Running lacework cli command to scan package manifests is creating empty output file about go-sdk HOT 7 CLOSED

Does the cli, when there are no vulnerabilities not output empty json or anything to that affect?

from go-sdk.

Actually it looks like this may work lacework vulnerability host scan-pkg-manifest --local --debug --noninteractive 2>&1 | sudo tee /tmp/lacework-vulnerability.json

You may need to update your documentation here https://www.lacework.com/blog/running-with-packer/

from go-sdk.

@lorelei-rupp-imprivata Thank you so much for your feedback! 🎉 - Let me look at the blog post and
come back to you. 🙌🏽

from go-sdk.

Yeah, at least suggest things to look at if you are using packer etc.. because I spent a lot of time trying to figure out why I had an empty file

from go-sdk.

@afiune so interestingly when I drop the --debug flag, I get back to an empty file. At the end of the debug output too it says {\"eval_algo\":\"1001\"}},{\"OS_PKG_INFO\":{\"namespace\":\"amzn:2\",\"os\":\"amzn\",\"os_ver\":\"2\",\"pkg\":\"awscli\",\"pkg_ver\":\"0:1.18.147-1.amzn2.0.1\",\"version_format\":\"rpm\"},\"VULN_ID\":null,\"SEVERITY\":null,\"FEATURE_KEY\":null,\"CVE_PROPS\":null,\"FIX_INFO\":null,\"SUMMARY\":{\"eval_created_time\":\"Mon, 26 Jul 2021 08:29:33 -0700\",\"eval_status\":\"NO_MATCH\",\"num_fixable_vuln\":0,\"num_fixable_vuln_by_severity\":{\"1\":0,\"2\":0,\"3\":0,\"4\":0,\"5\":0},\"num_total\":0,\"num_vuln\":0,\"num_vuln_by_severity\":{\"1\":0,\"2\":0,\"3\":0,\"4\":0,\"5\":0}},\"PROPS\":{\"eval_algo\":\"1001\"}}],\"ok\":true,\"message\":\"SUCCESS\"}"} amazon-ebs.eks-node-build: {"level":"debug","ts":"2021-07-26T15:29:39Z","caller":"cmd/cli_state.go:294","msg":"skipping spinner","noninteractive":true,"action":"stop_progress"}
so while debug listed many CVE print outs dropping debug appears there are no issues? I am very confused

from go-sdk.

@lorelei-rupp-imprivata If I understand correctly, when you run the scan-pkg-manifest command it is returning:

There are no vulnerabilities found! Time for 🍕

This is correct and indicates that your packer image doesn't have any vulnerability, though, I see your point where,
if you pass the --json flag you would expect a valid JSON response, and I think that right now it is just an empty
file.

To further troubleshoot I will need the package-manifest your are sending to Lacework, you can generate it with
the command:

lacework vuln host generate-pkg-manifest

Could you please send it to me via Email at [email protected]?

NOTE: Run that command from within the package image 👆🏽

from go-sdk.

When I run the cli manually on the box myself I see the There are no vulnerabilities found! Time for 🍕
When it runs with packer without the --json, it returns Empty File, with --json Empty File. I do not see this no vulnerabilities message when running in the packer build.

Will generate and send, Thanks! I am just confused if I am suppose to see an empty file or if I should see this message when there are no issues

from go-sdk.