v0.2.0
Release Notes
Introducing the new Lacework CLI v0.2.0
What's new?
Top-level vulnerability command
The new lacework vulnerability command have two new sub-commands:
container: for container vulnerability assessmentshost: for host vulnerability assessments
Container Vulnerability
The new lacework vulnerability container command has the following sub-commands:
list-assessments: list container vulnerability assessments (default last 7 days)show-assessment: show results of a container vulnerability assessmentscan: request an on-demand container vulnerability assessmentscan-status: check the status of an on-demand container vulnerability assessment
Host Vulnerability
The new lacework vulnerability host command has the following sub-commands:
list-cves: list the CVEs found in the hosts in your environmentlist-hosts: list the hosts that contain a specified CVE id in your environmentshow-assessment: show results of a host vulnerability assessmentscan-pkg-manifest: request an on-demand host vulnerability assessment from a package-manifest
Lacework Events
- The new
lacework event open <event_id>allows you to quickly open events in the Lacework Console to do further investigation - The
lacework event show <event_id>also provides a direct link to the event in the Lacework Console - The
lacework events listcommand can now filter by event severity, as well as filter by a specific number of days (max 7 days)
What's deprecated?
The following commands have been deprecated:
lacework vulnerability reportuse nowlacework vulnerability container show-assessmentlacework vulnerability scan runuse nowlacework vulnerability container scanlacework vulnerability scan showuse nowlacework vulnerability container scan-status
These commands will continue to work for a number of releases showing a deprecation message similar to:
$ lacework vulnerability report
(DEPRECATED) This command has been moved, use now the following command:
$ lacework vulnerability container show-assessment <sha256:hash>
Features
- feat(cli): new event open command (#197) (Salim Afiune)(42e0309)
- feat(cli): filter events by severity (Salim Afiune Maya)(2d8fdf4)
- feat(cli): list events from a number of days (Salim Afiune Maya)(0474765)
- feat(cli): allow users to pass only --start flag (Salim Afiune Maya)(547dc1d)
- feat(cli): filter assessments for specific repos (Salim Afiune Maya)(6482d8e)
- feat(cli): --active & --fixable flags to container vuln (Salim Afiune Maya)(9f027b9)
- feat(cli): --active & --fixable flags to host vuln (Salim Afiune Maya)(27f5197)
- feat(cli): add emoji support for windows (Salim Afiune Maya)(0762814)
- feat(cli): add an emoji Go package for 🍺 🍕 🌮 (Salim Afiune Maya)(cafb8d8)
- feat(cli): order vulnerabilities by total of hosts (Salim Afiune Maya)(5cfe695)
- feat(cli): new vulnerability list-assessments command (Salim Afiune Maya)(7e7191a)
Refactor
- refactor(cli): container and host vulnerability cmds (Salim Afiune Maya)(c5c0117)
- refactor: host vulnerability feature (Salim Afiune Maya)(5e9f770)
- refactor: container vulnerability feature (Salim Afiune Maya)(bdaf126)
Performance Improvements
- perf(cli): retry polling on-demand container scan statuses (Salim Afiune Maya)(d14ea35)
Other Changes
- chore(cli): update help messages (Salim Afiune Maya)(f1c164c)
- chore(cli): consistent help message for vuln cmds (Salim Afiune Maya)(f796c58)
- chore(cli): leave breadcrumbs for host vuln cmds (Salim Afiune Maya)(45d8427)
- ci(integration): run full tests on windows (#190) (Salim Afiune)(c5c8cf4)
- test(integration): add host vulnerability tests (Salim Afiune Maya)(a5cb795)
- test(integration): add container vulnerability tests (Salim Afiune Maya)(9b2c49d)
Docker Images
docker pull techallylw/lacework-cli:latestdocker pull techallylw/lacework-cli:scratchdocker pull techallylw/lacework-cli:ubi-8docker pull techallylw/lacework-cli:centos-8docker pull techallylw/lacework-cli:debian-10docker pull techallylw/lacework-cli:ubuntu-1804docker pull techallylw/lacework-cli:amazonlinux-2