I’m struggling with gvm-cli which gives me wrong results, so I think I’m doing something wrong but I can’t figure what.
I run the following:
gvm-cli socket --sockpath /var/run/openvasmd.sock --gmp-username admin --gmp-password pass -X ‘<get_reports report_id=“e849335f-0242-418f-b78d-822996ffca9f” levels=“hml” autofp=“0” apply_overrides=“1” notes=“1” overrides=“1” result_hosts_only=“1” format_id=“c1645568-627a-11e3-a660-406186ea4fc5”/>’ | xmlstarlet sel -t -v get_reports_response/report/text() | base64 -i -d > foo.csv
With this command I would expect to get only vulnerabilities of level High, Medium and Low to be reported (levels=“hml”), while I actually end up with all findings (that is including the “Logs” level vulnerability, as if I would have set levels=“hmlg” in my command).
I even tried to set levels=“h” only, but I always get all findings.
Thanks Bricks; can I use one filter statement eg: filter=“levels=hml apply_overrides=1” or one filter statement per parameter: filter=“levels=hml” filter=“apply_overrides=1” etc… ?
With this command I get a CSV file containing 48 hosts, 48 medium vulnerabilities and 2 high vulnerabilities.
Now If I use GSA, with same filter, and I download the csv file directly from GSA I have a total of 62 medium vulnerabilities and 2 High. So 4 medium vulnerabilities are missing ?!
Please check the applied filter used in the returned xml. I suppose the defaults for rows are applied here again. You could also try to set ignore_pagination="1"
Thanks Bricks, adding ignore_pagination=1 to the xml request seems to work. I need to test it further but on this particular example I get the same results as on GSA.