On the post at http://lists.wald.intevation.org/pipermail/openvas-discuss/2017-September/011460.html, some of the XML to do what you want is shown.
j This message was classified PUBLIC by CAMPBELL Jeremy on Friday, December 8, 2017 at 11:02:07 AM. From: Openvas-discuss [mailto:[email protected]] On Behalf Of Shekhar Aryan Sent: Thursday, December 7, 2017 4:12 AM To: [email protected] Subject: Re: [Openvas-discuss] Reporting on delta's between scans on same host Perhaps a random question, has anyone in here been able to run scans using openvas cli please? If so please could you guide us? And like me has anyone found using CLi version very cumbersome..? On 7 Dec 2017, at 09:05, Thijs Stuurman <[email protected]<mailto:[email protected]>> wrote: You can schedule the scans to repeat them. Personally I wasn’t happy with the built in scheduler and automated one myself using python talking to the gvm-tools API. (https://github.com/Thijssss/openvas_scheduler which might help you automate things yourself, gvm-tools also has example scripts: https://bitbucket.org/greenbone/gvm-tools) I am not going for differences really; any finding with a CVSS score of > 4 will trigger an alert which sends an email to our ticketing system. Once a month I start my scheduler which will start any job that hasn’t run for 3 weeks or so. (I could leave it running in a screen forever but I still supervise and time it all, when it is not running I got time to update scan systems) If you go to tasks and click on the Reports > Total number you can see an overview of all the reports and quickly see if things improved or not. There is a compare button (underneath Actions, next to ‘delete’ so be careful), click on two and you’ll get a comparison overview. Still, why care about past results; it’s the latest scan result that counts in my book. Thijs Stuurman Security Operations Center | KPN Internedservices B.V. [email protected]<mailto:[email protected]> | [email protected]<mailto:[email protected]> T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 W: https://www.internedservices.nl<https://www.internedservices.nl/> | L: https://nl.linkedin.com/in/thijsstuurman Van: Openvas-discuss [mailto:[email protected]] Namens Joris Verzonden: donderdag 7 december 2017 09:51 Aan: [email protected]<mailto:[email protected]> Onderwerp: [Openvas-discuss] Reporting on delta's between scans on same host Hello list, Using the scanner here and are pretty impressed with the results and the web GUI. Our next move is basically to identify differences between consecutive scans on hosts (was a vulnerability patched? was a new vulnerability introduced on the system?) Based on my understanding, the system does not support this natively but I can be wrong. How do others solve this issue? Do you build automation around it ? Best regards Joris _______________________________________________ Openvas-discuss mailing list [email protected]<mailto:[email protected]> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ________________________________ This message, including attachments, is intended for the above-mentioned addressees only. It may contain confidential information the review, dissemination or disclosure of which is strictly prohibited. Should you receive this message in error, please delete it and notify the sender to the e-mail address indicated above. ________________________________
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
