harbor/docs/administration/vulnerability-scanning/import-vulnerability-data.md

---
title: Import Vulnerability Data to an Offline Harbor instance
weight: 45
---

If Harbor is installed in an environment without an internet connection, Clair cannot fetch data from the public vulnerability database. In this case, the Harbor administrator must update the Clair database manually.

## Preparation

- You have an instance of Clair that has an internet connection. If you have another instance of Harbor that has internet access, this also works.
- Check whether your Clair instance has already updated its vulnerability database to the latest version.

   1. Use `docker ps` to find out the container ID of the Clair service.
   1. Run `docker logs <container_id>` to check the log of the Clair container. If you are using Harbor you can find the latest Clair logs under `/var/log/harbor/2017-xx-xx/clair.log`.
   1. Look for logs that look like the following:

    ```
    Jul 3 20:40:45 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:40:45.890364","updater name":"rhel"}
    Jul 3 20:40:46 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:40:46.768924","updater name":"alpine"}
    Jul 3 20:40:47 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:40:47.190982","updater name":"oracle"}
    Jul 3 20:41:07 172.18.0.1 clair[3516]: {"Event":"Debian buster is not mapped to any version number (eg. Jessie-\u003e8). Please update me.","Level":"warning","Location":"debian.go:128","Time":"2017-07-04 03:41:07.833720"}
    Jul 3 20:41:07 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:41:07.833975","updater name":"debian"}
    Jul 4 00:26:17 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 07:26:17.596986","updater name":"ubuntu"}
    Jul 4 00:26:18 172.18.0.1 clair[3516]: {"Event":"adding metadata to vulnerabilities","Level":"info","Location":"updater.go:253","Time":"2017-07-04 07:26:18.060810"}
    Jul 4 00:38:05 172.18.0.1 clair[3516]: {"Event":"update finished","Level":"info","Location":"updater.go:198","Time":"2017-07-04 07:38:05.251580"}
    ```
The phrase `finished fetching` indicates that Clair has finished a round of vulnerability updates from an endpoint. Make sure all of the `rhel`, `alpine`, `oracle`, `debian`, and `ubuntu` endpoints are updated correctly. If they have not, wait for Clair to get the data.

## Dump Vulnerability Data 

1. Log in to the host, that is connected to Internet, on which the Postgres Clair database is running.
1. Dump Clair's vulnerability database by running the following commands.

   {{< note >}}
   The container name `clair-db` is a placeholder for the database container used by the internet-connected instance of Clair.
   {{< /note >}}

    ```shell
    $ docker exec clair-db /bin/sh -c  "pg_dump -U postgres -a -t feature -t keyvalue -t namespace -t schema_migrations -t vulnerability -t vulnerability_fixedin_feature" > vulnerability.sql  
    $ docker exec clair-db /bin/sh -c "pg_dump -U postgres -c -s" > clear.sql
    ```

The files `vulnerability.sql` and `clear.sql` are generated.

## Back Up the Harbor Clair Database

Before importing the data, it is strongly recommended to back up the Clair database in Harbor.

```shell
docker exec harbor-db /bin/sh -c  "pg_dump -U postgres -c" > all.sql
```

## Update the Harbor Clair Database

1. Copy the `vulnerability.sql` and `clear.sql` files to the host on which Harbor is running. 
1. Run the following commands to import the data to the Harbor Clair database:

    ```shell
    docker exec -i harbor-db psql -U postgres < clear.sql  
    docker exec -i harbor-db psql -U postgres < vulnerability.sql
    ```

