On Montag, 23. Juni 2014, Michael C. Ibarra wrote: > Has anyone had any success in importing (automatically) OpenVAS data, > presumably XML data, into Splunk? > > I am trying to move away from another vuln scanner, one which is supported by > Splunk.
I'd love to support it. The first step of integration is typically to create a report format plugin that creates the right input format from the OpenVAS XML format. There are several examples in the source code repository of OpenVAS Manager. Basically it is a XSLT. I don't know the splunk import formats, but I guess there is some CSV or XML, neither would mean a problem. Automatic transfer would mean to add a connector and a alert if we want a push technology (like implemented for verinice.PRO). For a pull technology, splunk needs an extensions to execute OMP (like we implemented for Nagios). If anyone likes to solve this, Greenbone would be happy to sponsor it. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
