[Openvas-discuss] GVM-Tools scheduler script

Thijs Stuurman Thijs.Stuurman at internedservices.nl
Wed Aug 23 10:54:51 CEST 2017


Jan,

The omp tool was useful but GVM Tools feels powerful.
Getting the task information using omp took longer and it gave less information. My scheduler based on omp had to use
multiple calls to omp while with GVM Tools I can get all the information with one call with an answer in XML.

Basically I have barely touched GVM Tools, using just gvm-pyshell and calling gmp.get_tasks() and gmp.start_task().
The supplied example scripts are a good start but I don't think I see any overview of the API calls which can be made to gmp.
Looking through gvm_connection.py helps of course.

I know big organizations have trouble getting control of stuff like vulnerabilities. Scanning is 1 thing but getting and processing the
information is a challenge. Sure gsad provides a very nice web interface but it gets slow and cumbersome. Also it's 'another' separate tool
with usually another username/password which some people might not look at in a long time and forget (care less) how to use it.
With GVM Tools I see possibilities to integrate an OpenVAS platform with existing (usually custom) tooling. Connect with message busses,
integrate in to CMDB's to provide direct information where its wanted, automate processes such as onboarding and keep control.
I can imagine our CMDB showing the latest scan results and having a 'Request scan' button which gets queued in bus and handled by a
future version of my scheduler.


Thijs Stuurman
Security Operations Center | KPN Internedservices
thijs.stuurman at internedservices.nl | thijs.stuurman at kpn.com
T: +31(0)299476185 | M: +31(0)624366778
PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048

W: https://www.internedservices.nl | L: http://nl.linkedin.com/in/thijsstuurman


-----Oorspronkelijk bericht-----
Van: Openvas-discuss [mailto:openvas-discuss-bounces at wald.intevation.org] Namens Jan-Oliver Wagner
Verzonden: woensdag 23 augustus 2017 10:00
Aan: openvas-discuss at wald.intevation.org
Onderwerp: Re: [Openvas-discuss] GVM-Tools scheduler script

Hello Thijs,

looks great!

How did you like working with GVM Tools compared to the omp tool?

All the best

Jan


Am Freitag, 18. August 2017, 20:35:29 schrieb Thijs Stuurman:
> OpenVAS users,
> 
> Recently Greenbone Dr. Jan-Oliver Wagner announced GVM-Tools which 
> inspired me to rewrite my task scheduler. Which task scheduler? One 
> day I hacked together some bash script which called the OpenVAS omp 
> program and parsed the output. Based on some dirty grep filtering and 
> tricks I managed to make it start tasks which had not run in the current month.
> 
> Somehow I cannot find my way with the official scheduler... and I know 
> some of you have built alike or even more elaborate scripts to handle things.
> 
> I never publicly released the bash script because it was ugly, got 
> slow and had a lot of hard coded constraints which only fitted my own 
> setup. This time around I implemented everything from scratch based on 
> the GVM-Tools gvm-pyshell using the gmp calls to get the tasks 
> information in XML format and start a task. I think this version will work for almost everyone.
> 
> You can find the new scheduler script here:
> https://github.com/Thijssss/openvas_scheduler See the wiki part of the 
> github page for a screenshot.
> 
> It's written to run as part of the GVM-Tools gvm-pyshell, see the run 
> example. The code is for Python 3 and I have used urwid for a console 
> text GUI interface.
> 
> What I want, and this does, it make sure all tasks run at least once a 
> month. I usually run the scheduler inside a screen and check on occasion.
> It does not run 24/7/365, It could but I start the last week of the 
> month or whenever I feel like it. So what does it do exactly? In short:
> 
> *         Get tasks information, then loop tasks to determine:
> 
> o    Scanner instance (slave)
> 
> o    If the latest completed run was in the period between now and a month
> ago
> 
> o    Tasks in total
> 
> o    Tasks that haven't run yet
> 
> o    Which tasks are running and their status
> 
> *         If there is room for a new task on a scanner instance, look for a
> job that fits. (it pop's the list, so it kind of chooses at random)
> 
> o    If so, tell OpenVAS to start the task (just sends start for a specific
> task ID)
> 
> (IF it may start, you can configure on which days and between which 
> hours; I only start jobs during office hours)
> 
> See the code for more information; for example I have limited the 
> settings by default to two concurrent tasks per slave scanner. This 
> script does not change anything in your OpenVAS setup/database. It 
> just reads the tasks information and requests a task start. My setup: 
> A master instance and 4 slave scanners. Every task is set and 
> configured to run on a specific slave scanner.
> 
> 
> Any question, feedback, bug report, fork etc' is welcome.


--
Dr. Jan-Oliver Wagner |  +49-541-760278-0  |  http://www.greenbone.net/ Greenbone Networks GmbH, Neumarkt 12, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________
Openvas-discuss mailing list
Openvas-discuss at wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss


More information about the Openvas-discuss mailing list