Hi,
I build a new servers which seems okay. The scan results however only contains log (severity 0.0) results. Even a test host -which i know has vulnerabilities- shows up in the known hosts list but only has log results. All feeds are up to date, and the dashboard shows nvt’s wirh all severity cllasses.
without the log messages it’s hard to help. My first guess would be that you just ran an unauthenticated scan instead of an authenticated one or that you used a wrong scan config for your purpose.
Hello Steffen, I too have the exact same issue. When attempting to scan a Windows host (Server 2016) all I get is 0.0 log. I’m sure my creds are correct. I’m wondering if GVM does not like Active Directory in a hybrid model? Thought?
Hi Steffen, Yes, it’s an unauthenticated scan. Still it should show issues like outdated webservers and telnet without default login (as it did before).
Still you are right, I will add logs today.
//Anton
I found logs here - /opt/gvm/var/log/gvm/gsad.log, gvmd.log, openvas.log, and ospd-openvas.log and none of them show any errors… There must be some other log files… I’m attempting an authenticated scan and have double checked my creds.
If you find something in the gvm logs, that would help, of course. What I meant, though, were the messages from the log results that you got from your scan. They might tell you something about what’s wrong.
Just started a new scan, but the logs are not much to go on
gsad.log:gsad gmp:MESSAGE:2021-08-23 14h49.05 GMT:654: Authentication success for 'admin' from 192.168.37.139
gvmd.log:event target:MESSAGE:2021-08-23 14h50.13 UTC:19938: Target Target for immediate scan of IP 192.168.37.5 - 2021-08-23 14:50:13 (af517407-0de9-46e5-a62d-0679a7999cc7) has been created by admin
gvmd.log:event task:MESSAGE:2021-08-23 14h50.13 UTC:19938: Status of task (66c56b7a-fd81-475d-8106-67edd5325e23) has changed to New
gvmd.log:event task:MESSAGE:2021-08-23 14h50.13 UTC:19938: Task Immediate scan of IP 192.168.37.5 (66c56b7a-fd81-475d-8106-67edd5325e23) has been created by admin
gvmd.log:event task:MESSAGE:2021-08-23 14h50.13 UTC:19938: Status of task Immediate scan of IP 192.168.37.5 (66c56b7a-fd81-475d-8106-67edd5325e23) has changed to Requested
gvmd.log:event task:MESSAGE:2021-08-23 14h50.13 UTC:19938: Task Immediate scan of IP 192.168.37.5 (66c56b7a-fd81-475d-8106-67edd5325e23) has been requested to start by admin
gvmd.log:event wizard:MESSAGE:2021-08-23 14h50.13 UTC:19938: Wizard quick_first_scan has been run by admin
gvmd.log:event task:MESSAGE:2021-08-23 14h50.20 UTC:19954: Status of task Immediate scan of IP 192.168.37.5 (66c56b7a-fd81-475d-8106-67edd5325e23) has changed to Running
gvmd.log:event task:MESSAGE:2021-08-23 14h52.10 UTC:19954: Status of task Immediate scan of IP 192.168.37.5 (66c56b7a-fd81-475d-8106-67edd5325e23) has changed to Done
openvas.log:sd main:MESSAGE:2021-08-23 14h50.53 utc:20657: openvas 21.4.1~git-81c6a4e8-HEAD (GIT revision ~git-81c6a4e8-HEAD) started
openvas.log:sd main:MESSAGE:2021-08-23 14h51.08 utc:20657: Vulnerability scan c3956ee2-1bd1-4736-8d2c-3f299dc625d8 started: Target has 1 hosts: 192.168.37.5, with max_hosts = 20 and max_checks = 4
openvas.log:libgvm boreas:MESSAGE:2021-08-23 14h51.08 utc:20657: Alive scan c3956ee2-1bd1-4736-8d2c-3f299dc625d8 started: Target has 1 hosts
openvas.log:sd main:MESSAGE:2021-08-23 14h51.11 utc:20899: Vulnerability scan c3956ee2-1bd1-4736-8d2c-3f299dc625d8 started for host: 192.168.37.5
openvas.log:libgvm boreas:MESSAGE:2021-08-23 14h51.13 utc:20657: Alive scan c3956ee2-1bd1-4736-8d2c-3f299dc625d8 finished in 5 seconds: 1 alive hosts of 1.
