python3 xnp.py -d ./ -M -R --open -C all
sed -re 's/\{\"Hostname\"/\{ \"event\" : \{\"Hostname\"/g' -re 's/$/}/g' merged_nmap_scan_data.json -ibak
curl -k https://XXXXXXXXXXXXXXX.splunkcloud.com/services/collector/event -H 'Authorization: Splunk 6aXXXXXXXXXXXXccd1fb' -d @merged_nmap_scan_data.json
index=http_hec earliest=-120d@d "Scripts{}"="*http-title*"
```|rex field=MsgId "(.*\.(?<MsgId>(.*\..*)))"```
|rex field="Scripts{}" "(.*http-title, output=(?<string1>(.*)))"
|stats count by string1
|sort -count
I saw this project and it would be nice to include ALL the output so I can search for it in Splunk.. as of now I create a fingerprint for each host so I can easily tell how many 'different' devices we have within the org. It would be simple for you to add the hash stuff but prob hard to get all the output from all the NSE plugins? I tried quickly to do it with python XML to JSON but it didn't look right.
This is what my fingerprint data looks like in Splunk today we have over 2K 'different' devices :P