Skip to content

Commit

Permalink
Improve wording + fix spelling issues in query packs (#74)
Browse files Browse the repository at this point in the history 
Just some minor cleanup

---------

Signed-off-by: Tim Smith <tsmith84@gmail.com>
Co-authored-by: Letha <letha@mondoo.com>
  • Loading branch information
@tas50 @misterpantz
tas50 and misterpantz authored Jul 12, 2023
1 parent 7de4cb3 commit 90d87fd
Show file tree
Hide file tree
Showing 12 changed files with 52 additions and 35 deletions.
17 changes: 17 additions & 0 deletions .github/actions/spelling/line_forbidden.patterns
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,17 @@
# Product Names
#

# s.b. Jira
\bJIRA\b

# s.b. MariaDB
\bMaria DB\b
\bmariaDB\b
\bmariaDb\b

# s.b. PostgreSQL
\bPostgreSql\b

# s.b. Firefox
\bFireFox\b

Expand Down Expand Up @@ -159,6 +170,10 @@
\bVcenter\b
\bVCenter\b

# s.b. vSphere
\bVsphere\b
\bVSphere\b

# s.b. ESXi
\bEsxi\b

Expand Down Expand Up @@ -417,6 +432,8 @@

# s.b. Cosmos DB
\bCosmosDB\b
\bCosmoDB\b
\bCosmo DB\b

# s.b. SignalR Service
\bSignalR service\b
Expand Down
2 changes: 1 addition & 1 deletion core/mondoo-aws-incident-response.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ packs:
title: Retrieve data on IAM users, groups, and roles to which any 'FullAccess' policy is attached
docs:
desc: |
This query retrieves all IAM users, croups, and roles that have any one of the AWS FullAccess roles attached.
This query retrieves all IAM users, groups, and roles with an AWS FullAccess role attached.
mql: |
aws.iam.policies.
where( name == /FullAccess/i && attachmentCount != 0) {
Expand Down
26 changes: 13 additions & 13 deletions core/mondoo-azure-inventory.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,16 +82,16 @@ packs:
This query retrieves data for all databases in sql servers
mql: azure.subscription.sql.servers { databases }
- uid: mondoo-asset-inventory-azure-postgresql
title: Retrieve data for all Azure postgresql servers
title: Retrieve data for all Azure PostgreSQL servers
docs:
desc: |
This query retrieves data for all postgresql servers
This query retrieves data for all PostgreSQL servers
mql: azure.subscription.postgreSql.servers
- uid: mondoo-asset-inventory-azure-postgresql-firewallrules
title: Retrieve data for all firewall rules in Azure postgresql servers
title: Retrieve data for all firewall rules in Azure PostgreSQL servers
docs:
desc: |
This query retrieves data for all firewall rules in postgresql servers
This query retrieves data for all firewall rules in PostgreSQL servers
mql: azure.subscription.postgreSql.servers { firewallRules }
- uid: mondoo-asset-inventory-azure-mysql
title: Retrieve data for all Azure MySQL servers
Expand All @@ -100,16 +100,16 @@ packs:
This query retrieves data for all sql servers
mql: azure.subscription.mySql.servers
- uid: mondoo-asset-inventory-azure-mariaDb
title: Retrieve data for all Azure mariaDb servers
title: Retrieve data for all Azure MariaDB servers
docs:
desc: |
This query retrieves data for all mariaDb servers
This query retrieves data for all MariaDB servers
mql: azure.subscription.mariaDb.servers
- uid: mondoo-asset-inventory-azure-diagnosticSettings
title: Retrieve data for all Azure diagnostic Settings
title: Retrieve data for all Azure diagnostic settings
docs:
desc: |
This query retrieves data for all diagnostic Settings
This query retrieves data for all diagnostic settings
mql: azure.subscription.monitor.diagnosticSettings
- uid: mondoo-asset-inventory-azure-keyVaults
title: Retrieve data for all Azure Key Vaults
Expand Down Expand Up @@ -165,11 +165,11 @@ packs:
desc: |
This query retrieves data for all web apps
mql: azure.subscription.web.apps
- uid: mondoo-asset-inventory-azure-cosmoDb
title: Retrieve data for all Azure cosmoDb accounts
- uid: mondoo-asset-inventory-azure-cosmosDb
title: Retrieve data for all Azure Cosmos DB accounts
docs:
desc: |
This query retrieves data for all cosmoDb accounts
This query retrieves data for all Cosmos DB accounts
mql: azure.subscription.cosmosDb.accounts
- uid: mondoo-asset-inventory-azure-applicationInsight
title: Retrieve data for all Azure applicationInsight
Expand All @@ -184,10 +184,10 @@ packs:
This query retrieves data for all ApplicationInsight
