Mondoo 8.12 is out!

May 30, 2023 · 3 min read

Tim Smith

Mondoo Core Team

🥳 Mondoo 8.12 is out! This release includes new OPC UA scanning, improved MQL helpers, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES

Open Platform Communications Unified Architecture (OPC UA) support

Mondoo now allows you to scan multiple PLC IoT devices simultaneously by connecting to an OPC UA server and scanning PLC remotely. A new opcua provider in cnspec and cnquery allows you to remotely connect to these servers with querying provided with a new opcua query pack.

# gather all available namespaces
opcua.namespaces { * }
opcua.namespaces: [
  0: {
    id: 0
    name: "http://opcfoundation.org/UA/"
  }
  1: {
    id: 1
    name: "urn:open62541.server.application"
  }
]

# gather root node
cnquery> opcua.root
opcua.root: opcua.node id="i=84" name="Root"


# gather all nodes
cnquery> opcua.nodes { name namespace.name }

# gather node with a specific id
cnquery> opcua.nodes.where (id == "i=2253")
opcua.nodes.where: [
  0: opcua.node id="i=2253" name="Server"
]

# gather details about the server
cnquery> opcua.server { * }
opcua.server: {
  buildInfo: {
    BuildDate: "2023-05-21T21:03:43.817369Z"
    BuildNumber: "May 20 2023 15:51:32"
    ManufacturerName: "open62541"
    ProductName: "open62541 OPC UA Server"
    ProductURI: "http://open62541.org"
    SoftwareVersion: "1.3.5-994-g5d73f0cc5"
  }
  node: opcua.node id="i=2253" name="Server"
  currentTime: 2023-05-22 08:28:30.625932 +0000 UTC
  state: "ServerStateRunning"
  startTime: 2023-05-21 21:03:43.834304 +0000 UTC
}

🧹 IMPROVEMENTS

Improved `.first()` and `.last()` MQL helpers

The .first() and .last() MQL helpers now support dict data structures such as JSON data and also include improved handling of null array/dicts.

Finding first and last values in JSON data:

cnquery> parse.json("dummy.json").params["string-array"].first
parse.json.params[string-array].first: "a"
cnquery> parse.json("dummy.json").params["string-array"].last
parse.json.params[string-array].last: "c"
cnquery> parse.json("dummy.json").params["string-array"].where("non-exist").first
parse.json.params[string-array].where.first: null
cnquery> parse.json("dummy.json").params["string-array"].where("non-exist").last
parse.json.params[string-array].where.last: null

cnquery> parse.json("dummy.json").params.first
parse.json.params.first: 1.000000
cnquery> parse.json("dummy.json").params.last
parse.json.params.last: true
cnquery> parse.json("dummy.json").params.where("non-exist").first
parse.json.params.where.first: null
cnquery> parse.json("dummy.json").params.where("non-exist").last
parse.json.params.where.last: null

Expanded date format support in `parse.date()` MQL helper

It is now possible to parse many different date formats automatically with the parse.date MQL helper:

# RFC 3339
parse.date("2006-01-02T15:04:05Z")

# Simple Date + Time
parse.date("2006-01-02 15:04:05")

# Date only
parse.date("2006-01-02")

# Time only, parses as a duration
parse.date("15:04:05")

# RFC 1123
parse.date("Mon, 02 Jan 2006 15:04:05 MST")

# ANSI C
parse.date("Mon Jan 2 15:04:05 2006")

# RFC 822
parse.date("02 Jan 06 15:04 MST")

# RFC 850
parse.date("Monday, 02-Jan-06 15:04:05 MST")

# Kitchen time
parse.date("3:04PM")

# Handy timestamp
parse.date("Jan 2 15:04:05")

You can also parse RFC1123 and RFC822 format dates with time zones:

# RFC 1123 with numeric time zone
parse.date('Mon, 02 Jan 2006 15:04:05 -0700')

# RFC 822 with numeric time zone
parse.date('02 Jan 06 15:04 -0700')

Expanded status information for integrations

Integrations now show a history of all integration jobs so you can see when jobs started, completed, and any errors that occurred.

Integration Status

🐛 BUG FIXES AND UPDATES

Improve the reliability of the dns resource with large numbers of TXT records. Thanks for this fix @mariuskimmina!
Fix a panic when calling domainName if no name can be found. Thanks for this fix @mariuskimmina!
Fallback to os.hostname if os.name cannot be discovered. Thanks for this fix @mariuskimmina!
Reduce load time and cluster load when scanning Kubernetes clusters.
Fix failures reading Kubernetes manifests from stdin when resources lack a UID.
Add missing checks for /etc/password, /etc/group, and /etc/shadow to CIS Google Container-Optimized OS Benchmark policy.
Fix the Privacy Policy and Terms & Conditions acceptance buttons in the Organization Settings page not loading correctly.
Add the upcoming FreeBSD 14 release date.
Update SELinux checks in BSI Linux policy to support Amazon Linux, SLES, and openSUSE platforms.
Update several console pages to use the checks term instead of the legacy controls term.

🥳 Mondoo 8.12 is out! This release includes new OPC UA scanning, improved MQL helpers, and more!​

🎉 NEW FEATURES​

Open Platform Communications Unified Architecture (OPC UA) support​

🧹 IMPROVEMENTS​

Improved .first() and .last() MQL helpers​

Expanded date format support in parse.date() MQL helper​

Expanded status information for integrations​

🐛 BUG FIXES AND UPDATES​