Get report_ID by task_name

Hi everyone,
i am struggling with the reportID from scans.
I need to get the reportID by the task name only. Can anyone help me out with this?

best regards,
alessio

I assume you are using python-gvm / gvm-tools?

(.venv) bash-3.2$ gvm-pyshell --gmp-username x --gmp-password y ssh --hostname z.z.z.z
resp = gmp.get_tasks()
for task in resp.findall('task'):
     last = task.find('last_report')
     if last is not None:
             report = last.find('report')
             if report is not None:
                     print(report.get('id'))
     else:
             print('No report')

You could do something like this with gvm-pyshell to get the Report ID of the last Report within that task …

1 Like

Hi, i used some of your code in my check_gmp script

task_name = sys.argv[11]
print(" Name of report: " + task_name)

def get_vulnerabilities(tname):
    filterReport = gmp.get_reports(filter="tname")
    report = filterReport.find('report')
    #print(tname)
    print(report.get('id'))
    reportID = report.get('id')
    print(reportID)
    specReport = gmp.get_report(report_id='reportID', details=True)
    jmpToResults = specReport.find('report').find('report').find('results')
    for result in results:
        pretty_print(result.find('nvt').find('name'))

get_vulnerabilities(task_name)

It gives me the following error about reportID = report.get('id')
'NoneType' object has no attribute 'get'

If i try this in pyshell it works and i get the report_id, if i add this in my script it does not work.

What am i doing wrong?

best regards

It seems, that you don’t have a Report object. So report is None you should check if you actually got a report back …

1 Like

With your code above i get all the report_ID’s, so i should have report Objects…
I want to get the report_ID’s for a specific task_name but i dont get this to work

get_reports(filter=tname)
maybe this?

1 Like

Yes this worked.
But now i am receiving the wrong ID :confused:
What i am trying to do is based on this older post of yours:

Its about this line:
gmp.get_report(report_id=...
If i paste the correct ID manually, it works fine.
Any idea how i get this ID based on the task name? I hope this clears up the situation.
So i want to use a variable for report_id

best regards

You also need to change the line in your code.
You only should use quotation marks for strings. Not if you want to pass a variable.
In your code above you wrote specReport = gmp.get_report(report_id='reportID', details=True)
What you want is specReport = gmp.get_report(report_id=reportID, details=True). I think after that change your code works fine.
Also I recommend you python coding style. E.g. variables should be named in snake_case-style e.g. report_id not reportID.

3 Likes

Thank you, i missed the quotes. Now something is definitely working.
Now i get these results

<Element name at 0x7fbe288d24c0>
<Element name at 0x7fbe288d2b40>
<Element name at 0x7fbe288d24c0>

Do you have any idea why this is happening? Actually i should get at least some found vulnerabilities

best regards

When i got the right reportID, and i am searching for certain keywords with:
z.find('report').find('report').find('results')
what is the file type i am looking at? I think that makes the difference

Seems, that you are trying to print the XML-Element Object instead of the content.
Are you still using the pretty_print() function?

For me your code works fine.
At least if you change the line
for result in results: to for result in jmpToResults:

>>> for rep in reps:
...     rep_id = rep.get('id')
...     specReport = gmp.get_report(report_id=rep_id, details=True)
...     jmpToResults = specReport.find('report').find('report').find('results')
...     for result in jmpToResults:
...             pretty_print(result.find('nvt').find('name'))
...
<name>Adobe Acrobat 2017 Security Updates(apsb18-30)-MAC OS X</name>
<name>Adobe Acrobat 2017 Security Updates(apsb18-30)-MAC OS X</name>
<name>Adobe Acrobat 2017 Security Updates(apsb18-30)-MAC OS X</name>
<name>Adobe Acrobat 2017 Security Updates(apsb18-30)-MAC OS X</name>
...
3 Likes

There is no certain “Filetype” you are traversing an xml.
You can look at it if you use pretty_print(gmp.get_report(report_id=reportID, details=True)).

E.g.:

