Create Checks in cnspec Shell

cnspec provides an interactive shell in which you can explore. It helps you understand the checks that cnspec policies use, and write your own as well. It’s also a great way to interact with both local and remote targets on the fly.

Run the shell:

cnspec shell local

The shell provides a help command to get information on the resources that power cnspec. Running help without any arguments lists all of the available MQL resources and their fields. You can also run help RESOURCE to get more information on a specific resource. For RESOURCE, substitute the name of the resource you want to learn about. For example, this command:

cnspec> help ports

Returns this help:

ports:              TCP/IP ports on the system
  list []port:      TCP/IP ports on the system
  listening []port: All listening ports

The shell features auto-complete, which makes it easy to explore.

Once inside the shell, you can enter MQL checks like this:

ports.listening.none( port == 23 )

To clear the terminal, type clear.

To exit cnspec shell, press CTRL + D or type exit.

Learn more

To explore cnspec commands, read the CLI Reference.
To explore MQL resources, read the MQL Reference.
To learn about scanning systems using policies, read Get Started.

Learn more​​

Learn more