I installed OpenVAS yesterday and have been trying to run a scan however I don’t seem to have any scan configs populated in OpenVAS. I have run “sudo greenbone-feed-sync” to try and populate them, I have waited since yesterday to see if they would appear but no such luck.
Can someone help me add the scan configs if possible.
Thanks.
Hi,
please take a look at Troubleshooting - Greenbone Community Documentation and especially at https://greenbone.github.io/docs/latest/troubleshooting.html#facing-an-issue-with-the-greenbone-community-edition. We need to know which installation method you are using and you need to take a look at the logs.
Hi I have had a look at that documentation but it doesn’t seem to be of much help as I haven’t even been able to run any scans yet due to not having any scan configs.
I have installed Version 22.9.1 of OpenVAS
I am using Kali Linux release: 2024.1
You still need to take a look at the logs. There will be some important information in the gvmd.log. If you don’t find an error inside the log and therefore want to paste it here please follow Start Here - #3 by bricks
Ok thanks, I am trying to view the gvmd.log from today but it says permission denied when I try and open it. would I have to stop the gvm service from running to open this?
You should be able to read the file. What’s the output of sudo ls -la /var/log/gvm/gvmd.log?
I get this. -rw-r----- 1 _gvm _gvm 630 Feb 21 09:20 /var/log/gvm/gvmd.log
Ok it seems Kali did restrict the file permissions. Nevertheless you should be able to take a look at the file as root
sudo cat /var/log/gvm/gvmd.log
──(kali㉿kali)-[~]
└─$ sudo cat /var/log/gvm/gvmd.log
event config:MESSAGE:2024-02-21 09h19.49 UTC:683045: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h19.57 UTC:683121: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h19.58 UTC:683156: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h20.01 UTC:683191: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h20.07 UTC:683244: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h20.10 UTC:683281: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h20.12 UTC:683314: Config could not be created by admin
I get this.
Ok this error can have several causes. Most likely not enough free disk space in /tmp or /var. Do you have some additional errors in this file before these event config:... lines?
no, what I sent was all that showed using the command you gave me.
Thanks.
here is the disk space on my kali server.
└─$ df
Filesystem 1K-blocks Used Available Use% Mounted on
udev 902188 0 902188 0% /dev
tmpfs 188796 980 187816 1% /run
/dev/sda2 39471628 30497172 6937208 82% /
tmpfs 943968 1052 942916 1% /dev/shm
tmpfs 5120 0 5120 0% /run/lock
efivarfs 131072 9 131059 1% /sys/firmware/efi/efivars
/dev/sda1 523244 152 523092 1% /boot/efi
tmpfs 188792 116 188676 1% /run/user/125
tmpfs 188792 128 188664 1% /run/user/1000
Any idea for what I can try?
Hi,
again could you please format your messages according to Start Here - #3 by bricks? It’s very difficult to read without better formatting.
Filesystem 1K-blocks Used Available Use% Mounted on
udev 902188 0 902188 0% /dev
tmpfs 188796 1000 187796 1% /run
/dev/sda2 39471628 30525524 6908856 82% /
tmpfs 943968 1052 942916 1% /dev/shm
tmpfs 5120 0 5120 0% /run/lock
efivarfs 131072 9 131059 1% /sys/firmware/efi/efivars
/dev/sda1 523244 152 523092 1% /boot/efi
tmpfs 188792 116 188676 1% /run/user/125
tmpfs 188792 124 188668 1% /run/user/1000
I found out that Kali uses logrotate on the gvmd logs. Therefore there should by files like /var/log/gvm/gvmd.log.1, /var/log/gvm/gvmd.log.2, … or even /var/log/gvm/gvmd.log.1.tar.gz. Could you take a look if they contain additional errors besides this event thing?
6 GiB free space should be enough but maybe you can increase it to at least 10 GiB?
For the background the event config:MESSAGE:2024-02-21 09h20.12 UTC:683314: Config could not be created by admin message is created when gvmd is not able to parse the scan configs from the feed. We need to find out the reason for that.
