Mondoo
Docs
2023

Mondoo 8.12 is out!

ยทBy Tim Smith

Back to releases

๐Ÿฅณ Mondoo 8.12 is out! This release includes new OPC UA scanning, improved MQL helpers, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURES

Open Platform Communications Unified Architecture (OPC UA) support

Mondoo now allows you to scan multiple PLC IoT devices simultaneously by connecting to an OPC UA server and scanning PLC remotely. A new opcua provider in cnspec and cnquery allows you to remotely connect to these servers with querying provided with a new opcua query pack.

Mqlscript
# gather all available namespaces
opcua.namespaces { * }
opcua.namespaces: [
  0: {
    id: 0
    name: "http://opcfoundation.org/UA/"
  }
  1: {
    id: 1
    name: "urn:open62541.server.application"
  }
]


# gather root node
cnquery> opcua.root
opcua.root: opcua.node id="i=84" name="Root"




# gather all nodes
cnquery> opcua.nodes { name namespace.name }


# gather node with a specific id
cnquery> opcua.nodes.where (id == "i=2253")
opcua.nodes.where: [
  0: opcua.node id="i=2253" name="Server"
]


# gather details about the server
cnquery> opcua.server { * }
opcua.server: {
  buildInfo: {
    BuildDate: "2023-05-21T21:03:43.817369Z"
    BuildNumber: "May 20 2023 15:51:32"
    ManufacturerName: "open62541"
    ProductName: "open62541 OPC UA Server"
    ProductURI: "http://open62541.org"
    SoftwareVersion: "1.3.5-994-g5d73f0cc5"
  }
  node: opcua.node id="i=2253" name="Server"
  currentTime: 2023-05-22 08:28:30.625932 +0000 UTC
  state: "ServerStateRunning"
  startTime: 2023-05-21 21:03:43.834304 +0000 UTC
}

๐Ÿงน IMPROVEMENTS

Improved .first() and .last() MQL helpers

The .first() and .last() MQL helpers now support dict data structures such as JSON data and also include improved handling of null array/dicts.

Finding first and last values in JSON data:

Mqlscript
cnquery> parse.json("dummy.json").params["string-array"].first
parse.json.params[string-array].first: "a"
cnquery> parse.json("dummy.json").params["string-array"].last
parse.json.params[string-array].last: "c"
cnquery> parse.json("dummy.json").params["string-array"].where("non-exist").first
parse.json.params[string-array].where.first: null
cnquery> parse.json("dummy.json").params["string-array"].where("non-exist").last
parse.json.params[string-array].where.last: null


cnquery> parse.json("dummy.json").params.first
parse.json.params.first: 1.000000
cnquery> parse.json("dummy.json").params.last
parse.json.params.last: true
cnquery> parse.json("dummy.json").params.where("non-exist").first
parse.json.params.where.first: null
cnquery> parse.json("dummy.json").params.where("non-exist").last
parse.json.params.where.last: null

Expanded date format support in parse.date() MQL helper

It is now possible to parse many different date formats automatically with the parse.date MQL helper:

Mqlscript
# RFC 3339
parse.date("2006-01-02T15:04:05Z")


# Simple Date + Time
parse.date("2006-01-02 15:04:05")


# Date only
parse.date("2006-01-02")


# Time only, parses as a duration
parse.date("15:04:05")


# RFC 1123
parse.date("Mon, 02 Jan 2006 15:04:05 MST")


# ANSI C
parse.date("Mon Jan 2 15:04:05 2006")


# RFC 822
parse.date("02 Jan 06 15:04 MST")


# RFC 850
parse.date("Monday, 02-Jan-06 15:04:05 MST")


# Kitchen time
parse.date("3:04PM")


# Handy timestamp
parse.date("Jan 2 15:04:05")

You can also parse RFC1123 and RFC822 format dates with time zones:

Mqlscript
# RFC 1123 with numeric time zone
parse.date('Mon, 02 Jan 2006 15:04:05 -0700')


# RFC 822 with numeric time zone
parse.date('02 Jan 06 15:04 -0700')

Expanded status information for integrations

Integrations now show a history of all integration jobs so you can see when jobs started, completed, and any errors that occurred.

Integration Status

๐Ÿ› BUG FIXES AND UPDATES

  • Improve the reliability of the dns resource with large numbers of TXT records. Thanks for this fix @mariuskimmina!
  • Fix a panic when calling domainName if no name can be found. Thanks for this fix @mariuskimmina!
  • Fallback to os.hostname if os.name cannot be discovered. Thanks for this fix @mariuskimmina!
  • Reduce load time and cluster load when scanning Kubernetes clusters.
  • Fix failures reading Kubernetes manifests from stdin when resources lack a UID.
  • Add missing checks for /etc/password, /etc/group, and /etc/shadow to CIS Google Container-Optimized OS Benchmark policy.
  • Fix the Privacy Policy and Terms & Conditions acceptance buttons in the Organization Settings page not loading correctly.
  • Add the upcoming FreeBSD 14 release date.
  • Update SELinux checks in BSI Linux policy to support Amazon Linux, SLES, and openSUSE platforms.
  • Update several console pages to use the checks term instead of the legacy controls term.

Mondoo 8.13 is out!

Previous Page

Mondoo 8.11 is out!

Next Page

On this page

๐Ÿฅณ Mondoo 8.12 is out! This release includes new OPC UA scanning, improved MQL helpers, and more!๐ŸŽ‰ NEW FEATURESOpen Platform Communications Unified Architecture (OPC UA) support๐Ÿงน IMPROVEMENTSImproved .first() and .last() MQL helpersExpanded date format support in parse.date() MQL helperExpanded status information for integrations๐Ÿ› BUG FIXES AND UPDATES