GSA - Filter Keywords to Filter a Report

How To
1

Hey, I want to filter my results of the last report of a specific task. I got a lot of hosts/ targets in it)

GVM versions

gsad: Greenbone Security Assistant 21.4.4
gvmd: Greenbone Vulnerability Manager 21.4.5
openvas-scanner: OpenVAS 21.4.4
gvm-libs: gvm-libs 21.4.4

Can anyone give me a filter command or workflow for the following usecase?

  • I want to see all vulnerabilities of a specific host of the last scan with a severity over 3
  • or: See all vulnerability results with a severity over 3 of a specific host from its last scan
    • Therefor I created this command: (host=“” and report_id=“” and severity>3 apply_overrides=1 levels=hml rows=100 min_qod=70 first=1 sort-reverse=severity)
    • But I have to type in the ip and reportid manuel every time…
    • Is there a way to get the usecase results less complicated, maybe with a specific tag, workflow or keyword like report_id=last_report(last)?

+ How do you work with your vulnerabilities?

Thanks and kind regards
Marc

2

As far as I can tell, it is impossible to use tags to filter a report. If it is, it is even less documented than the format you need to use to set up tags to begin with.

I have not been able to filter by “tag”. Filtering hosts by “tag” fails to produce any results no matter what format/syntax I try to use. Filtering hosts by tag_id appears to work there, but you can’t use it to filter reports or results.