Gvm-cli simple request

Hello all,

I’m trying to perform a very simple task with gvm-cli and I’m getting mad. I have my openvas-9 up and running, with reports available. With GSA, I get all my vulnerabilities as expected. Now, I want to retrieve my report using gvm cli. That is:

  • A report in CSV format
  • All vulnerabilities of type lvm included
  • Overrides applied

I would expect something simple like this to work:

gvm-cli […] -X ‘<get_reports report_id=“3f62310a-592e-495b-83e2-3591e92d1a5f” format_id=“c1645568-627a-11e3-a660-406186ea4fc5” filter=“apply_overrides=1 overrides=1 levels=hml”/>’ | xmlstarlet sel -t -v get_reports_response/report/text() | base64 -i -d > foo.csv

But it doesn’t. The csv file is contains many of my task vulnerabilities but not all. In this particular example I’m getting 8 High vulnerabilities and 42 medium, while in GSA the same report give me 43 High and 218 Medium !!!

I’m really getting mad at this. Please help !


I’ve added a further advice in the other topic you have posted the question already. Please avoid duplicated posts next time. It’s completely fine to create a new topic if your new question doesn’t relate the last topic.

To get you some background openvasmd/gvmd applies some default filter terms for every query if they are not provided in the request. This has some historical reasons and should also avoid shooting in you foot (like requesting thousands of results). Therefore you have to check if the applied filter is the same in gsa and your request. The applied filter is always contained in the response xml.

1 Like

OK Sorry I thought it would be easier to understand if I created a new post.

Opening a new topic for a new question is always fine :+1: I don’t wanted to offend you. Just wanted to avoid to split the discussion into two threads.

For the others the solution can be found at

1 Like