📊 trivy-plugin-report is a plugin that can convert Trivy's output in JSON format into an EXCEL and
nd Markdown files.
Trivy can output reports in various formats, but these reports are more suitable for technical personnel to study and fix vulnerabilities.
In many business scenarios, we also need to present security risks in a more understandable way to non-technical personnel, making EXCEL files particularly important.
In addition, we need to compile a comprehensive scan report that will outline the artifact information, image configuration, vulnerability overview, as well as detailed vulnerability information. The Markdown format is particularly suitable for editing and reviewing such reports, making it an ideal medium for this purpose.
- Trivy Compatibility: Supports reports generated by Trivy.
- Office Friendly: Converts to EXCEL format, suitable for non-technical personnel to read and report.
- Convenient Editing and Sharing: Documents in Markdown format serve as a carrier for scan reports, facilitating rapid editing and sharing of key security information.
trivy plugin install github.com/miao2sec/trivy-plugin-reporttrivy image --format json -d --output plugin=report [--output-plugin-arg plugin_flags] <image_name>OR
trivy image -f json <image_name> | trivy report [plugin_flags]-
Generate an EXCEL table and name it
output.xlsxtrivy image -f json debian:12 | trivy report --excel-file output.xlsx
-
Use
--beautifyto beautify the EXCEL file, that is, fill in the background color according to the severity of the vulnerabilities.trivy image -f json debian:12 | trivy report --excel-file output-beautify.xlsx --beautify
-
Generate an Markdown table and name it
output.md
trivy image -f json sonobuoy/kube-hunter:v0.2.0 | trivy report --markdown-file output.mdFor details, see kube-hunter.md
- 📝 Export markdown file
- 📝 Export PDF file
- 🌏 Localize the report to Chinese
- 🌁 Add Alibaba vulnerability source
- 🚀 Add CNNVD vulnerability source
- 🛡️ Support for misconfiguration, license, and secret