This is running on CentOS 7 using the atomic repo
rpm -qa |grep openvas
openvas-libraries-9.0.1-2735.el7.art.x86_64
openvas-manager-7.0.2-2737.el7.art.x86_64
openvas-scanner-5.1.1-2736.el7.art.x86_64
openvas-smb-1.0.2-1980.el7.art.x86_64
openvas-9.0.0-2796.el7.art.noarch
openvas-cli-1.4.5-2739.el7.art.x86_64
Scheduled tasks will not complete without intervention. Below is an example task “XYZ” which starts at 23:05. Immediately after the task “has changed to Running”, I see a “has changed to Stop Requested” log entry. Where is this coming from?
In order for me to get the scan to complete I modify the task, remove the schedule then “resume” the task. When the task is complete I modify the task again with the assigned schedule. The scan fails again the next time. Any help with this would be greatly appreciated.
snippet from openvasmd.log
event task:MESSAGE:2018-10-04 23h05.13 EDT:30070: Task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) could not be resumed by admin
event task:MESSAGE:2018-10-04 23h05.14 EDT:30070: Status of task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has changed to Requested
event task:MESSAGE:2018-10-04 23h05.14 EDT:30070: Task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has been requested to start by admin
event task:MESSAGE:2018-10-04 23h05.27 EDT:30072: Status of task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has changed to Running
event task:MESSAGE:2018-10-04 23h05.29 EDT:30074: Status of task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has changed to Stop Requested
event task:MESSAGE:2018-10-04 23h05.29 EDT:30074: Task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has been requested to stop by admin
event task:MESSAGE:2018-10-04 23h05.30 EDT:30072: Status of task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has changed to Stop Requested
event task:MESSAGE:2018-10-04 23h07.06 EDT:30072: Status of task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has changed to Stopped
event alert:MESSAGE:2018-10-04 23h07.06 EDT:30072: The alert Email Stopped for task XYZ was triggered (Event: Task status changed to ‘Stopped’, Condition: Always)
event task:MESSAGE:2018-10-05 07h18.46 EDT:3882: Task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has been modified by admin
event task:MESSAGE:2018-10-05 07h18.57 EDT:3890: Status of task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has changed to Requested
event task:MESSAGE:2018-10-05 07h18.57 EDT:3890: Task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has been resumed by admin
event task:MESSAGE:2018-10-05 07h19.10 EDT:3892: Status of task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has changed to Running
event task:MESSAGE:2018-10-05 08h00.37 EDT:3892: Status of task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has changed to Done
event alert:MESSAGE:2018-10-05 08h00.37 EDT:3892: The alert Email Done for task XYZ was triggered (Event: Task status changed to ‘Done’, Condition: Always)
event task:MESSAGE:2018-10-05 08h13.26 EDT:13851: Task XYZ (4d7f04fd-e581-4ef2-9cad-e4171145c75b) has been modified by admin
./openvas-check-setup --v9
openvas-check-setup 2.3.7
Test completeness and readiness of OpenVAS-9
Please report us any non-detected problems and
help us to improve this check routine:
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem.
Use the parameter --server to skip checks for client tools
like GSD and OpenVAS-CLI.
Step 1: Checking OpenVAS Scanner …
OK: OpenVAS Scanner is present in version 5.1.1.
OK: redis-server is present in version v=3.2.12.
OK: scanner (kb_location setting) is configured properly using the redis-server socket: /tmp/redis.sock
OK: redis-server is running and listening on socket: /tmp/redis.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: NVT collection in /var/lib/openvas/plugins contains 47569 NVTs.
WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).
OK: The NVT cache in /var/cache/openvas contains 47605 files for 47569 NVTs.
Step 2: Checking OpenVAS Manager …
OK: OpenVAS Manager is present in version 7.0.2.
OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
OK: Access rights for the OpenVAS Manager database are correct.
OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.
OK: OpenVAS Manager database is at revision 184.
OK: OpenVAS Manager expects database at revision 184.
OK: Database schema is up to date.
OK: OpenVAS Manager database contains information about 47578 NVTs.
OK: At least one user exists.
OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db.
OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db.
OK: xsltproc found.
Step 3: Checking user configuration …
WARNING: Your password policy is empty.
SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy.
Step 4: Checking Greenbone Security Assistant (GSA) …
OK: Greenbone Security Assistant is present in version 7.0.2.
OK: Your OpenVAS certificate infrastructure passed validation.
Step 5: Checking OpenVAS CLI …
OK: OpenVAS CLI version 1.4.5.
Step 6: Checking Greenbone Security Desktop (GSD) …
SKIP: Skipping check for Greenbone Security Desktop.
Step 7: Checking if OpenVAS services are up and running …
OK: netstat found, extended checks of the OpenVAS services enabled.
OK: OpenVAS Scanner is running and listening on a Unix domain socket.
OK: OpenVAS Manager is running and listening on a Unix domain socket.
OK: Greenbone Security Assistant is listening on port 80, which is the default port.
Step 8: Checking nmap installation …
OK: nmap is present in version 5.51.
Step 10: Checking presence of optional tools …
OK: pdflatex found.
WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work.
SUGGEST: Install required LaTeX packages.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
OK: rpm found, LSC credential package generation for RPM based targets is likely to work.
OK: alien found, LSC credential package generation for DEB based targets is likely to work.
OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
OK: SELinux is disabled.
It seems like your OpenVAS-9 installation is OK.