-
Notifications
You must be signed in to change notification settings - Fork 26
"tgroup" command
Target groups are an additional way to scan a group of assets. However, it is challenging to scan assets automatically when they are extremely dynamic or short lived. For instance, what if you wanted to automate a non-credentialed scan on the external interface and an authenticated scan on the internal interface of a cloud asset? With navi you can specify external(-pub) or internal (-priv) if your asset has two interfaces that were discovered.
- --name TEXT --> Create Target Group with the following Name
- --ip TEXT --> Create Target Group by Ip(s) or subnet(s) separated by coma
- -aws Turn AWS assets found by the connector into a Target Group
- -gcp Turn GCP assets found by the connector into a Target Group
- -azure Turn Azure assets found by the connector into a Target Group
- --days TEXT --> Set the number of days(30 default) for the IPs found by the connector. Requires: aws, gcp, or azure
- -priv Set the IP(s) to be used as Private - use only with aws, azure, or gcp
- -pub Set the IP to be used as Public - use only with aws, azure, or gcp
- -migrate Migrate Target Groups to Tags
Create a Target group by a Group of IP addresses or subnets
navi tgroup --name "By IP" --ip "192.168.128.0/24, 192.168.56.1"
Create a target group based on AWS Assets found by the connector in the last 7 days
navi tgroup --name "AWS Assets Found in 7 days" -aws --days 7
Create a Target group based on AWS assets private IPs
navi tgroup --name "AWS Assets Private IPs" -aws -priv
Create a Target group based on AWS assets Public IPs
navi tgroup --name "AWS Assets Public IPs" -aws -pub
Migrate all of your Target Groups into Tags with the following format "target group type":"target group name"
navi tgroup -migrate