GVM versions
gsa: Greenbone Security Assistant 9.0
gvm: Greenbone Vulnerability Manager 9.0.0
openvas-scanner: OpenVAS 7.0.0
gvm-libs: 11.0.0
Environment
Operating system: Ubuntu 19.10
Kernel: 5.3.0-46-generic
Installation method / source: Compiled the “Release”-Downloads from GVM 11 (stable, initial release 2019-10-14)
I have created an override for a result and set it to “false positive” and I have set my results-filter to “apply_overrides=1 min_qod=70 first=1 rows=100 sort-reverse=severity levels=hml”.
The result is still visible in the results-view. It has the override-icon but the severity is not changed to “false positive” and it is not hidden by the levels-part of the filter…
In the tasks-view and the reports-view the severity is also unchanged.
The tasks-filter and reports-filter also include “apply_overrides=1”…
Why is “apply_overrides=1” not set by default like it used to be in Greenbone Security Assistant 7.0.3?
I have to create the filters, set them as default and it is still not working!?
Also when setting “apply_overrides=1” in the gvm-cli I get the results with unchanged severity?
gvm-cli tls --hostname 127.0.0.1 --port 9393 --xml '<commands><authenticate><credentials><username>USER</username><password>PASS</password></credentials></authenticate><get_tasks task_id="f9b56129-3b72-44a6-9ba4-7dace6a75442" filter="apply_overrides=1"/></commands>'
You need to add also
overrides=1
in your XML filter. So that your filter should be:
apply_overrides=1 overrides=1 min_qod=70 first=1 rows=100 sort-reverse=severity levels=hml.
Thank you for your reply, but unfortunately that does not change anything.
https://docs.greenbone.net/API/GMP/gmp-9.0.html#command_get_tasks also does not mention a “overrides” option…
You need to use get_reports instead of get_tasks if you intend to get reports by gvm-cli 
2 Likes
I need the values of “result_count” and “severity” from “last_report” which are included in the data returned by get_tasks.
But I need it to honor the overrides, which it should as the return includes “<apply_overrides>1</apply_overrides>” when I set it in the filter…
As you suggested, I also tested with get_reports, but sadly there is no change in count and severity:
gvm-cli tls --hostname 127.0.0.1 --port 9393 --xml '<commands><authenticate><credentials><username>USER</username><password>PASS</password></credentials></authenticate><get_reports report_id="9665d80f-063c-46b2-9d7a-4a3adb35bf54" filter="overrides=1 apply_overrides=1"/></commands>'|tidy -xml -indent -quiet > 1
gvm-cli tls --hostname 127.0.0.1 --port 9393 --xml '<commands><authenticate><credentials><username>USER</username><password>PASS</password></credentials></authenticate><get_reports report_id="9665d80f-063c-46b2-9d7a-4a3adb35bf54" filter="overrides=0 apply_overrides=0"/></commands>'|tidy -xml -indent -quiet > 0
diff 0 1
35c35
< <term>min_qod=70 overrides=0 apply_overrides=0 first=1
---
> <term>min_qod=70 overrides=1 apply_overrides=1 first=1
51c51
< <value>0</value>
---
> <value>1</value>
56c56
< <value>0</value>
---
> <value>1</value>
This seems to be fixed in 11.0.1
However reports migrated from 11.0.0 (and before) are still affected - only new reports are working as expected…
1 Like