mql: azure.subscription.network.watchers
- uid: mondoo-asset-inventory-azure-bastionHosts
title: Retrieve data for all Azure bastionHosts
title: Retrieve data for all Azure Bastion hosts
docs:
desc: |
This query retrieves data for all bastionHosts
This query retrieves data for all Bastion hosts
mql: azure.subscription.network.bastionHosts
- uid: mondoo-asset-inventory-azure-compute-disks
title: Retrieve data for all compute disks under the subscription
Expand Down
4 changes: 2 additions & 2 deletions core/mondoo-kubernetes-inventory.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ packs:
mondoo.com/category: best-practices
docs:
desc: |
The Kubernetes Inventory Pack by Mondoo pack is designed to retrieve data about a Kubernetes Cluster for asset inventory.
The Kubernetes Inventory Pack by Mondoo pack retrieves data about a Kubernetes Cluster for asset inventory.
To run this pack for a Kubernetes Cluster:
Expand All @@ -19,7 +19,7 @@ packs:
```
## Join the community!
Our goal is to build query packs that are simple to deploy, and provide accurate and useful data.
Our goal is to build query packs that are simple to deploy and provide accurate and useful data.
If you have any suggestions for improving this query pack, or if you need support, [join the Mondoo community](https://github.com/orgs/mondoohq/discussions) in GitHub Discussions.
groups:
Expand Down
4 changes: 2 additions & 2 deletions core/mondoo-linux-inventory.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ packs:
mondoo.com/category: best-practices
docs:
desc: |
The Linux Inventory Pack by Mondoo is designed to retrieve data about Linux hosts for asset inventory.
The Linux Inventory Pack by Mondoo retrieves data about Linux hosts for asset inventory.
## Local scan
To run this pack locally on a Linux host:
Expand All @@ -27,7 +27,7 @@ packs:
```
## Join the community!
Our goal is to build query packs that are simple to deploy, and provide accurate and useful data.
Our goal is to build query packs that are simple to deploy and provide accurate and useful data.
If you have any suggestions for improving this query pack, or if you need support, [join the Mondoo community](https://github.com/orgs/mondoohq/discussions) in GitHub Discussions.
filters:
Expand Down
4 changes: 2 additions & 2 deletions core/mondoo-macos-inventory.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ packs:
mondoo.com/category: best-practices
docs:
desc: |
The macOS Inventory Pack by Mondoo is designed to retrieve data about macOS hosts for asset inventory.
The macOS Inventory Pack by Mondoo retrieves data about macOS hosts for asset inventory.
## Local scan
To run this pack locally on a macOS host:
Expand All @@ -27,7 +27,7 @@ packs:
```
## Join the community!
Our goal is to build query packs that are simple to deploy, and provide accurate and useful data.
Our goal is to build query packs that are simple to deploy and provide accurate and useful data.
If you have any suggestions for improving this query pack, or if you need support, [join the Mondoo community](https://github.com/orgs/mondoohq/discussions) in GitHub Discussions.
filters:
Expand Down
8 changes: 4 additions & 4 deletions core/mondoo-vmware-incident-response.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ packs:
desc: |
## Overview
VMware vCenter Incident Response Pack by Mondoo is designed to retrieve data about vCenter and its ESXi hosts.
VMware vCenter Incident Response Pack by Mondoo retrieves data about vCenter and its ESXi hosts.
### Run query pack
Expand Down Expand Up @@ -47,11 +47,11 @@ packs:
- uid: mondoo-vmware-incident-response-acceptance-level
title: Retrieve host acceptance level
docs:
desc: The host acceptance level determines which VIBs can be installed to a host.
desc: The host acceptance level determines which VIBs can be installed on a host.
mql: vsphere.host.acceptanceLevel
refs:
- title:
url: https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.upgrade.doc/GUID-27BBBAB8-01EA-4238-8140-1C3C3EFC0AA6.html
- uid: mondoo-vmware-incident-response-acceptanceLevel
title: Retrieve list configured ntp server
- uid: mondoo-vmware-incident-response-ntp-servers
title: Retrieve all configured NTP servers
mql: vsphere.host.ntp.server
