Export OpenVas reports to ELK

Archive Security Processes
1

Hi,

I need to export the results of the OpenVas scans to ELK stack. I have been trying to use the VulnWhisperer tool (https://github.com/HASecuritySolutions/VulnWhisperer), but have not been able to get it to connect to OpenVas to download the reports. I receive a series of errors when trying to connect to OpenVas.

  • Can someone help me make this work?
  • If you know of another tool that fulfills the same function, please recommend it to me.

Currently I have two fresh version of Greenbone installed on two servers and ready for testing:
1- GSM CE 6.0.7
2- Source Edition running on Debian 10, with the following components:
*gvm-libs-11.0
*openvas-7.0
*gvmd-9.0
*master (openvas-smb)
*gsa-9.0
*ospd-openvas-1.0
*ospd-2.0

Console output errors

ERROR:vulnWhispererOpenVAS:__init__:Unable to establish connection with OpenVAS scanner. Reason: 'NoneType' object has no attribute 'text'
ERROR:root:main:__init__() should return None, not 'bool'
ERROR: __init__() should return None, not 'bool'

Thank you

2

Hi,
I used this tool but it only worked on older Openvas.

gsad --version
Greenbone Security Assistant 7.0.3
Copyright © 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

openvasmd --version
OpenVAS Manager 7.0.3
Manager DB revision 184
Copyright © 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

openvassd --version
OpenVAS Scanner 5.1.3
Most new code since 2005: © 2016 Greenbone Networks GmbH
Nessus origin: © 2004 Renaud Deraison deraison@nessus.org
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Since I moved to GVM 11 I stopped using it. You can save report in xml and using python3 xml to dict make json. Now you can take json nicely to logstash or elastic DB with filebeat agent. You can do this on any openvas as long as you can pull out xml report.

But later I moved to BI, since it was more easy to draw delta in time.

2 Likes