Metabrik Example: Searching CVE Database

In this Metabrik Example, we will show you how to search entries in the CVE database and how to save it to a CSV file.

Loading required data

First thing to do is to load the required Briks, and ask for help on their usage. Don’t forget you can use so you have completion and you don’t have to type every single caracter.

Meta:~/metabrik> use database::nvd
Meta:~/metabrik> help database::nvd

 

Meta:~/metabrik> run database::nvd update recent
Meta:~/metabrik> run database::nvd load recent

 

Now, you have all XML data from the recent CVE feed loaded into memory. You can start your searches. As another effect, the loading result is saved as XML data into $RUN variable. You can verify that by just typing $RUN at the prompt.

Let’s search the database

Meta:~/metabrik> run database::nvd search_all
Meta:~/metabrik> my $all = $RUN
Meta:~/metabrik> my $a = []
Meta:~/metabrik> for my $e (@$all) {
   push @$a, { cve => $e->{cve_id},
      published => $e->{published_datetime}
   }
}
Meta:~/metabrik> $a
[
  {
    cve => "CVE-2014-9365",
    published => "2014-12-12T06:59:07.063-05:00",
  },
  {
    cve => "CVE-2014-9385",
    published => "2014-12-15T13:59:27.723-05:00",
  },
  {
    cve => "CVE-2014-7268",
    published => "2014-12-19T06:59:04.447-05:00",
  },
[..]

 

How to save the result in CSV format

We have found what we were searching for: the list of recent CVE IDs and their published date and time. Now, let’s save that to a CSV file. But how? Let’s call for help. You can have help by just typing help followed by the name of a Brik. Here, the one we want is file::csv.

Meta:~/metabrik> use file::csv
Meta:~/metabrik> help file::csv

 

Don’t fear the output, default values are usually ok for standard usage. set Commands are used to modify the default behaviour, we won’t touch anything in this example. Try the write Command as follows, and verify file was correctly written:

Meta:~/metabrik> run file::csv write $a /tmp/cve.csv
"cve;published\nCVE-2014-9365;2014-12-12T06:59:07.063-05:00\nCVE-2014-
[..]
Meta:~/metabrik> run shell::command capture cat /tmp/cve.csv
[
  "cve;published",
  "CVE-2014-9365;2014-12-12T06:59:07.063-05:00",
  "CVE-2014-9385;2014-12-15T13:59:27.723-05:00",
  "CVE-2014-7268;2014-12-19T06:59:04.447-05:00",
  "CVE-2014-9372;2014-12-16T13:59:18.890-05:00",
[..]

 

You can download Metabrik from there: Downloads.

The source code for database::nvd Brik can be found here: Database/Nvd.pm.

That’s all for today. Follow @metabrik on twitter.