 0.0
192.168.1.18 [ptch] [ptch] 5.6
192.168.1.19 [ptch] [ptch] 5.6
192.168.1.16 [ptch] [ptch] 5.6
192.168.1.17 [ptch] [ptch] 5.6
192.168.1.88 [VULN] [VULN] 5.6
so it goes like this
%1 = IP address
%2 indicates one vulnerability
%3 indicates another
%4 indicates a version of some component
I only care about %1 (ipaddress) the rest is irrelevant at this time
The first part of the bat simply calls out the vulnerability scanner and
give it parms of what IP ranges to scan and where to dump the logfile
(scanms.log) that works fine as I have a nice log file.
The second part (Below) should then parse that logfile and ping each ip
address and produce a name for the ip addresses that I can then cross
reference. It'd be real nice if it would append the name at the end of each
line or insert it at the beginning but that is not necessary.
*************
rem take scanms.exe output and perform ping -a 1x on the returning IP so you
can get name of each system.
rem format of scanms logfile is ipaddr [..] [..] version
if %%1 == "" goto exit
echo %1, %2, %3, %4 rem to see if we are getting values (right now we are
not)
for /L %%1 do ping -a -n 2 %%1 >c:\scanmsips.log NOTE: if it dumps to a
seperate log that's ok as indicated above ideally it appends the original
line with this result.
:exit
rem exit
Once again thanks a ton.
the msblast vulnerability and when complete I'd like to parse the outputted
logfile and ping -a -n 1 ip.addr.of.host so I can more readily
identify the hosts in need of patching.
here are some snippits. I cannot get the logfile input to read into and
parse, I'd appreciate some help. Thanks
***********
part of the bat file which takes the output and tries a single ping with -a
on the IP
the format of the log file is indicated and here are a few lines to see it.
192.168.1.41 [....] [VULN] 0.0
192.168.1.18 [ptch] [ptch] 5.6
192.168.1.19 [ptch] [ptch] 5.6
192.168.1.16 [ptch] [ptch] 5.6
192.168.1.17 [ptch] [ptch] 5.6
192.168.1.88 [VULN] [VULN] 5.6
so it goes like this
%1 = IP address
%2 indicates one vulnerability
%3 indicates another
%4 indicates a version of some component
I only care about %1 (ipaddress) the rest is irrelevant at this time
The first part of the bat simply calls out the vulnerability scanner and
give it parms of what IP ranges to scan and where to dump the logfile
(scanms.log) that works fine as I have a nice log file.
The second part (Below) should then parse that logfile and ping each ip
address and produce a name for the ip addresses that I can then cross
reference. It'd be real nice if it would append the name at the end of each
line or insert it at the beginning but that is not necessary.
*************
rem take scanms.exe output and perform ping -a 1x on the returning IP so you
can get name of each system.
rem format of scanms logfile is ipaddr [..] [..] version
if %%1 == "" goto exit
echo %1, %2, %3, %4 rem to see if we are getting values (right now we are
not)
for /L %%1 do ping -a -n 2 %%1 >c:\scanmsips.log NOTE: if it dumps to a
seperate log that's ok as indicated above ideally it appends the original
line with this result.
:exit
rem exit
Once again thanks a ton.