openvas.log:sd main:MESSAGE:2021-08-23 14h52.07 utc:20899: Vulnerability scan c3956ee2-1bd1-4736-8d2c-3f299dc625d8 finished for host 192.168.37.5 in 56.60 seconds
openvas.log:sd main:MESSAGE:2021-08-23 14h52.08 utc:20657: Vulnerability scan c3956ee2-1bd1-4736-8d2c-3f299dc625d8 finished in 75 seconds: 1 alive hosts of 1
ospd-openvas.log:OSPD[649] 2021-08-23 16:50:16,108: INFO: (ospd.command.command) Scan c3956ee2-1bd1-4736-8d2c-3f299dc625d8 added to the queue in position 1.
ospd-openvas.log:OSPD[649] 2021-08-23 16:50:16,694: INFO: (ospd.ospd) Currently 1 queued scans.
ospd-openvas.log:OSPD[649] 2021-08-23 16:50:16,811: INFO: (ospd.ospd) Starting scan c3956ee2-1bd1-4736-8d2c-3f299dc625d8.
ospd-openvas.log:OSPD[649] 2021-08-23 16:52:08,436: INFO: (ospd.ospd) c3956ee2-1bd1-4736-8d2c-3f299dc625d8: Host scan finished.
ospd-openvas.log:OSPD[649] 2021-08-23 16:52:08,439: INFO: (ospd.ospd) c3956ee2-1bd1-4736-8d2c-3f299dc625d8: Scan finished.
as for the report:
Vulnerability Severity QoD Host Location Created ▼
IP Name
Hostname Determination Reporting 0.0 (Log) 80 % [192.168.37.5](https://172.24.60.39/host/b55d1d6f-2510-4c1d-8735-510bffa08924) general/tcp Mon, Aug 23, 2021 2:52 PM UTC
CPE Inventory 0.0 (Log) 80 % [192.168.37.5](https://172.24.60.39/host/b55d1d6f-2510-4c1d-8735-510bffa08924) general/CPE-T Mon, Aug 23, 2021 2:52 PM UTC
OS Detection Consolidation and Reporting 0.0 (Log) 80 % [192.168.37.5](https://172.24.60.39/host/b55d1d6f-2510-4c1d-8735-510bffa08924) general/tcp Mon, Aug 23, 2021 2:51 PM UTC
ICMP Timestamp Detection 0.0 (Log) 80 % [192.168.37.5](https://172.24.60.39/host/b55d1d6f-2510-4c1d-8735-510bffa08924) general/icmp Mon, Aug 23, 2021 2:51 PM UTC
Traceroute 0.0 (Log) 80 % [192.168.37.5](https://172.24.60.39/host/b55d1d6f-2510-4c1d-8735-510bffa08924) general/tcp Mon, Aug 23, 2021 2:51 PM UTC
I’m seeing hashing errors…
md manage: INFO:2021-08-23 15h26.03 utc:79446: Updating VTs in database … 75769 new VTs, 0 changed VTs
md manage:WARNING:2021-08-23 15h26.04 utc:79446: update_nvts_from_vts: SHA-256 hash of the VTs in the database (9d9ca17b5b88abecc9ba9f14d48ffdcca73c0f3dc6e3b398d4e39d709f662120) does not match the one from the scanner (68504270bf7be68d007e9e89ca5d6cce70b6d4b897b85e8cfe24001a97528a5a).
md main:WARNING:2021-08-23 15h26.05 utc:79446: update_nvt_cache_retry: rebuild failed
Hi, i got the exact same problem. I installed gvm 21.4 with this documentation ‘’’ Building GVM 21.04 — Greenbone Documentation documentation ‘’’.
nmap is installed and working, feed is up to date and my target host has default login which should result in severity of 10.0.
If i start a scan i only get logs with a severity of 0.0.
The logs dont show any erros in fact everything seems to work just fine.
I would check here on my comment I made before. There is a known when installing on Debian/Ubuntu distros which overlooks nmap on systems and does not enable “Port Scanners” in your “Scan Config”: Scan Severity 0.0 (Log) - #2 by cfi