3

I've been tasked with finding all Red Hat instances running in our entire datacenter. This covers roughly thousands of VLANs and IPs. I've done NMAP for output and tried parsing it into Excel for easier viewing, but... failed.

What I did is create a basic bash script that scans all the IPs from 192.168.. to 192.195.. -- used those IPs as examples obviously.

nmap -F -O 192.168.*.* > /home/knesgoda/results/147.txt

Is there a way to run this and get an output that would resemble something like this for easy pivot tabling?

IP             Hostname     Operating System
192.168.0.1    host.com     Red Hat Linux
192.168.0.2    host2.com    Windows 10
192.168.0.3    host3.com    OSX 10.10
skrrgwasme
  • 9,358
  • 11
  • 54
  • 84
Kevin Nesgoda
  • 31
  • 2
  • 2
    What does the original output of the command look like? What have you tried to massage it into the form you want? It should probably be a simple `awk` script to rearrange the columns. – Barmar Dec 22 '15 at 20:18
  • 3
    Use [`-oX`](https://nmap.org/book/output-formats-xml-output.html) or [`-oG`](https://nmap.org/book/output-formats-grepable-output.html) for scriptable output. Normal mode changes from version to version. – bonsaiviking Dec 22 '15 at 20:21
  • 1
    `I've been tasked with finding all Red Hat instances running in our entire datacenter` sounds weird. Is this your data center or somebody else's data center? :) – hek2mgl Dec 22 '15 at 20:29
  • It currently looks like this: Starting Nmap 6.47 ( http://nmap.org ) at 2015-12-17 17:26 PST Nmap scan report for hostname-dhcp-192-168-0-1.eng.vmware.com (192.168.0.1) Host is up (0.00042s latency). Not shown: 94 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 427/tcp open svrloc 443/tcp open https 8000/tcp filtered http-alt 8080/tcp open http-proxy Aggressive OS guesses: VMware ESXi Server 5.0 - 5.5 (93%), VMware ESXi Server 4.1 (91%), Crestron XPanel control system (90%) No exact OS matches for host (test conditions non-ideal). – Kevin Nesgoda Dec 22 '15 at 20:29

1 Answers1

1

The easiest thing you could do is use nmap's grep output format:

nmap -F -oG output.txt -O 192.168...

It isn't exactly what you specified in terms of a report format but it is a lot more like it than the default output format.

To take it to the next level you'll really need to think about learning some sort of scripting language like Python, Perl, Ruby, etc. In that case you might want to use the XML output format (-oX) and parse that with a library one of those languages provides.

Turn
  • 6,656
  • 32
  • 41