>>> pretty_print(gmp.get_report(report_id='5d11ff24-f40f-4729-84b6-b7e84fc20a7c', details=True))
<get_reports_response status="200" status_text="OK">
  <report id="5d11ff24-f40f-4729-84b6-b7e84fc20a7c" format_id="" extension="" content_type="application/xml">
    <owner>
      <name>jloechte</name>
    </owner>
    <name/>
    <comment/>
    <creation_time/>
    <modification_time>2020-08-18T18:37:03Z</modification_time>
    <writable>0</writable>
    <in_use>0</in_use>
    <task id="6ed707a8-4953-4908-a835-3daa135c212f">
      <name>work</name>
    </task>
    <report id="5d11ff24-f40f-4729-84b6-b7e84fc20a7c">
      <gmp>
        <version>20.08</version>
      </gmp>
      <sort>
        <field>name<order>ascending</order></field>
      </sort>
      <filters id="">
        <term>apply_overrides=0 min_qod=70 first=1 rows=100 sort=name</term>
        <filter>High</filter>
        <filter>Medium</filter>
        <filter>Low</filter>
        <filter>Log</filter>
        <filter>Debug</filter>
        <keywords>
          <keyword>
            <column>apply_overrides</column>
            <relation>=</relation>
            <value>0</value>
          </keyword>
          <keyword>
            <column>min_qod</column>
            <relation>=</relation>
            <value>70</value>
          </keyword>
          <keyword>
            <column>first</column>
            <relation>=</relation>
            <value>1</value>
          </keyword>
          <keyword>
            <column>rows</column>
            <relation>=</relation>
            <value>100</value>
          </keyword>
          <keyword>
            <column>sort</column>
            <relation>=</relation>
            <value>name</value>
          </keyword>
        </keywords>
      </filters>
      <severity_class id="d4c74cda-89e1-11e3-9c29-406186ea4fc5">
        <name>nist</name>
        <full_name>NVD Vulnerability Severity Ratings</full_name>
        <severity_range>
          <name>None</name>
          <min>0.0</min>
          <max>0.0</max>
        </severity_range>
        <severity_range>
          <name>Low</name>
          <min>0.1</min>
          <max>3.9</max>
        </severity_range>
        <severity_range>
          <name>Medium</name>
          <min>4.0</min>
          <max>6.9</max>
        </severity_range>
        <severity_range>
          <name>High</name>
          <min>7.0</min>
          <max>10.0</max>
        </severity_range>
      </severity_class>
      <scan_run_status>Done</scan_run_status>
      <hosts>
        <count>0</count>
      </hosts>
      <closed_cves>
        <count>0</count>
      </closed_cves>
      <vulns>
        <count>0</count>
      </vulns>
      <os>
        <count>0</count>
      </os>
      <apps>
        <count>0</count>
      </apps>
      <ssl_certs>
        <count>0</count>
      </ssl_certs>
      <task id="6ed707a8-4953-4908-a835-3daa135c212f">
        <name>work</name>
        <comment>test</comment>
        <target id="a1f478c1-27d0-4d8c-959f-150625186421">
          <trash>0</trash>
          <name>work</name>
          <comment>test</comment>
        </target>
        <progress>0</progress>
      </task>
      <scan>
        <task/>
      </scan>
      <timestamp>2020-08-18T18:36:28Z</timestamp>
      <scan_start/>
      <timezone>UTC</timezone>
      <timezone_abbrev>UTC</timezone_abbrev>
      <ports start="1" max="100">
        <count>0</count>
      </ports>
      <results start="1" max="100"/>
      <result_count>0<full>0</full><filtered>0</filtered><debug><full>0</full><filtered>0</filtered></debug><hole><full>0</full><filtered>0</filtered></hole><info><full>0</full><filtered>0</filtered></info><log><full>0</full><filtered>0</filtered></log><warning><full>0</full><filtered>0</filtered></warning><false_positive><full>0</full><filtered>0</filtered></false_positive></result_count>
      <severity>
        <full>-3.0</full>
        <filtered>-3.0</filtered>
      </severity>
      <scan_end>2020-08-18T18:37:03Z</scan_end>
      <errors>
        <count>1</count>
        <error>
          <host>
            <asset asset_id=""/>
          </host>
          <port/>
          <description>Could not connect to Scanner</description>
          <nvt oid="">
            <type>nvt</type>
            <name/>
            <cvss_base/>
          </nvt>
          <scan_nvt_version/>
          <severity>-3</severity>
        </error>
      </errors>
    </report>
  </report>
  <filters id="">
    <term>apply_overrides=0 min_qod=70 first=1 rows=100 sort=name</term>
    <keywords>
      <keyword>
        <column>apply_overrides</column>
        <relation>=</relation>
        <value>0</value>
      </keyword>
      <keyword>
        <column>min_qod</column>
        <relation>=</relation>
        <value>70</value>
      </keyword>
      <keyword>
        <column>first</column>
        <relation>=</relation>
        <value>1</value>
      </keyword>
      <keyword>
        <column>rows</column>
        <relation>=</relation>
        <value>100</value>
      </keyword>
      <keyword>
        <column>sort</column>
        <relation>=</relation>
        <value>name</value>
      </keyword>
    </keywords>
  </filters>
  <sort>
    <field>name<order>ascending</order></field>
  </sort>
  <reports start="1" max="-2"/>
  <report_count>98<filtered>1</filtered><page>1</page></report_count>
</get_reports_response>
1 Like

Ah thanks for the advice, i did not use the pretty_print. If i do it gives me the message
name "pretty_print" is not defined. I imported pprint-library but it doesnt seem to be known

from gvm.xml import pretty_print

3 Likes

Thanks a lot, it works like a charm!

1 Like