From rudimentary topologies to multi-cloud deployments, UpGuard was designed to provide end-to-end visibility for all types of infrastructures. Our platform gives organizations unprecedented macro and micro-level visibility in even the most complex and heterogeneous IT environments. And now—with UpGuard’s powerful new Search feature—identifying and locating items of interest or concern is as easy as typing text into a search box.
With Search, locating granular items like specific nodes, patches, or package versions is no longer akin to finding a needle in a haystack. The feature is deceptively simple but packs powerful functionality, making it indispensable for numerous infrastructure management tasks. Search is two-pronged: it can perform both a basic node search as well as search for specific items inside of nodes. Additionally, Search can be performed contextually against specific entity types and nodes/node groups.
Searching For Nodes / Inside of Nodes
When navigating to the Manage ⇢ Nodes page, Search is set to perform a basic text search against all node names, since All Nodes under Node Groups is selected by default in the left-hand column.
Searching for the string “db” will retrieve nodes whose names match or partially match that string from the All Nodes group. Again, this group is selected by default—clicking on any other Node Group will set the search context accordingly and subsequent queries will be performed against the selected node group.
As mentioned previously, Search can also look inside of nodes for items. Clicking into the node will set the search context to that specific node. Searching for the “is_encrypted” string reveals the matching items and their values inside of the database node.
Searching in Expression Mode
Expression mode enables more refined searches by allowing additional parameters to be used in the search queries. Users may notice that upon typing in search terms, a helper window appears at the bottom of the search box. This shortcut allows for easy construction of search expressions based on the following common entity types: Nodes, Packages, Files, and Services. Search Everywhere includes all entity types in the search results.
For example, an administrator wishing to locate OpenSSL packages vulnerable to the Heartbleed bug can now easily do so with Search. Typing the string into the search box reveals the helper window with search suggestions based on common entity types.
Alternatively, typing a colon (:) in the search box will invoke the helper window with a complete list of entity types for easy reference.
Typing a colon (:) will invoke the complete list of entity types available.
The administrator is looking for OpenSSL 1.0.1 through 1.0.1f—the versions impacted by the Heartbleed bug. By specifying that packages be searched by typing “packages:” followed by the search terms, one can immediately drill down to the items of interest.
With Search, UpGuard users can now easily drill down to the item of interest.
Clicking on the item in question—Openssl 1.01i on the Amazon AMI node—will populate the search box with the complete search string necessary for locating that item and others like it.
Clicking on the item populates the Search box with the search string for finding it.
The search string can then be used to create policies, incorporated into testing processes, shared amongst peers, copied/pasted for quick dissemination, and so forth. This powerful aspect of Search makes results immediately actionable, essentially facilitating a fast track to validation and remediation.
In short, the comprehensive infrastructure discovery and awareness that UpGuard already provides is now enhanced with the Search feature, giving users an additional mechanism for gaining pinpoint visibility into their infrastructures. Try out UpGuard’s new Search capabilities by logging in to your account or signing up for a free trial.
So how do events like 000webhost's massive data breach involving free web hosting providing 000webhost transpire? In a word, negligence. Gross negligence, to be precise.
Read Blog >
Access to free vulnerability assessment should be a basic right in a world where computing is integral to social and economic life. For our part, we're offering our full product, including vulnerability assessment, free forever for a user's first ten machines.
Read Blog >