troubleshooting Question

Parse nmap XML data into Mysql database

Avatar of dutch7773
dutch7773Flag for United States of America asked on
MySQL Server
9 Comments1 Solution2836 ViewsLast Modified:
I know there must be a way since I have seen parsers for XML data. What I would like to do is to parse XML data I capture from nmap (network scanner) and put that data into a database and normalize the data. I have thousands of workstations to scan and would like to filter the database so I only will see the data that is out of the ordinary. My problem is how to get the data from XML to Mysql.

An example of the data that comes out of nmap:

<?xml version="1.0" ?>
<?xml-stylesheet href="nmap.xsl" type="text/xsl"?>
<!-- Nmap 4.00 scan initiated Tue Feb 14 13:26:26 2006 as: nmap -sS -v -oX c:\1.xml server99 -->
<nmaprun scanner="nmap" args="nmap -sS -v -oX c:\1.xml server99" start="1139945186" startstr="Tue Feb 14 13:26:26 2006" version="4.00" xmloutputversion="1.01">
<scaninfo type="syn" protocol="tcp" numservices="1672" services="1-1027,1029-1084,1103,1109-61441,65301" />
<verbose level="1" />
<debugging level="0" />
<host><status state="up" />
<address addr="" addrtype="ipv4" />
<hostnames />
<ports><extraports state="closed" count="1665" />
<port protocol="tcp" portid="135"><state state="open" /><service name="msrpc" method="table" conf="3" /></port>
<port protocol="tcp" portid="139"><state state="open" /><service name="netbios-ssn" method="table" conf="3" /></port>
<port protocol="tcp" portid="445"><state state="open" /><service name="microsoft-ds" method="table" conf="3" /></port>
<port protocol="tcp" portid="1030"><state state="open" /><service name="iad1" method="table" conf="3" /></port>
<port protocol="tcp" portid="2001"><state state="open" /><service name="dc" method="table" conf="3" /></port>
<port protocol="tcp" portid="2002"><state state="open" /><service name="globe" method="table" conf="3" /></port>
<port protocol="tcp" portid="5900"><state state="open" /><service name="vnc" method="table" conf="3" /></port>
<runstats><finished time="1139945187" timestr="Tue Feb 14 13:26:27 2006"/><hosts up="1" down="0" total="1" />
<!-- Nmap run completed at Tue Feb 14 13:26:27 2006; 1 IP address (1 host up) scanned in 0.882 seconds -->

thanks for your help!
Join our community to see this answer!
Unlock 1 Answer and 9 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros