I’ve been fiddling around with the GMP protocol for a while, and have stumbled across a weird phenomenon. By using the get_report() command, I get a different report than the one printed out by GSA. I use the command in the following way:
Even though the filtering should be the same, the GSA report contains two hosts with vulnerabilities whereas the report retrieved with the command only has one. Also, the command-based report is missing a vulnerability that is classed “high” from the host that appears in both reports, even though it is not filtered out.
I am using the latest build of GVM, and the GMP 20.08 protocol.
I tried to reproduce this, without success. My reports are identically.
Did you experienced this issue with other reports?
Did you tried the pdf-report.gmp.py script from gvm-tools? Is it leading to the same difference?
Did you used the correct report_format UUID?
Maybe you can send me the report as XML, so I can try to reproduce it?
By examining the XML versions, there were filters present in the GSA report that were not included in the GMP command. I believe setting a filter rows=1000 fixed the issue, as in the GMP generated report the value was rows=10.
Oh surely. Didn’t come to my mind that it might be a problem with the filter.
Btw. setting row=-1 makes them unlimited (so you don’t need to guess how many rows you might need).