Package Documentation

Storm Package: synapse-nist-nvd

The following Commands are available from this package. This documentation is generated for version 1.2.1 of the package.

Storm Commands

This package implements the following Storm Commands.

nist.nvd.cve.byid

Ingest a CVE record by CVE id.

This command takes risk:vuln and it:sec:cve nodes as input and queries
the NIST NVD API for the corresponding CVE record.

By default, risk:vuln properties will not be overwritten if they are already set.
To disable this behavior use the --overwrite option.

Examples:

  // Enrich an it:sec:cve node
  it:sec:cve=CVE-2020-0001 | nist.nvd.cve.byid --yield


Usage: nist.nvd.cve.byid [options]

Options:

  --help                      : Display the command usage.
  --debug                     : Show verbose debug output.
  --yield                     : Yield the newly created nodes.
  --overwrite                 : Overwrite props even if they are already set.

nist.nvd.cves.feed

Ingest a feed of CVE records.

This command will automatically store progress of the ingest,
starting first with an offset to load all records and then proceeding
to use the modified date.

It is recommended to create a single cron job to run this command
so that results are contiguous in the view it is running.

Per NIST NVD guidelines the cron job should not be run more than once
every 2 hours.

By default, risk:vuln properties will not be overwritten if they are already set.
To disable this behavior use the --overwrite option.

Examples:

  // Ingest all CVE records
  nist.nvd.cves.feed

  // Create a cron job to ingest new results every day
  cron.add --name nist.nvd.cves.feed --hour 3 { nist.nvd.cves.feed }

  // Reset the stored progress and ingest records from index 0
  nist.nvd.cves.feed --reset-last


Usage: nist.nvd.cves.feed [options]

Options:

  --help                      : Display the command usage.
  --debug                     : Show verbose debug output.
  --yield                     : Yield the newly created nodes.
  --reset-last                : Reset the stored progress offset.
  --overwrite                 : Overwrite props even if they are already set.

nist.nvd.setup.apikey

Manage the NVD API key.

NOTE: If an API key is not set requests will be subject to public rate-limiting

Examples

    // Set a global NVD API key
    nist.nvd.setup.apikey abcd1234

    // Set a NVD API key for the current user
    nist.nvd.setup.apikey --self abcd1234

    // Display the API key scope of the current key
    nist.nvd.setup.apikey --show-scope

    // Display the current API key.
    nist.nvd.setup.apikey --show-apikey

    // Remove the current global API key.
    nist.nvd.setup.apikey --remove

    // Remove the per-user API key for the current user.
    nist.nvd.setup.apikey --self --remove


Usage: nist.nvd.setup.apikey [options] <apikey>

Options:

  --help                      : Display the command usage.
  --self                      : Set or remove the key as a user variable. If not used, the key is set globally.
  --show-scope                : Display the API key scope in use (global vs self).
  --show-apikey               : Display the API key value (requires admin perms or a "self" scope key).
  --remove                    : Remove the configured API key. May be used with --self.

Arguments:

  [apikey]                    : The API key string.

Storm Modules

This package does not export any Storm APIs.