How can one get a list of all uuids which can be accessed by gvm-cli get_scans
Hi dear Community,
I have a small question, I need to get reports from scans by gvm-tools. As the get_reports command has been removed the get_scans command is the one to use. So you need always an uuid to get a particullar scan which is pretty annoying when you may just want to gather all results on bulk.
So when I do a like:
gvm@gvmd:/$ gvm-cli --protocol OSP socket --sockpath /var/run/ospd/ospd.sock --xml ‘<get_scans scan_id=“44559a03-857c-40ce-aa87-912868e72217” />’
Response Error 404. Failed to find scan ‘44559a03-857c-40ce-aa87-912868e72217’
I always get the above mentioned error. So is there a way to get just all reports, or in this case scans which are available? Are there any wildcards which can be used?
This question is may stupid but I searched google, api documentation and all other stuff regarding this topic but didn’t find anything regarding this…
//edit
The general issue behind this: i am missing some stuff, please have a look at the help page, there are a lot of commands which don’t appear:
<help_response status="200" status_text="OK"> help Print the commands help.
Attributes:
format Help format. Could be text or xml.
get_version Return various version information
get_performance Return system report
Attributes:
start Time of first data point in report.
end Time of last data point in report.
title Name of report.
get_scanner_details Return scanner description and parameters
delete_scan Delete a finished scan.
Attributes:
scan_id ID of scan to delete.
get_vts List of available vulnerability tests.
Attributes:
vt_id ID of a specific vulnerability test to get.
filter Optional filter to get an specific vt collection.
stop_scan Stop a currently running scan.
Attributes:
scan_id ID of scan to stop.
get_scans List the scans in buffer.
Attributes:
scan_id ID of a specific scan to get.
details Whether to return the full scan report.
pop_results Whether to remove the fetched results.
max_results Maximum number of results to fetch.
start_scan Start a new scan.
Attributes:
target Target host to scan
ports Ports list to scan
scan_id Optional UUID value to use as scan ID
parallel Optional nummer of parallel target to scan
Elements:
scanner_params
debug_mode Whether to get extra scan debug information.
dry_run Whether to dry run scan.
auto_enable_dependencies Automatically enable the plugins that are depended on
cgi_path Look for default CGIs in /cgi-bin and /scripts
checks_read_timeout Number of seconds that the security checks will wait for when doing a recv()
non_simult_ports Prevent to make two connections on the same given ports at the same time.
open_sock_max_attempts Number of unsuccessful retries to open the socket before to set the port as closed.
timeout_retry Number of retries when a socket connection attempt timesout.
optimize_test By default, optimize_test is enabled which means openvas does trust the remote host banners and is only launching plugins against the services they have been designed to check. For example it will check a web server claiming to be IIS only for IIS related flaws but will skip plugins testing for Apache flaws, and so on. This default behavior is used to optimize the scanning performance and to avoid false positives. If you are not sure that the banners of the remote host have been tampered with, you can disable this option.
plugins_timeout This is the maximum lifetime, in seconds of a plugin.
report_host_details
safe_checks Disable the plugins with potential to crash the remote services
scanner_plugins_timeout Like plugins_timeout, but for ACT_SCANNER plugins.
time_between_request Allow to set a wait time between two actions (open, send, close).
unscanned_closed
unscanned_closed_udp
expand_vhosts Whether to expand the target hosts list of vhosts with values gathered from sources such as reverse-lookup queries and VT checks for SSL/TLS certificates.
test_empty_vhost If set to yes, the scanner will also test the target by using empty vhost value in addition to the targets associated vhost values.
max_hosts The maximum number of hosts to test at the same time which should be given to the client (which can override it). This value must be computed given your bandwidth, the number of hosts you want to test, your amount of memory and the performance of your processor(s).
max_checks The number of plugins that will run against each host being tested. Note that the total number of process will be max checks x max_hosts so you need to find a balance between these two options. Note that launching too many plugins at the same time may disable the remote host, either temporarily (ie: inetd closes its ports) or definitely (the remote host crash because it is asked to do too many things at the same time), so be careful.
port_range This is the default range of ports that the scanner plugins will probe. The syntax of this option is flexible, it can be a single range ("1-1500"), several ports ("21,23,80"), several ranges of ports ("1-1500,32000-33000"). Note that you can specify UDP and TCP ports by prefixing each range by T or U. For instance, the following range will make openvas scan UDP ports 1 to 1024 and TCP ports 1 to 65535 : "T:1-65535,U:1-1024".
test_alive_hosts_only If this option is set, openvas will scan the target list for alive hosts in a separate process while only testing those hosts which are identified as alive. This boosts the scan speed of target ranges with a high amount of dead hosts significantly.
source_iface Name of the network interface that will be used as the source of connections established by openvas. The scan won't be launched if the value isn't authorized according to (sys_)ifaces_allow / (sys_)ifaces_deny if present.
ifaces_allow Comma-separated list of interfaces names that are authorized as source_iface values.
ifaces_deny Comma-separated list of interfaces names that are not authorized as source_iface values.
hosts_allow Comma-separated list of the only targets that are authorized to be scanned. Supports the same syntax as the list targets. Both target hostnames and the address to which they resolve are checked. Hostnames in hosts_allow list are not resolved however.
hosts_deny Comma-separated list of targets that are not authorized to be scanned. Supports the same syntax as the list targets. Both target hostnames and the address to which they resolve are checked. Hostnames in hosts_deny list are not resolved however.
get_memory_usage print the memory consumption of all processes
Attributes:
unit Unit for displaying memory consumption (b = bytes, kb = kilobytes, mb = megabytes). Defaults to b.
BR
Hans
Environment:
Greenbone Vulnerability Manager 20.08.0
Manager DB revision 233
OSP 1.2
OSPd OpenVAS20.8.1
openvasOpenVAS 20.8.0202011181159</get_version_response>