This is a local/unmanaged integration that processes discovered hosts from Nmap scans and ingests the findings into JupiterOne (J1).
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.
- Node.js
- J1 Account
- J1 API Key
- Nmap installed locally
Export the following environment variables (or store locally in a .env file):
export J1_ACCESS_TOKEN=<api_key>
export J1_ACCOUNT=<account_id>J1_ACCOUNT should be your JupiterOne accountId, which can be found by
running the query Find Account as a return a.accountId in the JupiterOne web
console.
J1_ACCESS_TOKEN is a JupiterOne API key, which can be created in the
JupiterOne console by going to the gear icon in the top-right, then clicking
Users & Access, then click the key icon and create an API key.
Then run:
-
yarn install -
nmapscan and output to an XML file. For example:nmap -v -sn 192.168.1.0/24 -oX local/nmap-out.xml
-
cat local/{filename}.xml | yarn ts-node ./src/index.ts -
The newly created entities are of class
Hostand can be found through the J1QL queryFind nmap_discovered_host.Here are two example output screenshots from JupiterOne:
An example Nmap output file is included in test/nmap-out.xml. The converted
test/nmap-out.json file is for reference purpose only.