Re: [Openvas-discuss] Integration with Splunk
On Montag, 23. Juni 2014, Michael C. Ibarra wrote: Has anyone had any success in importing (automatically) OpenVAS data, presumably XML data, into Splunk? I am trying to move away from another vuln scanner, one which is supported by Splunk. I'd love to support it. The first step of integration is typically to create a report format plugin that creates the right input format from the OpenVAS XML format. There are several examples in the source code repository of OpenVAS Manager. Basically it is a XSLT. I don't know the splunk import formats, but I guess there is some CSV or XML, neither would mean a problem. Automatic transfer would mean to add a connector and a alert if we want a push technology (like implemented for verinice.PRO). For a pull technology, splunk needs an extensions to execute OMP (like we implemented for Nagios). If anyone likes to solve this, Greenbone would be happy to sponsor it. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas-cli:Error in uploading file through modify_config
Hello, are you perhaps mixing up the config files? You refer to a specific UUID in modify_config which must be present in the database. Have you checked with omp --get-configs whether this UUID is present and whether it is the one you intend to change? Best Jan On Montag, 23. Juni 2014, NIKITA JHALA wrote: I want to replace the nmap grepaable file in NMAP ( NASL Wrapper). Here is the code which i tried: omp --config-file=auth.xml --xml=' modify_config config_id=47852b54-8294-4adf-83a8-db1c34cc5db3 preference nvt oid=1.3.6.1.4.1.25623.1.0.14259/ nameNmap (NASL wrapper):File containing grepable results/name value IyBObWFwIDYuNDAgc2NhbiBpbml0aWF0ZWQgTW9uIEp1biAyMyAxNDo1ODowNyAyMDE0IGFzOiBubWFwIC1vQSBubWFwL25tYXBfb3V0cHV0LzFzd2l0Y2ggLS1zdHlsZXNoZWV0IC4uL25tYXAvbm1hcC54c2wgMTAuMTAuNC4zMCBIb3N0OiAxMC4xMC40LjMwICgpIFN0YXR1czogVXAgSG9zdDogMTAuMTAuNC4zMCAoKSBQb3J0czogMjIvb3Blbi90Y3AvL3NzaC8vLywgMjMvb3Blbi90Y3AvL3RlbG5ldC8vLywgODAvb3Blbi90Y3AvL2h0dHAvLy8gSWdub3JlZCBTdGF0ZTogY2xvc2VkICg5OTcpICMgTm1hcCBkb25lIGF0IE1vbiBKdW4gMjMgMTQ6NTg6MTEgMjAxNCAtLSAxIElQIGFkZHJlc3MgKDEgaG9zdCB1cCkgc2Nhbm5lZCBpbiA0LjI2IHNlY29uZHMg /value /preference /modify_config' I have converted the content of gnmap file to base64.Here is the response that i get: modify_config_response status_text=OK status=200/modify_config_response But when i checked, there is no change in file. Please tell me what is wrong with above command? Is there any different way to upload replace file using omp? My gnmap file contains: # Nmap 6.40 scan initiated Mon Jun 23 14:58:07 2014 as: nmap -oA nmap/nmap_output/1switch --stylesheet ../nmap/nmap.xsl 10.10.4.30 Host: 10.10.4.30 () Status: Up Host: 10.10.4.30 () Ports: 22/open/tcp//ssh///, 23/open/tcp//telnet///, 80/open/tcp//http/// Ignored State: closed (997) # Nmap done at Mon Jun 23 14:58:11 2014 -- 1 IP address (1 host up) scanned in 4.26 seconds -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvas-cli:Error in uploading file through modify_config
I want to replace the nmap grepaable file in NMAP ( NASL Wrapper). Here is the code which i tried: omp --config-file=auth.xml --xml=' modify_config config_id=47852b54-8294-4adf-83a8-db1c34cc5db3 preference nvt oid=1.3.6.1.4.1.25623.1.0.14259/ nameNmap (NASL wrapper):File containing grepable results/name This should be: nameNmap (NASL wrapper)[file]:File containing grepable results :/name -- Greenbone Networks GmbH Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS 6 Package Install
Usually processing (updating) *.xml (CVE?) requires at least 2 to 4GB of memory. It might work, if you have lots of fast sw ap at least 4GB. -- Eero I am aware that OpenVAS on a Raspberry Pi will be pretty slow, but had it running on a Kali Linux Distro with a 1 GB swap file on the SD card for more than 6 month including a daily recurring scan and regular NVT updates. But, should the amount of memory really be the reason for failing to install any OpenVAS packages? Helmut ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS 6 Package Install
2014-06-24 13:39 GMT+03:00 Helmut Koers hko...@de.hellmann.net: Usually processing (updating) *.xml (CVE?) requires at least 2 to 4GB of memory. It might work, if you have lots of fast sw ap at least 4GB. -- Eero I am aware that OpenVAS on a Raspberry Pi will be pretty slow, but had it running on a Kali Linux Distro with a 1 GB swap file on the SD card for more than 6 month including a daily recurring scan and regular NVT updates. But, should the amount of memory really be the reason for failing to install any OpenVAS packages? well, not installing but usually cve xml update fails if, it runs out of memory. also scanning with plugins usually takes lots of memory. -- Eero ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS 6 Package Install
Hey, i had the same problem. Then i followed installation from this site http://www.raspberrypi.org/forums/viewtopic.php?t=57820p=435319 I also installed the openvas-cli. After that openvas was running very slow, but running... Rene Am 20.06.2014 um 00:33 schrieb Helmut Koers hko...@de.hellmann.net: Dear all, I am trying to install OpenVAS 6 on Debian 7 via OBS, but am running into the following issue: # apt-get -y install greenbone-security-assistant openvas-cli openvas-manager openvas-scanner openvas-administrator sqlite3 xsltproc rsync Reading package lists... Done Building dependency tree Reading state information... Done Package openvas-scanner is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source E: Unable to locate package greenbone-security-assistant E: Unable to locate package openvas-cli E: Unable to locate package openvas-manager E: Package 'openvas-scanner' has no installation candidate E: Unable to locate package openvas-administrator The OBS repository configuration looks good, but the OpenVAS installation fails with the above output. Any help is very welcome. Thanks, Helmut ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] OpenVAS Metasploit
I'll go back and look at my notes. -G Do you know what broke exactly? I wrote the openvas report parser. If it is broken, I such fix it. :P -- Geoff Galitz http://www.galitz.org ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss