Reason for debug loglevel?

Community Containers
1

Hi :slight_smile:

I’ve got a question regarding the loglevels defaulting to “debug” in the default docker compose file in configure-openvas. Is there a specific reason for it?

  # Sets log level of openvas to the set LOG_LEVEL within the env
  # and changes log output to /var/log/openvas instead /var/log/gvm
  # to reduce likelyhood of unwanted log interferences
  configure-openvas:
    image: greenbone/openvas-scanner:stable
    volumes:
      - openvas_data_vol:/mnt
      - openvas_log_data_vol:/var/log/openvas
    command:
      - /bin/sh
      - -c
      - |
        printf "table_driven_lsc = yes\nopenvasd_server = http://openvasd:80\n" > /mnt/openvas.conf
        sed "s/127/128/" /etc/openvas/openvas_log.conf | sed 's/gvm/openvas/' > /mnt/openvas_log.conf
        chmod 644 /mnt/openvas.conf
        chmod 644 /mnt/openvas_log.conf
        touch /var/log/openvas/openvas.log
        chmod 666 /var/log/openvas/openvas.log

In my case the file openvas.log grew to over 20 GB and filled up all the disk capacity because of lots of debug messages caused by the redis communication.

Best regards

Christian

2

I would say that the reason for it is because the Community Edition is not meant to serve the purpose of an Enterprise vulnerability scanner out of the box. It’s an open source offering primarily to encourage collaboration,code review and contribution, and secondly, it can also support the democratization of cybersecurity by providing a free enterprise quality vulnerability scanner. :smiley:

Therefore, the various offerings from the community edition currently place a certain degree of owness on the user to do their homework, read the documentation, and understand how to adjust Greenbone’s configuration.

It’s certainly not that we don’t want to help every user who needs it, but rather that we are restrained for time resouces. I hope that helps. :wink:

3

@rippledj Thank you for your quick answer :slight_smile: That helps a lot. And yes, it’s no real problem to change the log levels if you know a little about Linux, Docker and Greenbone. :wink:

I just wanted to make sure, that there is no other reason behind it. And I’m of course more than grateful for providing is with such an easy way to set up a Greenbone installation :heart:

4

@Chartman123 You are welcome. Essentially, debug level provides more details and therefore, users who may experience problems, or be modifying settings will have more access to in-depth log information. :wink: