I find Greenbone very useful for VA, but when it comes to reporting it lacks of good reports, like Top10 vulnerabilities within one network scanned, Top10 Risk Hosts, etc. I am looking for solutions to extract the data and create reports from the XML files or in the interface itself. Please let me know if you have succeeded in doing so.
I have managed to do this with openvas 8 and omp. On my side what I do is:
- Generate your reports in csv (full details) with omp. I have done this through a script which essentially pass the xml data thourgh xmlstarlet and base64; like this:
omp -h 127.0.0.1 -u admin -w passwd -iX ‘<get_reports report_id="’$reportId’" format_id="’$formatId’"/>’ | xmlstarlet sel -t -v get_reports_response/report/text() | base64 -i -d > $reportName.$ext
- Parse the csv reports through csvfilter tool to sanitize it and compute it with shell tools such as cut, grep, count, sort, etc… to get your statistics. Again I have written a script which does this so that in the end I get useful data for executive reporting.
But as I said, unfortunately it doesn’t work with gvm. I wrote the script on a corner of my desk, in shell. So it’s ugly, not portable and have lots of bugs but it works fine with omp.
That’s for my experience. But I would be very interested for a more professional and sustainable solution for this as well.
Thank you Vincent, I have found this python script but I am still struggling to make it work: https://github.com/TheGroundZero/openvasreporting
You may want to have a look at this. Personally, I’m feeding CSV reports to Splunk where you can do whatever reports and dashboards you want but this might be out of your original scope. Should work with any log management system, though.
Thats exactly the one I am trying to make it work. Splunk is a good idea too. Thanks!
Just a side note. For scripting please use
now. The old omp cli tool is deprecated and shouldn’t work with current GVM/OpenVAS versions.