Every few days unable to connect to scanner

Hi all,
I have a dockerized installation of GVM 20.08.0. I have 4 scans set up to run every morning at 6 am local time. Some days it works without any issues, other days it fails. In the web GUI I can find the error Could not connect to Scanner.

I should note that each night at midnight the Docker container gets a reboot from a cronjob.

Inside of the Docker container I can find some log files at /usr/local/var/log/gvm.
In gvmd.log I find 4 lines with Could not connect to Scanner at /var/run/ospd/ospd.sock on a day that the scans fail, one for each scan.
In ospd-openvas.log I find a line that says Starting OSPd OpenVAS version 20.8.1., each night, around midnight. I see this on days that the scans fail as well as on days that the scans work. On days that the scans work I can also see records with Scan x added to the queue in position 1., Starting scan x. and x: Host scan finished. as well as x: Scan finished.

What could be causing the lack of connectivity to the scanner?

You need to check that the GVM tool chain is up and running. If something is randomly rebooting your GVM from a cronjob, that is not a good way of operating things. There are databases involved and if you are not cleanly shutting them down the new import and sanitation will takes hours.

Just skip the reboot and let GVM do the job.

2 Likes

Thank you very much! I will disable the container reboot and see if this solves the issue. My predecessor set this up because according to him this is necessary for the vulnerabilty definitions to remain up to date. Is there a way to check how recent the vulnerabilty definitions are?

Even after disabling the periodic reboot of the Docker container, I still get the same error “Could not connect to scanner” all the time. What else could be the case?

I would ditch the container and setup a system that can be interactively debugged.

Look into the log, enable debugging and read the log files and check interactively your GVM status.

1 Like