When running a task in the GSE with a QoD of 70%, many tasks in our inventory end up as an “error” right after starting the task.
When I lower the QoD, the tasks run normally.
I have now come across the explanation of QoD in the manual, which has left me a bit worried about the trustworthiness of the alert reports output:
QoD QoD is short for Quality of Detection and shows the reliability of the detection of a vulnerability.
The QoD was introduced with GOS 3.1. Results created with earlier versions are assigned a QoD
of 75 % during migration.
By default, only results that were detected by NVTs with a QoD of 70 % or higher are displayed.
The possibility of false positives is thereby lower. The filter can be adjusted to show results with a
lower QoD (see Chapter 8.4.1 (page 176)).
Is there an explanation for this behaviour or might it be a bug? Thanks!
The QoD has nothing to do with the scan itself. It is just a filter on the scan results.
Please add some more details to this thread. Which versions of our software components are you using? What are the exact errors listed in the report?
We are using Greenbone Security Assistant at Version 9.0.1~git-f4a4658fb-gsa-9.0 with gvm-libs at v.11.0.1 on Debian 10 Stable.
When the QoD is set to the default value, the report doesn’t contain any data and looks like so:
while in the GSA the task looks like so:
When I lower the QoD, I get actual data back in the PDF report, as well as the “Done” status under Tasks.
Please take a look at the reports view in GSA (not the PDF) and open the errors tab to get further information why the scan failed.
The only error that I am seeing there is this - I believe it’s unclickable:
All the best,
Ok sorry. That is a really bad error message. Could you please take a look at the
openvas.log files more more details about the error? Normally these files are in
$INSTALL_PREFIX/var/log. $INSTALL_PREFIX depends on your installation.
The only error blocks that seem suspicious as being an error message are these:
event task:MESSAGE:2020-06-30 22h40.10 UTC:15378: Task Galileo Futurama (2a913705-45a7-49bd-81c7-c00a7d4b9b6b) has been requested to start by admin
md manage:WARNING:2020-06-30 22h40.29 UTC:15386: OSP start_scan fe19085f-3977-4be9-8578-6d41259f6104: Fatal error
I would be happy to attach the full logs, but unfortunately it contains sensitive information.
The error seems to be on the scanner side so you need to look at openvas.log and ospd-openvas.log files.
I am getting this error under gsad.log https://pastebin.com/NxzBsECb
Furthermore, this is what we have under ospd-openvas.log: https://pastebin.com/nbaiW40a
Is there something else I could help with to debug this?
Hi, check redis and scanner. Can scanner connect to redis? Maybe will help Hint: Redis setup / configuration for GSE/GVM/OpenVAS
I am having the same error mentioned as no scans are running and it throws FATAL error every time. Is there any solution to this?
I did perform the redis cleanup and restarted it but still no luck
Below are my logs from ospd-openvas.log. There are certainly no logs coming up in openvas.log. Moreover I tried creating a new scanner and starting a scan but that still gives nothing. Not sure what to configure here now to make it work
2020-09-04 04:46:36,838 OSPD - openvas: DEBUG: (ospd.server) New connection from /opt/gvm/var/run/ospd.sock
2020-09-04 04:46:47,597 OSPD - openvas: ERROR: (ospd.ospd) While handling client command:
Traceback (most recent call last):
File “/opt/gvm/bin/ospd-scanner/lib/python3.6/site-packages/ospd/ospd.py”, line 789, in handle_client_stream
File “/opt/gvm/bin/ospd-scanner/lib/python3.6/site-packages/ospd/ospd.py”, line 1674, in handle_command
File “/opt/gvm/bin/ospd-scanner/lib/python3.6/site-packages/ospd/ospd.py”, line 630, in handle_start_scan_command
scan_id, scan_targets, scan_params, vt_selection
File “/opt/gvm/bin/ospd-scanner/lib/python3.6/site-packages/ospd/ospd.py”, line 1743, in create_scan
return self.scan_collection.create_scan(scan_id, targets, options, vts)
File “/opt/gvm/bin/ospd-scanner/lib/python3.6/site-packages/ospd/misc.py”, line 243, in create_scan
scan_info = self.data_manager.dict()
File “/usr/lib/python3.6/multiprocessing/managers.py”, line 662, in temp
token, exp = self._create(typeid, *args, **kwds)
File “/usr/lib/python3.6/multiprocessing/managers.py”, line 554, in _create
conn = self._Client(self._address, authkey=self._authkey)
File “/usr/lib/python3.6/multiprocessing/connection.py”, line 487, in Client
c = SocketClient(address)
File “/usr/lib/python3.6/multiprocessing/connection.py”, line 614, in SocketClient
ConnectionRefusedError: [Errno 111] Connection refused
Can someone share their thoughts on same?