🐧
Linux Control Center
EN
EN
  • Introduction - User Manual
  • Requirements
    • Server Requirements
    • Client Requirements
  • Quick Start
  • Setup and Installation
  • Dashboard
  • Discover
    • Linux Control Center Discover
    • BeyondTrust Password Safe
  • Host Actions
    • Get Info
    • Package Check Update
    • Package Update
    • Package Vulnerable Update
    • Package Hold
    • Package Install
    • Package Remove
    • Account Add
    • Account Del
    • Account Expire
    • Account Lock
    • Account UnLock
    • File Add
    • File Del
    • File Download
    • Manage Host Service
    • Host Ping
    • Host Reboot
    • Host Shutdown
    • Insert Group
    • Check Vulnerability
    • Execute Custom Playbook
    • Execute Custom Scripts
    • Tenable Launch Scan
    • Tenable Sync Results
    • Delete Hosts
  • Host Groups
  • Managed Account
    • Create Managed Account
  • Managed Files
    • Create Managed File
  • 7 Library
    • Install Tenable Agent
  • 7 VulnDB-API
  • Custom Scripts
    • Linux Scripts
    • BeyondTrust Password Safe Secrets
  • Custom Playbooks
  • Hook Bridge
    • Hook Bridge
  • Workflow
    • Create Workflow
  • Assisted Workflow
  • Scheduler
  • Unmanaged Hosts
    • Microsoft Windows
  • Settings and Integrations
    • Settings
      • License
      • Worker
      • Nodes
      • Certificate
      • LCC Management
      • Diagnostic
      • Linux Credentials
      • Regions
      • Syncronized Files
      • Notifications
        • SMTP
        • Teams
        • Telegram
      • Parameters
      • Discover Timeout
      • Backup and Restore
    • Integrations
      • BeyondTrust
        • Password Safe
        • Privileged Remote Access
      • VMWare
      • Nutanix
      • Tenable
        • Security Center
        • Cloud Security
    • User Management
      • Console Users
        • Create Super User
        • Create Group Users
      • TOTP
      • Providers
        • SAML
          • Cisco Duo
          • Entra ID
      • Authentication
  • Release Notes
Powered by GitBook
On this page
  • Requirements
  • Objective
  • Overview
  • Uploading and Configuring Scripts
  • General Information
  • Dynamic Variables in the Script
  • Script Content
  • Execution Credentials
  • Tenable Plugins
  • Script Execution
  1. Custom Scripts

Linux Scripts

PreviousCustom ScriptsNextBeyondTrust Password Safe Secrets

Last updated 12 days ago

Requirements

Linux Control Center = 2.10.X or higher

Objective

This manual aims to present all the features that the LCC Scripts module offers.

Overview

In the Linux Control Center (LCC), the Scripts module plays an important role in administration, providing users with the ability to execute custom Scripts on hosts managed by the LCC. Using the Scripts module is similar to the Playbooks module.

Executing a Script through the LCC provides a complete view of the process, allowing you to monitor its progress in real time and generate detailed reports. In addition, the execution can be performed by the Workflow, which allows you to make dynamic decisions based on the results of each step.

Uploading and Configuring Scripts

  1. To start, access the LCC and click Scripts in the left side menu.

  1. Click Create

  1. Enter a name to identify the Script in the Name field.

  2. Click Host Type and choose the Script type Windows or Linux

  1. Fill in the Remote Path field with / at the end. This will be the directory where the Script will be saved and executed. 1. Click on User for Execution, which we recommend is the user lcc.local

  1. Click on Upload File and choose the desired Script from your computer.

  2. Note that the name of the Script will be displayed in the Current File field

  1. Click on Save and the Script will be saved in the LCC database.

  1. Click on the Script that was created and you will see the following screens:

General Information

  1. Screen that displays the date and time the Script was created, the date and time of the last change and you can also change the information in the Name and Description fields. You can also download the file by clicking Download, delete it by clicking Delete and upload a new file by clicking Change File

Dynamic Variables in the Script

Similar to Customizable Playbooks, Scripts also have the ability to insert variables. This allows the same Script to be executed at different times with different values, offering adaptability as needed. The variable format is ${:::Variable name:::}, where Variable name is the identifier of that variable.

After creating the Script with the variable in this format and uploading the file to the console, it will be possible to change its value directly through the LCC web interface whenever necessary. The updated value will be automatically saved in the Script file saved in the database.

  1. See an example of implementation of this variable format

  • var_name: ${:::var_name:::}*

It is important to note that if variables are written with the same identifier/name, LCC will replace the value of the last variable entered by the user in all others. Therefore, it is recommended to use different names if the desired execution values ​​are different.

Script Content

  1. The Content screen displays the entire content of the Script. The image below shows the variable mentioned in the previous topic.

Execution Credentials

  1. On the Credentials screen, the LCC allows the Script to be executed with credentials other than the default lcc.local. It is possible to use Linux Credentials that are registered in the LCC console, Credentials from the Password Safe password vault by BeyondTrust through integration and through the LCC Hook Bridge Params functionality.

Tenable Plugins

  1. This screen makes it easy to remediate vulnerabilities identified as Tenable Plugins through integration with Tenable Vulnerability Manager and/or Tenable Security Center. Remediation is performed by running scripts from the Linux Control Center 7 Library repository, designed to remediate specific Tenable Plugins.

  • This example shows the Configure SSH Ciphers and Algorithms Script that fixes Tenable Plugin 153588.

Script Execution

  1. Access the Hosts screen

  1. Click Actions on the line and a desired Host and click Execute Custom Script.

  1. To run on multiple Hosts simultaneously, select the desired Hosts and click on Actions at the top of the page and click on Execute Custom Script.

  1. Choose the Script you want to run in the Scripts field

  1. Click on Yes to run the Script.

  1. Click on the Queue Working button at the top of the page to monitor the execution of the action.

Note: An independent Execute Custom Script Action will be created for each Host if the action is executed on more than one Host simultaneously, with separate logs for each execution.