Hi there,
I’m trying to setup an override (same NVT OID) for multiple hosts using gsa (around 350 hosts). With GSA it seems it’s not possible as when creating an override and adding my hosts in the “New override” page, the list of hosts is automatically truncated to the first 6 hosts. All hosts after the initial 6 are discarded.
Is there a limitation ? And is it possible to workaround it ?
Thanks
As a workaround, is it possible for your use case to use CIDR Notation for the hosts or not limiting the override to hosts at all but limit it to a task?
I think it’s likely that a character limit exists for this field.
Unfortunately no, because hosts are on different subnets and for those on the same subnet cannot really be grouped in CIDR notation.
Actually I too believe it’s a field limitation. So perhaps it’s doable with gvm-cli ?
Can anyone tell me if this limitation apply to the last gvm version ? For now I can only test the pre-packaged version which start to be somehow old. If this happens to the latest build as well, then I will submit a bug report.
Thanks
I’ve checked on a development server and this bug doesn’t exist on gsad 7.0.4. So until I can upgrade, I tried to used gvm-cli to bypass gsa bug on this one. So I’m trying the following command:
gvm-cli socket --socketpath /var/run/openvasmd.sock --gmp-username admin --gmp-password pass --timeout -1 -X ‘<create_override>Some commentsIP1,IP2,…,IPn<new_threat>False Positive</new_threat>22</create_override>’
But this doesn’t work. Error is only:
(‘Error in response. Internal error’, <Element create_override_response at 0x7fcd7169a4c8>)
I’m not very familiar to xml, so anyone could point me what’s wrong in my command ?
Thanks !
Sorry typo error: the command was:
gvm-cli socket --socketpath /var/run/openvasmd.sock --gmp-username admin --gmp-password pass --timeout -1 -X '<create_override>
<nvt oid="1.3.6.1.4.1.25623.1.0.103239"></nvt>
<text>Some comments</text>
<hosts>IP1,IP2,...,IPn</hosts>
<new_threat>False Positive</new_threat>
<port>22</port>
</create_override>'Please take a look at the openvasmd log file for further details. It seems openvasmd could not handle your request.
I had, but unfortunately there is nothing logged in openvasmd logfile 
Uping this topic. What’s the correct way to create an override with gvm-cli ? I thought I followed the tech doc properly but it’s not working. So is it me or is there a bug I should report on git ?
Thanks !
Personally I can’t find a mistake in your command and even the tests for python-gvm look similar https://github.com/greenbone/python-gvm/blob/master/tests/protocols/gmpv7/test_create_override.py
So feel free to create an issue for gvmd at github.
Maybe increasing the loglevel could help.
I’ve raised the log level to debug on everything, and I have the following:
…
md manage: DEBUG:2019-03-23 09h55.04 CET:8016: sql_x end (SELECT user_can_everything (’%s’)
md manage: DEBUG:2019-03-23 09h55.04 CET:8016: sql: SELECT count () FROM nvts WHERE oid = ‘1.3.6.1.4.1.25623.1.0.103239’
md manage: DEBUG:2019-03-23 09h55.04 CET:8016: sql_x end (SELECT count () FROM nvts WHERE oid = ‘%s’)
md main: DEBUG:2019-03-23 09h55.04 CET:8016: -> client: <create_override_response status=“500” status_text=“Internal error”/>
md omp: DEBUG:2019-03-23 09h55.04 CET:8016: client state set: 1
md main: DEBUG:2019-03-23 09h55.04 CET:8016: => client 69 bytes
md main: DEBUG:2019-03-23 09h55.04 CET:8016: => client done
md main: DEBUG:2019-03-23 09h55.04 CET:8016: EOF reading from client.
md main: DEBUG:2019-03-23 09h55.04 CET:8016: Cleaning up.
md main: DEBUG:2019-03-23 09h55.04 CET:8016: Exiting.
It seems the OID is causing the error. I double checked and this OID is valid. Appart from that it’s a lot of SQL queries and xml parsing but no particular errors is showing up.