Skip to main content

Mondoo 8.12 is out!

ยท 3 min read
Mondoo Core Team

๐Ÿฅณ Mondoo 8.12 is out! This release includes new OPC UA scanning, improved MQL helpers, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container


Open Platform Communications Unified Architecture (OPC UA) supportโ€‹

Mondoo now allows you to scan multiple PLC IoT devices simultaneously by connecting to an OPC UA server and scanning PLC remotely. A new opcua provider in cnspec and cnquery allows you to remotely connect to these servers with querying provided with a new opcua query pack.

# gather all available namespaces
opcua.namespaces { * }
opcua.namespaces: [
0: {
id: 0
name: ""
1: {
id: 1
name: "urn:open62541.server.application"

# gather root node
cnquery> opcua.root
opcua.root: opcua.node id="i=84" name="Root"

# gather all nodes
cnquery> opcua.nodes { name }

# gather node with a specific id
cnquery> opcua.nodes.where (id == "i=2253")
opcua.nodes.where: [
0: opcua.node id="i=2253" name="Server"

# gather details about the server
cnquery> opcua.server { * }
opcua.server: {
buildInfo: {
BuildDate: "2023-05-21T21:03:43.817369Z"
BuildNumber: "May 20 2023 15:51:32"
ManufacturerName: "open62541"
ProductName: "open62541 OPC UA Server"
ProductURI: ""
SoftwareVersion: "1.3.5-994-g5d73f0cc5"
node: opcua.node id="i=2253" name="Server"
currentTime: 2023-05-22 08:28:30.625932 +0000 UTC
state: "ServerStateRunning"
startTime: 2023-05-21 21:03:43.834304 +0000 UTC


Improved .first() and .last() MQL helpersโ€‹

The .first() and .last() MQL helpers now support dict data structures such as JSON data and also include improved handling of null array/dicts.

Finding first and last values in JSON data:

cnquery> parse.json("dummy.json").params["string-array"].first
parse.json.params[string-array].first: "a"
cnquery> parse.json("dummy.json").params["string-array"].last
parse.json.params[string-array].last: "c"
cnquery> parse.json("dummy.json").params["string-array"].where("non-exist").first
parse.json.params[string-array].where.first: null
cnquery> parse.json("dummy.json").params["string-array"].where("non-exist").last
parse.json.params[string-array].where.last: null

cnquery> parse.json("dummy.json").params.first
parse.json.params.first: 1.000000
cnquery> parse.json("dummy.json").params.last
parse.json.params.last: true
cnquery> parse.json("dummy.json").params.where("non-exist").first
parse.json.params.where.first: null
cnquery> parse.json("dummy.json").params.where("non-exist").last
parse.json.params.where.last: null

Expanded date format support in MQL helperโ€‹

It is now possible to parse many different date formats automatically with the MQL helper:

# RFC 3339"2006-01-02T15:04:05Z")

# Simple Date + Time"2006-01-02 15:04:05")

# Date only"2006-01-02")

# Time only, parses as a duration"15:04:05")

# RFC 1123"Mon, 02 Jan 2006 15:04:05 MST")

# ANSI C"Mon Jan 2 15:04:05 2006")

# RFC 822"02 Jan 06 15:04 MST")

# RFC 850"Monday, 02-Jan-06 15:04:05 MST")

# Kitchen time"3:04PM")

# Handy timestamp"Jan 2 15:04:05")

You can also parse RFC1123 and RFC822 format dates with time zones:

# RFC 1123 with numeric time zone'Mon, 02 Jan 2006 15:04:05 -0700')

# RFC 822 with numeric time zone'02 Jan 06 15:04 -0700')

Expanded status information for integrationsโ€‹

Integrations now show a history of all integration jobs so you can see when jobs started, completed, and any errors that occurred.

Integration Status


  • Improve the reliability of the dns resource with large numbers of TXT records. Thanks for this fix @mariuskimmina!
  • Fix a panic when calling domainName if no name can be found. Thanks for this fix @mariuskimmina!
  • Fallback to os.hostname if cannot be discovered. Thanks for this fix @mariuskimmina!
  • Reduce load time and cluster load when scanning Kubernetes clusters.
  • Fix failures reading Kubernetes manifests from stdin when resources lack a UID.
  • Add missing checks for /etc/password, /etc/group, and /etc/shadow to CIS Google Container-Optimized OS Benchmark policy.
  • Fix the Privacy Policy and Terms & Conditions acceptance buttons in the Organization Settings page not loading correctly.
  • Add the upcoming FreeBSD 14 release date.
  • Update SELinux checks in BSI Linux policy to support Amazon Linux, SLES, and openSUSE platforms.
  • Update several console pages to use the checks term instead of the legacy controls term.