Scanning with OpenVAS 9 will proceed smoothly up to 98%, but processing takes time from 98% to 100%. It seems that it takes more time to scan more than one server simultaneously.
What kind of processing is done from 98% to 100%? Also, can we shorten this process?
Currently, it takes 20 minutes from 0% to 98%, and 10 minutes takes from 98% to 100%.
The OpenVAS environment is as follows.
· OS: Ubuntu 16.04.5
· OpenVAS Scanner 5.1.3
· OpenVAS Manager 7.0.3
You can use the following command on your command line while the scans are running:
ps auxwww | egrep "[o]penvassd: testing.*\.nasl"
to see the current scan process and the running VT.
An alternative is to set the following in your openvassd.conf (see man openvassd and openvassd -s for more info and the location of the openvassd.conf):
log_whole_attack = yes
After a restart of the scanner (openvassd) you will find an extended log for newly started scans (Including the launched VTs and execution time of each) within your openvassd.messages (OpenVAS/GVM 9 and below) or openvassd.log (GVM 10+).
NOTE: Using log_whole_attack = yes might fill up your storage quite fast so only keep this enabled for debugging purposes.
Hi cfi.
Thanks for the advice.
I changed log_whole_attackw = yes and confirmed the log. As a result, I found that /var/lib/openvas/plugins/2011/host_details.nasl takes time.
Is this nasl usually taken about 10 minutes? Also, would you please let me know if there are any conditions for prolonging processing time?
Hi,
this VT is responsible for transferring all temporary stored information within the transient Redis based knowledge base to the “Host Details” of the scanner/manager. Depending on the amount of collected information this routine might take a good amount of time to complete.
Unfortunately i don’t understand on which topic you’re referring here. Could you please rephrase this question? Thanks.
Hi cfi
Sorry for my late reply.
With your reply, the question was resolved.
Thank you for your response.