Question about QoD and the task 'error'

Hello,

When running a task in the GSE with a QoD of 70%, many tasks in our inventory end up as an “error” right after starting the task.

When I lower the QoD, the tasks run normally.

I have now come across the explanation of QoD in the manual, which has left me a bit worried about the trustworthiness of the alert reports output:

QoD QoD is short for Quality of Detection and shows the reliability of the detection of a vulnerability.
The QoD was introduced with GOS 3.1. Results created with earlier versions are assigned a QoD
of 75 % during migration.
By default, only results that were detected by NVTs with a QoD of 70 % or higher are displayed.
The possibility of false positives is thereby lower. The filter can be adjusted to show results with a
lower QoD (see Chapter 8.4.1 (page 176)).

Is there an explanation for this behaviour or might it be a bug? Thanks!

The QoD has nothing to do with the scan itself. It is just a filter on the scan results.

Please add some more details to this thread. Which versions of our software components are you using? What are the exact errors listed in the report?

Hi,

We are using Greenbone Security Assistant at Version 9.0.1~git-f4a4658fb-gsa-9.0 with gvm-libs at v.11.0.1 on Debian 10 Stable.

When the QoD is set to the default value, the report doesn’t contain any data and looks like so:

while in the GSA the task looks like so:

When I lower the QoD, I get actual data back in the PDF report, as well as the “Done” status under Tasks.

Please take a look at the reports view in GSA (not the PDF) and open the errors tab to get further information why the scan failed.

Hi,

The only error that I am seeing there is this - I believe it’s unclickable:

All the best,
Robin

Ok sorry. That is a really bad error message. Could you please take a look at the gvmd.log and openvas.log files more more details about the error? Normally these files are in $INSTALL_PREFIX/var/log. $INSTALL_PREFIX depends on your installation.

The only error blocks that seem suspicious as being an error message are these:

event task:MESSAGE:2020-06-30 22h40.10 UTC:15378: Task Galileo Futurama (2a913705-45a7-49bd-81c7-c00a7d4b9b6b) has been requested to start by admin
md manage:WARNING:2020-06-30 22h40.29 UTC:15386: OSP start_scan fe19085f-3977-4be9-8578-6d41259f6104: Fatal error

I would be happy to attach the full logs, but unfortunately it contains sensitive information.

The error seems to be on the scanner side so you need to look at openvas.log and ospd-openvas.log files.

1 Like

Hello,

I am getting this error under gsad.log https://pastebin.com/NxzBsECb

Furthermore, this is what we have under ospd-openvas.log: https://pastebin.com/nbaiW40a

Is there something else I could help with to debug this?

Hi, check redis and scanner. Can scanner connect to redis? Maybe will help Hint: Redis setup / configuration for GSE/GVM/OpenVAS