Python3 bindings and CLI tools for Nexpose API version 3.
A Prometheus exporter for Nexpose scan console metrics.
It is a good idea to create a Nexpose user and role specifically for this, with permissions only to:
- "View Site Asset Data"
- "View Group Asset Data".
A systemd
service file is provided at
etc/systemd/system/nexpose-exporter.service
,
and a sample env file at etc/defaults/nexpose-exporter.env
.
These will be relative to your virtualenv for a virtualenv install,
relative to $HOME/.local
for a pip install --user
install,
and (probably, depending on your OS) relative to /usr/local
for a
root pip install.
Maintenance service for Nexpose scan console. This will remove sites and reports older than 90 days.
It is a good idea to create a Nexpose user and role specifically for this, with permissions only to:
- "Manage Sites"
- "Manage Report Templates".
- "View Group Asset Data"
- "Manage Report Access"
A systemd
service file is provided at
etc/systemd/system/nexpose-janitor.service
,
and a sample env file at etc/defaults/nexpose-janitor.env
.
These will be relative to your virtualenv for a virtualenv install,
relative to $HOME/.local
for a pip install --user
install,
and (probably, depending on your OS) relative to /usr/local
for a
root pip install.
Basic usage:
import nexpose.nexpose as nexpose
login = nexpose.login(
base_url='https://localhost:3780',
user='some_nexpose_user',
password='secure_nexpose_password',
)
nexpose.engines(nlogin=login)
With CLI argument parsing:
import nexpose.nexpose as nexpose
import nexpose.args as nexposeargs
parser = nexposeargs.parser
parser.description = "My nexpose script"
parser.add_argument(
"-f",
"--foo",
help="foo argument",
action="store",
)
args = parser.parse_args()
config = nexpose.config(args)
nexpose.engines(nlogin=config)
print(f"my foo argument was {args.foo}")
nexpose
(https://pypi.org/project/nexpose/ )
is the official python binding for Nexpose API versions 1.1 and 1.2.
nexpose-rest
(https://pypi.org/project/nexpose-rest/) is unofficial.
It is (partially?) auto-generated and more comprehensive than nexpose-py
.