## Rescan the Images

After importing the data, trigger the scanning process in the Harbor interface. For information about running a scan, see [Scan All Images](scan-all-images.md).
Begin restructuring Markdown and file names Signed-off-by: lucperkins <lucperkins@gmail.com> 2020-01-24 23:59:16 +01:00			`---`
			`title: Import Vulnerability Data to an Offline Harbor instance`
Adding weightings to order topics 2020-02-11 16:24:43 +01:00			`weight: 45`
Begin restructuring Markdown and file names Signed-off-by: lucperkins <lucperkins@gmail.com> 2020-01-24 23:59:16 +01:00			`---`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			`If Harbor is installed in an environment without an internet connection, Clair cannot fetch data from the public vulnerability database. In this case, the Harbor administrator must update the Clair database manually.`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			`## Preparation`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			`- You have an instance of Clair that has an internet connection. If you have another instance of Harbor that has internet access, this also works.`
			`- Check whether your Clair instance has already updated its vulnerability database to the latest version.`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			1. Use `docker ps` to find out the container ID of the Clair service.
			1. Run `docker logs <container_id>` to check the log of the Clair container. If you are using Harbor you can find the latest Clair logs under `/var/log/harbor/2017-xx-xx/clair.log`.
			`1. Look for logs that look like the following:`
Begin restructuring Markdown and file names Signed-off-by: lucperkins <lucperkins@gmail.com> 2020-01-24 23:59:16 +01:00
First wave of doc reorg 2019-10-17 15:47:25 +02:00			```
			`Jul 3 20:40:45 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:40:45.890364","updater name":"rhel"}`
			`Jul 3 20:40:46 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:40:46.768924","updater name":"alpine"}`
			`Jul 3 20:40:47 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:40:47.190982","updater name":"oracle"}`
			`Jul 3 20:41:07 172.18.0.1 clair[3516]: {"Event":"Debian buster is not mapped to any version number (eg. Jessie-\u003e8). Please update me.","Level":"warning","Location":"debian.go:128","Time":"2017-07-04 03:41:07.833720"}`
			`Jul 3 20:41:07 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 03:41:07.833975","updater name":"debian"}`
			`Jul 4 00:26:17 172.18.0.1 clair[3516]: {"Event":"finished fetching","Level":"info","Location":"updater.go:227","Time":"2017-07-04 07:26:17.596986","updater name":"ubuntu"}`
			`Jul 4 00:26:18 172.18.0.1 clair[3516]: {"Event":"adding metadata to vulnerabilities","Level":"info","Location":"updater.go:253","Time":"2017-07-04 07:26:18.060810"}`
			`Jul 4 00:38:05 172.18.0.1 clair[3516]: {"Event":"update finished","Level":"info","Location":"updater.go:198","Time":"2017-07-04 07:38:05.251580"}`
			```
Linking and rewrites 2020-01-13 14:48:49 +01:00			The phrase `finished fetching` indicates that Clair has finished a round of vulnerability updates from an endpoint. Make sure all of the `rhel`, `alpine`, `oracle`, `debian`, and `ubuntu` endpoints are updated correctly. If they have not, wait for Clair to get the data.
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			`## Dump Vulnerability Data`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			`1. Log in to the host, that is connected to Internet, on which the Postgres Clair database is running.`
			`1. Dump Clair's vulnerability database by running the following commands.`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Fixing lots of links 2020-02-20 13:02:41 +01:00			`{{< note >}}`
			The container name `clair-db` is a placeholder for the database container used by the internet-connected instance of Clair.
			`{{< /note >}}`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Begin restructuring Markdown and file names Signed-off-by: lucperkins <lucperkins@gmail.com> 2020-01-24 23:59:16 +01:00			```shell
			`$ docker exec clair-db /bin/sh -c "pg_dump -U postgres -a -t feature -t keyvalue -t namespace -t schema_migrations -t vulnerability -t vulnerability_fixedin_feature" > vulnerability.sql`
			`$ docker exec clair-db /bin/sh -c "pg_dump -U postgres -c -s" > clear.sql`
			```
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			The files `vulnerability.sql` and `clear.sql` are generated.
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			`## Back Up the Harbor Clair Database`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
			`Before importing the data, it is strongly recommended to back up the Clair database in Harbor.`
Linking and rewrites 2020-01-13 14:48:49 +01:00
Begin restructuring Markdown and file names Signed-off-by: lucperkins <lucperkins@gmail.com> 2020-01-24 23:59:16 +01:00			```shell
			`docker exec harbor-db /bin/sh -c "pg_dump -U postgres -c" > all.sql`
First wave of doc reorg 2019-10-17 15:47:25 +02:00			```

Linking and rewrites 2020-01-13 14:48:49 +01:00			`## Update the Harbor Clair Database`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Linking and rewrites 2020-01-13 14:48:49 +01:00			1. Copy the `vulnerability.sql` and `clear.sql` files to the host on which Harbor is running.
			`1. Run the following commands to import the data to the Harbor Clair database:`

Begin restructuring Markdown and file names Signed-off-by: lucperkins <lucperkins@gmail.com> 2020-01-24 23:59:16 +01:00			```shell
			`docker exec -i harbor-db psql -U postgres < clear.sql`
			`docker exec -i harbor-db psql -U postgres < vulnerability.sql`
			```
Linking and rewrites 2020-01-13 14:48:49 +01:00
			`## Rescan the Images`
First wave of doc reorg 2019-10-17 15:47:25 +02:00
Fixing lots of links 2020-02-20 13:02:41 +01:00			`After importing the data, trigger the scanning process in the Harbor interface. For information about running a scan, see [Scan All Images](scan-all-images.md).`