4 changes: 2 additions & 2 deletions core/mondoo-windows-incident-response.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,10 @@ packs:
title: Retrieve operating system uptime
mql: os.uptime
- uid: mondoo-windows-installed-packages
title: Retrieve list about installed packages
title: Retrieve list of installed packages
mql: packages
- uid: mondoo-windows-interface-configuration
title: Retrieve all Windows Computer/ System information
title: Retrieve all Windows Computer/System information
mql: windows.computerInfo
- uid: mondoo-windows-running-services
title: Retrieve running services
Expand Down
4 changes: 2 additions & 2 deletions core/mondoo-windows-inventory.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ packs:
mondoo.com/category: best-practices
docs:
desc: |
The Windows Asset Inventory Pack by Mondoo is designed to retrieve data about Windows hosts for asset inventory.
The Windows Asset Inventory Pack by Mondoo retrieves data about Windows hosts for asset inventory.
## Local scan
To run this pack locally on a Windows host:
Expand All @@ -27,7 +27,7 @@ packs:
```
## Join the community!
Our goal is to build query packs that are simple to deploy, and provide accurate and useful data.
Our goal is to build query packs that are simple to deploy and provide accurate and useful data.
If you have any suggestions for improving this query pack, or if you need support, [join the Mondoo community](https://github.com/orgs/mondoohq/discussions) in GitHub Discussions.
filters:
Expand Down
8 changes: 4 additions & 4 deletions extra/mondoo-asset-count.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ packs:
query: |
vsphere.datacenters { hosts.length }
- uid: mondoo-asset-count-on-vsphere-cluster-vms
title: Retrieve all VMs from vsphere cluster
title: Retrieve all VMs from vSphere cluster
filters: asset.platform == 'vmware-vsphere'
query: |
vsphere.datacenters { vms.length }
Expand All @@ -18,17 +18,17 @@ packs:
query: |
azure.compute.vms.length
- uid: mondoo-count-users-in-azure
title: Retrieve all VMs from Azure
title: Retrieve all users from Azure
filters: asset.platform == 'azure' || asset.platform == 'microsoft365'
query: |
azuread.users.length
- uid: mondoo-asset-count-on-aws
title: Retrieve all VMs from AWS
title: Retrieve all instances from AWS
filters: asset.platform == 'aws'
query: |
aws.ec2.instances.length
- uid: mondoo-asset-count-in-windows-domain
title: Retrieve all computer object from the windows domain
title: Retrieve all computer object from the Windows domain
filters: asset.platform == "windows" && windows.computerInfo['OsProductType'] == 2
query: |
parse.json(content: powershell('Get-ADComputer -Filter * -properties * | select Name, Enabled,Operatingsystem,OperatingSystemVersion | ConvertTo-Json').stdout).params
2 changes: 1 addition & 1 deletion extra/mondoo-googleworkplace-incident-response.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ packs:
title: Retrieve Google Workspace Super Admins
mql: googleworkspace.report.users.where( security["isSuperAdmin"] == true) { userEmail }
- uid: mondoo-googleworkspace-incident-response-super-admins-without-2FA-enrolled
title: Retrieve Google Workspace Super Admins which are not enrolled in 2FA
title: Retrieve Google Workspace Super Admins who are not enrolled in 2FA
mql: googleworkspace.users.where(isEnrolledIn2Sv != true && isAdmin == true) {primaryEmail isEnrolledIn2Sv isAdmin}
- uid: mondoo-googleworkspace-incident-response-users-without-2FA-enrolled
title: Retrieve Google Workspace User accounts which are not enrolled in 2FA
Expand Down
4 changes: 2 additions & 2 deletions extra/mondoo-okta-incident-response.mql.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ packs:
desc: |
### Overview
The Okta Incident Response query pack retrieves configuration data about your Okta configuration during a security incident.
During a security incident, the Okta Incident Response query pack retrieves configuration data about your Okta configuration.
### Prerequisites
Expand All @@ -23,7 +23,7 @@ packs:
### Run query pack
To run this query pack against a Okta domain:
To run this query pack against an Okta domain:
```bash
export OKTA_TOKEN=<TOKEN>
Expand Down

0 comments on commit 90d87fd

Please sign in to comment.