Hi, the only log that seems to be of any use and actually show me some info is.
kali㉿kali)-[~]
└─$ sudo cat /var/log/gvm/ospd-openvas.log
OSPD[255783] 2024-02-19 16:11:05,033: INFO: (ospd.main) Starting OSPd OpenVAS version 22.6.2.
OSPD[255783] 2024-02-19 16:11:05,044: INFO: (ospd_openvas.messaging.mqtt) Successfully connected to MQTT broker
OSPD[255783] 2024-02-19 16:11:15,186: INFO: (ospd_openvas.daemon) Loading VTs. Scans will be [requested|queued] until VTs are loaded. This may take a few minutes, please wait...
OSPD[255783] 2024-02-19 16:14:10,543: INFO: (ospd_openvas.daemon) Finished loading VTs. The VT cache has been updated from version 0 to 202402190559.
OSPD[255783] 2024-02-20 11:03:15,321: INFO: (ospd.main) Shutting-down server ...
OSPD[2052] 2024-02-20 11:05:09,407: INFO: (ospd.main) Starting OSPd OpenVAS version 22.6.2.
OSPD[2052] 2024-02-20 11:05:09,419: INFO: (ospd_openvas.messaging.mqtt) Successfully connected to MQTT broker
OSPD[2052] 2024-02-20 11:05:19,542: INFO: (ospd_openvas.daemon) Loading VTs. Scans will be [requested|queued] until VTs are loaded. This may take a few minutes, please wait...
OSPD[2052] 2024-02-20 11:08:12,332: INFO: (ospd_openvas.daemon) Finished loading VTs. The VT cache has been updated from version 0 to 202402190559.
OSPD[2052] 2024-02-21 14:14:24,909: INFO: (ospd.main) Shutting-down server ...
OSPD[3168] 2024-02-21 14:18:19,620: INFO: (ospd.main) Starting OSPd OpenVAS version 22.6.2.
OSPD[3168] 2024-02-21 14:18:19,629: INFO: (ospd_openvas.messaging.mqtt) Successfully connected to MQTT broker
OSPD[3168] 2024-02-21 14:18:29,760: INFO: (ospd_openvas.daemon) Loading VTs. Scans will be [requested|queued] until VTs are loaded. This may take a few minutes, please wait...
OSPD[3168] 2024-02-21 14:21:21,336: INFO: (ospd_openvas.daemon) Finished loading VTs. The VT cache has been updated from version 0 to 202402190559.
OSPD[3168] 2024-02-21 15:11:03,516: INFO: (ospd_openvas.daemon) Loading VTs. Scans will be [requested|queued] until VTs are loaded. This may take a few minutes, please wait...
OSPD[3168] 2024-02-21 15:13:29,937: INFO: (ospd_openvas.daemon) Finished loading VTs. The VT cache has been updated from version 202402190559 to 202402210616.
The rest of the logs just look like this.
──(kali㉿kali)-[~]
└─$ sudo cat /var/log/gvm/gvmd.log.1.gz
[sudo] password for kali:
��eś]s�8���+t���D���K���4S���`�cfl��m��J▒�6ː�p��$v��}|8G:�:��B�>_g����bq��6����3J�=.���y��
s�y�r���6E��B+��BŕJ����.�?(�ZeB�y��NY��S��äS�gd6�]4(�gU&�S��Lh��y�"�vq����!��:TI�8ő~1�R(����BO�m��x�m����y��
���E��X9�t�p��-=5i��x���)�h�!B��B���x�.?B�r~�m���rxIu�lP^"��<0����u���(�E;���m����8�{��1.��������2�3�u����f��δ�~���{�v�c���G��Yx�����C@=����0V�c�؇z�g%(�8�Cx��z`����A�c���+&�.��h�x���*���� ▒����D��
y�kN�5���kP/�����j�c�Uc����Ŋ�)�<�G��5{L�a��=��A
�s�=�{��O�*�}�J��~|kv8��D�}k�xخ�߈�l�Dm��T��xo(��'T����l~��"ן���Is���C��T����/�F~vs���j�^owv��ô�_�<���b~���|��)������i��
r�Η:�#��� ���y�LTQٶ�=�
�\&R�- 5����Amk1k�.�4j[�!jȚi"�����/[j[��X�S�X[Z(9|b�--�b
U#dbb5ZZ
���S�Z
Q�[jK�!jx�kM��,�7��Gt
�������_�f�I�����[� �LC�V�L�`sT����}�ݾ��: ��G������xm�L�ֆϽ���59Z{Č0^n������=b��
B▒����Amqv\�auw>���t{i��6c��B▒�v'P��.#B�#��]&+�Π��qDx�J��fv
�iB�iv��JU�D�M\�4[�Ua����hd�C�.��6h-L)�>�/O��L��K��EDb!�GD���K-▒�f�y������|��w���ԍ�O��t������$J6q�����9��Sj�
r�?�$����/�P�86
┌──(kali㉿kali)-[~]
└─$ sudo cat /var/log/gvm/openvas.log.3.gz
vtw�2202�50�5�T04�04�34*H�225342�-HI,IMQ�
QHNL�HUH+��U(K-*���S0P(�W�a`dhi`jj�)��Fe
For reference these are the logs I can see in the following location
sudo cat /var/log/gvm/
gsad.log gsad.log.1.gz gsad.log.2.gz gvmd.log gvmd.log.1.gz gvmd.log.2.gz gvmd.log.3.gz openvas.log openvas.log.1.gz openvas.log.2.gz openvas.log.3.gz ospd-openvas.log
Completing file
gsad.log gsad.log.1.gz gsad.log.2.gz gvmd.log gvmd.log.1.gz gvmd.log.2.gz gvmd.log.3.gz openvas.log openvas.log.1.gz openvas.log.2.gz openvas.log.3.gz ospd-openvas.log
Let me know if that’s any help probably not. Thanks.
You can’t show the contents of .gz files using cat because these are binary files. They are comparable to .zip files. You need to use zcat here.
Ahh ok thanks.
gvmd.log.1.gz
┌──(kali㉿kali)-[~]
└─$ sudo zcat /var/log/gvm/gvmd.log.1.gz
[sudo] password for kali:
event config:MESSAGE:2024-02-21 09h19.49 UTC:683045: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h19.57 UTC:683121: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h19.58 UTC:683156: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h20.01 UTC:683191: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h20.07 UTC:683244: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h20.10 UTC:683281: Config could not be created by admin
event config:MESSAGE:2024-02-21 09h20.12 UTC:683314: Config could not be created by admin
md main:MESSAGE:2024-02-21 14h18.35 utc:3420: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2024-02-21 14h18.35 utc:3420: Getting users.
md main:MESSAGE:2024-02-21 14h18.48 utc:3529: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2024-02-21 14h18.48 utc:3529: Getting users.
md main:MESSAGE:2024-02-21 14h19.01 utc:3645: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2024-02-21 14h19.13 UTC:3763: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h19.23 UTC:3851: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h19.33 UTC:3956: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h19.43 UTC:4046: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h19.53 UTC:4189: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h20.03 UTC:4274: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h20.13 UTC:4358: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h20.24 UTC:4703: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h20.34 UTC:4821: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h20.44 UTC:4906: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h20.56 UTC:5097: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h21.06 UTC:5187: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h21.21 UTC:5316: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h21.36 UTC:5450: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h21.51 UTC:5581: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h22.06 UTC:5710: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h22.21 UTC:5839: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 14h24.56 UTC:7274: update_scap: Updating data from feed
md manage: INFO:2024-02-21 14h24.56 UTC:7274: Updating CPEs
md manage: INFO:2024-02-21 14h31.41 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2022.xml
md manage: INFO:2024-02-21 14h33.07 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2007.xml
md manage: INFO:2024-02-21 14h33.23 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2012.xml
md manage: INFO:2024-02-21 14h33.40 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2015.xml
md manage: INFO:2024-02-21 14h33.58 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2017.xml
md manage: INFO:2024-02-21 14h34.38 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2006.xml
md manage: INFO:2024-02-21 14h34.56 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2024.xml
md manage: INFO:2024-02-21 14h35.00 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2003.xml
md manage: INFO:2024-02-21 14h35.04 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2009.xml
md manage: INFO:2024-02-21 14h35.26 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2002.xml
md manage: INFO:2024-02-21 14h35.40 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2005.xml
md manage: INFO:2024-02-21 14h35.53 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2019.xml
md manage: INFO:2024-02-21 14h37.14 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2010.xml
md manage: INFO:2024-02-21 14h37.31 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2021.xml
md manage: INFO:2024-02-21 14h38.46 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2016.xml
md manage: INFO:2024-02-21 14h39.11 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2004.xml
md manage: INFO:2024-02-21 14h39.20 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2023.xml
md manage: INFO:2024-02-21 14h40.35 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2013.xml
md manage: INFO:2024-02-21 14h40.55 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2014.xml
md manage: INFO:2024-02-21 14h41.14 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2018.xml
md manage: INFO:2024-02-21 14h42.19 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2008.xml
md manage: INFO:2024-02-21 14h42.40 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2011.xml
md manage: INFO:2024-02-21 14h42.58 UTC:7274: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2020.xml
md manage: INFO:2024-02-21 14h44.05 UTC:7274: Updating CVSS scores and CVE counts for CPEs
md manage: INFO:2024-02-21 14h48.24 UTC:7274: Updating placeholder CPEs
md manage: INFO:2024-02-21 14h48.48 UTC:7274: Updating Max CVSS for DFN-CERT
md manage: INFO:2024-02-21 14h48.55 UTC:7274: Updating DFN-CERT CVSS max succeeded.
md manage: INFO:2024-02-21 14h48.55 UTC:7274: Updating Max CVSS for CERT-Bund
md manage: INFO:2024-02-21 14h48.59 UTC:7274: Updating CERT-Bund CVSS max succeeded.
md manage: INFO:2024-02-21 14h49.02 UTC:7274: update_scap_end: Updating SCAP info succeeded
md manage: INFO:2024-02-21 15h08.56 UTC:31668: sync_cert: Updating data from feed
md manage: INFO:2024-02-21 15h08.56 UTC:31668: update_dfn_xml: dfn-cert-2021.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2021.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: update_dfn_xml: dfn-cert-2024.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2024.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: update_dfn_xml: dfn-cert-2020.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2020.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: update_dfn_xml: dfn-cert-2014.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2014.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: update_dfn_xml: dfn-cert-2023.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2023.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: update_dfn_xml: dfn-cert-2015.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2015.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: update_dfn_xml: dfn-cert-2012.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2012.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: update_dfn_xml: dfn-cert-2018.xml
md manage: INFO:2024-02-21 15h08.56 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2018.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2008.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2008.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2017.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2017.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2016.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2016.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2022.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2022.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2013.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2013.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2009.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2009.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2019.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2019.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2010.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2010.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: update_dfn_xml: dfn-cert-2011.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/dfn-cert-2011.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K15.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K20.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K14.xml
md manage: INFO:2024-02-21 15h08.57 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K17.xml
md manage: INFO:2024-02-21 15h08.58 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K18.xml
md manage: INFO:2024-02-21 15h08.58 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K19.xml
md manage: INFO:2024-02-21 15h08.58 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K22.xml
md manage: INFO:2024-02-21 15h08.58 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K23.xml
md manage: INFO:2024-02-21 15h08.59 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K21.xml
md manage: INFO:2024-02-21 15h08.59 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K13.xml
md manage: INFO:2024-02-21 15h08.59 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K24.xml
md manage: INFO:2024-02-21 15h08.59 UTC:31668: Updating /var/lib/gvm/cert-data/CB-K16.xml
md manage: INFO:2024-02-21 15h08.59 UTC:31668: Updating Max CVSS for DFN-CERT
md manage: INFO:2024-02-21 15h09.06 UTC:31668: Updating DFN-CERT CVSS max succeeded.
md manage: INFO:2024-02-21 15h09.06 UTC:31668: Updating Max CVSS for CERT-Bund
md manage: INFO:2024-02-21 15h09.10 UTC:31668: Updating CERT-Bund CVSS max succeeded.
md manage: INFO:2024-02-21 15h09.10 UTC:31668: sync_cert: Updating CERT info succeeded.
md manage: INFO:2024-02-21 15h11.06 UTC:32949: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h11.16 UTC:33033: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h11.26 UTC:33118: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h11.36 UTC:33206: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h11.46 UTC:33293: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h11.56 UTC:33377: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h12.13 UTC:33543: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h12.23 UTC:33688: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h12.33 UTC:33843: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h12.43 UTC:33998: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h12.56 UTC:34224: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h13.10 UTC:34392: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h13.26 UTC:34533: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h13.41 UTC:34673: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h13.56 UTC:34814: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h14.11 UTC:34953: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h14.26 UTC:35101: osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting
md manage: INFO:2024-02-21 15h14.42 UTC:35246: OSP service has different VT status (version 202402210616) from database (version 202402190559, 135875 VTs). Starting update ...
md manage: INFO:2024-02-21 15h16.43 utc:35246: Updating VTs in database ... 41 new VTs, 679 changed VTs
md manage: INFO:2024-02-21 15h16.45 utc:35246: Updating VTs in database ... done (135915 VTs).
gvmd.log.2.gz
┌──(kali㉿kali)-[~]
└─$ sudo zcat /var/log/gvm/gvmd.log.2.gz
md main:MESSAGE:2024-02-20 00h01.20 utc:485010: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-20 00h01.20 utc:485011: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-20 00h01.20 utc:485011: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-20 00h02.50 utc:485736: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-20 00h02.50 utc:485737: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-20 00h02.50 utc:485737: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-20 00h04.21 utc:486461: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-20 00h04.21 utc:486462: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-20 00h04.21 utc:486462: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-20 00h05.51 utc:487197: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-20 00h05.51 utc:487198: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-20 00h05.51 utc:487198: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-20 00h07.22 utc:487925: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-20 00h07.22 utc:487926: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-20 00h07.22 utc:487926: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-20 00h08.52 utc:488651: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-20 00h08.52 utc:488660: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-20 00h08.52 utc:488660: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-20 00h10.23 utc:489430: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-20 00h10.23 utc:489431: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-20 00h10.23 utc:489431: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-20 00h11.53 utc:490160: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-20 00h11.53 utc:490161: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-20 00h11.53 utc:490161: init_manage_open_db: sql_open failed
gvmd.log.3.gz
──(kali㉿kali)-[~]
└─$ sudo zcat /var/log/gvm/gvmd.log.3.gz
md main:MESSAGE:2024-02-19 15h11.13 utc:226736: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2024-02-19 15h11.13 utc:226736: Getting users.
md manage:WARNING:2024-02-19 15h11.13 utc:226736: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-19 15h11.13 utc:226736: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-19 15h11.13 utc:226738: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2024-02-19 15h11.13 utc:226738: Creating user.
md manage:WARNING:2024-02-19 15h11.13 utc:226738: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-19 15h11.13 utc:226738: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-19 15h11.14 utc:226744: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2024-02-19 15h11.14 utc:226744: Getting users.
md manage:WARNING:2024-02-19 15h11.14 utc:226744: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-19 15h11.14 utc:226744: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-19 15h49.59 utc:245511: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2024-02-19 15h49.59 utc:245511: Getting scanners.
md manage:WARNING:2024-02-19 15h49.59 utc:245511: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-19 15h49.59 utc:245511: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-19 15h49.59 utc:245513: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage: INFO:2024-02-19 15h49.59 utc:245513: Modifying scanner.
md manage:WARNING:2024-02-19 15h49.59 utc:245513: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
md manage:WARNING:2024-02-19 15h49.59 utc:245513: init_manage_open_db: sql_open failed
md main:MESSAGE:2024-02-19 16h13.44 utc:257286: Greenbone Vulnerability Manager version 23.1.0 (DB revision 255)
md manage:WARNING:2024-02-19 16h13.44 utc:257287: sql_open: PQconnectStart to 'gvmd' failed: connection to server on socket "/var/run/postgresql/.s.PGSQL.5432" failed: No such file or directory
Is the server running locally and accepting connections on that socket?
