How it works
When run, cve-monitor will:
- Fetch @cvenew stream using Twitter API
- For each new tweet it will
- Extract CVE ID from the tweet
- Retrieve the page from cve.mitre.org to get full description
- Format and send out the email
- Remember the last tweet processed so to request only newer ones on the next run
All activity recorded in a log file and reported the
stdout if running from a terminal.
- PHP 5.6 and up, CLI version.
- Consumer API keys from Twitter. This requires opening a dev account and creating an "app" there. Very easy to do.
Tested on Linux/Debian distro only. Patches for other platforms are welcome.
Setting it up
First, clone this and TwitterOAauth repos.
Next, open cve-monitor.php and adjust the config variables as follows:
RECEPIENTSto the email that will receive CVE updates. You can specify multiple recepients like so:
const RECEPIENTS = [ 'email@example.com', 'firstname.lastname@example.org', 'email@example.com' ];
EMAIL_ALERTto the email address that will get pinged with any problems.
EMAIL_FROMto what should be used for
From:in these emails.
INI_FILEstores just the ID of the last processed tweet. Change its location if needed.
LOG_FILEby default sits in
/var/log/so make sure the script is run under an account that can write there.
TWITTER_OAUTH_PHPshould point at
oauth.phpfrom the TwitterOAuth repo.
TWITTER_API_...should be set to "Consumer API keys" from "Keys and tokens" section of your Twitter app.
- Stick it into your crontab with
php /path/to/cvemon.phpand set it to run every hour.
- Configure rotation for the log file if that's your thing.
If you want just the emails, there's a hosted version of the script that I originally set up for our own needs, but later reworked a bit and opened up to everyone - https://iobureau.com/cve-monitor
Alex Pankratov, https://swapped.ch