I am new to OpenVAS and so far enjoying, I am a very small operation at home and I host servers for a few friends.
I’d like to perform vulnerable scanning and management, such as keeping track of vulnerabilities and patching of them.
To my understanding, I should mark vulnerabilities by creating a ticket for them and then I can mark them solved. However when I go to Scan → Results → Click the CVE and click the magnifying glass I do not see the ticket button appear at anywhere at the top or elsewhere on the page like the documentation for 25.0.5 says I should be seeing.
Is this only for paying customers, or is there an option to toggle ticketing functionality?
Ahh OK that makes sense, thank you. Is there a good way to close out vulnerabilities that have been patched?
Right now I am exporting to another tool, so no big deal since this product is a gift to the community, but just wondering the common workflow for that.
I’m not sure that what @Eero says it true. I just checked the Kali Linux and most recent Community Containers installation and both include the ticket icon at the top of the Result view. I have not tried the source code install in a while, but I don’t believe it is different since there are no compile flags specific to tickets, and all the ticket code is still included in the public GSA and gvmd repositories.
Interesting, that is what made me come here to post was I couldn’t find mention of it being enterprise only. That makes me hopeful, I just downloaded the appliance image for Virtualbox.
But tickets are not available for the OPENVAS BASIC or OPENVAS FREE enterprise virtual appliances. So, you should not expect to see it since that’s what you say you are using.
I’d like to report back that it was very easy to get up and running with the community containers following the documentation, and it brought me up to v27.4.1.