openvas.log.1.gz
┌──(kali㉿kali)-[~]
└─$ sudo zcat /var/log/gvm/openvas.log.1.gz
libgvm util:MESSAGE:2024-02-21 14h21.21 utc:3526: Updated NVT cache from version 0 to 202402190559
libgvm util:MESSAGE:2024-02-21 15h13.29 utc:33093: Updated NVT cache from version 202402190559 to 202402210616
openvas.log.2.gz
──(kali㉿kali)-[~]
└─$ sudo zcat /var/log/gvm/openvas.log.2.gz
libgvm util:MESSAGE:2024-02-20 11h08.12 utc:2425: Updated NVT cache from version 0 to 202402190559
openvas.log.3.gz
──(kali㉿kali)-[~]
└─$ sudo zcat /var/log/gvm/openvas.log.3.gz
libgvm util:MESSAGE:2024-02-19 16h14.10 utc:256127: Updated NVT cache from version 0 to 202402190559
gsad.log.1.gz
┌──(kali㉿kali)-[~]
└─$ sudo zcat /var/log/gvm/gsad.log.1.gz
gsad main:MESSAGE:2024-02-21 14h19.23 utc:3850: Starting GSAD version 22.08.0~git
gsad gmp:MESSAGE:2024-02-21 14h20.46 utc:3850: Authentication success for 'admin' from 127.0.0.1
gsad gmp:MESSAGE:2024-02-21 15h08.06 GMT:3850: Authentication success for 'admin' from 127.0.0.1
gsad gmp:MESSAGE:2024-02-21 15h46.48 GMT:3850: Authentication success for 'admin' from 127.0.0.1
gsad.log.2.gz
┌──(kali㉿kali)-[~]
└─$ sudo zcat /var/log/gvm/gsad.log.2.gz
gsad main:MESSAGE:2024-02-20 13h22.39 utc:71613: Starting GSAD version 22.08.0~git
gsad gmp:WARNING:2024-02-20 13h28.43 utc:71613: Authentication failure for 'Admin' from 127.0.0.1. Status was 2.
gsad gmp:WARNING:2024-02-20 13h30.18 utc:71613: Authentication failure for 'admin' from 127.0.0.1. Status was 2.
gsad gmp:WARNING:2024-02-20 13h30.32 utc:71613: Authentication failure for 'admin' from 127.0.0.1. Status was 2.
gsad gmp:WARNING:2024-02-20 13h30.38 utc:71613: Authentication failure for 'admin' from 127.0.0.1. Status was 2.
gsad gmp:WARNING:2024-02-20 13h30.43 utc:71613: Authentication failure for 'admin' from 127.0.0.1. Status was 2.
gsad gmp:WARNING:2024-02-20 13h35.44 utc:71613: Authentication failure for 'admin' from 127.0.0.1. Status was 2.
gsad gmp:WARNING:2024-02-20 13h36.01 utc:71613: Authentication failure for 'admin' from 127.0.0.1. Status was 2.
gsad gmp:MESSAGE:2024-02-20 13h42.12 utc:71613: Authentication success for 'admin' from 127.0.0.1
gsad gmp:MESSAGE:2024-02-20 13h47.42 GMT:71613: Authentication success for 'admin' from 127.0.0.1
gsad gmp:MESSAGE:2024-02-20 14h18.06 GMT:71613: Authentication success for 'admin' from 127.0.0.1
gsad gmp:MESSAGE:2024-02-20 14h45.07 GMT:71613: Authentication success for 'admin' from 127.0.0.1
gsad gmp:WARNING:2024-02-20 15h08.50 GMT:71613: Authentication failure for 'Admin' from 127.0.0.1. Status was 2.
gsad gmp:MESSAGE:2024-02-20 15h09.57 GMT:71613: Authentication success for 'admin' from 127.0.0.1
gsad gmp:MESSAGE:2024-02-20 16h31.29 GMT:71613: Authentication success for 'admin' from 127.0.0.1
Hopefully these help. I can send them 1 by 1 if easier.