dns_mx_recorddns_mx_reportdns_ns_recorddns_ns_reportdns_parent_ns_recorddns_parent_recorddns_parent_reportdns_soa_recorddns_soa_reportsecurity_headers_content_security_policy_checksecurity_headers_missing_headerssecurity_headers_permissions_policy_checksecurity_headers_raw_header_listsecurity_headers_referrer_policy_checksecurity_headers_strict_transport_security_checksecurity_headers_x_content_type_options_checksecurity_headers_x_frame_options_checkssl_additional_certificate_recordssl_certificate_recordssl_certificate_reportssl_server_cbc_cipher_countssl_server_configuration_checksssl_server_insecure_cipher_countssl_server_rc4_cipher_countssl_server_supported_cipher_suitesssl_server_supported_protocols
Query: ssl_server_cbc_cipher_count
Usage
powerpipe query net_insights.query.ssl_server_cbc_cipher_countSteampipe Tables
SQL
with domain_list as ( select $1 as domain, $1 || ':443' as address),cbc_cipher_count as ( select address, count(address) as cipher_count from net_tls_connection where address in (select address from domain_list) and cipher_suite_name in ('TLS_RSA_WITH_AES_128_CBC_SHA', 'TLS_RSA_WITH_AES_256_CBC_SHA', 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA', 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA', 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA', 'TLS_RSA_WITH_3DES_EDE_CBC_SHA', 'TLS_RSA_WITH_AES_128_CBC_SHA256', 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA', 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256', 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256') and handshake_completed group by address)select 'CBC Cipher Suites' as label, case when i.cipher_count is null then 0 else i.cipher_count end as value, case when i.cipher_count is null then 'ok' when i.cipher_count < 1 then 'ok' else 'alert' end as typefrom domain_list as d left join cbc_cipher_count as i on d.address = i.address
Params
| Args | Name | Default | Description | Variable |
|---|---|---|---|---|
| $1 | domain_input |
Dashboards
The query is used in the dashboards: