English |
OMP: OpenVAS Management Protocol
Version: 4.0
The "management" protocol of the Open Vulnerability Assessment System release 6 (OpenVAS-6).
Contents
- Summary of Data Types
- Summary of Elements
- Summary of Commands
- RNC Preamble
- Data Type Details
- Element Details
- Command Details
1 Summary of Data Types
| actions | A specifier of actions: get, modify, use. |
| base64 | Base64 encoded data. |
| boolean | A true or false value. |
| boolean_atoi | A true or false value, after conversion to an integer. |
| ctime | A date and time, in the C ctime format. |
| type_name | A name of a data type. |
| integer | An integer. |
| iso_time | A date and time, in ISO 8601 format. |
| levels | A string that may include the characters h, m, l, g and d. |
| name | A name. |
| port | A port. |
| user_list | A space separated list of users. |
| oid | An Object Identifier (OID). |
| sort_order | A string describing an order for sorting. |
| status | The success or failure status of a command. |
| task_status | A task run status. |
| task_trend | The trend of results for a task. |
| threat | A threat level. |
| time_unit | A unit of time. |
| uuid | A Universally Unique Identifier (UUID). |
| uuid_or_empty | A Universally Unique Identifier (UUID), or the empty string. |
2 Summary of Elements
| c | A reference to a command. |
| e | A reference to an element. |
| r | A reference to a response. |
| o | An optional pattern item. |
| g | A group of pattern items. |
| any | Pattern item indicating "any number of". |
| pattern | The pattern element of a command or command descendant. |
| command_definition | Definition of a command in OMP describing HELP command. |
| result_notes | Notes on a result. |
| result_overrides | Overrides on a result. |
| result | A result. |
| report | Actually attributes and either base64 or a report. |
3 Summary of Commands
| authenticate | Authenticate with the manager. |
| commands | Run a list of commands. |
| create_agent | Create an agent. |
| create_config | Create a config. |
| create_alert | Create an alert. |
| create_filter | Create a filter. |
| create_lsc_credential | Create an LSC credential. |
| create_note | Create a note. |
| create_override | Create an override. |
| create_port_list | Create a port list. |
| create_port_range | Create a port range. |
| create_report | Create a report. |
| create_report_format | Create a report format. |
| create_schedule | Create a schedule. |
| create_slave | Create a slave. |
| create_target | Create a target. |
| create_task | Create a task. |
| delete_agent | Delete an agent. |
| delete_config | Delete a config. |
| delete_alert | Delete an alert. |
| delete_filter | Delete a filter. |
| delete_lsc_credential | Delete an LSC credential. |
| delete_note | Delete a note. |
| delete_override | Delete an override. |
| delete_report | Delete a report. |
| delete_port_list | Delete a port list. |
| delete_port_range | Delete a port range. |
| delete_report_format | Delete a report format. |
| delete_schedule | Delete a schedule. |
| delete_slave | Delete a slave. |
| delete_target | Delete a target. |
| delete_task | Delete a task. |
| empty_trashcan | Empty the trashcan. |
| get_agents | Get all agents. |
| get_configs | Get all configs. |
| get_dependencies | Get dependencies for all available NVTs. |
| get_alerts | Get all alerts. |
| get_filters | Get all filters. |
| get_info | Get information for items of given type. |
| get_lsc_credentials | Get all LSC credentials. |
| get_notes | Get all notes. |
| get_nvts | Get all NVTs. |
| get_nvt_families | Get a list of all NVT families. |
| get_nvt_feed_checksum | Get checksum for entire NVT collection. |
| get_overrides | Get all overrides. |
| get_port_lists | Get all port lists. |
| get_preferences | Get all preferences. |
| get_reports | Get all reports. |
| get_report_formats | Get all report formats. |
| get_results | Get results. |
| get_schedules | Get all schedules. |
| get_settings | Get all settings. |
| get_slaves | Get all slaves. |
| get_system_reports | Get all system reports. |
| get_target_locators | Get configured target locators. |
| get_targets | Get all targets. |
| get_tasks | Get all tasks. |
| get_version | Get the OpenVAS Manager Protocol version. |
| help | Get the help text. |
| modify_config | Update an existing config. |
| modify_filter | Modify an existing filter. |
| modify_lsc_credential | Modify an existing LSC credential. |
| modify_note | Modify an existing note. |
| modify_override | Modify an existing override. |
| modify_report | Modify an existing report. |
| modify_report_format | Update an existing report format. |
| modify_schedule | Modify an existing schedule. |
| modify_setting | Modify an existing setting. |
| modify_target | Modify an existing target. |
| modify_task | Modify an existing task. |
| pause_task | Pause a running task. |
| restore | Restore a resource. |
| resume_or_start_task | Resume task if stopped, else start task. |
| resume_paused_task | Resume a paused task. |
| resume_stopped_task | Resume a stopped task. |
| run_wizard | Run a wizard. |
| start_task | Manually start an existing task. |
| stop_task | Stop a running task. |
| test_alert | Run an alert. |
| verify_agent | Verify an agent. |
| verify_report_format | Verify a report format. |
4 RNC Preamble
### Preamble
start = command | response
command
= authenticate
| commands
| create_agent
| create_config
| create_alert
| create_filter
| create_lsc_credential
| create_note
| create_override
| create_port_list
| create_port_range
| create_report
| create_report_format
| create_schedule
| create_slave
| create_target
| create_task
| delete_agent
| delete_config
| delete_alert
| delete_filter
| delete_lsc_credential
| delete_note
| delete_override
| delete_report
| delete_port_list
| delete_port_range
| delete_report_format
| delete_schedule
| delete_slave
| delete_target
| delete_task
| empty_trashcan
| get_agents
| get_configs
| get_dependencies
| get_alerts
| get_filters
| get_info
| get_lsc_credentials
| get_notes
| get_nvts
| get_nvt_families
| get_nvt_feed_checksum
| get_overrides
| get_port_lists
| get_preferences
| get_reports
| get_report_formats
| get_results
| get_schedules
| get_settings
| get_slaves
| get_system_reports
| get_target_locators
| get_targets
| get_tasks
| get_version
| help
| modify_config
| modify_filter
| modify_lsc_credential
| modify_note
| modify_override
| modify_report
| modify_report_format
| modify_schedule
| modify_setting
| modify_target
| modify_task
| pause_task
| restore
| resume_or_start_task
| resume_paused_task
| resume_stopped_task
| run_wizard
| start_task
| stop_task
| test_alert
| verify_agent
| verify_report_format
response
= authenticate_response
| commands_response
| create_agent_response
| create_config_response
| create_alert_response
| create_filter_response
| create_lsc_credential_response
| create_note_response
| create_override_response
| create_port_list_response
| create_port_range_response
| create_report_response
| create_report_format_response
| create_schedule_response
| create_slave_response
| create_target_response
| create_task_response
| delete_agent_response
| delete_config_response
| delete_alert_response
| delete_filter_response
| delete_lsc_credential_response
| delete_note_response
| delete_override_response
| delete_report_response
| delete_port_list_response
| delete_port_range_response
| delete_report_format_response
| delete_schedule_response
| delete_slave_response
| delete_target_response
| delete_task_response
| empty_trashcan_response
| get_agents_response
| get_configs_response
| get_dependencies_response
| get_alerts_response
| get_filters_response
| get_info_response
| get_lsc_credentials_response
| get_notes_response
| get_nvts_response
| get_nvt_families_response
| get_nvt_feed_checksum_response
| get_overrides_response
| get_port_lists_response
| get_preferences_response
| get_reports_response
| get_report_formats_response
| get_results_response
| get_schedules_response
| get_settings_response
| get_slaves_response
| get_system_reports_response
| get_target_locators_response
| get_targets_response
| get_tasks_response
| get_version_response
| help_response
| modify_config_response
| modify_filter_response
| modify_lsc_credential_response
| modify_note_response
| modify_override_response
| modify_report_response
| modify_report_format_response
| modify_schedule_response
| modify_setting_response
| modify_target_response
| modify_task_response
| pause_task_response
| restore_response
| resume_or_start_task_response
| resume_paused_task_response
| resume_stopped_task_response
| run_wizard_response
| start_task_response
| stop_task_response
| test_alert_response
| verify_agent_response
| verify_report_format_response
5 Data Type Details
5.1 Data Type actions
In short: A specifier of actions: get, modify, use.
5.1.1 RNC
actions = xsd:token { pattern = "[gmu]{1,3}" }
5.2 Data Type base64
In short: Base64 encoded data.
5.2.1 RNC
base64 = xsd:base64Binary
5.3 Data Type boolean
In short: A true or false value.
Zero is false, anything else is true. As a result, the empty string is considered true.
5.3.1 RNC
boolean = text
5.4 Data Type boolean_atoi
In short: A true or false value, after conversion to an integer.
Zero is false, anything else is true. The value is first converted to an integer, as by the C atoi routine. This means that an empty string is considered false.
5.4.1 RNC
boolean_atoi = text
5.5 Data Type ctime
In short: A date and time, in the C ctime format.
An example string in this format is "Wed Jun 30 21:49:08 1993\n".
5.5.1 RNC
ctime = text
5.6 Data Type type_name
In short: A name of a data type.
5.6.1 RNC
type_name = xsd:Name
5.7 Data Type integer
In short: An integer.
5.7.1 RNC
integer = xsd:integer
5.8 Data Type iso_time
In short: A date and time, in ISO 8601 format.
An example string in this format is "2011-11-08T19:57:06+02:00".
5.8.1 RNC
iso_time = text
5.9 Data Type levels
In short: A string that may include the characters h, m, l, g and d.
5.9.1 RNC
levels = xsd:token { pattern = "h?m?l?g?d?" }
5.10 Data Type name
In short: A name.
Typically this is the name of one of the manager resources, like a task or target.
5.10.1 RNC
name = xsd:string
5.11 Data Type port
In short: A port.
5.11.1 RNC
port = xsd:token { pattern = "[0-9]{1,5}" }
5.12 Data Type user_list
In short: A space separated list of users.
5.12.1 RNC
user_list = text
5.13 Data Type oid
In short: An Object Identifier (OID).
5.13.1 RNC
oid = xsd:token { pattern = "[0-9\.]{1,80}" }
5.14 Data Type sort_order
In short: A string describing an order for sorting.
The string "descending" denotes descending order, anything else means ascending.
5.14.1 RNC
sort_order = text
5.15 Data Type status
In short: The success or failure status of a command.
5.15.1 RNC
status = xsd:token { pattern = "200|201|202|400|401|403|404|409|500|503" }
5.16 Data Type task_status
In short: A task run status.
5.16.1 RNC
task_status = xsd:token { pattern = "Delete Requested|Done|New|Pause Requested|Paused|Requż
ested|Resume Requested|Running|Stop Requested|Stopped|Internal Error" }
5.17 Data Type task_trend
In short: The trend of results for a task.
5.17.1 RNC
task_trend = xsd:token { pattern = "up|down|more|less|same" }
5.18 Data Type threat
In short: A threat level.
5.18.1 RNC
threat = xsd:token { pattern = "High|Medium|Low|Log|Debug" }
5.19 Data Type time_unit
In short: A unit of time.
5.19.1 RNC
time_unit = xsd:token { pattern = "second|minute|hour|day|week|month|year|decade" }
5.20 Data Type uuid
In short: A Universally Unique Identifier (UUID).
5.20.1 RNC
uuid = xsd:token { pattern = "[0-9abcdefABCDEF\-]{1,40}" }
5.21 Data Type uuid_or_empty
In short: A Universally Unique Identifier (UUID), or the empty string.
5.21.1 RNC
uuid_or_empty = xsd:token { pattern = "[0-9abcdefABCDEF\-]{0,40}" }
6 Element Details
6.1 Element c
In short: A reference to a command.
6.1.1 Structure
6.1.2 RNC
c
= element c
{
text
}
6.2 Element e
In short: A reference to an element.
6.2.1 Structure
6.2.2 RNC
e
= element e
{
text
}
6.3 Element r
In short: A reference to a response.
6.3.1 Structure
6.3.2 RNC
r
= element r
{
text
}
6.4 Element o
In short: An optional pattern item.
6.4.1 Structure
6.4.2 RNC
o
= element o
{
( c
| e
| r
| g )
}
6.5 Element g
In short: A group of pattern items.
6.5.1 Structure
6.5.2 RNC
g
= element g
{
c*
& e*
& r*
& o*
& any*
}
6.6 Element any
In short: Pattern item indicating "any number of".
6.6.1 Structure
6.6.2 RNC
any
= element any
{
( c
| e
| r
| g )
}
6.7 Element pattern
In short: The pattern element of a command or command descendant.
It's actually either a 't' element, or the word "text", or "".
6.7.1 Structure
6.7.2 RNC
pattern
= element pattern
{
text
& pattern_attrib*
& c*
& e*
& r*
& o*
& g*
& any*
& pattern_t?
}
pattern_attrib
= element attrib
{
pattern_attrib_name
& pattern_attrib_type
& pattern_attrib_required
}
pattern_attrib_name
= element name
{
type_name
}
pattern_attrib_type
= element type
{
type_name
}
pattern_attrib_required
= element required
{
boolean
}
pattern_t
= element t
{
type_name
}
6.8 Element command_definition
In short: Definition of a command in OMP describing HELP command.
6.8.1 Structure
-
<name>
The name of the command.
-
<summary>
?A summary of the command.
-
<description>
?A description of the command.
-
<p>
*A paragraph.
-
<p>
*
- One of
-
<example>
*
-
<summary>
?
-
<description>
?
-
<request>
Example request.
-
<response>
Response to example request.
-
<summary>
?
-
<name>
6.8.2 RNC
command_definition
= element command_definition
{
command_definition_name
& command_definition_summary?
& command_definition_description?
& ( ( command_definition_pattern
& command_definition_response )
| ( command_definition_type
& command_definition_ele* ) )
& command_definition_example*
}
command_definition_name
= element name
{
type_name
}
command_definition_summary
= element summary
{
text
}
command_definition_description
= element description
{
text
& command_definition_description_p*
}
command_definition_description_p
= element p
{
text
}
command_definition_pattern
= element pattern # type pattern
{
text
& pattern_attrib*
& c*
& e*
& r*
& o*
& g*
& any*
& pattern_t?
}
command_definition_response
= element response # type pattern
{
text
& pattern_attrib*
& c*
& e*
& r*
& o*
& g*
& any*
& pattern_t?
}
command_definition_example
= element example
{
command_definition_example_summary?
& command_definition_example_description?
& command_definition_example_request
& command_definition_example_response
}
command_definition_example_summary
= element summary
{
text
}
command_definition_example_description
= element description
{
text
}
command_definition_example_request
= element request
{
text
}
command_definition_example_response
= element response
{
text
}
command_definition_type
= element type
{
text
}
command_definition_ele
= element ele # type command_definition
{
command_definition_name
& command_definition_summary?
& command_definition_description?
& ( ( command_definition_pattern
& command_definition_response )
| ( command_definition_type
& command_definition_ele* ) )
& command_definition_example*
}
6.9 Element result_notes
In short: Notes on a result.
6.9.1 Structure
6.9.2 RNC
result_notes
= element result_notes
{
result_notes_note*
}
result_notes_note
= element note
{
result_notes_note_nvt
& result_notes_note_text
& result_notes_note_orphan
}
result_notes_note_nvt
= element nvt
{
attribute oid { oid }
& result_notes_note_nvt_name
}
result_notes_note_nvt_name
= element name
{
name
}
result_notes_note_text
= element text
{
text
& attribute excerpt { boolean }
}
result_notes_note_orphan
= element orphan
{
boolean
}
6.10 Element result_overrides
In short: Overrides on a result.
6.10.1 Structure
6.10.2 RNC
result_overrides
= element result_overrides
{
result_overrides_override*
}
result_overrides_override
= element override
{
result_overrides_override_nvt
& result_overrides_override_text
& result_overrides_override_threat
& result_overrides_override_new_threat
& result_overrides_override_orphan
}
result_overrides_override_nvt
= element nvt
{
attribute oid { oid }
& result_overrides_override_nvt_name
}
result_overrides_override_nvt_name
= element name
{
name
}
result_overrides_override_text
= element text
{
text
& attribute excerpt { boolean }
}
result_overrides_override_threat
= element threat
{
threat
}
result_overrides_override_new_threat
= element new_threat
{
threat
}
result_overrides_override_orphan
= element orphan
{
boolean
}
6.11 Element result
In short: A result.
6.11.1 Structure
- @id (uuid)
-
<subnet>
-
<host>
-
<port>
-
<nvt>
NVT to which result applies.
- @oid (oid)
-
<name>
The name of the NVT.
-
<family>
The family the NVT is in.
-
<cvss_base>
CVSS base value associated with the NVT.
-
<risk_factor>
Risk factor associated with the NVT.
-
<cve>
CVE associated with the NVT.
-
<bid>
BID associated with the NVT.
-
<xref>
XREFs associated with the NVT.
-
<threat>
-
<original_threat>
?Threat when overridden.
-
<description>
Description of the result.
-
<delta>
?Delta state.
-
<result>
?(result)Delta result.
-
<diff>
?(text)Comparison between descriptions.
-
<notes>
?
-
<overrides>
?
-
<result>
?
-
<details>
Any details associated with the result.
-
<detail>
*A detail associated with the result.
-
<name>
The name of the detail.
-
<value>
The value of the detail.
-
<name>
-
<detail>
*
-
<detection>
Detection details.
-
<result>
(result)Detection result.
-
<result>
-
<notes>
?
-
<overrides>
?
6.11.2 RNC
result
= element result
{
attribute id { uuid }
& result_subnet
& result_host
& result_port
& result_nvt
& result_threat
& result_original_threat?
& result_description
& result_delta?
& result_details
& result_detection
& result_notes?
& result_overrides?
}
result_subnet
= element subnet
{
text
}
result_host
= element host
{
text
}
result_port
= element port
{
text
}
result_nvt
= element nvt
{
attribute oid { oid }
& result_nvt_name
& result_nvt_family
& result_nvt_cvss_base
& result_nvt_risk_factor
& result_nvt_cve
& result_nvt_bid
& result_nvt_xref
}
result_nvt_name
= element name
{
name
}
result_nvt_family
= element family
{
name
}
result_nvt_cvss_base
= element cvss_base
{
integer
}
result_nvt_risk_factor
= element risk_factor
{
integer
}
result_nvt_cve
= element cve
{
text
}
result_nvt_bid
= element bid
{
text
}
result_nvt_xref
= element xref
{
text
}
result_threat
= element threat
{
threat
}
result_original_threat
= element original_threat
{
threat
}
result_description
= element description
{
text
}
result_delta
= element delta
{
text
& result_delta_result?
& result_delta_diff?
& result_delta_notes?
& result_delta_overrides?
}
result_delta_result
= element result # type result
{
attribute id { uuid }
& result_subnet
& result_host
& result_port
& result_nvt
& result_threat
& result_original_threat?
& result_description
& result_delta?
& result_details
& result_detection
& result_notes?
& result_overrides?
}
result_delta_diff
= element diff # type text
{
}
result_delta_notes
= element notes # type result_notes
{
result_notes_note*
}
result_delta_overrides
= element overrides # type result_overrides
{
result_overrides_override*
}
result_details
= element details
{
result_details_detail*
}
result_details_detail
= element detail
{
result_details_detail_name
& result_details_detail_value
}
result_details_detail_name
= element name
{
text
}
result_details_detail_value
= element value
{
text
}
result_detection
= element detection
{
result_detection_result
}
result_detection_result
= element result # type result
{
attribute id { uuid }
& result_subnet
& result_host
& result_port
& result_nvt
& result_threat
& result_original_threat?
& result_description
& result_delta?
& result_details
& result_detection
& result_notes?
& result_overrides?
}
result_notes
= element notes # type result_notes
{
result_notes_note*
}
result_overrides
= element overrides # type result_overrides
{
result_overrides_override*
}
6.12 Element report
In short: Actually attributes and either base64 or a report.
6.12.1 Structure
- @id (uuid)
- @format_id (uuid)
- @extension (text)
- @content_type (text)
- @type ("scan" or "assets")
-
<report>
- @id (uuid)
- @type ("scan" or "assets")
-
<report_format>
-
<param>
Report format parameter.
-
<name>
Parameter name.
-
<value>
Parameter value.
-
<name>
-
<param>
-
<delta>
?
-
<report>
Second report, for delta reports.
- @id (uuid)
-
<scan_run_status>
Run status of task scan at time of report.
-
<scan_start>
Start time of scan.
-
<scan_end>
End time of scan.
-
<report>
-
The group?
-
<sort>
Result sorting information.
-
<field>
Sort field.
-
<order>
Sort order of field.
-
<order>
-
<field>
-
<filters>
Result filtering information.
- @id (uuid) Filter used if any, else 0.
-
<term>
Filter term.
-
<phrase>
Search phrase.
-
<notes>
Whether notes are included.
-
<overrides>
Whether overrides are included.
-
<apply_overrides>
Whether overrides are applied.
-
<result_hosts_only>
Whether only those hosts that have results are included.
-
<min_cvss_base>
Minimum CVSS base if in effect, else empty string.
-
<autofp>
Whether to trust vendor security updates. 1 full match, 2 partial.
-
<show_closed_cves>
(boolean)Whether to include the Closed CVEs host detail in the report.
-
<filter>
*Level filter.
-
<host>
?
-
<ip>
IP of single host in report (for "delta" and "prognostic").
-
<ip>
-
<delta>
?Delta states.
-
<changed>
Whether changed results are included.
-
<gone>
Whether results that have vanished are included.
-
<new>
Whether new results are included.
-
<same>
Whether results that are equal are included.
-
<changed>
-
<scan_run_status>
Run status of task scan at time of report.
-
<result_count>
Counts of results produced by scan.
-
<full>
Total number of results produced by scan.
-
<filtered>
Number of results after filtering.
-
<debug>
Number of "debug" results (threat level Debug).
-
<full>
Total number of results.
-
<filtered>
Number of results after filtering.
-
<full>
-
<hole>
Number of "hole" results (threat level High).
-
<full>
Total number of results.
-
<filtered>
Number of results after filtering.
-
<full>
-
<info>
Number of "info" results (threat level Low).
-
<full>
Total number of results.
-
<filtered>
Number of results after filtering.
-
<full>
-
<log>
Number of "log" results (threat level Log).
-
<full>
Total number of results.
-
<filtered>
Number of results after filtering.
-
<full>
-
<warning>
Number of "warning" results (threat level Medium).
-
<full>
Total number of results.
-
<filtered>
Number of results after filtering.
-
<full>
-
<full>
-
<host_count>
?Counts of hosts in the results.
-
<full>
Total number of hosts.
-
<filtered>
Number of hosts after filtering.
-
<full>
- <task>
- <ports>
- <results>
- <hosts> ?
-
<host>
*
-
<ip>
IP of the host.
-
<start>
Scan start time for this host.
-
<end>
Scan end time for this host.
-
<detail>
*A detail associated with the host.
-
<name>
The name of the detail.
-
<value>
The value of the detail.
-
<source>
Where the detail comes from.
-
<type>
The type of the detail source.
-
<name>
The name of the detail source.
-
<description>
A description of the detail source.
-
<type>
-
<name>
-
<ip>
-
<scan_start>
Start time of scan.
-
<host_start>
*Start time of a particular host.
-
<host>
-
<host>
-
<host_end>
*End time of a particular host.
-
<host>
-
<host>
-
<scan_end>
End time of scan.
-
<sort>
6.12.2 RNC
report
= element report
{
text # RNC limitation: base64
& attribute id { uuid }
& attribute format_id { uuid }
& attribute extension { text }
& attribute content_type { text }
& attribute type { xsd:token { pattern = "scan|assets" } }?
& report_report
}
report_report
= element report
{
attribute id { uuid }
& attribute type { xsd:token { pattern = "scan|assets" } }?
& report_report_report_format
& report_report_delta?
& ( report_report_sort
& report_report_filters
& report_report_scan_run_status
& report_report_result_count
& report_report_host_count?
& report_report_task
& report_report_ports
& report_report_results
& report_report_hosts?
& report_report_host*
& report_report_scan_start
& report_report_host_start*
& report_report_host_end*
& report_report_scan_end )?
}
report_report_report_format
= element report_format
{
report_report_report_format_param
}
report_report_report_format_param
= element param
{
report_report_report_format_param_name
& report_report_report_format_param_value
}
report_report_report_format_param_name
= element name
{
text
}
report_report_report_format_param_value
= element value
{
text
}
report_report_delta
= element delta
{
report_report_delta_report
}
report_report_delta_report
= element report
{
attribute id { uuid }
& report_report_delta_report_scan_run_status
& report_report_delta_report_scan_start
& report_report_delta_report_scan_end
}
report_report_delta_report_scan_run_status
= element scan_run_status
{
task_status
}
report_report_delta_report_scan_start
= element scan_start
{
iso_time
}
report_report_delta_report_scan_end
= element scan_end
{
iso_time
}
report_report_sort
= element sort
{
report_report_sort_field
}
report_report_sort_field
= element field
{
text
& report_report_sort_field_order
}
report_report_sort_field_order
= element order
{
xsd:token { pattern = "ascending|descending" }
}
report_report_filters
= element filters
{
text # RNC limitation: levels
& attribute id { uuid }?
& report_report_filters_term
& report_report_filters_phrase
& report_report_filters_notes
& report_report_filters_overrides
& report_report_filters_apply_overrides
& report_report_filters_result_hosts_only
& report_report_filters_min_cvss_base
& report_report_filters_autofp
& report_report_filters_show_closed_cves
& report_report_filters_filter*
& report_report_filters_host?
& report_report_filters_delta?
}
report_report_filters_term
= element term
{
text
}
report_report_filters_phrase
= element phrase
{
text
}
report_report_filters_notes
= element notes
{
xsd:token { pattern = "0|1" }
}
report_report_filters_overrides
= element overrides
{
xsd:token { pattern = "0|1" }
}
report_report_filters_apply_overrides
= element apply_overrides
{
xsd:token { pattern = "0|1" }
}
report_report_filters_result_hosts_only
= element result_hosts_only
{
xsd:token { pattern = "0|1" }
}
report_report_filters_min_cvss_base
= element min_cvss_base
{
text
}
report_report_filters_autofp
= element autofp
{
xsd:token { pattern = "0|1|2" }
}
report_report_filters_show_closed_cves
= element show_closed_cves # type boolean
{
}
report_report_filters_filter
= element filter
{
xsd:token { pattern = "High|Medium|Low|Log|Debug" }
}
report_report_filters_host
= element host
{
report_report_filters_host_ip
}
report_report_filters_host_ip
= element ip
{
text
}
report_report_filters_delta
= element delta
{
text
& report_report_filters_delta_changed
& report_report_filters_delta_gone
& report_report_filters_delta_new
& report_report_filters_delta_same
}
report_report_filters_delta_changed
= element changed
{
boolean
}
report_report_filters_delta_gone
= element gone
{
boolean
}
report_report_filters_delta_new
= element new
{
boolean
}
report_report_filters_delta_same
= element same
{
boolean
}
report_report_scan_run_status
= element scan_run_status
{
task_status
}
report_report_result_count
= element result_count
{
text
& report_report_result_count_full
& report_report_result_count_filtered
& report_report_result_count_debug
& report_report_result_count_hole
& report_report_result_count_info
& report_report_result_count_log
& report_report_result_count_warning
}
report_report_result_count_full
= element full
{
integer
}
report_report_result_count_filtered
= element filtered
{
integer
}
report_report_result_count_debug
= element debug
{
report_report_result_count_debug_full
& report_report_result_count_debug_filtered
}
report_report_result_count_debug_full
= element full
{
integer
}
report_report_result_count_debug_filtered
= element filtered
{
integer
}
report_report_result_count_hole
= element hole
{
report_report_result_count_hole_full
& report_report_result_count_hole_filtered
}
report_report_result_count_hole_full
= element full
{
integer
}
report_report_result_count_hole_filtered
= element filtered
{
integer
}
report_report_result_count_info
= element info
{
report_report_result_count_info_full
& report_report_result_count_info_filtered
}
report_report_result_count_info_full
= element full
{
integer
}
report_report_result_count_info_filtered
= element filtered
{
integer
}
report_report_result_count_log
= element log
{
report_report_result_count_log_full
& report_report_result_count_log_filtered
}
report_report_result_count_log_full
= element full
{
integer
}
report_report_result_count_log_filtered
= element filtered
{
integer
}
report_report_result_count_warning
= element warning
{
report_report_result_count_warning_full
& report_report_result_count_warning_filtered
}
report_report_result_count_warning_full
= element full
{
integer
}
report_report_result_count_warning_filtered
= element filtered
{
integer
}
report_report_host_count
= element host_count
{
report_report_host_count_full
& report_report_host_count_filtered
}
report_report_host_count_full
= element full
{
integer
}
report_report_host_count_filtered
= element filtered
{
integer
}
report_report_task
= element task
{
attribute id { uuid }
& report_report_task_name
& report_report_task_target
}
report_report_task_name
= element name
{
name
}
report_report_task_target
= element target
{
attribute id { uuid }
& report_report_task_target_trash
}
report_report_task_target_trash
= element trash
{
boolean
}
report_report_ports
= element ports
{
attribute start { integer }
& attribute max { integer }
& report_report_ports_port*
}
report_report_ports_port
= element port
{
text
& report_report_ports_port_host
& report_report_ports_port_threat
}
report_report_ports_port_host
= element host
{
text
}
report_report_ports_port_threat
= element threat
{
threat
}
report_report_results
= element results
{
attribute start { integer }
& attribute max { integer }
& report_report_results_result*
}
report_report_results_result
= element result # type result
{
attribute id { uuid }
& result_subnet
& result_host
& result_port
& result_nvt
& result_threat
& result_original_threat?
& result_description
& result_delta?
& result_details
& result_detection
& result_notes?
& result_overrides?
}
report_report_hosts
= element hosts
{
attribute start { integer }
& attribute max { integer }
}
report_report_host
= element host
{
report_report_host_ip
& report_report_host_start
& report_report_host_end
& report_report_host_detail*
}
report_report_host_ip
= element ip
{
text
}
report_report_host_start
= element start
{
text
}
report_report_host_end
= element end
{
text
}
report_report_host_detail
= element detail
{
report_report_host_detail_name
& report_report_host_detail_value
& report_report_host_detail_source
}
report_report_host_detail_name
= element name
{
text
}
report_report_host_detail_value
= element value
{
text
}
report_report_host_detail_source
= element source
{
report_report_host_detail_source_type
& report_report_host_detail_source_name
& report_report_host_detail_source_description
}
report_report_host_detail_source_type
= element type
{
text
}
report_report_host_detail_source_name
= element name
{
text
}
report_report_host_detail_source_description
= element description
{
text
}
report_report_scan_start
= element scan_start
{
iso_time
}
report_report_host_start
= element host_start
{
text # RNC limitation: iso_time
& report_report_host_start_host
}
report_report_host_start_host
= element host
{
text
}
report_report_host_end
= element host_end
{
text # RNC limitation: iso_time
& report_report_host_end_host
}
report_report_host_end_host
= element host
{
text
}
report_report_scan_end
= element scan_end
{
iso_time
}
7 Command Details
7.1 Command authenticate
In short: Authenticate with the manager.
The client uses the authenticate command to authenticate with the Manager.
The client normally executes this command at the beginning of each connection. The only commands permitted before authentication are get_version and commands.
7.1.1 Structure
-
Command
-
<credentials>
-
<username>
The login name of the user.
-
<password>
The user's password.
-
<username>
-
<credentials>
-
Response
- @status (status)
- @status_text (text)
-
<role>
("User", "Admin" or "Observer")The user's role.
-
<timezone>
The user's timezone.
7.1.2 RNC
Command
Response
authenticate
= element authenticate
{
authenticate_credentials
}
authenticate_credentials
= element credentials
{
authenticate_credentials_username
& authenticate_credentials_password
}
authenticate_credentials_username
= element username
{
text
}
authenticate_credentials_password
= element password
{
text
}
authenticate_response
= element authenticate_response
{
attribute status { status }
& attribute status_text { text }
& authenticate_response_role
& authenticate_response_timezone
}
authenticate_response_role
= element role # type UserAdminObserver
{
}
authenticate_response_timezone
= element timezone
{
text
}
7.1.3 Example: Authenticate with a good password
Client
Manager
<authenticate>
<credentials>
<username>sally</username>
<password>secret</password>
</credentials>
</authenticate>
<authenticate_response status="200"
status_text="OK">
<role>User</role>
<timezone>UTC</timezone>
</authenticate_response>
7.1.3 Example: Authenticate with a bad password
Client
Manager
<authenticate>
<credentials>
<username>sally</username>
<password>secrte</password>
</credentials>
</authenticate>
<authenticate_response status="400"
status_text="Authentication failed"/>
7.2 Command commands
In short: Run a list of commands.
The client uses the commands command to run a list of commands. The elements are executed as OMP commands in the given sequence. The reply contains the result of each command, in the same order as the given commands.
7.2.1 Structure
-
Command
-
One of*
-
<authenticate>authenticate command.
-
<commands>commands command.
-
<create_agent>create_agent command.
-
<create_alert>create_alert command.
-
<create_config>create_config command.
-
<create_filter>create_filter command.
-
<create_lsc_credential>create_lsc_credential command.
-
<create_note>create_note command.
-
<create_override>create_override command.
-
<create_port_list>create_port_list command.
-
<create_port_range>create_port_range command.
-
<create_report_format>create_report_format command.
-
<create_schedule>create_schedule command.
-
<create_slave>create_slave command.
-
<create_target>create_target command.
-
<create_task>create_task command.
-
<delete_agent>delete_agent command.
-
<delete_alert>delete_alert command.
-
<delete_config>delete_config command.
-
<delete_filter>delete_filter command.
-
<delete_lsc_credential>delete_lsc_credential command.
-
<delete_note>delete_note command.
-
<delete_override>delete_override command.
-
<delete_report>delete_report command.
-
<delete_report_format>delete_report_format command.
-
<delete_port_list>delete_port_list command.
-
<delete_port_range>delete_port_range command.
-
<delete_schedule>delete_schedule command.
-
<delete_slave>delete_slave command.
-
<delete_target>delete_target command.
-
<delete_task>delete_task command.
-
<empty_trashcan>empty_trashcan command.
-
<get_agents>get_agents command.
-
<get_alerts>get_alerts command.
-
<get_configs>get_configs command.
-
<get_dependencies>get_dependencies command.
-
<get_filters>get_filters command.
-
<get_info>get_info command.
-
<get_lsc_credentials>get_lsc_credentials command.
-
<get_notes>get_notes command.
-
<get_nvts>get_nvts command.
-
<get_nvt_families>get_nvt_families command.
-
<get_nvt_feed_checksum>get_nvt_feed_checksum command.
-
<get_overrides>get_overrides command.
-
<get_port_lists>get_port_lists command.
-
<get_preferences>get_preferences command.
-
<get_reports>get_reports command.
-
<get_report_formats>get_report_formats command.
-
<get_results>get_results command.
-
<get_schedules>get_schedules command.
-
<get_settings>get_settings command.
-
<get_slaves>get_slaves command.
-
<get_system_reports>get_system_reports command.
-
<get_target_locators>get_target_locators command.
-
<get_targets>get_targets command.
-
<get_tasks>get_tasks command.
-
<get_version>get_version command.
-
<help>help command.
-
<modify_config>modify_config command.
-
<modify_filter>modify_filter command.
-
<modify_lsc_credential>modify_lsc_credential command.
-
<modify_note>modify_note command.
-
<modify_override>modify_override command.
-
<modify_report>modify_report command.
-
<modify_schedule>modify_schedule command.
-
<modify_setting>modify_setting command.
-
<modify_target>modify_target command.
-
<modify_task>modify_task command.
-
<pause_task>pause_task command.
-
<restore>restore command.
-
<resume_or_start_task>resume_or_start_task command.
-
<resume_paused_task>resume_paused_task command.
-
<resume_stopped_task>resume_stopped_task command.
-
<run_wizard>run_wizard command.
-
<start_task>start_task command.
-
<stop_task>stop_task command.
-
<test_alert>test_alert command.
-
<authenticate>
-
One of*
-
Response
- @status (status)
- @status_text (text)
-
One of*
-
<authenticate_response>Response to authenticate command.
-
<commands_response>Response to commands command.
-
<create_agent_response>Response to create_agent command.
-
<create_alert_response>Response to create_alert command.
-
<create_config_response>Response to create_config command.
-
<create_filter_response>Response to create_filter command.
-
<create_lsc_credential_response>Response to create_lsc_credential command.
-
<create_note_response>Response to create_note command.
-
<create_override_response>Response to create_override command.
-
<create_port_list_response>Response to create_port_list command.
-
<create_port_range_response>Response to create_port_range command.
-
<create_schedule_response>Response to create_schedule command.
-
<create_slave_response>Response to create_slave command.
-
<create_target_response>Response to create_target command.
-
<create_task_response>Response to create_task command.
-
<delete_agent_response>Response to delete_agent command.
-
<delete_alert_response>Response to delete_alert command.
-
<delete_config_response>Response to delete_config command.
-
<delete_filter_response>Response to delete_filter command.
-
<delete_lsc_credential_response>Response to delete_lsc_credential command.
-
<delete_note_response>Response to delete_note command.
-
<delete_override_response>Response to delete_override command.
-
<delete_port_list_response>Response to delete_port_list command.
-
<delete_port_range_response>Response to delete_port_range command.
-
<delete_report_response>Response to delete_report command.
-
<delete_report_format_response>Response to delete_report_format command.
-
<delete_schedule_response>Response to delete_schedule command.
-
<delete_slave_response>Response to delete_slave command.
-
<delete_target_response>Response to delete_target command.
-
<delete_task_response>Response to delete_task command.
-
<empty_trashcan_response>Response to empty_trashcan command.
-
<get_agents_response>Response to get_agents command.
-
<get_alerts_response>Response to get_alerts command.
-
<get_configs_response>Response to get_configs command.
-
<get_dependencies_response>Response to get_dependencies command.
-
<get_info_response>Response to get_info command.
-
<get_lsc_credentials_response>Response to get_lsc_credentials command.
-
<get_filters_response>Response to get_filters command.
-
<get_notes_response>Response to get_notes command.
-
<get_nvts_response>Response to get_nvts command.
-
<get_nvt_families_response>Response to get_nvt_families command.
-
<get_nvt_feed_checksum_response>Response to get_nvt_feed_checksum command.
-
<get_overrides_response>Response to get_overrides command.
-
<get_port_lists_response>Response to get_port_lists command.
-
<get_preferences_response>Response to get_preferences command.
-
<get_reports_response>Response to get_reports command.
-
<get_report_formats_response>Response to get_report_formats command.
-
<get_results_response>Response to get_results command.
-
<get_slaves_response>Response to get_slaves command.
-
<get_schedules_response>Response to get_schedules command.
-
<get_settings_response>Response to get_settings command.
-
<get_system_reports_response>Response to get_system_reports command.
-
<get_target_locators_response>Response to get_target_locators command.
-
<get_targets_response>Response to get_targets command.
-
<get_tasks_response>Response to get_tasks command.
-
<get_version_response>Response to get_version command.
-
<help_response>Response to help command.
-
<modify_config_response>Response to modify_config command.
-
<modify_filter_response>Response to modify_filter command.
-
<modify_lsc_credential_response>Response to modify_lsc_credential command.
-
<modify_note_response>Response to modify_note command.
-
<modify_override_response>Response to modify_override command.
-
<modify_report_response>Response to modify_report command.
-
<modify_schedule_response>Response to modify_schedule command.
-
<modify_setting_response>Response to modify_setting command.
-
<modify_target_response>Response to modify_target command.
-
<modify_task_response>Response to modify_task command.
-
<pause_task_response>Response to pause_task command.
-
<restore_response>Response to restore command.
-
<resume_or_start_task_response>Response to resume_or_start_task command.
-
<resume_paused_task_response>Response to resume_paused_task command.
-
<resume_stopped_task_response>Response to resume_stopped_task command.
-
<run_wizard_response>Response to run_wizard command.
-
<start_task_response>Response to start_task command.
-
<stop_task_response>Response to stop_task command.
-
<test_alert_response>Response to test_alert command.
-
<authenticate_response>
7.2.2 RNC
Command
Response
commands
= element commands
{
( authenticate
| commands
| create_agent
| create_alert
| create_config
| create_filter
| create_lsc_credential
| create_note
| create_override
| create_port_list
| create_port_range
| create_report_format
| create_schedule
| create_slave
| create_target
| create_task
| delete_agent
| delete_alert
| delete_config
| delete_filter
| delete_lsc_credential
| delete_note
| delete_override
| delete_report
| delete_report_format
| delete_port_list
| delete_port_range
| delete_schedule
| delete_slave
| delete_target
| delete_task
| empty_trashcan
| get_agents
| get_alerts
| get_configs
| get_dependencies
| get_filters
| get_info
| get_lsc_credentials
| get_notes
| get_nvts
| get_nvt_families
| get_nvt_feed_checksum
| get_overrides
| get_port_lists
| get_preferences
| get_reports
| get_report_formats
| get_results
| get_schedules
| get_settings
| get_slaves
| get_system_reports
| get_target_locators
| get_targets
| get_tasks
| get_version
| help
| modify_config
| modify_filter
| modify_lsc_credential
| modify_note
| modify_override
| modify_report
| modify_schedule
| modify_setting
| modify_target
| modify_task
| pause_task
| restore
| resume_or_start_task
| resume_paused_task
| resume_stopped_task
| run_wizard
| start_task
| stop_task
| test_alert )*
}
commands_response
= element commands_response
{
attribute status { status }
& attribute status_text { text }
& ( authenticate_response
| commands_response
| create_agent_response
| create_alert_response
| create_config_response
| create_filter_response
| create_lsc_credential_response
| create_note_response
| create_override_response
| create_port_list_response
| create_port_range_response
| create_schedule_response
| create_slave_response
| create_target_response
| create_task_response
| delete_agent_response
| delete_alert_response
| delete_config_response
| delete_filter_response
| delete_lsc_credential_response
| delete_note_response
| delete_override_response
| delete_port_list_response
| delete_port_range_response
| delete_report_response
| delete_report_format_response
| delete_schedule_response
| delete_slave_response
| delete_target_response
| delete_task_response
| empty_trashcan_response
| get_agents_response
| get_alerts_response
| get_configs_response
| get_dependencies_response
| get_info_response
| get_lsc_credentials_response
| get_filters_response
| get_notes_response
| get_nvts_response
| get_nvt_families_response
| get_nvt_feed_checksum_response
| get_overrides_response
| get_port_lists_response
| get_preferences_response
| get_reports_response
| get_report_formats_response
| get_results_response
| get_slaves_response
| get_schedules_response
| get_settings_response
| get_system_reports_response
| get_target_locators_response
| get_targets_response
| get_tasks_response
| get_version_response
| help_response
| modify_config_response
| modify_filter_response
| modify_lsc_credential_response
| modify_note_response
| modify_override_response
| modify_report_response
| modify_schedule_response
| modify_setting_response
| modify_target_response
| modify_task_response
| pause_task_response
| restore_response
| resume_or_start_task_response
| resume_paused_task_response
| resume_stopped_task_response
| run_wizard_response
| start_task_response
| stop_task_response
| test_alert_response )*
}
7.3 Command create_agent
In short: Create an agent.
The client uses the create_agent command to create a new agent.
7.3.1 Structure
-
Command
-
<installer>
A file that installs the agent on a target machine.
-
<signature>
A detached OpenPGP signature of the installer.
-
<signature>
-
<name>
A name for the installer.
-
<comment>
?A comment on the agent.
-
<howto_install>
?A file that describes how to install the agent.
-
<howto_use>
?A file that describes how to use the agent.
-
<installer>
- Response
7.3.2 RNC
Command
Response
create_agent
= element create_agent
{
create_agent_installer
& create_agent_name
& create_agent_comment?
& create_agent_howto_install?
& create_agent_howto_use?
}
create_agent_installer
= element installer
{
text # RNC limitation: base64
& create_agent_installer_signature
}
create_agent_installer_signature
= element signature
{
base64
}
create_agent_name
= element name
{
name
}
create_agent_comment
= element comment
{
text
}
create_agent_howto_install
= element howto_install
{
base64
}
create_agent_howto_use
= element howto_use
{
base64
}
create_agent_response
= element create_agent_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.3.3 Example: Create an agent
Client
Manager
<create_agent>
<installer>
asdf3235saf3kjBVF...
<signature>iEYEABECAAYFA...</signature>
</installer>
<name>SLAD</name>
</create_agent>
<create_agent_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.4 Command create_config
In short: Create a config.
The client uses the create_config command to create a new config.
This command can be called in three ways:
- With a copy element. The new config is a copy of the existing config, with the given name.
- With an embedded get_configs response element. The config is created as defined by the get_configs response element. Name is actually optional in this case. The config is given the name of the config in the get_configs response. If there is already a config with this name, then a number is attached to the name to make it unique.
- With an rcfile element. The config is created as described in the RC file. In this case a name element is required. The new config is given this name.
7.4.1 Structure
-
Command
-
<comment>
?A comment on the config.
-
One of
-
<copy>
The UUID of an existing config.
-
<get_configs_response>Response to get_configs command.
-
<rcfile>
An openvasrc style file that defines the config.
-
<copy>
-
<name>
A name for the config.
-
<comment>
?
- Response
7.4.2 RNC
Command
Response
create_config
= element create_config
{
create_config_comment?
& ( create_config_copy
| get_configs_response
| create_config_rcfile )
& create_config_name
}
create_config_comment
= element comment
{
text
}
create_config_copy
= element copy
{
uuid
}
create_config_rcfile
= element rcfile
{
base64
}
create_config_name
= element name
{
name
}
create_config_response
= element create_config_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.4.3 Example: Copy a config
Client
Manager
<create_config> <copy>daba56c8-73ec-11df-a475-002264764cea</copy> <name>Full</name> </create_config>
<create_config_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.4.3 Example: Create a config from an RC file
Client
Manager
<create_config> <rcfile>asdf3235saf3kjBVF...</rcfile> <name>Full</name> </create_config>
<create_config_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.4.3 Example: Create a config from a GET_CONFIGS response
Client
Manager
<create_config>
<get_configs_response>
<config id="daba56c8-73ec-11df-a475-002264764cea">
<name>Full and fast</name>
...
</config>
</get_configs_response>
</create_config>
<create_config_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.5 Command create_alert
In short: Create an alert.
The client uses the create_alert command to create a new alert.
7.5.1 Structure
-
Command
-
<name>
A name for the alert.
-
<comment>
?A comment on the alert.
-
<condition>
The condition that must be satisfied for the alert to occur.
-
<data>
*Some data that defines the condition.
-
<name>
The name of the condition data.
-
<name>
-
<data>
*
-
<event>
The event that must happen for the alert to occur.
-
<data>
*Some data that defines the event.
-
<name>
The name of the event data.
-
<name>
-
<data>
*
-
<method>
The method by which the user is alerted.
-
<data>
*Some data that defines the method.
-
<name>
The name of the method data.
-
<name>
-
<data>
*
-
<filter>
Filter to apply when executing alert.
- @id (uuid)
-
<name>
- Response
7.5.2 RNC
Command
Response
create_alert
= element create_alert
{
create_alert_name
& create_alert_comment?
& create_alert_condition
& create_alert_event
& create_alert_method
& create_alert_filter
}
create_alert_name
= element name
{
name
}
create_alert_comment
= element comment
{
text
}
create_alert_condition
= element condition
{
text
& create_alert_condition_data*
}
create_alert_condition_data
= element data
{
text
& create_alert_condition_data_name
}
create_alert_condition_data_name
= element name
{
text
}
create_alert_event
= element event
{
text
& create_alert_event_data*
}
create_alert_event_data
= element data
{
text
& create_alert_event_data_name
}
create_alert_event_data_name
= element name
{
text
}
create_alert_method
= element method
{
text
& create_alert_method_data*
}
create_alert_method_data
= element data
{
text
& create_alert_method_data_name
}
create_alert_method_data_name
= element name
{
text
}
create_alert_filter
= element filter
{
attribute id { uuid }
}
create_alert_response
= element create_alert_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.5.3 Example: Create an alert
Client
Manager
<create_alert>
<name>emergency</name>
<condition>
Threat level at least
<data>
High
<name>level</name>
</data>
</condition>
<event>
Task run status changed
<data>
Done
<name>status</name>
</data>
</event>
<method>
Email
<data>
sally@example.org
<name>to_address</name>
</data>
<data>
bob@example.org
<name>from_address</name>
</data>
</method>
</create_alert>
<create_alert_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.6 Command create_filter
In short: Create a filter.
The client uses the create_filter command to create a new filter.
7.6.1 Structure
-
Command
-
<name>
A name for the filter.
-
<make_unique>
Whether to append a unique suffix if the name already exists.
-
<make_unique>
-
<comment>
?A comment on the filter.
-
<copy>
?The UUID of an existing filter.
-
<term>
?Filter term.
-
<type>
?Resource type.
-
<name>
- Response
7.6.2 RNC
Command
Response
create_filter
= element create_filter
{
create_filter_name
& create_filter_comment?
& create_filter_copy?
& create_filter_term?
& create_filter_type?
}
create_filter_name
= element name
{
text # RNC limitation: name
& create_filter_name_make_unique
}
create_filter_name_make_unique
= element make_unique
{
boolean
}
create_filter_comment
= element comment
{
text
}
create_filter_copy
= element copy
{
uuid
}
create_filter_term
= element term
{
text
}
create_filter_type
= element type
{
text
}
create_filter_response
= element create_filter_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.6.3 Example: Create a filter
Client
Manager
<create_filter> <name>Single Targets</name> <comment>Targets with only one host</comment> <term>ips=1 first=1 rows=-2</term> <type>target</type> </create_filter>
<create_filter_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c7"/>
7.7 Command create_lsc_credential
In short: Create an LSC credential.
The client uses the create_lsc_credential command to create a new LSC credential.
If the command includes a key, then the manager creates a key-based credential from the key. If the command includes a password, then the manager creates a password only credential. Otherwise the manager autogenerates a key-based credential.
7.7.1 Structure
-
Command
-
<name>
A name for the LSC credential.
-
<comment>
?A comment on the LSC credential.
-
<key>
?
-
<phrase>
Key passphrase.
-
<private>
Private key.
-
<public>
Public key.
-
<phrase>
-
<login>
The user name of the credential.
-
<password>
?The password for the credential login.
-
<name>
- Response
7.7.2 RNC
Command
Response
create_lsc_credential
= element create_lsc_credential
{
create_lsc_credential_name
& create_lsc_credential_comment?
& create_lsc_credential_key?
& create_lsc_credential_login
& create_lsc_credential_password?
}
create_lsc_credential_name
= element name
{
name
}
create_lsc_credential_comment
= element comment
{
text
}
create_lsc_credential_key
= element key
{
create_lsc_credential_key_phrase
& create_lsc_credential_key_private
& create_lsc_credential_key_public
}
create_lsc_credential_key_phrase
= element phrase
{
text
}
create_lsc_credential_key_private
= element private
{
text
}
create_lsc_credential_key_public
= element public
{
text
}
create_lsc_credential_login
= element login
{
text
}
create_lsc_credential_password
= element password
{
text
}
create_lsc_credential_response
= element create_lsc_credential_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.7.3 Example: Create an LSC credential
Client
Manager
<create_lsc_credential> <name>cluster sally</name> <login>sally</login> <password>secret</password> <comment>Sally's login to the cluster.</comment> </create_lsc_credential>
<create_lsc_credential_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.8 Command create_note
In short: Create a note.
The client uses the create_note command to create a new note.
7.8.1 Structure
-
Command
-
<text>
The text of the note.
-
<nvt>
NVT to which note applies.
- @oid (oid)
-
<active>
?Seconds note will be active. -1 on always, 0 off.
-
<comment>
?A comment on the note.
-
<copy>
?The UUID of an existing note.
-
<hosts>
?A textual list of hosts.
-
<port>
?Port to which note applies.
-
<result>
?Result to which note applies.
- @id (uuid)
-
<task>
?Task to which note applies.
- @id (uuid)
-
<threat>
?Threat level to which note applies.
-
<text>
- Response
7.8.2 RNC
Command
Response
create_note
= element create_note
{
create_note_text
& create_note_nvt
& create_note_active?
& create_note_comment?
& create_note_copy?
& create_note_hosts?
& create_note_port?
& create_note_result?
& create_note_task?
& create_note_threat?
}
create_note_text
= element text
{
text
}
create_note_nvt
= element nvt
{
attribute oid { oid }
}
create_note_active
= element active
{
integer
}
create_note_comment
= element comment
{
text
}
create_note_copy
= element copy
{
uuid
}
create_note_hosts
= element hosts
{
text
}
create_note_port
= element port
{
text
}
create_note_result
= element result
{
attribute id { uuid }
}
create_note_task
= element task
{
attribute id { uuid }
}
create_note_threat
= element threat
{
threat
}
create_note_response
= element create_note_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.8.3 Example: Create a note
Client
Manager
<create_note> <text>This issue should be resolved after the upgrade.</text> <nvt>1.3.6.1.4.1.25623.1.0.10330</nvt> <result>254cd3ef-bbe1-4d58-859d-21b8d0c046c6</result> </create_note>
<create_note_response status="202"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.9 Command create_override
In short: Create an override.
The client uses the create_override command to create a new override.
7.9.1 Structure
-
Command
-
<text>
The text of the override.
-
<nvt>
NVT to which override applies.
- @oid (oid)
-
<active>
?Seconds override will be active. -1 on always, 0 off.
-
<comment>
?A comment on the override.
-
<copy>
?The UUID of an existing override.
-
<hosts>
?A textual list of hosts.
-
<new_threat>
?New threat level for result.
-
<port>
?Port to which override applies.
-
<result>
?Result to which override applies.
- @id (uuid)
-
<task>
?Task to which override applies.
- @id (uuid)
-
<threat>
?Threat level to which override applies.
-
<text>
- Response
7.9.2 RNC
Command
Response
create_override
= element create_override
{
create_override_text
& create_override_nvt
& create_override_active?
& create_override_comment?
& create_override_copy?
& create_override_hosts?
& create_override_new_threat?
& create_override_port?
& create_override_result?
& create_override_task?
& create_override_threat?
}
create_override_text
= element text
{
text
}
create_override_active
= element active
{
integer
}
create_override_nvt
= element nvt
{
attribute oid { oid }
}
create_override_comment
= element comment
{
text
}
create_override_copy
= element copy
{
uuid
}
create_override_hosts
= element hosts
{
text
}
create_override_new_threat
= element new_threat
{
threat
}
create_override_port
= element port
{
text
}
create_override_result
= element result
{
attribute id { uuid }
}
create_override_task
= element task
{
attribute id { uuid }
}
create_override_threat
= element threat
{
threat
}
create_override_response
= element create_override_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.9.3 Example: Create an override
Client
Manager
<create_override> <text>This is actually of little concern.</text> <nvt>1.3.6.1.4.1.25623.1.0.10330</nvt> <new_threat>Low</new_threat> <result>254cd3ef-bbe1-4d58-859d-21b8d0c046c6</result> </create_override>
<create_override_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.10 Command create_port_list
In short: Create a port list.
The client uses the create_port_list command to create a new port list.
The get_port_lists_response element overrides the port_range element.
7.10.1 Structure
-
Command
-
<name>
The name of the port list.
-
<comment>
?A comment on the port list.
-
<port_range>
Comma or newline separated list of ranges.
-
<get_port_lists_response>Response to get_port_lists command.
-
<name>
- Response
7.10.2 RNC
Command
Response
create_port_list
= element create_port_list
{
create_port_list_name
& create_port_list_comment?
& create_port_list_port_range
& get_port_lists_response
}
create_port_list_name
= element name
{
name
}
create_port_list_comment
= element comment
{
text
}
create_port_list_port_range
= element port_range
{
text
}
create_port_list_response
= element create_port_list_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.10.3 Example: Create a port list
Client
Manager
<create_port_list> <name>All TCP</name> <comment>All possible TCP ports</comment> <port_range>T:1-65535</port_range> </create_port_list>
<create_port_list_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.11 Command create_port_range
In short: Create a port range.
The client uses the create_port_range command to create a new port range.
7.11.1 Structure
-
Command
-
<comment>
?A comment on the port range.
-
<port_list>
The port list to which to add the range.
- @id (uuid)
-
<start>
The first port in the range.
-
<end>
The last port in the range.
-
<type>
The type of the ports: TCP, UDP, ....
-
<comment>
?
- Response
7.11.2 RNC
Command
Response
create_port_range
= element create_port_range
{
create_port_range_comment?
& create_port_range_port_list
& create_port_range_start
& create_port_range_end
& create_port_range_type
}
create_port_range_comment
= element comment
{
text
}
create_port_range_port_list
= element port_list
{
attribute id { uuid }
}
create_port_range_start
= element start
{
port
}
create_port_range_end
= element end
{
port
}
create_port_range_type
= element type
{
text
}
create_port_range_response
= element create_port_range_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.11.3 Example: Add a port range to a port list
Client
Manager
<create_port_range> <port_list id="354cd3ef-bbe1-4d58-859d-21b8d0c046c4"/> <start>777</start> <end>779</end> <type>TCP</type> </create_port_range>
<create_port_range_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.12 Command create_report
In short: Create a report.
The client uses the create_report command to import a report.
7.12.1 Structure
- Command
- Response
7.12.2 RNC
Command
Response
create_report
= element create_report
{
create_report_report
& create_report_task
}
create_report_report
= element report # type report
{
text # RNC limitation: base64
& attribute id { uuid }
& attribute format_id { uuid }
& attribute extension { text }
& attribute content_type { text }
& attribute type { xsd:token { pattern = "scan|assets" } }?
& report_report
}
create_report_task
= element task
{
attribute id { uuid }?
& create_report_task_name?
& create_report_task_comment?
}
create_report_task_name
= element name
{
name
}
create_report_task_comment
= element comment
{
text
}
create_report_response
= element create_report_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.12.3 Example: Create a report in a new task
Client
Manager
<create_report>
<get_reports_response>
<report id="a0704abb-2120-489f-959f-251c9f4ffebd">
<name>CPE</name>
<extension>csv</extension>
<content_type>text/csv</content_type>
<summary>Common Product Enumeration CSV table.</summary>
<description>
CPE stands for Common Product Enumeration. It is a
...
</description>
<global>1</global>
<predefined>1</predefined>
<trust>
yes
<time>Thu Dec 2 13:22:26 2010</time>
</trust>
<active>1</active>
</report>
</get_reports_response>
<task>
<name>Imported reports</name>
</task>
</create_report>
<create_report_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.13 Command create_report_format
In short: Create a report format.
The client uses the create_report_format command to create a new report format.
7.13.1 Structure
-
Command
-
<get_report_formats_response>Response to get_report_formats command.
-
<get_report_formats_response>
- Response
7.13.2 RNC
Command
Response
create_report_format
= element create_report_format
{
get_report_formats_response
}
create_report_format_response
= element create_report_format_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.13.3 Example: Create a report format
Client
Manager
<create_report_format>
<get_report_formats_response>
<report_format id="a0704abb-2120-489f-959f-251c9f4ffebd">
<name>CPE</name>
<extension>csv</extension>
<content_type>text/csv</content_type>
<summary>Common Product Enumeration CSV table.</summary>
<description>
CPE stands for Common Product Enumeration. It is a
...
</description>
<global>1</global>
<predefined>1</predefined>
<trust>
yes
<time>Thu Dec 2 13:22:26 2010</time>
</trust>
<active>1</active>
</report_format>
</get_report_formats_response>
</create_report_format>
<create_report_format_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.14 Command create_schedule
In short: Create a schedule.
The client uses the create_schedule command to create a new schedule.
7.14.1 Structure
-
Command
-
<name>
A name for the schedule.
-
<comment>
?A comment on the schedule.
-
<first_time>
The first time the schedule will run.
-
<minute>
-
<hour>
-
<day_of_month>
-
<month>
-
<year>
-
<minute>
-
<duration>
How long the Manager will run the scheduled task for.
-
<unit>
Duration time unit.
-
<unit>
-
<period>
How often the Manager will repeat the scheduled task.
-
<unit>
Period time unit.
-
<unit>
-
<name>
- Response
7.14.2 RNC
Command
Response
create_schedule
= element create_schedule
{
create_schedule_name
& create_schedule_comment?
& create_schedule_first_time
& create_schedule_duration
& create_schedule_period
}
create_schedule_name
= element name
{
name
}
create_schedule_comment
= element comment
{
text
}
create_schedule_first_time
= element first_time
{
create_schedule_first_time_minute
& create_schedule_first_time_hour
& create_schedule_first_time_day_of_month
& create_schedule_first_time_month
& create_schedule_first_time_year
}
create_schedule_first_time_minute
= element minute
{
integer
}
create_schedule_first_time_hour
= element hour
{
integer
}
create_schedule_first_time_day_of_month
= element day_of_month
{
integer
}
create_schedule_first_time_month
= element month
{
integer
}
create_schedule_first_time_year
= element year
{
integer
}
create_schedule_duration
= element duration
{
create_schedule_duration_unit
}
create_schedule_duration_unit
= element unit
{
time_unit
}
create_schedule_period
= element period
{
create_schedule_period_unit
}
create_schedule_period_unit
= element unit
{
time_unit
}
create_schedule_response
= element create_schedule_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.14.3 Example: Create a schedule
Client
Manager
<create_schedule>
<name>Every night</name>
<first_time>
<day_of_month>1</day_of_month>
<hour>0</hour>
<minute>0</minute>
<month>1</month>
<year>2011</year>
</first_time>
<duration>
3
<unit>hour</unit>
</duration>
<period>
1
<unit>day</unit>
</period>
</create_schedule>
<create_schedule_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.15 Command create_slave
In short: Create a slave.
The client uses the create_slave command to create a new slave.
7.15.1 Structure
-
Command
-
<name>
A name for the slave.
-
<comment>
?A comment on the slave.
-
<host>
The host that the slave Manager is running on.
-
<port>
The port that the slave Manager is serving on the host.
-
<login>
Login name on the slave Manager.
-
<password>
Password for login on the slave Manager.
-
<name>
- Response
7.15.2 RNC
Command
Response
create_slave
= element create_slave
{
create_slave_name
& create_slave_comment?
& create_slave_host
& create_slave_port
& create_slave_login
& create_slave_password
}
create_slave_name
= element name
{
name
}
create_slave_comment
= element comment
{
text
}
create_slave_host
= element host
{
text
}
create_slave_port
= element port
{
text
}
create_slave_login
= element login
{
text
}
create_slave_password
= element password
{
text
}
create_slave_response
= element create_slave_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.15.3 Example: Create a slave
Client
Manager
<create_slave> <name>Bangkok</name> <comment>Manager in Bangkok department.</comment> <host>192.0.32.10</host> <login>sally</login> <password>secret</password> </create_slave>
<create_slave_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.16 Command create_target
In short: Create a target.
The client uses the create_target command to create a new target.
If the list of hosts is empty, the command must also include a target locator.
7.16.1 Structure
-
Command
-
<name>
A name for the target.
-
<make_unique>
Whether to append a unique suffix if the name already exists.
-
<make_unique>
-
<comment>
?A comment on the target.
-
<copy>
?The UUID of an existing target.
-
<hosts>
A textual list of hosts, which may be empty.
-
<ssh_lsc_credential>
SSH login credentials for target.
- @id (uuid)
-
<port>
The port the LSCs will use.
-
<smb_lsc_credential>
SMB login credentials for target.
- @id (uuid)
-
<target_locator>
Target locator (for example, for LDAP).
-
<username>
?The login for the target locator.
-
<password>
?The password for the target locator.
-
<username>
?
-
<port_range>
?Port range for the target.
-
<port_list>
?Port list for the target.
- @id (uuid)
-
<name>
- Response
7.16.2 RNC
Command
Response
create_target
= element create_target
{
create_target_name
& create_target_comment?
& create_target_copy?
& create_target_hosts
& create_target_ssh_lsc_credential
& create_target_smb_lsc_credential
& create_target_target_locator
& create_target_port_range?
& create_target_port_list?
}
create_target_name
= element name
{
text # RNC limitation: name
& create_target_name_make_unique
}
create_target_name_make_unique
= element make_unique
{
boolean
}
create_target_comment
= element comment
{
text
}
create_target_copy
= element copy
{
uuid
}
create_target_hosts
= element hosts
{
text
}
create_target_ssh_lsc_credential
= element ssh_lsc_credential
{
attribute id { uuid }
& create_target_ssh_lsc_credential_port
}
create_target_ssh_lsc_credential_port
= element port
{
text
}
create_target_smb_lsc_credential
= element smb_lsc_credential
{
attribute id { uuid }
}
create_target_target_locator
= element target_locator
{
create_target_target_locator_username?
& create_target_target_locator_password?
}
create_target_target_locator_username
= element username
{
text
}
create_target_target_locator_password
= element password
{
text
}
create_target_port_range
= element port_range
{
text
}
create_target_port_list
= element port_list
{
attribute id { uuid }
}
create_target_response
= element create_target_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.16.3 Example: Create a target, giving a host list
Client
Manager
<create_target> <name>All GNU/Linux machines</name> <hosts>192.168.1.0/24</hosts> </create_target>
<create_target_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.17 Command create_task
In short: Create a task.
The client uses the create_task command to create a new task.
If an rcfile is given, then config and target should actually be left out. This form of the command is special support for OpenVAS-Client, and will likely be removed in future versions.
7.17.1 Structure
-
Command
-
<name>
A name for the task.
-
<comment>
?A comment on the task.
-
<config>
The scan configuration used by the task.
- @id (uuid)
-
<target>
The hosts scanned by the task.
- @id (uuid)
-
<alert>
*An alert that applies to the task.
- @id (uuid)
-
<schedule>
?When the task will run.
- @id (uuid)
-
<slave>
?Slave that the task will run on.
- @id (uuid)
-
<observers>
?Users allowed to observe this task.
-
<preferences>
?
-
<preference>
*
-
<scanner_name>
Compact name of preference, from scanner.
-
<value>
-
<scanner_name>
-
<preference>
*
-
<rcfile>
?An openvasrc style file defining the task.
-
<name>
- Response
7.17.2 RNC
Command
Response
create_task
= element create_task
{
create_task_name
& create_task_comment?
& create_task_config
& create_task_target
& create_task_alert*
& create_task_schedule?
& create_task_slave?
& create_task_observers?
& create_task_preferences?
& create_task_rcfile?
}
create_task_name
= element name
{
name
}
create_task_comment
= element comment
{
text
}
create_task_config
= element config
{
attribute id { uuid }
}
create_task_target
= element target
{
attribute id { uuid }
}
create_task_alert
= element alert
{
attribute id { uuid }
}
create_task_schedule
= element schedule
{
attribute id { uuid }
}
create_task_slave
= element slave
{
attribute id { uuid }
}
create_task_observers
= element observers
{
user_list
}
create_task_preferences
= element preferences
{
create_task_preferences_preference*
}
create_task_preferences_preference
= element preference
{
create_task_preferences_preference_scanner_name
& create_task_preferences_preference_value
}
create_task_preferences_preference_scanner_name
= element scanner_name
{
text
}
create_task_preferences_preference_value
= element value
{
text
}
create_task_rcfile
= element rcfile
{
base64
}
create_task_response
= element create_task_response
{
attribute status { status }
& attribute status_text { text }
& attribute id { uuid }
}
7.17.3 Example: Create a task, giving a host list
Client
Manager
<create_task> <name>Scan Webserver</name> <comment>Hourly scan of the webserver</comment> <config id="daba56c8-73ec-11df-a475-002264764cea"/> <target id="b493b7a8-7489-11df-a3ec-002264764cea"/> </create_task>
<create_task_response status="201"
status_text="OK, resource created"
id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"/>
7.18 Command delete_agent
In short: Delete an agent.
The client uses the delete_agent command to delete an existing agent.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.18.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.18.2 RNC
Command
Response
delete_agent
= element delete_agent
{
attribute agent_id { uuid }
& attribute ultimate { boolean }
}
delete_agent_response
= element delete_agent_response
{
attribute status { status }
& attribute status_text { text }
}
7.18.3 Example: Delete an agent
Client
Manager
<delete_agent agent_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_agent_response status="200"
status_text="OK"/>
7.19 Command delete_config
In short: Delete a config.
The client uses the delete_config command to delete an existing config.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.19.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.19.2 RNC
Command
Response
delete_config
= element delete_config
{
attribute config_id { uuid }
& attribute ultimate { boolean }
}
delete_config_response
= element delete_config_response
{
attribute status { status }
& attribute status_text { text }
}
7.19.3 Example: Delete a config
Client
Manager
<delete_config config_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_config_response status="200"
status_text="OK"/>
7.20 Command delete_alert
In short: Delete an alert.
The client uses the delete_alert command to delete an existing alert.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.20.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.20.2 RNC
Command
Response
delete_alert
= element delete_alert
{
attribute alert_id { uuid }
& attribute ultimate { boolean }
}
delete_alert_response
= element delete_alert_response
{
attribute status { status }
& attribute status_text { text }
}
7.20.3 Example: Delete an alert
Client
Manager
<delete_alert alert_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_alert_response status="200"
status_text="OK"/>
7.21 Command delete_filter
In short: Delete a filter.
The client uses the delete_filter command to delete an existing filter.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.21.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.21.2 RNC
Command
Response
delete_filter
= element delete_filter
{
attribute filter_id { uuid }
& attribute ultimate { boolean }
}
delete_filter_response
= element delete_filter_response
{
attribute status { status }
& attribute status_text { text }
}
7.21.3 Example: Delete a filter
Client
Manager
<delete_filter filter_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_filter_response status="200"
status_text="OK"/>
7.22 Command delete_lsc_credential
In short: Delete an LSC credential.
The client uses the delete_lsc_credential command to delete an existing LSC credential.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.22.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.22.2 RNC
Command
Response
delete_lsc_credential
= element delete_lsc_credential
{
attribute lsc_credential_id { uuid }
& attribute ultimate { boolean }
}
delete_lsc_credential_response
= element delete_lsc_credential_response
{
attribute status { status }
& attribute status_text { text }
}
7.22.3 Example: Delete an LSC credential
Client
Manager
<delete_lsc_credential lsc_credential_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_lsc_credential_response status="200"
status_text="OK"/>
7.23 Command delete_note
In short: Delete a note.
The client uses the delete_note command to delete an existing note.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.23.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.23.2 RNC
Command
Response
delete_note
= element delete_note
{
attribute note_id { uuid }
& attribute ultimate { boolean }
}
delete_note_response
= element delete_note_response
{
attribute status { status }
& attribute status_text { text }
}
7.23.3 Example: Delete a note
Client
Manager
<delete_note note_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_note_response status="200"
status_text="OK"/>
7.24 Command delete_override
In short: Delete an override.
The client uses the delete_override command to delete an existing override.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.24.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.24.2 RNC
Command
Response
delete_override
= element delete_override
{
attribute override_id { uuid }
& attribute ultimate { boolean }
}
delete_override_response
= element delete_override_response
{
attribute status { status }
& attribute status_text { text }
}
7.24.3 Example: Delete an override
Client
Manager
<delete_override override_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_override_response status="200"
status_text="OK"/>
7.25 Command delete_report
In short: Delete a report.
The client uses the delete_report command to delete an existing report.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.25.1 Structure
7.25.2 RNC
Command
Response
delete_report
= element delete_report
{
attribute report_id { uuid }
}
delete_report_response
= element delete_report_response
{
attribute status { status }
& attribute status_text { text }
}
7.25.3 Example: Delete a report
Client
Manager
<delete_report report_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_report_response status="200"
status_text="OK"/>
7.26 Command delete_port_list
In short: Delete a port list.
The client uses the delete_port_list command to delete an existing port list.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.26.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.26.2 RNC
Command
Response
delete_port_list
= element delete_port_list
{
attribute port_list_id { uuid }
& attribute ultimate { boolean }
}
delete_port_list_response
= element delete_port_list_response
{
attribute status { status }
& attribute status_text { text }
}
7.26.3 Example: Delete a port list
Client
Manager
<delete_port_list port_list_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_port_list_response status="200"
status_text="OK"/>
7.27 Command delete_port_range
In short: Delete a port range.
The client uses the delete_port_range command to delete an existing port range.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.27.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.27.2 RNC
Command
Response
delete_port_range
= element delete_port_range
{
attribute port_range_id { uuid }
& attribute ultimate { boolean }
}
delete_port_range_response
= element delete_port_range_response
{
attribute status { status }
& attribute status_text { text }
}
7.27.3 Example: Delete a port range
Client
Manager
<delete_port_range port_range_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_port_range_response status="200"
status_text="OK"/>
7.28 Command delete_report_format
In short: Delete a report format.
The client uses the delete_report_format command to delete an existing report format.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.28.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.28.2 RNC
Command
Response
delete_report_format
= element delete_report_format
{
attribute report_format_id { uuid }
& attribute ultimate { boolean }
}
delete_report_format_response
= element delete_report_format_response
{
attribute status { status }
& attribute status_text { text }
}
7.28.3 Example: Delete a report format
Client
Manager
<delete_report_format report_format_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_report_format_response status="200"
status_text="OK"/>
7.29 Command delete_schedule
In short: Delete a schedule.
The client uses the delete_schedule command to delete an existing schedule.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.29.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.29.2 RNC
Command
Response
delete_schedule
= element delete_schedule
{
attribute schedule_id { uuid }
& attribute ultimate { boolean }
}
delete_schedule_response
= element delete_schedule_response
{
attribute status { status }
& attribute status_text { text }
}
7.29.3 Example: Delete a schedule
Client
Manager
<delete_schedule schedule_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_schedule_response status="200"
status_text="OK"/>
7.30 Command delete_slave
In short: Delete a slave.
The client uses the delete_slave command to delete an existing slave.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.30.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.30.2 RNC
Command
Response
delete_slave
= element delete_slave
{
attribute slave_id { uuid }
& attribute ultimate { boolean }
}
delete_slave_response
= element delete_slave_response
{
attribute status { status }
& attribute status_text { text }
}
7.30.3 Example: Delete a slave
Client
Manager
<delete_slave slave_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_slave_response status="200"
status_text="OK"/>
7.31 Command delete_target
In short: Delete a target.
The client uses the delete_target command to delete an existing target.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.31.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.31.2 RNC
Command
Response
delete_target
= element delete_target
{
attribute target_id { uuid }
& attribute ultimate { boolean }
}
delete_target_response
= element delete_target_response
{
attribute status { status }
& attribute status_text { text }
}
7.31.3 Example: Delete a target
Client
Manager
<delete_target target_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_target_response status="200"
status_text="OK"/>
7.32 Command delete_task
In short: Delete a task.
The client uses the delete_task command to delete an existing task, including all reports associated with the task.
Since this is a destructive command, the client is advised to ask for confirmation from the user before sending this command to the Manager.
7.32.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
7.32.2 RNC
Command
Response
delete_task
= element delete_task
{
attribute task_id { uuid }
& attribute ultimate { boolean }
}
delete_task_response
= element delete_task_response
{
attribute status { status }
& attribute status_text { text }
}
7.32.3 Example: Delete a task
Client
Manager
<delete_task task_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<delete_task_response status="200"
status_text="OK"/>
7.33 Command empty_trashcan
In short: Empty the trashcan.
The client uses the empty_trashcan command to empty the trashcan.
7.33.1 Structure
-
Command
- Empty single element.
-
Response
- @status (status)
- @status_text (text)
7.33.2 RNC
Command
Response
empty_trashcan
= element empty_trashcan
{
""
}
empty_trashcan_response
= element empty_trashcan_response
{
attribute status { status }
& attribute status_text { text }
}
7.33.3 Example: Empty the trashcan
Client
Manager
<empty_trashcan/>
<empty_trashcan_response status="200"
status_text="OK"/>
7.34 Command get_agents
In short: Get all agents.
The client uses the get_agents command to get agent information. If the command sent by the client was valid, the manager will reply with a list of agents to the client.
If the request includes a format then the agents in the response include installer elements, otherwise they include package elements.
7.34.1 Structure
-
Command
- @agent_id (uuid) ID of single agent to get.
- @filter (uuid) Filter term to use to filter query.
- @filt_id (uuid) ID of filter to use to filter query.
- @trash (boolean) Whether to get the trashcan agents instead.
- @format ("installer", "howto_install" or "howto_use")
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<agent>
*
- @id (uuid)
-
<name>
The name of the agent.
-
<comment>
The comment on the agent.
-
<creation_time>
Date and time the agent was created.
-
<modification_time>
Date and time the agent was last modified.
-
<in_use>
Whether the agent is in use.
-
One of
-
<installer>
-
<trust>
Whether signature verification succeeded.
-
<time>
When the signature was verified.
-
<time>
-
<trust>
-
<package>
Either the installer or one of the HOWTOs.
-
<filename>
The filename of the package.
-
<filename>
-
<installer>
-
<filters>
- @id (uuid) UUID of filter if any, else 0.
-
<term>
Filter term.
-
<sort>
-
<field>
-
<order>
-
<order>
-
<field>
- <agents>
-
<agent_count>
-
<filtered>
Number of agents after filtering.
-
<page>
Number of agents on current page.
-
<filtered>
7.34.2 RNC
Command
Response
get_agents
= element get_agents
{
attribute agent_id { uuid }?
& attribute filter { uuid }?
& attribute filt_id { uuid }?
& attribute trash { boolean }?
& attribute format { xsd:token { pattern = "installer|howto_install|howto_use" } }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_agents_response
= element get_agents_response
{
attribute status { status }
& attribute status_text { text }
& get_agents_response_agent*
& get_agents_response_filters
& get_agents_response_sort
& get_agents_response_agents
& get_agents_response_agent_count
}
get_agents_response_agent
= element agent
{
attribute id { uuid }
& get_agents_response_agent_name
& get_agents_response_agent_comment
& get_agents_response_agent_creation_time
& get_agents_response_agent_modification_time
& get_agents_response_agent_in_use
& ( get_agents_response_agent_installer
| get_agents_response_agent_package )
}
get_agents_response_agent_name
= element name
{
name
}
get_agents_response_agent_comment
= element comment
{
text
}
get_agents_response_agent_creation_time
= element creation_time
{
iso_time
}
get_agents_response_agent_modification_time
= element modification_time
{
iso_time
}
get_agents_response_agent_in_use
= element in_use
{
boolean
}
get_agents_response_agent_installer
= element installer
{
get_agents_response_agent_installer_trust
}
get_agents_response_agent_installer_trust
= element trust
{
text # RNC limitation: xsd:token { pattern = "yes|no|unknown" }
& get_agents_response_agent_installer_trust_time
}
get_agents_response_agent_installer_trust_time
= element time
{
iso_time
}
get_agents_response_agent_package
= element package
{
text # RNC limitation: base64
& get_agents_response_agent_package_filename
}
get_agents_response_agent_package_filename
= element filename
{
text
}
get_agents_response_filters
= element filters
{
attribute id { uuid }
& get_agents_response_filters_term
}
get_agents_response_filters_term
= element term
{
text
}
get_agents_response_sort
= element sort
{
text
& get_agents_response_sort_field
}
get_agents_response_sort_field
= element field
{
get_agents_response_sort_field_order
}
get_agents_response_sort_field_order
= element order
{
xsd:token { pattern = "ascending|descending" }
}
get_agents_response_agents
= element agents
{
attribute start { }
& attribute max { }
}
get_agents_response_agent_count
= element agent_count
{
get_agents_response_agent_count_filtered
& get_agents_response_agent_count_page
}
get_agents_response_agent_count_filtered
= element filtered
{
integer
}
get_agents_response_agent_count_page
= element page
{
integer
}
7.34.3 Example: Get all agents
Client
Manager
<get_agents/>
<get_agents_response status="200"
status_text="OK">
<agent id="c33864a9-d3fd-44b3-8717-972bfb01dfcf">
<name>Custom Scan Agent</name>
<comment>Custom agent for use on the Web servers.</comment>
<in_use>0</in_use>
<installer>
<trust>
yes
<time>Wed Jun 30 21:49:08 1993</time>
</trust>
</installer>
</agent>
...
</get_agents_response>
7.34.3 Example: Get one agent
Client
Manager
<get_agents agent_id="c33864a9-d3fd-44b3-8717-972bfb01dfcf"/>
<get_agents_response status="200"
status_text="OK">
<agent id="c33864a9-d3fd-44b3-8717-972bfb01dfcf">
<name>Custom Scan Agent</name>
<comment>Custom agent for use on the Web servers.</comment>
<in_use>0</in_use>
<installer>
<trust>
yes
<time>Wed Jun 30 21:49:08 1993</time>
</trust>
</installer>
</agent>
</get_agents_response>
7.34.3 Example: Get one agent, including the installer package
Client
Manager
<get_agents agent_id="c33864a9-d3fd-44b3-8717-972bfb01dfcf"
format="installer"/>
<get_agents_response status="200"
status_text="OK">
<agent id="c33864a9-d3fd-44b3-8717-972bfb01dfcf">
<name>Custom Scan Agent</name>
<comment>Custom agent for use on the Web servers.</comment>
<in_use>0</in_use>
<package format="installer">
CgoKCgoKCgoKCgoKCSAgI...
<filename>agent.deb</filename>
</package>
</agent>
</get_agents_response>
7.35 Command get_configs
In short: Get all configs.
The client uses the get_configs command to get config information. If the command sent by the client was valid, the manager will reply with a list of configs to the client.
7.35.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
-
<config>
*
-
<name>
The name of the config.
-
<comment>
The comment on the config.
-
<family_count>
The number of families selected by the config.
-
<growing>
Whether new families are automatically added to the config.
-
<growing>
-
<nvt_count>
The number of NVTs selected by the config.
-
<growing>
Whether new NVTs are automatically added to the config.
-
<growing>
-
<max_nvt_count>
Total number of NVTs in the families selected by the config.
-
<known_nvt_count>
Total number of known NVTs selected by the config.
-
<in_use>
Whether any tasks are using the config.
-
<writable>
Whether any tasks are using the config, including trashcan tasks.
-
<tasks>
All tasks using the config.
-
<task>
*
- @id (uuid)
-
<name>
The name of the task.
-
<task>
*
-
<families>
?All families selected by the config.
-
<family>
*
-
<name>
The name of the family.
-
<nvt_count>
The number of NVTs selected in the family.
-
<max_nvt_count>
The total number of NVTs in the family.
-
<growing>
Whether new NVTs in the family are automatically added to the selection.
-
<name>
-
<family>
*
-
<preferences>
?Preferences for all NVTs selected by the config.
-
<preference>
*
-
<nvt>
NVT to which preference applies.
- @oid (oid)
-
<name>
The name of the NVT.
-
<name>
The name of the preference.
-
<type>
The type of preference.
-
<value>
The value of the preference.
-
<nvt>
-
<preference>
*
-
<name>
7.35.2 RNC
Command
Response
get_configs
= element get_configs
{
attribute config_id { uuid }?
& attribute actions { actions }?
& attribute trash { boolean }?
& attribute export { boolean }?
& attribute families { boolean }?
& attribute preferences { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_configs_response
= element get_configs_response
{
attribute status { status }
& attribute status_text { text }
& get_configs_response_config*
}
get_configs_response_config
= element config
{
get_configs_response_config_name
& get_configs_response_config_comment
& get_configs_response_config_family_count
& get_configs_response_config_nvt_count
& get_configs_response_config_max_nvt_count
& get_configs_response_config_known_nvt_count
& get_configs_response_config_in_use
& get_configs_response_config_writable
& get_configs_response_config_tasks
& get_configs_response_config_families?
& get_configs_response_config_preferences?
}
get_configs_response_config_name
= element name
{
name
}
get_configs_response_config_comment
= element comment
{
text
}
get_configs_response_config_family_count
= element family_count
{
text # RNC limitation: integer
& get_configs_response_config_family_count_growing
}
get_configs_response_config_family_count_growing
= element growing
{
boolean
}
get_configs_response_config_nvt_count
= element nvt_count
{
text # RNC limitation: integer
& get_configs_response_config_nvt_count_growing
}
get_configs_response_config_nvt_count_growing
= element growing
{
boolean
}
get_configs_response_config_max_nvt_count
= element max_nvt_count
{
integer
}
get_configs_response_config_known_nvt_count
= element known_nvt_count
{
integer
}
get_configs_response_config_in_use
= element in_use
{
boolean
}
get_configs_response_config_writable
= element writable
{
boolean
}
get_configs_response_config_tasks
= element tasks
{
get_configs_response_config_tasks_task*
}
get_configs_response_config_tasks_task
= element task
{
attribute id { uuid }
& get_configs_response_config_tasks_task_name
}
get_configs_response_config_tasks_task_name
= element name
{
name
}
get_configs_response_config_families
= element families
{
get_configs_response_config_families_family*
}
get_configs_response_config_families_family
= element family
{
get_configs_response_config_families_family_name
& get_configs_response_config_families_family_nvt_count
& get_configs_response_config_families_family_max_nvt_count
& get_configs_response_config_families_family_growing
}
get_configs_response_config_families_family_name
= element name
{
name
}
get_configs_response_config_families_family_nvt_count
= element nvt_count
{
integer
}
get_configs_response_config_families_family_max_nvt_count
= element max_nvt_count
{
integer
}
get_configs_response_config_families_family_growing
= element growing
{
boolean
}
get_configs_response_config_preferences
= element preferences
{
get_configs_response_config_preferences_preference*
}
get_configs_response_config_preferences_preference
= element preference
{
get_configs_response_config_preferences_preference_nvt
& get_configs_response_config_preferences_preference_name
& get_configs_response_config_preferences_preference_type
& get_configs_response_config_preferences_preference_value
}
get_configs_response_config_preferences_preference_nvt
= element nvt
{
attribute oid { oid }
& get_configs_response_config_preferences_preference_nvt_name
}
get_configs_response_config_preferences_preference_nvt_name
= element name
{
name
}
get_configs_response_config_preferences_preference_name
= element name
{
name
}
get_configs_response_config_preferences_preference_type
= element type
{
text
}
get_configs_response_config_preferences_preference_value
= element value
{
text
}
7.35.3 Example: Get all configs
Client
Manager
<get_configs/>
<get_configs_response status="200"
status_text="OK">
<config id="daba56c8-73ec-11df-a475-002264764cea">
<name>Full and fast</name>
<comment>
All NVT's; optimized by using previously collected information.
</comment>
<family_count>
4
<growing>1</growing>
</family_count>
<nvt_count>
12
<growing>1</growing>
</nvt_count>
<in_use>1</in_use>
<tasks>
<task id="13bb418a-4220-4575-b35b-ec398bff7417">
<name>Web Servers</name>
</task>
...
</tasks>
</config>
...
</get_configs_response>
7.35.3 Example: Get a single config, including preference and family lists
Client
Manager
<get_configs config_id="daba56c8-73ec-11df-a475-002264764cea"
preferences="1"
families="1"/>
<get_configs_response status="200"
status_text="OK">
<config id="daba56c8-73ec-11df-a475-002264764cea">
<name>Full and fast</name>
<comment>
All NVT's; optimized by using previously collected information.
</comment>
<family_count>
4
<growing>1</growing>
</family_count>
<nvt_count>
12
<growing>1</growing>
</nvt_count>
<in_use>1</in_use>
<tasks>
<task id="13bb418a-4220-4575-b35b-ec398bff7417">
<name>Web Servers</name>
</task>
...
</tasks>
<families>
<family>
<name>Credentials</name>
<nvt_count>8</nvt_count>
<max_nvt_count>8</max_nvt_count>
<growing>1</growing>
</family>
...
</families>
<preferences>
<preference>
<nvt oid="1.3.6.1.4.1.25623.1.0.10330">
<name>Services</name>
</nvt>
<name>Network connection timeout :</name>
<type>entry</type>
<value>5</value>
</preference>
...
</preferences>
</config>
...
</get_configs_response>
7.36 Command get_dependencies
In short: Get dependencies for all available NVTs.
The client uses the get_dependencies command to request the dependencies for one or all NVTs available through this manager.
7.36.1 Structure
-
Command
- @nvt_oid (oid) ID of single NVT for which to get dependencies.
- Response
7.36.2 RNC
Command
Response
get_dependencies
= element get_dependencies
{
attribute nvt_oid { oid }?
}
get_dependencies_response
= element get_dependencies_response
{
attribute status { status }
& attribute status_text { text }
& get_dependencies_response_nvt*
}
get_dependencies_response_nvt
= element nvt
{
attribute oid { oid }
& get_dependencies_response_nvt_name
& get_dependencies_response_nvt_requires
}
get_dependencies_response_nvt_name
= element name
{
name
}
get_dependencies_response_nvt_requires
= element requires
{
get_dependencies_response_nvt_requires_nvt*
}
get_dependencies_response_nvt_requires_nvt
= element nvt
{
attribute oid { oid }
& get_dependencies_response_nvt_requires_nvt_name
}
get_dependencies_response_nvt_requires_nvt_name
= element name
{
name
}
7.36.3 Example: Get dependencies for all NVTs
Client
Manager
<get_dependencies/>
<get_dependencies_response status="200"
status_text="OK">
<nvt oid="1.3.6.1.4.1.25623.1.0.114664">
<name>Dependency Test</name>
<requires>
<nvt oid="1.3.6.1.4.1.25623.1.0.114663">
<name>File Upload Test</name>
</nvt>
</requires>
</nvt>
...
</get_dependencies_response>
7.36.3 Example: Get dependencies for a single NVT
Client
Manager
<get_dependencies nvt_oid="1.3.6.1.4.1.25623.1.0.114664"/>
<get_dependencies_response status="200"
status_text="OK">
<nvt oid="1.3.6.1.4.1.25623.1.0.114664">
<name>Dependency Test</name>
<requires>
<nvt oid="1.3.6.1.4.1.25623.1.0.114663">
<name>File Upload Test</name>
</nvt>
</requires>
</nvt>
</get_dependencies_response>
7.37 Command get_alerts
In short: Get all alerts.
The client uses the get_alerts command to get alert information. If the command sent by the client was valid, the manager will reply with a list of alerts to the client.
7.37.1 Structure
-
Command
- @alert_id (uuid) ID of single alert to get.
- @trash (boolean) Whether to get the trashcan alerts instead.
- @filter (boolean) Whether to get the alerts filters.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<alert>
*
-
<name>
The name of the alert.
-
<comment>
The comment on the alert.
-
<in_use>
Whether any tasks are using the alert.
-
<condition>
The condition that must be satisfied for the alert to occur.
-
<data>
*Some data that defines the condition.
-
<name>
The name of the condition data.
-
<name>
-
<data>
*
-
<event>
The event that must happen for the alert to occur.
-
<data>
*Some data that defines the event.
-
<name>
The name of the event data.
-
<name>
-
<data>
*
-
<method>
The method by which he alert must occur.
-
<data>
*Some data that defines the method.
-
<name>
The name of the method data.
-
<name>
-
<data>
*
-
<filter>
- @id (uuid)
-
<name>
The name of the filter.
-
<trash>
Whether the filter is in the trashcan.
-
<name>
7.37.2 RNC
Command
Response
get_alerts
= element get_alerts
{
attribute alert_id { uuid }?
& attribute trash { boolean }?
& attribute filter { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_alerts_response
= element get_alerts_response
{
attribute status { status }
& attribute status_text { text }
& get_alerts_response_alert*
}
get_alerts_response_alert
= element alert
{
get_alerts_response_alert_name
& get_alerts_response_alert_comment
& get_alerts_response_alert_in_use
& get_alerts_response_alert_condition
& get_alerts_response_alert_event
& get_alerts_response_alert_method
& get_alerts_response_alert_filter
}
get_alerts_response_alert_name
= element name
{
name
}
get_alerts_response_alert_comment
= element comment
{
text
}
get_alerts_response_alert_in_use
= element in_use
{
boolean
}
get_alerts_response_alert_condition
= element condition
{
text
& get_alerts_response_alert_condition_data*
}
get_alerts_response_alert_condition_data
= element data
{
text
& get_alerts_response_alert_condition_data_name
}
get_alerts_response_alert_condition_data_name
= element name
{
text
}
get_alerts_response_alert_event
= element event
{
text
& get_alerts_response_alert_event_data*
}
get_alerts_response_alert_event_data
= element data
{
text
& get_alerts_response_alert_event_data_name
}
get_alerts_response_alert_event_data_name
= element name
{
text
}
get_alerts_response_alert_method
= element method
{
text
& get_alerts_response_alert_method_data*
}
get_alerts_response_alert_method_data
= element data
{
text
& get_alerts_response_alert_method_data_name
}
get_alerts_response_alert_method_data_name
= element name
{
text
}
get_alerts_response_alert_filter
= element filter
{
attribute id { uuid }?
& get_alerts_response_alert_filter_name
& get_alerts_response_alert_filter_trash
}
get_alerts_response_alert_filter_name
= element name
{
name
}
get_alerts_response_alert_filter_trash
= element trash
{
boolean
}
7.37.3 Example: Get the alerts
Client
Manager
<get_alerts/>
<get_alerts_response status="200"
status_text="OK">
<alert id="6181e65d-8ba0-4937-9c44-8f2b10b0def7">
<name>Team alert</name>
<comment/>
<in_use>1</in_use>
<condition>
Threat level at least
<data>
High
<name>level</name>
</data>
</condition>
<event>
Task run status changed
<data>
Done
<name>status</name>
</data>
</event>
<method>
Email
<data>
team@example.org
<name>to_address</name>
</data>
<data>
admin@example.org
<name>from_address</name>
</data>
<data>
0
<name>notice</name>
</data>
</method>
</alert>
...
</get_alerts_response>
7.38 Command get_filters
In short: Get all filters.
The client uses the get_filters command to get filter information.
7.38.1 Structure
-
Command
- @filter_id (uuid) ID of single filter to get.
- @filter (uuid) Filter term to use to filter query.
- @filt_id (uuid) ID of filter to use to filter query.
- @actions (actions) Actions filter for filters of observed tasks.
- @trash (boolean) Whether to get the trashcan filters instead.
- @alerts (boolean) Whether to include list of alerts that use the filter.
-
Response
- @status (status)
- @status_text (text)
-
<filter>
*
-
<name>
The name of the filter.
-
<comment>
The comment on the filter.
-
<term>
The filter term.
-
<type>
Resource type filter applies to. Blank for all..
-
<creation_time>
Date and time the filter was created.
-
<modification_time>
Date and time the filter was last modified.
-
<in_use>
Whether any tasks are using the filter.
-
<writable>
Whether the filter is writable.
-
<alerts>
?All alerts using the filter.
-
<alert>
*
- @id (uuid)
-
<name>
The name of the alert.
-
<alert>
*
-
<name>
-
<filters>
- @id (uuid) UUID of filter if any, else 0.
-
<term>
Filter term.
- @start () First filter.
- @max () Maximum number of filters.
-
<sort>
-
<field>
-
<order>
-
<order>
-
<field>
-
<filters>
- @id (uuid) UUID of filter if any, else 0.
-
<term>
Filter term.
- @start () First filter.
- @max () Maximum number of filters.
-
<filter_count>
-
<filtered>
Number of filters after filtering.
-
<page>
Number of filters on current page.
-
<filtered>
7.38.2 RNC
Command
Response
get_filters
= element get_filters
{
attribute filter_id { uuid }?
& attribute filter { uuid }?
& attribute filt_id { uuid }?
& attribute actions { actions }?
& attribute trash { boolean }?
& attribute alerts { boolean }?
}
get_filters_response
= element get_filters_response
{
attribute status { status }
& attribute status_text { text }
& get_filters_response_filter*
& get_filters_response_filters
& get_filters_response_sort
& get_filters_response_filters
& get_filters_response_filter_count
}
get_filters_response_filter
= element filter
{
get_filters_response_filter_name
& get_filters_response_filter_comment
& get_filters_response_filter_term
& get_filters_response_filter_type
& get_filters_response_filter_creation_time
& get_filters_response_filter_modification_time
& get_filters_response_filter_in_use
& get_filters_response_filter_writable
& get_filters_response_filter_alerts?
}
get_filters_response_filter_name
= element name
{
name
}
get_filters_response_filter_comment
= element comment
{
text
}
get_filters_response_filter_term
= element term
{
text
}
get_filters_response_filter_type
= element type
{
text
}
get_filters_response_filter_creation_time
= element creation_time
{
iso_time
}
get_filters_response_filter_modification_time
= element modification_time
{
iso_time
}
get_filters_response_filter_in_use
= element in_use
{
boolean
}
get_filters_response_filter_writable
= element writable
{
boolean
}
get_filters_response_filter_alerts
= element alerts
{
get_filters_response_filter_alerts_alert*
}
get_filters_response_filter_alerts_alert
= element alert
{
attribute id { uuid }
& get_filters_response_filter_alerts_alert_name
}
get_filters_response_filter_alerts_alert_name
= element name
{
name
}
get_filters_response_filters
= element filters
{
attribute id { uuid }
& get_filters_response_filters_term
}
get_filters_response_filters_term
= element term
{
text
}
get_filters_response_sort
= element sort
{
text
& get_filters_response_sort_field
}
get_filters_response_sort_field
= element field
{
get_filters_response_sort_field_order
}
get_filters_response_sort_field_order
= element order
{
xsd:token { pattern = "ascending|descending" }
}
get_filters_response_filters
= element filters
{
attribute start { }
& attribute max { }
}
get_filters_response_filter_count
= element filter_count
{
get_filters_response_filter_count_filtered
& get_filters_response_filter_count_page
}
get_filters_response_filter_count_filtered
= element filtered
{
integer
}
get_filters_response_filter_count_page
= element page
{
integer
}
7.38.3 Example: Get all filters
Client
Manager
<get_filters/>
<get_filters_response status="200"
status_text="OK">
<filter id="b493b7a8-7489-11df-a3ec-001164764cea">
<name>Single Targets</name>
<comment>Targets with only one host</comment>
<term>ips=1 first=1 rows=-2</term>
<type>target</type>
<in_use>1</in_use>
<writable>1</writable>
<creation_time>Sun Jun 27 08:49:46 2010</creation_time>
<modification_time>Sun Jun 27 08:49:46 2010</modification_time>
</filter>
...
</get_filters_response>
7.38.3 Example: Get single filter, including alerts that use the filter
Client
Manager
<get_filters filter_id="c33864a9-d3fd-44b3-8717-972bfb01dfc0"
tasks="1"/>
<get_filters_response status="200"
status_text="OK">
<filter id="c33864a9-d3fd-44b3-8717-972bfb01dfc0">
<name>Local</name>
<comment>Any item with name containing 'local'.</comment>
<term>name~local first=1 rows=-2</term>
<type/>
<in_use>1</in_use>
<writable>1</writable>
<creation_time>Sun Jun 27 08:49:43 2010</creation_time>
<modification_time>Sun Jun 27 08:49:43 2010</modification_time>
<alerts>
<alert id="13bb418a-4220-4575-b35b-ec398bff7418">
<name>Local Mailer</name>
</alert>
...
</alerts>
</filter>
</get_filters_response>
7.39 Command get_info
In short: Get information for items of given type.
The client uses the get_info command to get information about static data from an external source, like CVE or CPE. If the command sent by the client was valid, the manager will reply with a list of info elements of a given type to the client.
7.39.1 Structure
-
Command
- @type (text) Type must be either CPE, CVE or NVT.
- @name (text) Name or identifier of the requested information.
- @info_id (text) ID of single info to get. Conflicts with name.
- @filter (uuid) Filter term to use to filter query.
- @filt_id (uuid) ID of filter to use to filter query.
- @details (boolean) Whether to include information about references to this information.
-
Response
- @status (status)
- @status_text (text)
-
<info>
*
- @id (integer) A unique number idenitfying this info, if available.
-
<name>
The name of the info.
-
<comment>
The comment on the info.
-
<creation_time>
Date and time the info was created.
-
<modification_time>
Date and time the info was last modified.
-
<update_time>
Date and time the source of the info was read.
-
<cpe>
?A CPE info element.
-
<title>
?The title of the CPE.
-
<max_cvss>
The highest CVSS recorder for this CPE.
-
<cve_refs>
The number CVE of references to this CPE.
-
<status>
The status of this CPE.
-
<deprecated_by>
?NVD id of the deprecating CPE.
-
<cves>
?CVEs referring to this CPE. Only when details were requested.
-
<cve>
?CVE refering to this CPE.
-
<cve>
?
-
<raw_data>
?Source representation of the information. Only when details were requested.
-
<title>
?
-
<cve>
?A CVE info element.
-
<cvss>
?CVSS Base Score.
-
<vector>
?CVSS Access Vector metric.
-
<complexity>
?CVSS Attack Complexity metric.
-
<authentication>
?CVSS Authentication metric.
-
<confidentiality_impact>
?CVSS Confidentiality impact metric.
-
<integrity_impact>
?CVSS Integrety impact metric.
-
<availability_impact>
?CVSS Availability impact metric.
-
<description>
The CVE's description.
-
<products>
Space seperated list of CPEs affected by this.
-
<nvts>
?NVTs addressing this CVE. Only when details were requested.
-
<nvt>
?NVT refering to this CPE.
- @oid (oid)
-
<name>
Name of the NVT.
-
<nvt>
?
-
<raw_data>
?Source representation of the information. Only when details were requested.
-
<cvss>
?
-
<nvt>
?A NVT info element.
- <filters>
-
<sort>
-
<field>
-
<order>
-
<order>
-
<field>
-
<details>
(boolean)Are details included in this response.
-
<info_count>
-
<filtered>
Number of info elements after filtering.
-
<page>
Number of info elements on current page.
-
<filtered>
7.39.2 RNC
Command
Response
get_info
= element get_info
{
attribute type { text }
& attribute name { text }?
& attribute info_id { text }?
& attribute filter { uuid }?
& attribute filt_id { uuid }?
& attribute details { boolean }?
}
get_info_response
= element get_info_response
{
attribute status { status }
& attribute status_text { text }
& get_info_response_info*
& get_info_response_filters
& get_info_response_sort
& get_info_response_details
& get_info_response_info_count
}
get_info_response_info
= element info
{
attribute id { integer }?
& get_info_response_info_name
& get_info_response_info_comment
& get_info_response_info_creation_time
& get_info_response_info_modification_time
& get_info_response_info_update_time
& get_info_response_info_cpe?
& get_info_response_info_cve?
& get_info_response_info_nvt?
}
get_info_response_info_name
= element name
{
name
}
get_info_response_info_comment
= element comment
{
text
}
get_info_response_info_creation_time
= element creation_time
{
iso_time
}
get_info_response_info_modification_time
= element modification_time
{
iso_time
}
get_info_response_info_update_time
= element update_time
{
iso_time
}
get_info_response_info_cpe
= element cpe
{
get_info_response_info_cpe_title?
& get_info_response_info_cpe_max_cvss
& get_info_response_info_cpe_cve_refs
& get_info_response_info_cpe_status
& get_info_response_info_cpe_deprecated_by?
& get_info_response_info_cpe_cves?
& get_info_response_info_cpe_raw_data?
}
get_info_response_info_cpe_title
= element title
{
text
}
get_info_response_info_cpe_max_cvss
= element max_cvss
{
integer
}
get_info_response_info_cpe_cve_refs
= element cve_refs
{
integer
}
get_info_response_info_cpe_status
= element status
{
text
}
get_info_response_info_cpe_deprecated_by
= element deprecated_by
{
integer
}
get_info_response_info_cpe_cves
= element cves
{
get_info_response_info_cpe_cves_cve?
}
get_info_response_info_cpe_cves_cve
= element cve
{
text
}
get_info_response_info_cpe_raw_data
= element raw_data
{
text
}
get_info_response_info_nvt
= element nvt
{
text
}
get_info_response_info_cve
= element cve
{
get_info_response_info_cve_cvss?
& get_info_response_info_cve_vector?
& get_info_response_info_cve_complexity?
& get_info_response_info_cve_authentication?
& get_info_response_info_cve_confidentiality_impact?
& get_info_response_info_cve_integrity_impact?
& get_info_response_info_cve_availability_impact?
& get_info_response_info_cve_description
& get_info_response_info_cve_products
& get_info_response_info_cve_nvts?
& get_info_response_info_cve_raw_data?
}
get_info_response_info_cve_cvss
= element cvss
{
text
}
get_info_response_info_cve_vector
= element vector
{
text
}
get_info_response_info_cve_complexity
= element complexity
{
text
}
get_info_response_info_cve_authentication
= element authentication
{
text
}
get_info_response_info_cve_confidentiality_impact
= element confidentiality_impact
{
text
}
get_info_response_info_cve_integrity_impact
= element integrity_impact
{
text
}
get_info_response_info_cve_availability_impact
= element availability_impact
{
text
}
get_info_response_info_cve_description
= element description
{
text
}
get_info_response_info_cve_products
= element products
{
text
}
get_info_response_info_cve_nvts
= element nvts
{
get_info_response_info_cve_nvts_nvt?
}
get_info_response_info_cve_nvts_nvt
= element nvt
{
attribute oid { oid }?
& get_info_response_info_cve_nvts_nvt_name
}
get_info_response_info_cve_nvts_nvt_name
= element name
{
text
}
get_info_response_info_cve_raw_data
= element raw_data
{
text
}
get_info_response_filters
= element filters
{
attribute id { uuid }
& get_info_response_filters_term
}
get_info_response_filters_term
= element term # type text
{
}
get_info_response_sort
= element sort
{
text
& get_info_response_sort_field
}
get_info_response_sort_field
= element field
{
get_info_response_sort_field_order
}
get_info_response_sort_field_order
= element order
{
xsd:token { pattern = "ascending|descending" }
}
get_info_response_filters
= element filters
{
attribute start { integer }
& attribute max { integer }
}
get_info_response_info_count
= element info_count
{
get_info_response_info_count_filtered
& get_info_response_info_count_page
}
get_info_response_info_count_filtered
= element filtered
{
integer
}
get_info_response_info_count_page
= element page
{
integer
}
get_info_response_details
= element details # type boolean
{
}
7.39.3 Example: Get a info about cpe:/a:gnu:gzip:1.3.3 with all details
Client
Manager
<get_info type="CPE"
name="cpe:/a:gnu:gzip:1.3.3"
details="1"/>
<get_info_response status_text="OK"
status="200">
<info id="28139">
<name>cpe:/a:gnu:gzip:1.3.3</name>
<comment/>
<creation_time>2007-09-14T17:36:49Z</creation_time>
<modification_time>2007-09-14T17:36:49Z</modification_time>
<writable>0</writable>
<in_use>0</in_use>
<update_time>2012-10-26T13:18:00.000+0000</update_time>
<cpe>
<title>GNU Gzip 1.3.3</title>
<max_cvss>10.0</max_cvss>
<cve_refs>5</cve_refs>
<status>DRAFT</status>
<cves>
<cve>
<entry id="CVE-2004-0603">
<vuln:cvss>
<cvss:base_metrics>
<cvss:score>10.0</cvss:score>
</cvss:base_metrics>
</vuln:cvss>
</entry>
</cve>
<cve>
<entry id="CVE-2010-0001">
<vuln:cvss>
<cvss:base_metrics>
<cvss:score>6.8</cvss:score>
</cvss:base_metrics>
</vuln:cvss>
</entry>
</cve>
<cve>
<entry id="CVE-2009-2624">
<vuln:cvss>
<cvss:base_metrics>
<cvss:score>6.8</cvss:score>
</cvss:base_metrics>
</vuln:cvss>
</entry>
</cve>
<cve>
<entry id="CVE-2005-1228">
<vuln:cvss>
<cvss:base_metrics>
<cvss:score>5.0</cvss:score>
</cvss:base_metrics>
</vuln:cvss>
</entry>
</cve>
<cve>
<entry id="CVE-2005-0988">
<vuln:cvss>
<cvss:base_metrics>
<cvss:score>3.7</cvss:score>
</cvss:base_metrics>
</vuln:cvss>
</entry>
</cve>
</cves>
<raw_data>
<cpe-item name="cpe:/a:gnu:gzip:1.3.3">
<title xml:lang="en-US">GNU Gzip 1.3.3</title>
<meta:item-metadata nvd-id="28139"
status="DRAFT"
modification-date="2007-09-14T17:36:49.090Z"/>
</cpe-item>
</raw_data>
</cpe>
</info>
<details>1</details>
<filters id="(null)">
<term/>
</filters>
<sort>
<field>
name
<order>ascending</order>
</field>
</sort>
<info max="-1"
start="1"/>
<info_count>
<filtered>1</filtered>
<page>1</page>
</info_count>
</get_info_response>
7.39.3 Example: Get a info CVE-1999-0010 without details
Client
Manager
<get_info name="CVE-2011-0018"
type="cve"/>
<get_info_response status_text="OK"
status="200">
<info id="CVE-2011-0018">
<name>CVE-2011-0018</name>
<comment/>
<creation_time>2011-01-28T16:00:02Z</creation_time>
<modification_time>2011-02-05T07:01:22Z</modification_time>
<writable>0</writable>
<in_use>0</in_use>
<update_time>2012-10-26T13:18:00.000+0000</update_time>
<cve>
<cvss>9.0</cvss>
<vector>NETWORK</vector>
<complexity>LOW</complexity>
<authentication>SINGLE_INSTANCE</authentication>
<confidentiality_impact>COMPLETE</confidentiality_impact>
<integrity_impact>COMPLETE</integrity_impact>
<availability_impact>COMPLETE</availability_impact>
<description>
The email function in manage_sql.c in ...(truncated for example)
</description>
<products>
cpe:/a:openvas:openvas_manager:1.0.1 ...(truncated for example)
</products>
</cve>
</info>
<filters id="(null)">
<term/>
</filters>
<sort>
<field>
name
<order>ascending</order>
</field>
</sort>
<info max="-1"
start="1"/>
<info_count>
<filtered>1</filtered>
<page>1</page>
</info_count>
</get_info_response>
7.40 Command get_lsc_credentials
In short: Get all LSC credentials.
The client uses the get_lsc_credentials command to get LSC credential information. If the command sent by the client was valid, the manager will reply with a list of LSC credentials to the client.
7.40.1 Structure
-
Command
- @lsc_credential_id (uuid) ID of single LSC credential to get.
- @actions (actions) Actions filter for LSC credentials of observed tasks.
- @trash (boolean) Whether to get the trashcan LSC credentials instead.
- @format ("key", "rpm", "deb" or "exe")
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<lsc_credential>
*
- @id (uuid)
-
<name>
The name of the LSC credential.
-
<login>
The username of the LSC credential.
-
<comment>
The comment on the LSC credential.
-
<in_use>
Whether any targets are using the LSC credential.
-
<type>
The type of the LSC credential.
-
<targets>
All targets using this LSC credential.
-
<target>
*
- @id (uuid)
-
<name>
The name of the target.
-
<target>
*
-
<public_key>
?
-
<package>
?
- @format ("rpm", "deb" or "exe")
7.40.2 RNC
Command
Response
get_lsc_credentials
= element get_lsc_credentials
{
attribute lsc_credential_id { uuid }?
& attribute actions { actions }?
& attribute trash { boolean }?
& attribute format { xsd:token { pattern = "key|rpm|deb|exe" } }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_lsc_credentials_response
= element get_lsc_credentials_response
{
attribute status { status }
& attribute status_text { text }
& get_lsc_credentials_response_lsc_credential*
}
get_lsc_credentials_response_lsc_credential
= element lsc_credential
{
attribute id { uuid }
& get_lsc_credentials_response_lsc_credential_name
& get_lsc_credentials_response_lsc_credential_login
& get_lsc_credentials_response_lsc_credential_comment
& get_lsc_credentials_response_lsc_credential_in_use
& get_lsc_credentials_response_lsc_credential_type
& get_lsc_credentials_response_lsc_credential_targets
& get_lsc_credentials_response_lsc_credential_public_key?
& get_lsc_credentials_response_lsc_credential_package?
}
get_lsc_credentials_response_lsc_credential_name
= element name
{
name
}
get_lsc_credentials_response_lsc_credential_login
= element login
{
name
}
get_lsc_credentials_response_lsc_credential_comment
= element comment
{
text
}
get_lsc_credentials_response_lsc_credential_in_use
= element in_use
{
boolean
}
get_lsc_credentials_response_lsc_credential_type
= element type
{
xsd:token { pattern = "gen|pass" }
}
get_lsc_credentials_response_lsc_credential_targets
= element targets
{
get_lsc_credentials_response_lsc_credential_targets_target*
}
get_lsc_credentials_response_lsc_credential_targets_target
= element target
{
attribute id { uuid }
& get_lsc_credentials_response_lsc_credential_targets_target_name
}
get_lsc_credentials_response_lsc_credential_targets_target_name
= element name
{
name
}
get_lsc_credentials_response_lsc_credential_public_key
= element public_key
{
text
}
get_lsc_credentials_response_lsc_credential_package
= element package
{
base64
& attribute format { xsd:token { pattern = "rpm|deb|exe" } }
}
7.40.3 Example: Get all the LSC credentials
Client
Manager
<get_lsc_credentials/>
<get_lsc_credentials_response status="200"
status_text="OK">
<lsc_credential id="c33864a9-d3fd-44b3-8717-972bfb01dfcf">
<name>sally</name>
<login>sally</login>
<comment/>
<in_use>0</in_use>
<type>gen</type>
<targets/>
</lsc_credential>
<lsc_credential id="8e305b0b-260d-450d-91a8-dadf0b144e15">
<name>bob</name>
<login>bob</login>
<comment>Bob on the web server.</comment>
<in_use>1</in_use>
<type>pass</type>
<targets>
<target id="1f28d970-17ef-4c69-ba8a-13827059f2b9">
<name>Web server</name>
</target>
</targets>
</lsc_credential>
...
</get_lsc_credentials_response>
7.40.3 Example: Get the public key of a single LSC credential
Client
Manager
<get_lsc_credentials lsc_credential_id="8e305b0b-260d-450d-91a8-dadf0b144e15"
format="key"/>
<get_lsc_credentials_response status="200"
status_text="OK">
<lsc_credential id="8e305b0b-260d-450d-91a8-dadf0b144e15">
<name>bob</name>
<login>bob</login>
<comment>Bob on the web server.</comment>
<in_use>1</in_use>
<type>pass</type>
<targets>
<target id="1f28d970-17ef-4c69-ba8a-13827059f2b9">
<name>Web server</name>
</target>
</targets>
<public_key>
ssh-rsa AAAAB3...Z64IcQ== Key generated by OpenVAS Manager
</public_key>
</lsc_credential>
</get_lsc_credentials_response>
7.40.3 Example: Get the Debian package of a single LSC credential
Client
Manager
<get_lsc_credentials lsc_credential_id="8e305b0b-260d-450d-91a8-dadf0b144e15"
format="deb"/>
<get_lsc_credentials_response status="200"
status_text="OK">
<lsc_credential id="8e305b0b-260d-450d-91a8-dadf0b144e15">
<name>bob</name>
<login>bob</login>
<comment>Bob on the web server.</comment>
<in_use>1</in_use>
<type>pass</type>
<targets>
<target id="1f28d970-17ef-4c69-ba8a-13827059f2b9">
<name>Web server</name>
</target>
</targets>
<package format="deb">ITxhcmNoPgpk...DmvF0AKAAACg==</package>
</lsc_credential>
</get_lsc_credentials_response>
7.41 Command get_notes
In short: Get all notes.
The client uses the get_notes command to get note information. If the command sent by the client was valid, the manager will reply with a list of notes to the client.
7.41.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
-
<note>
*
-
<nvt>
- @oid (oid)
-
<name>
-
<text>
The text of the note.
- @excerpt (boolean)
-
<orphan>
Whether the note is an orphan.
-
The group?
-
<creation_time>
-
<modification_time>
-
<hosts>
A textual list of hosts.
-
<port>
Port to which note applies.
-
<threat>
Threat level to which note applies.
-
<task>
Task to which note applies.
- @id (uuid)
-
<active>
Whether the note is active.
-
<end_time>
?End time of the note in case of limit, else empty.
-
<result>
?Result to which note applies.
-
<creation_time>
-
<nvt>
-
<filters>
- @id (uuid) UUID of filter if any, else 0.
-
<term>
Filter term.
-
<sort>
-
<field>
-
<order>
-
<order>
-
<field>
- <notes>
-
<note_count>
-
<filtered>
Number of notes after filtering.
-
<page>
Number of notes on current page.
-
<filtered>
7.41.2 RNC
Command
Response
get_notes
= element get_notes
{
attribute note_id { uuid }?
& attribute filter { uuid }?
& attribute filt_id { uuid }?
& attribute nvt_oid { oid }?
& attribute task_id { uuid }?
& attribute details { boolean }?
& attribute result { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_notes_response
= element get_notes_response
{
attribute status { status }
& attribute status_text { text }
& get_notes_response_note*
& get_notes_response_filters
& get_notes_response_sort
& get_notes_response_notes
& get_notes_response_note_count
}
get_notes_response_filters
= element filters
{
attribute id { uuid }
& get_notes_response_filters_term
}
get_notes_response_filters_term
= element term
{
text
}
get_notes_response_sort
= element sort
{
text
& get_notes_response_sort_field
}
get_notes_response_sort_field
= element field
{
get_notes_response_sort_field_order
}
get_notes_response_sort_field_order
= element order
{
xsd:token { pattern = "ascending|descending" }
}
get_notes_response_notes
= element notes
{
attribute start { }
& attribute max { }
}
get_notes_response_note_count
= element note_count
{
get_notes_response_note_count_filtered
& get_notes_response_note_count_page
}
get_notes_response_note_count_filtered
= element filtered
{
integer
}
get_notes_response_note_count_page
= element page
{
integer
}
get_notes_response_note
= element note
{
get_notes_response_note_nvt
& get_notes_response_note_text
& get_notes_response_note_orphan
& ( get_notes_response_note_creation_time
& get_notes_response_note_modification_time
& get_notes_response_note_hosts
& get_notes_response_note_port
& get_notes_response_note_threat
& get_notes_response_note_task
& get_notes_response_note_active
& get_notes_response_note_end_time?
& get_notes_response_note_result? )?
}
get_notes_response_note_nvt
= element nvt
{
attribute oid { oid }
& get_notes_response_note_nvt_name
}
get_notes_response_note_nvt_name
= element name
{
name
}
get_notes_response_note_text
= element text
{
text
& attribute excerpt { boolean }
}
get_notes_response_note_orphan
= element orphan
{
boolean
}
get_notes_response_note_creation_time
= element creation_time
{
iso_time
}
get_notes_response_note_modification_time
= element modification_time
{
iso_time
}
get_notes_response_note_hosts
= element hosts
{
text
}
get_notes_response_note_port
= element port
{
text
}
get_notes_response_note_threat
= element threat
{
threat
}
get_notes_response_note_task
= element task
{
attribute id { uuid }
}
get_notes_response_note_active
= element active
{
integer
}
get_notes_response_note_end_time
= element end_time
{
text
}
get_notes_response_note_result
= element result
{
attribute id { uuid }
& get_notes_response_note_result_subnet
& get_notes_response_note_result_host
& get_notes_response_note_result_port
& get_notes_response_note_result_nvt
& get_notes_response_note_result_threat
& get_notes_response_note_result_description
}
get_notes_response_note_result_subnet
= element subnet
{
text
}
get_notes_response_note_result_host
= element host
{
text
}
get_notes_response_note_result_port
= element port
{
text
}
get_notes_response_note_result_nvt
= element nvt
{
attribute oid { oid }
& get_notes_response_note_result_nvt_name
& get_notes_response_note_result_nvt_cvss_base
& get_notes_response_note_result_nvt_risk_factor
& get_notes_response_note_result_nvt_cve?
& get_notes_response_note_result_nvt_bid?
}
get_notes_response_note_result_nvt_name
= element name
{
name
}
get_notes_response_note_result_nvt_cvss_base
= element cvss_base
{
text
}
get_notes_response_note_result_nvt_risk_factor
= element risk_factor
{
text
}
get_notes_response_note_result_nvt_cve
= element cve
{
text
}
get_notes_response_note_result_nvt_bid
= element bid
{
integer
}
get_notes_response_note_result_threat
= element threat
{
threat
}
get_notes_response_note_result_description
= element description
{
text
}
7.41.3 Example: Get all notes
Client
Manager
<get_notes/>
<get_notes_response status="200"
status_text="OK">
<note id="b76b81a7-9df8-42df-afff-baa9d4620128">
<nvt oid="1.3.6.1.4.1.25623.1.0.75">
<name>Test NVT: long lines</name>
</nvt>
<text excerpt="0">This is the full text of the note.</text>
<orphan>1</orphan>
<active>1</active>
</note>
...
</get_notes_response>
7.41.3 Example: Get details of a single note
Client
Manager
<get_notes note_id="7f618bbb-4664-419e-9bbf-367d93954cb0"
details="1"
result="1"/>
<get_notes_response status="200"
status_text="OK">
<note id="7f618bbb-4664-419e-9bbf-367d93954cb0">
<nvt oid="1.3.6.1.4.1.25623.1.0.77">
<name>Test NVT: control chars in report result</name>
</nvt>
<creation_time>Sun Jun 27 08:49:46 2010</creation_time>
<modification_time>Sun Jun 27 08:49:46 2010</modification_time>
<text>note fixed to result</text>
<hosts>127.0.0.1</hosts>
<port>general/tcp</port>
<threat>Medium</threat>
<task id="40b236a9-2b0f-4813-b8c7-bc2b98d9d7e4">
<name>test</name>
</task>
<orphan>0</orphan>
<result id="0c95e6b3-1100-4dfd-88f1-4bed1fad29de">
<subnet>127.0.0.1</subnet>
<host>127.0.0.1</host>
<port>general/tcp</port>
<nvt oid="1.3.6.1.4.1.25623.1.0.77">
<name>Test NVT: control chars in report result</name>
<cvss_base/>
<risk_factor/>
<cve/>
<bid/>
</nvt>
<threat>Medium</threat>
<description>Warning with control char between fullstops: . .</description>
</result>
<active>1</active>
<end_time/>
</note>
...
</get_notes_response>
7.42 Command get_nvts
In short: Get all NVTs.
The client uses the get_nvts command to get NVT information.
This command may always include a details flag, a config, a sort order and a sort field. If the command includes a details flag, the manager also consults the timeout, preference_count and preferences flags. The timeout and preferences flags require a config.
The NVT OID, family name and config attributes limit the listing to a single NVT or all NVTs in a particular family and/or config.
If the details flag is present the manager will send full details of the NVT, otherwise it will send just the NVT name and checksum.
With the preferences flag the manager includes in the listing, the values of each listed NVT's preferences for the given config. The timeout flag does the same for the special timeout preference.
If the manager possesses an NVT collection, it will reply with the NVT information. If the manager cannot access a list of available NVTs at that time, it will reply with the 503 response.
7.42.1 Structure
-
Command
- @nvt_oid (oid) Single NVT to get.
- @actions (actions) Actions filter for NVTs of configs observed tasks.
- @details (boolean) Whether to include full details.
- @preferences (boolean) Whether to include preference.
- @preference_count (boolean) Whether to include preference count.
- @timeout (boolean) Whether to include the special timeout preference.
- @config_id (uuid) ID of config to which to limit the NVT listing.
- @family (text) Family to which to limit NVT listing.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<nvt>
- @id (uuid)
-
<name>
The name of the NVT.
-
<checksum>
-
<algorithm>
-
<algorithm>
-
The group?
-
<category>
-
<copyright>
-
<description>
-
<summary>
-
<family>
-
<version>
-
<cvss_base>
-
<risk_factor>
-
<cve_id>
-
<bugtraq_id>
-
<xrefs>
-
<fingerprints>
-
<tags>
-
<preference_count>
?
-
<timeout>
?
-
<preferences>
?
-
<timeout>
-
<preference>
*
-
<nvt>
-
<name>
-
<type>
-
<value>
-
<nvt>
-
<timeout>
-
<category>
7.42.2 RNC
Command
Response
get_nvts
= element get_nvts
{
attribute nvt_oid { oid }
& attribute actions { actions }?
& attribute details { boolean }?
& attribute preferences { boolean }?
& attribute preference_count { boolean }?
& attribute timeout { boolean }?
& attribute config_id { uuid }?
& attribute family { text }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_nvts_response
= element get_nvts_response
{
attribute status { status }
& attribute status_text { text }
& get_nvts_response_nvt
}
get_nvts_response_nvt
= element nvt
{
attribute id { uuid }
& get_nvts_response_nvt_name
& get_nvts_response_nvt_checksum
& ( get_nvts_response_nvt_category
& get_nvts_response_nvt_copyright
& get_nvts_response_nvt_description
& get_nvts_response_nvt_summary
& get_nvts_response_nvt_family
& get_nvts_response_nvt_version
& get_nvts_response_nvt_cvss_base
& get_nvts_response_nvt_risk_factor
& get_nvts_response_nvt_cve_id
& get_nvts_response_nvt_bugtraq_id
& get_nvts_response_nvt_xrefs
& get_nvts_response_nvt_fingerprints
& get_nvts_response_nvt_tags
& get_nvts_response_nvt_preference_count?
& get_nvts_response_nvt_timeout?
& get_nvts_response_nvt_preferences? )?
}
get_nvts_response_nvt_name
= element name
{
name
}
get_nvts_response_nvt_category
= element category
{
text
}
get_nvts_response_nvt_copyright
= element copyright
{
text
}
get_nvts_response_nvt_description
= element description
{
text
}
get_nvts_response_nvt_summary
= element summary
{
text
}
get_nvts_response_nvt_family
= element family
{
text
}
get_nvts_response_nvt_version
= element version
{
text
}
get_nvts_response_nvt_cvss_base
= element cvss_base
{
text
}
get_nvts_response_nvt_risk_factor
= element risk_factor
{
text
}
get_nvts_response_nvt_cve_id
= element cve_id
{
text
}
get_nvts_response_nvt_bugtraq_id
= element bugtraq_id
{
text
}
get_nvts_response_nvt_xrefs
= element xrefs
{
text
}
get_nvts_response_nvt_fingerprints
= element fingerprints
{
text
}
get_nvts_response_nvt_tags
= element tags
{
text
}
get_nvts_response_nvt_preference_count
= element preference_count
{
text
}
get_nvts_response_nvt_timeout
= element timeout
{
text
}
get_nvts_response_nvt_checksum
= element checksum
{
text
& get_nvts_response_nvt_checksum_algorithm
}
get_nvts_response_nvt_checksum_algorithm
= element algorithm
{
text
}
get_nvts_response_nvt_preferences
= element preferences
{
text
& get_nvts_response_nvt_preferences_timeout
& get_nvts_response_nvt_preferences_preference*
}
get_nvts_response_nvt_preferences_timeout
= element timeout
{
text
}
get_nvts_response_nvt_preferences_preference
= element preference
{
get_nvts_response_nvt_preferences_preference_nvt
& get_nvts_response_nvt_preferences_preference_name
& get_nvts_response_nvt_preferences_preference_type
& get_nvts_response_nvt_preferences_preference_value
}
get_nvts_response_nvt_preferences_preference_nvt
= element nvt
{
oid
}
get_nvts_response_nvt_preferences_preference_name
= element name
{
text
}
get_nvts_response_nvt_preferences_preference_type
= element type
{
text
}
get_nvts_response_nvt_preferences_preference_value
= element value
{
text
}
7.42.3 Example: Get full NVT listing
Client
Manager
<get_nvts details="1"
timeout="1"
preference_count="1"
preferences="1"/>
<get_nvts_response status="200"
status_text="OK">
<nvt oid="1.3.6.1.4.1.25623.1.7.13005">
<name>Services</name>
<category>Services</category>
<copyright>GNU GPL v2</copyright>
<description>
This script attempts to detect which service is running on which port.
</description>
<summary>Find what is listening on which port</summary>
<family>Service detection</family>
<version>$Revision: 1852 $</version>
<cvss_base/>
<risk_factor>None</risk_factor>
<cve_id>NOCVE</cve_id>
<bugtraq_id>NOBID</bugtraq_id>
<xrefs>NOXREF</xrefs>
<fingerprints>NOSIGNKEYS</fingerprints>
<tags>NOTAG</tags>
<preference_count>-1</preference_count>
<timeout/>
<checksum>
2397586ea5cd3a69f953836f7be9ef7b
<algorithm>md5</algorithm>
</checksum>
<preferences>
<timeout/>
<preference>
<nvt oid="1.3.6.1.4.1.25623.1.0.10330">
<name>Services</name>
</nvt>
<name>Network connection timeout :</name>
<type>entry</type>
<value>5</value>
</preference>
...
</preferences>
</nvt>
<nvt oid="1.3.6.1.4.1.25623.1.7.13006">
<name>FooBar 21</name>
<category>Services</category>
<copyright>GNU GPL v2</copyright>
<description>
This script detects whether the FooBar 2.1 XSS vulnerability is present.
</description>
...
</nvt>
...
</get_nvts_response>
7.42.3 Example: Get minimal information about one NVT
Client
Manager
<get_nvts nvt_oid="1.3.6.1.4.1.25623.1.0.10330"/>
<get_nvts_response status="200"
status_text="OK">
<nvt oid="1.3.6.1.4.1.25623.1.0.10330">
<name>Services</name>
<checksum>
2397586ea5cd3a69f953836f7be9ef7b
<algorithm>md5</algorithm>
</checksum>
</nvt>
</get_nvts_response>
7.43 Command get_nvt_families
In short: Get a list of all NVT families.
The client uses the get_nvt_families command to get NVT family information. If the command sent by the client was valid, the manager will reply with a list of NVT families to the client.
7.43.1 Structure
-
Command
- @sort_order (sort_order)
-
Response
- @status (status)
- @status_text (text)
-
<families>
-
<family>
*
-
<name>
The name of the family.
-
<max_nvt_count>
The number of NVTs in the family.
-
<name>
-
<family>
*
7.43.2 RNC
Command
Response
get_nvt_families
= element get_nvt_families
{
attribute sort_order { sort_order }?
}
get_nvt_families_response
= element get_nvt_families_response
{
attribute status { status }
& attribute status_text { text }
& get_nvt_families_response_families
}
get_nvt_families_response_families
= element families
{
get_nvt_families_response_families_family*
}
get_nvt_families_response_families_family
= element family
{
get_nvt_families_response_families_family_name
& get_nvt_families_response_families_family_max_nvt_count
}
get_nvt_families_response_families_family_name
= element name
{
name
}
get_nvt_families_response_families_family_max_nvt_count
= element max_nvt_count
{
integer
}
7.43.3 Example: Get the NVT families
Client
Manager
<get_nvt_families/>
<get_nvt_families_response status="200"
status_text="OK">
<families>
<family>
<name>Credentials</name>
<max_nvt_count>8</max_nvt_count>
</family>
<family>
<name>Port scanners</name>
<max_nvt_count>12</max_nvt_count>
</family>
...
</families>
</get_nvt_families_response>
7.44 Command get_nvt_feed_checksum
In short: Get checksum for entire NVT collection.
The client uses the get_nvt_feed_checksum command to request a checksum for the complete NVT collection available through this manager. The client may specify an algorithm to be used for computing this checksum.
If the specified algorithm is not implemented in the manager, then the manager will reply with a response code in the 4xx range.
If the client does not specify a checksum algorithm, the manager is expected to use the MD5 algorithm for computing the checksum.
If the manager possesses such a collection, it will reply with a response code indicating success, and the checksum over all NVT files. If the manager cannot access a list of available NVTs at present, it will reply with the 503 response.
7.44.1 Structure
-
Command
- @algorithm (text)
-
Response
- @status (status)
- @status_text (text)
-
<checksum>
- @algorithm (text)
7.44.2 RNC
Command
Response
get_nvt_feed_checksum
= element get_nvt_feed_checksum
{
attribute algorithm { text }?
}
get_nvt_feed_checksum_response
= element get_nvt_feed_checksum_response
{
attribute status { status }
& attribute status_text { text }
& get_nvt_feed_checksum_response_checksum
}
get_nvt_feed_checksum_response_checksum
= element checksum
{
text # RNC limitation: base64
& attribute algorithm { text }
}
7.44.3 Example: Get the NVT feed checksum
Client
Manager
<get_nvt_feed_checksum/>
<get_nvt_feed_checksum_response status="200"
status_text="OK">
<checksum algorithm="md5">931db829a06b9a440a2ecaeb68c03715</checksum>
</get_nvt_feed_checksum_response>
7.45 Command get_overrides
In short: Get all overrides.
The client uses the get_overrides command to get override information. If the command sent by the client was valid, the manager will reply with a list of overrides to the client.
7.45.1 Structure
- Command
-
Response
- @status (status)
- @status_text (text)
-
<override>
*
-
<nvt>
- @oid (oid)
-
<name>
-
<text>
The text of the override.
- @excerpt (boolean)
-
<threat>
Threat level to which override applies.
-
<new_threat>
New threat for result.
-
<orphan>
Whether the override is an orphan.
-
The group?
-
<creation_time>
-
<modification_time>
-
<hosts>
A textual list of hosts.
-
<port>
Port to which override applies.
-
<task>
Task to which override applies.
- @id (uuid)
-
<active>
Whether the override is active.
-
<end_time>
?Override end time in case of limit, else empty.
-
<result>
?Result to which override applies.
-
<creation_time>
-
<nvt>
-
<filters>
- @id (uuid) UUID of filter if any, else 0.
-
<term>
Filter term.
-
<sort>
-
<field>
-
<order>
-
<order>
-
<field>
- <overrides>
-
<override_count>
-
<filtered>
Number of overrides after filtering.
-
<page>
Number of overrides on current page.
-
<filtered>
7.45.2 RNC
Command
Response
get_overrides
= element get_overrides
{
attribute override_id { uuid }?
& attribute filter { uuid }?
& attribute filt_id { uuid }?
& attribute nvt_oid { oid }?
& attribute task_id { uuid }?
& attribute details { boolean }?
& attribute result { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_overrides_response
= element get_overrides_response
{
attribute status { status }
& attribute status_text { text }
& get_overrides_response_override*
& get_overrides_response_filters
& get_overrides_response_sort
& get_overrides_response_overrides
& get_overrides_response_override_count
}
get_overrides_response_filters
= element filters
{
attribute id { uuid }
& get_overrides_response_filters_term
}
get_overrides_response_filters_term
= element term
{
text
}
get_overrides_response_sort
= element sort
{
text
& get_overrides_response_sort_field
}
get_overrides_response_sort_field
= element field
{
get_overrides_response_sort_field_order
}
get_overrides_response_sort_field_order
= element order
{
xsd:token { pattern = "ascending|descending" }
}
get_overrides_response_overrides
= element overrides
{
attribute start { }
& attribute max { }
}
get_overrides_response_override_count
= element override_count
{
get_overrides_response_override_count_filtered
& get_overrides_response_override_count_page
}
get_overrides_response_override_count_filtered
= element filtered
{
integer
}
get_overrides_response_override_count_page
= element page
{
integer
}
get_overrides_response_override
= element override
{
get_overrides_response_override_nvt
& get_overrides_response_override_text
& get_overrides_response_override_threat
& get_overrides_response_override_new_threat
& get_overrides_response_override_orphan
& ( get_overrides_response_override_creation_time
& get_overrides_response_override_modification_time
& get_overrides_response_override_hosts
& get_overrides_response_override_port
& get_overrides_response_override_task
& get_overrides_response_override_active
& get_overrides_response_override_end_time?
& get_overrides_response_override_result? )?
}
get_overrides_response_override_nvt
= element nvt
{
attribute oid { oid }
& get_overrides_response_override_nvt_name
}
get_overrides_response_override_nvt_name
= element name
{
name
}
get_overrides_response_override_text
= element text
{
text
& attribute excerpt { boolean }
}
get_overrides_response_override_threat
= element threat
{
threat
}
get_overrides_response_override_new_threat
= element new_threat
{
threat
}
get_overrides_response_override_orphan
= element orphan
{
boolean
}
get_overrides_response_override_creation_time
= element creation_time
{
iso_time
}
get_overrides_response_override_modification_time
= element modification_time
{
iso_time
}
get_overrides_response_override_hosts
= element hosts
{
text
}
get_overrides_response_override_port
= element port
{
text
}
get_overrides_response_override_task
= element task
{
attribute id { uuid }
}
get_overrides_response_override_active
= element active
{
integer
}
get_overrides_response_override_end_time
= element end_time
{
text
}
get_overrides_response_override_result
= element result
{
attribute id { uuid }
& get_overrides_response_override_result_subnet
& get_overrides_response_override_result_host
& get_overrides_response_override_result_port
& get_overrides_response_override_result_nvt
& get_overrides_response_override_result_threat
& get_overrides_response_override_result_description
}
get_overrides_response_override_result_subnet
= element subnet
{
text
}
get_overrides_response_override_result_host
= element host
{
text
}
get_overrides_response_override_result_port
= element port
{
text
}
get_overrides_response_override_result_nvt
= element nvt
{
attribute oid { oid }
& get_overrides_response_override_result_nvt_name
& get_overrides_response_override_result_nvt_cvss_base
& get_overrides_response_override_result_nvt_risk_factor
& get_overrides_response_override_result_nvt_cve?
& get_overrides_response_override_result_nvt_bid?
}
get_overrides_response_override_result_nvt_name
= element name
{
name
}
get_overrides_response_override_result_nvt_cvss_base
= element cvss_base
{
text
}
get_overrides_response_override_result_nvt_risk_factor
= element risk_factor
{
text
}
get_overrides_response_override_result_nvt_cve
= element cve
{
text
}
get_overrides_response_override_result_nvt_bid
= element bid
{
integer
}
get_overrides_response_override_result_threat
= element threat
{
threat
}
get_overrides_response_override_result_description
= element description
{
text
}
7.45.3 Example: Get all overrides
Client
Manager
<get_overrides/>
<get_overrides_response status="200"
status_text="OK">
<override id="b76b81a7-9df8-42df-afff-baa9d4620128">
<nvt oid="1.3.6.1.4.1.25623.1.0.75">
<name>Test NVT: long lines</name>
</nvt>
<text excerpt="0">This is the full text of the override.</text>
<threat>High</threat>
<new_threat>Log</new_threat>
<orphan>1</orphan>
<active>1</active>
</override>
...
</get_overrides_response>
7.45.3 Example: Get details of a single override
Client
Manager
<get_overrides override_id="7f618bbb-4664-419e-9bbf-367d93954cb0"
details="1"/>
<get_overrides_response status="200"
status_text="OK">
<override id="7f618bbb-4664-419e-9bbf-367d93954cb0">
<nvt oid="1.3.6.1.4.1.25623.1.0.77">
<name>Test NVT: control chars in report result</name>
</nvt>
<creation_time>Sun Jun 27 08:49:46 2010</creation_time>
<modification_time>Sun Jun 27 08:49:46 2010</modification_time>
<text>override fixed to result</text>
<hosts>127.0.0.1</hosts>
<port>general/tcp</port>
<threat>Medium</threat>
<new_threat>Low</new_threat>
<task id="40b236a9-2b0f-4813-b8c7-bc2b98d9d7e4">
<name>test</name>
</task>
<orphan>0</orphan>
<result id="0c95e6b3-1100-4dfd-88f1-4bed1fad29de"/>
<active>1</active>
<end_time/>
</override>
...
</get_overrides_response>
7.46 Command get_port_lists
In short: Get all port lists.
The client uses the get_port_lists command to get port list information.
7.46.1 Structure
-
Command
- @port_list_id (uuid) ID of single port list to get.
- @details (boolean) Whether to include full port list details.
- @trash (boolean) Whether to get the trashcan port lists instead.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<port_list>
*
- @id (uuid)
-
<name>
The name of the port list.
-
<comment>
The comment on the port list.
-
<in_use>
Whether any targets are using the port list.
-
<writable>
Whether the port list is writable.
-
<port_count>
-
<all>
Total number of ports.
-
<tcp>
Total number of TCP ports.
-
<udp>
Total number of UDP ports.
-
<all>
- The group?
7.46.2 RNC
Command
Response
get_port_lists
= element get_port_lists
{
attribute port_list_id { uuid }?
& attribute details { boolean }?
& attribute trash { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_port_lists_response
= element get_port_lists_response
{
attribute status { status }
& attribute status_text { text }
& get_port_lists_response_port_list*
}
get_port_lists_response_port_list
= element port_list
{
attribute id { uuid }
& get_port_lists_response_port_list_name
& get_port_lists_response_port_list_comment
& get_port_lists_response_port_list_in_use
& get_port_lists_response_port_list_writable
& get_port_lists_response_port_list_port_count
& ( get_port_lists_response_port_list_port_ranges
& get_port_lists_response_port_list_targets )?
}
get_port_lists_response_port_list_name
= element name
{
name
}
get_port_lists_response_port_list_comment
= element comment
{
text
}
get_port_lists_response_port_list_in_use
= element in_use
{
boolean
}
get_port_lists_response_port_list_writable
= element writable
{
boolean
}
get_port_lists_response_port_list_port_count
= element port_count
{
get_port_lists_response_port_list_port_count_all
& get_port_lists_response_port_list_port_count_tcp
& get_port_lists_response_port_list_port_count_udp
}
get_port_lists_response_port_list_port_count_all
= element all
{
integer
}
get_port_lists_response_port_list_port_count_tcp
= element tcp
{
integer
}
get_port_lists_response_port_list_port_count_udp
= element udp
{
integer
}
get_port_lists_response_port_list_port_ranges
= element port_ranges
{
get_port_lists_response_port_list_port_ranges_port_range*
}
get_port_lists_response_port_list_port_ranges_port_range
= element port_range
{
attribute id { uuid }
& get_port_lists_response_port_list_port_ranges_port_range_start
& get_port_lists_response_port_list_port_ranges_port_range_end
& get_port_lists_response_port_list_port_ranges_port_range_type
& get_port_lists_response_port_list_port_ranges_port_range_comment
}
get_port_lists_response_port_list_port_ranges_port_range_start
= element start
{
integer
}
get_port_lists_response_port_list_port_ranges_port_range_end
= element end
{
integer
}
get_port_lists_response_port_list_port_ranges_port_range_type
= element type
{
text
}
get_port_lists_response_port_list_port_ranges_port_range_comment
= element comment
{
text
}
get_port_lists_response_port_list_targets
= element targets
{
get_port_lists_response_port_list_targets_target*
}
get_port_lists_response_port_list_targets_target
= element target
{
attribute id { uuid }
& get_port_lists_response_port_list_targets_target_name
}
get_port_lists_response_port_list_targets_target_name
= element name
{
name
}
7.46.3 Example: Export a port list
Client
Manager
<get_port_lists port_list_id="b993b6f5-f9fb-4e6e-9c94-dd46c00e058d"
details="1"/>
<get_port_lists_response status="200"
status_text="OK">
<port_list id="b993b6f5-f9fb-4e6e-9c94-dd46c00e058d">
<name>All TCP</name>
<comment>Every single TCP port.</comment>
<in_use>1</in_use>
<port_count>
<all>65535</all>
<tcp>65535</tcp>
<udp>0</udp>
</port_count>
<port_ranges>
<port_range>
<type>TCP</type>
<start>1</start>
<end>65535</end>
</port_range>
</port_ranges>
<targets>
<target id="1f28d970-17ef-4c69-ba8a-13827059f2b9">
<name>Web server</name>
</target>
</targets>
</port_list>
</get_port_lists_response>
7.47 Command get_preferences
In short: Get all preferences.
The client uses the get_preferences command to get preference information. If the command sent by the client was valid, the manager will reply with a list of preferences to the client. If the manager cannot access a list of available NVTs at present, it will reply with the 503 response.
When the command includes a config_id attribute, the preference element includes the preference name, type and value, and the NVT to which the preference applies. Otherwise, the preference element includes just the name and value, with the NVT and type built into the name.
7.47.1 Structure
- Command
- Response
7.47.2 RNC
Command
Response
get_preferences
= element get_preferences
{
attribute nvt_oid { oid }?
& attribute config_id { uuid }?
& attribute preference { text }?
}
get_preferences_response
= element get_preferences_response
{
attribute status { status }
& attribute status_text { text }
& get_preferences_response_preference*
}
get_preferences_response_preference
= element preference
{
get_preferences_response_preference_nvt?
& get_preferences_response_preference_name
& get_preferences_response_preference_type?
& get_preferences_response_preference_value
}
get_preferences_response_preference_nvt
= element nvt
{
attribute oid { oid }
& get_preferences_response_preference_nvt_name
}
get_preferences_response_preference_nvt_name
= element name
{
name
}
get_preferences_response_preference_name
= element name
{
name
}
get_preferences_response_preference_type
= element type
{
text
}
get_preferences_response_preference_value
= element value
{
text
}
7.47.3 Example: Get default preferences for all NVTs
Client
Manager
<get_preferences/>
<get_preferences_response status="200"
status_text="OK">
<preference>
<name>Services[entry]:Network connection timeout :</name>
<value>5</value>
</preference>
...
</get_preferences_response>
7.47.3 Example: Get default preferences for a single NVT
Client
Manager
<get_preferences nvt_oid="1.3.6.1.4.1.25623.1.0.10330"/>
<get_preferences_response status="200"
status_text="OK">
<preference>
<name>Services[entry]:Network connection timeout :</name>
<value>5</value>
</preference>
...
</get_preferences_response>
7.47.3 Example: Get preferences from a config for all NVTs
Client
Manager
<get_preferences config_id="daba56c8-73ec-11df-a475-002264764cea"/>
<get_preferences_response status="200"
status_text="OK">
<preference>
<nvt oid="1.3.6.1.4.1.25623.1.0.10330">
<name>Services</name>
</nvt>
<name>Network connection timeout :</name>
<type>entry</type>
<value>5</value>
</preference>
...
</get_preferences_response>
7.47.3 Example: Get preferences from a config for a single NVT
Client
Manager
<get_preferences config_id="daba56c8-73ec-11df-a475-002264764cea"
nvt_oid="1.3.6.1.4.1.25623.1.0.10330"/>
<get_preferences nvt_oid="1.3.6.1.4.1.25623.1.0.10330">
<preference>
<nvt oid="1.3.6.1.4.1.25623.1.0.10330">
<name>Services</name>
</nvt>
<name>Network connection timeout :</name>
<type>entry</type>
<value>5</value>
</preference>
</get_preferences>
7.48 Command get_reports
In short: Get all reports.
The client uses the get_reports command to get report information.
The XML report format is sent as XML. All other formats are sent in Base64 encoding.
7.48.1 Structure
-
Command
- @report_id (uuid) ID of single report to get.
- @filter (uuid) Filter term to use to filter query.
- @filt_id (uuid) ID of filter to use to filter query.
- @type ("scan", "assets" or "prognostic") Type of report to get.
- @format_id (uuid) ID of required report format.
- @alert_id (uuid) ID of alert to pass generated report to.
- @first_result (integer) First result to get.
- @max_results (integer) Maximum number of results to get.
- @sort_order (sort_order)
- @sort_field (text)
- @levels (levels) Which threat levels to include in the report.
- @search_phrase (text) A string that all results in the report must contain.
- @min_cvss_base (integer) Minimum CVSS base of results in report.
- @notes (boolean) Whether to include notes in the report.
- @note_details (boolean) If notes are included, whether to include note details.
- @overrides (boolean) Whether to include overrides in the report.
- @override_details (boolean) If overrides are included, whether to include override details.
- @result_hosts_only (boolean) Whether to include only those hosts that have results.
- @host (text) For "assets" or "prognostic", single host to retrieve.
- @host_first_result (integer) For "assets" or "prognostic", first host to retrieve.
- @host_max_results (integer) For "assets" or "prognostic", maximum hosts to retrieve.
- @host_levels (levels) For "assets" or "prognostic", which threat levels to include in hosts.
- @pos (integer) For type "assets", position of report used, from end.
- @delta_report_id (uuid) ID of second report, for producing a delta report.
- @delta_states () Letters for results to include: c)hanged, g)one, n)ew, s)ame.
- @autofp () Whether to trust vendor security updates. 1 full match, 2 partial..
- @show_closed_cves (boolean) Whether to include the Closed CVEs host detail in the report.
- Response
7.48.2 RNC
Command
Response
get_reports
= element get_reports
{
attribute report_id { uuid }?
& attribute filter { uuid }?
& attribute filt_id { uuid }?
& attribute type { xsd:token { pattern = "scan|assets|prognostic" } }?
& attribute format_id { uuid }?
& attribute alert_id { uuid }?
& attribute first_result { integer }?
& attribute max_results { integer }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
& attribute levels { levels }?
& attribute search_phrase { text }?
& attribute min_cvss_base { integer }?
& attribute notes { boolean }?
& attribute note_details { boolean }?
& attribute overrides { boolean }?
& attribute override_details { boolean }?
& attribute result_hosts_only { boolean }?
& attribute host { text }?
& attribute host_first_result { integer }?
& attribute host_max_results { integer }?
& attribute host_levels { levels }?
& attribute pos { integer }?
& attribute delta_report_id { uuid }?
& attribute delta_states { }?
& attribute autofp { }?
& attribute show_closed_cves { boolean }?
}
get_reports_response
= element get_reports_response
{
attribute status { status }
& attribute status_text { text }
& get_reports_response_report*
}
get_reports_response_report
= element report # type report
{
text # RNC limitation: base64
& attribute id { uuid }
& attribute format_id { uuid }
& attribute extension { text }
& attribute content_type { text }
& attribute type { xsd:token { pattern = "scan|assets" } }?
& report_report
}
7.48.3 Example: Get a report in PDF
Client
Manager
<get_reports report_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"
format_id="1a60a67e-97d0-4cbf-bc77-f71b08e7043d"/>
<get_reports_response status="200"
status_text="OK">
<report id="267a3405-e84a-47da-97b2-5fa0d2e8995e"
format_id="1a60a67e-97d0-4cbf-bc77-f71b08e7043d"
extension="pdf"
content_type="application/pdf">hsisn3qaVFhkjFRG4...</report>
</get_reports_response>
7.48.3 Example: Get a report in XML
Client
Manager
<get_reports report_id="f0fdf522-276d-4893-9274-fb8699dc2270"/>
<get_reports_response status="200"
status_text="OK">
<report id="f0fdf522-276d-4893-9274-fb8699dc2270"
format_id="d5da9f67-8551-4e51-807b-b6a873d70e34"
extension="xml"
content_type="text/xml">
<report id="f0fdf522-276d-4893-9274-fb8699dc2270">
<sort>
<field>
type
<order>descending</order>
</field>
</sort>
<filters id="0">
hmlgd
<term/>
<phrase/>
<notes>0</notes>
<overrides>0</overrides>
<apply_overrides>0</apply_overrides>
<result_hosts_only>1</result_hosts_only>
<min_cvss_base/>
<autofp>0</autofp>
<show_closed_cves>0</show_closed_cves>
<filter>High</filter>
<filter>Medium</filter>
<filter>Low</filter>
<filter>Log</filter>
<filter>Debug</filter>
</filters>
<scan_run_status>Done</scan_run_status>
<result_count>
<full>10</full>
<filtered>10</filtered>
<debug>
<full>0</full>
<filtered>0</filtered>
</debug>
<hole>
<full>0</full>
<filtered>0</filtered>
</hole>
<info>
<full>7</full>
<filtered>7</filtered>
</info>
<log>
<full>0</full>
<filtered>0</filtered>
</log>
<warning>
<full>3</full>
<filtered>3</filtered>
</warning>
</result_count>
<task id="13bb418a-4220-4575-b35b-ec398bff7417">
<name>dik mm</name>
</task>
<ports start="1"
max="-1">
<port>
general/tcp
<host>127.0.1.1</host>
<threat>Medium</threat>
</port>
...
</ports>
<results start="1"
max="-1">
<result id="634f7a2e-8ca1-43b7-b6d7-0d4841449508">
<subnet>127.0.1.1</subnet>
<host>127.0.1.1</host>
<port>general/tcp</port>
<nvt oid="1.3.6.1.4.1.25623.1.0.74">
<name>Test NVT: fields with ISO-8859-1 chars ()</name>
<cvss_base>5.0</cvss_base>
<risk_factor>Medium</risk_factor>
</nvt>
<threat>Medium</threat>
<description>Test with umlaut Warning Port 0.</description>
</result>
...
</results>
<scan_start>Mon Feb 1 19:11:21 2010</scan_start>
<host_start>
Mon Feb 1 19:11:21 2010
<host>127.0.1.1</host>
</host_start>
<host_end>
Mon Feb 1 19:11:52 2010
<host>127.0.1.1</host>
</host_end>
<scan_end>Mon Feb 1 19:11:52 2010</scan_end>
</report>
</report>
</get_reports_response>
7.49 Command get_report_formats
In short: Get all report formats.
The client uses the get_report_formats command to get report format information.
7.49.1 Structure
-
Command
- @report_format_id (uuid) ID of single report format to get.
- @trash (boolean) Whether to get the trashcan report formats instead.
- @export (boolean) Whether to get report format in importable form.
- @params (boolean) Whether to include report format parameters.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<report_format>
*
- @id (uuid)
-
<name>
The name of the report format.
-
<summary>
-
<description>
-
<extension>
-
<content_type>
-
<global>
-
<predefined>
-
<param>
*
-
<name>
The name of the param.
-
<type>
The type of the param.
-
<min>
?Minimum.
-
<max>
?Maximum.
-
<options>
?Selection options.
-
<option>
*Option value.
-
<option>
*
-
<min>
?
-
<value>
The value of the param.
-
<default>
The fallback value of the param.
-
<name>
-
One of
-
The group
-
<file>
*One of the files used to generate the report.
- @name (text)
-
<signature>
The report format signature.
-
<file>
*
-
The group
-
<trust>
Whether signature verification succeeded.
- @name (text)
-
<time>
The time the trust was checked.
-
<active>
Whether the report format is active.
-
<trust>
-
The group
7.49.2 RNC
Command
Response
get_report_formats
= element get_report_formats
{
attribute report_format_id { uuid }?
& attribute trash { boolean }?
& attribute export { boolean }?
& attribute params { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_report_formats_response
= element get_report_formats_response
{
attribute status { status }
& attribute status_text { text }
& get_report_formats_response_report_format*
}
get_report_formats_response_report_format
= element report_format
{
attribute id { uuid }
& get_report_formats_response_report_format_name
& get_report_formats_response_report_format_summary
& get_report_formats_response_report_format_description
& get_report_formats_response_report_format_extension
& get_report_formats_response_report_format_content_type
& get_report_formats_response_report_format_global
& get_report_formats_response_report_format_predefined
& get_report_formats_response_report_format_param*
& ( ( get_report_formats_response_report_format_file*
& get_report_formats_response_report_format_signature )
| ( get_report_formats_response_report_format_trust
& get_report_formats_response_report_format_active ) )
}
get_report_formats_response_report_format_name
= element name
{
name
}
get_report_formats_response_report_format_summary
= element summary
{
text
}
get_report_formats_response_report_format_description
= element description
{
text
}
get_report_formats_response_report_format_extension
= element extension
{
text
}
get_report_formats_response_report_format_global
= element global
{
boolean
}
get_report_formats_response_report_format_content_type
= element content_type
{
text
}
get_report_formats_response_report_format_predefined
= element predefined
{
boolean
}
get_report_formats_response_report_format_param
= element param
{
get_report_formats_response_report_format_param_name
& get_report_formats_response_report_format_param_type
& get_report_formats_response_report_format_param_value
& get_report_formats_response_report_format_param_default
}
get_report_formats_response_report_format_param_name
= element name
{
name
}
get_report_formats_response_report_format_param_type
= element type
{
text # RNC limitation: xsd:token { pattern = "boolean|integer|selection|string|text" }
& get_report_formats_response_report_format_param_type_min?
& get_report_formats_response_report_format_param_type_max?
& get_report_formats_response_report_format_param_type_options?
}
get_report_formats_response_report_format_param_type_min
= element min
{
text
}
get_report_formats_response_report_format_param_type_max
= element max
{
text
}
get_report_formats_response_report_format_param_type_options
= element options
{
get_report_formats_response_report_format_param_type_options_option*
}
get_report_formats_response_report_format_param_type_options_option
= element option
{
text
}
get_report_formats_response_report_format_param_value
= element value
{
text
}
get_report_formats_response_report_format_param_default
= element default
{
text
}
get_report_formats_response_report_format_file
= element file
{
text # RNC limitation: base64
& attribute name { text }
}
get_report_formats_response_report_format_signature
= element signature
{
text
}
get_report_formats_response_report_format_trust
= element trust
{
text # RNC limitation: xsd:token { pattern = "yes|no|unknown" }
& attribute name { text }
& get_report_formats_response_report_format_trust_time
}
get_report_formats_response_report_format_trust_time
= element time
{
iso_time
}
get_report_formats_response_report_format_active
= element active
{
boolean
}
7.49.3 Example: Get information about a report format
Client
Manager
<get_report_formats report_format_id="b993b6f5-f9fb-4e6e-9c94-dd46c00e058d"/>
<get_report_formats_response status="200"
status_text="OK">
<report_format id="b993b6f5-f9fb-4e6e-9c94-dd46c00e058d">
<name>HTML</name>
<extension>html</extension>
<content_type>text/html</content_type>
<summary>Single page HTML report.</summary>
<description>
A single HTML page listing results of a scan. Style information
...
</description>
<global>1</global>
<predefined>1</predefined>
<trust>
no
<time>Thu Dec 2 13:22:26 2010</time>
</trust>
<active>1</active>
</report_format>
</get_report_formats_response>
7.49.3 Example: Export a report format
Client
Manager
<get_report_formats report_format_id="b993b6f5-f9fb-4e6e-9c94-dd46c00e058d"
export="1"/>
<get_report_formats_response status="200"
status_text="OK">
<report_format id="b993b6f5-f9fb-4e6e-9c94-dd46c00e058d">
<name>HTML</name>
<extension>html</extension>
<content_type>text/html</content_type>
<summary>Single page HTML report.</summary>
<description>
A single HTML page listing results of a scan. Style information
...
</description>
<global>1</global>
<predefined>1</predefined>
<file name="HTML.xsl">
PD9ldD4K
...
</file>
<file name="generate">
IyEvAk
...
</file>
<signature/>
</report_format>
</get_report_formats_response>
7.50 Command get_results
In short: Get results.
The client uses the get_results command to get result information.
If the request includes a notes flag, an overrides flag or an apply_overrides flag and any of these is true, then the request must also include a task ID.
7.50.1 Structure
-
Command
- @result_id (uuid) ID of single result to get.
- @task_id (uuid) ID of task for note and override handling.
- @notes (boolean) Whether to include notes in the result.
- @note_details (boolean) If notes are included, whether to include note details.
- @overrides (boolean) Whether to include overrides in the result.
- @override_details (boolean) If overrides are included, whether to include override details.
- @apply_overrides (boolean) Whether to override result threat levels.
-
Response
- @status (status)
- @status_text (text)
-
<results>
-
<result>
*
- @id (uuid)
-
<subnet>
-
<host>
-
<port>
-
<nvt>
NVT to which result applies.
- @oid (oid)
-
<name>
The name of the NVT.
-
<cvss_base>
CVSS base value associated with the NVT.
-
<risk_factor>
Risk factor associated with the NVT.
-
<cve>
CVE value associated with the NVT.
-
<bid>
BID associated with the NVT.
-
<threat>
-
<description>
Description of the result.
-
<notes>
?
-
<overrides>
?
-
<result>
*
7.50.2 RNC
Command
Response
get_results
= element get_results
{
attribute result_id { uuid }?
& attribute task_id { uuid }?
& attribute notes { boolean }?
& attribute note_details { boolean }?
& attribute overrides { boolean }?
& attribute override_details { boolean }?
& attribute apply_overrides { boolean }?
}
get_results_response
= element get_results_response
{
attribute status { status }
& attribute status_text { text }
& get_results_response_results
}
get_results_response_results
= element results
{
get_results_response_results_result*
}
get_results_response_results_result
= element result
{
attribute id { uuid }
& get_results_response_results_result_subnet
& get_results_response_results_result_host
& get_results_response_results_result_port
& get_results_response_results_result_nvt
& get_results_response_results_result_threat
& get_results_response_results_result_description
& get_results_response_results_result_notes?
& get_results_response_results_result_overrides?
}
get_results_response_results_result_subnet
= element subnet
{
text
}
get_results_response_results_result_host
= element host
{
text
}
get_results_response_results_result_port
= element port
{
text
}
get_results_response_results_result_nvt
= element nvt
{
attribute oid { oid }
& get_results_response_results_result_nvt_name
& get_results_response_results_result_nvt_cvss_base
& get_results_response_results_result_nvt_risk_factor
& get_results_response_results_result_nvt_cve
& get_results_response_results_result_nvt_bid
}
get_results_response_results_result_nvt_name
= element name
{
name
}
get_results_response_results_result_nvt_cvss_base
= element cvss_base
{
integer
}
get_results_response_results_result_nvt_risk_factor
= element risk_factor
{
integer
}
get_results_response_results_result_nvt_cve
= element cve
{
text
}
get_results_response_results_result_nvt_bid
= element bid
{
integer
}
get_results_response_results_result_threat
= element threat
{
threat
}
get_results_response_results_result_description
= element description
{
text
}
get_results_response_results_result_notes
= element notes # type result_notes
{
result_notes_note*
}
get_results_response_results_result_overrides
= element overrides # type result_overrides
{
result_overrides_override*
}
7.50.3 Example: Get all results
Client
Manager
<get_results/>
<get_results_response status="200"
status_text="OK">
<results>
<result id="634f7a2e-8ca1-43b7-b6d7-0d4841449508">
<subnet>127.0.1.1</subnet>
<host>127.0.1.1</host>
<port>general/tcp</port>
<nvt oid="1.3.6.1.4.1.25623.1.0.74">
<name>Test NVT: fields with ISO-8859-1 chars</name>
<cvss_base>5.0</cvss_base>
<risk_factor>Medium</risk_factor>
<cve>CVE-2009-3095</cve>
<bid>36254</bid>
</nvt>
<threat>Medium</threat>
<description>Test with umlaut.</description>
</result>
...
</results>
</get_results_response>
7.50.3 Example: Get a result, including notes and overrides
Client
Manager
<get_results result_id="cac9e7c8-c726-49fd-a710-5f99079ab93e"
task_id="40b236a9-2b0f-4813-b8c7-bc2b98d9d7e4"
notes="1"
overrides="1"/>
<get_results_response status="200"
status_text="OK">
<results>
<result id="cac9e7c8-c726-49fd-a710-5f99079ab93e">
<subnet>127.0.0.1</subnet>
<host>127.0.0.1</host>
<port>general/tcp</port>
<nvt oid="1.3.6.1.4.1.25623.1.0.75">
<name>Test NVT: long lines</name>
<cvss_base>9</cvss_base>
<risk_factor>High</risk_factor>
<cve>CVE-2009-3095</cve>
<bid>36254</bid>
</nvt>
<threat>High</threat>
<description>Test with very long warning.</description>
<original_threat>Medium</original_threat>
<notes/>
<overrides>
<override id="b0832812-75f1-45eb-b676-99c6e6bf2b24">
<nvt oid="1.3.6.1.4.1.25623.1.0.75">
<name>Test NVT: long lines</name>
</nvt>
<text excerpt="0">Test override</text>
<new_threat>High</new_threat>
<orphan>0</orphan>
</override>
</overrides>
</result>
</results>
</get_results_response>
7.51 Command get_schedules
In short: Get all schedules.
The client uses the get_schedules command to get schedule information.
7.51.1 Structure
-
Command
- @schedule_id (uuid) ID of single schedule to get.
- @trash (boolean) Whether to get the trashcan schedules instead.
- @details (boolean) Whether to include full schedule details.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<schedule>
*
- @id (uuid)
-
<name>
The name of the schedule.
-
The group?
-
<comment>
The comment on the schedule.
-
<first_time>
First time the task ran or will run.
-
<next_time>
The next time the task will run.
-
<timezone>
The timezone that the schedule follows.
-
<period>
How often the task will run, in seconds.
-
<period_months>
How often the task will run, months portion.
-
<simple_period>
Simple representation of period, if available.
-
<unit>
?
-
<unit>
?
-
<duration>
How long the task will run for (0 for entire task).
-
<simple_duration>
Simple representation of duration, if available.
-
<unit>
?
-
<unit>
?
-
<in_use>
Whether any tasks are using the schedule.
-
<tasks>
-
<task>
*
- @id (uuid)
-
<name>
The name of the task.
-
<task>
*
-
<comment>
7.51.2 RNC
Command
Response
get_schedules
= element get_schedules
{
attribute schedule_id { uuid }?
& attribute trash { boolean }?
& attribute details { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_schedules_response
= element get_schedules_response
{
attribute status { status }
& attribute status_text { text }
& get_schedules_response_schedule*
}
get_schedules_response_schedule
= element schedule
{
attribute id { uuid }
& get_schedules_response_schedule_name
& ( get_schedules_response_schedule_comment
& get_schedules_response_schedule_first_time
& get_schedules_response_schedule_next_time
& get_schedules_response_schedule_timezone
& get_schedules_response_schedule_period
& get_schedules_response_schedule_period_months
& get_schedules_response_schedule_simple_period
& get_schedules_response_schedule_duration
& get_schedules_response_schedule_simple_duration
& get_schedules_response_schedule_in_use
& get_schedules_response_schedule_tasks )?
}
get_schedules_response_schedule_name
= element name
{
name
}
get_schedules_response_schedule_comment
= element comment
{
text
}
get_schedules_response_schedule_first_time
= element first_time
{
iso_time
}
get_schedules_response_schedule_next_time
= element next_time
{
iso_time
}
get_schedules_response_schedule_timezone
= element timezone
{
text
}
get_schedules_response_schedule_period
= element period
{
integer
}
get_schedules_response_schedule_period_months
= element period_months
{
integer
}
get_schedules_response_schedule_simple_period
= element simple_period
{
text
& get_schedules_response_schedule_simple_period_unit?
}
get_schedules_response_schedule_simple_period_unit
= element unit
{
time_unit
}
get_schedules_response_schedule_duration
= element duration
{
integer
}
get_schedules_response_schedule_simple_duration
= element simple_duration
{
text
& get_schedules_response_schedule_simple_duration_unit?
}
get_schedules_response_schedule_simple_duration_unit
= element unit
{
time_unit
}
get_schedules_response_schedule_in_use
= element in_use
{
boolean
}
get_schedules_response_schedule_tasks
= element tasks
{
get_schedules_response_schedule_tasks_task*
}
get_schedules_response_schedule_tasks_task
= element task
{
attribute id { uuid }
& get_schedules_response_schedule_tasks_task_name
}
get_schedules_response_schedule_tasks_task_name
= element name
{
name
}
7.51.3 Example: Get all schedules
Client
Manager
<get_schedules/>
<get_schedules_response status="200"
status_text="OK">
<schedule id="c33864a9-d3fd-44b3-8717-972bfb01dfcf">
<name>Overnight</name>
</schedule>
...
</get_schedules_response>
7.51.3 Example: Get full details of a single schedule
Client
Manager
<get_schedules schedule_id="c33864a9-d3fd-44b3-8717-972bfb01dfcf"
details="1"/>
<get_schedules_response status="200"
status_text="OK">
<schedule id="c33864a9-d3fd-44b3-8717-972bfb01dfcf">
<name>Overnight</name>
<comment>3 hours, starting at 12h00.</comment>
<first_time>Tue Jun 29 00:00:00 2010</first_time>
<next_time>Tue Jun 29 00:00:00 2010</next_time>
<timezone>Europe/Berlin</timezone>
<period>86400</period>
<period_months>0</period_months>
<simple_period>
1
<unit>day</unit>
</simple_period>
<duration>10800</duration>
<simple_duration>
3
<unit>hour</unit>
</simple_duration>
<in_use>1</in_use>
<tasks>
<task id="d4daf4c4-25c7-40ac-87d3-38e489f34330">
<name>kk</name>
</task>
</tasks>
</schedule>
</get_schedules_response>
7.52 Command get_settings
In short: Get all settings.
The client uses the get_settings command to get the settings.
7.52.1 Structure
-
Command
- @setting_id (uuid) ID of single setting to get.
- @filter (text) Filter term.
- @first (integer) First result.
- @max (integer) Maximum number of results in response.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<filters>
-
<term>
Filter term.
-
<term>
-
<settings>
-
<setting>
-
<name>
-
<value>
-
<name>
-
<setting>
7.52.2 RNC
Command
Response
get_settings
= element get_settings
{
attribute setting_id { uuid }?
& attribute filter { text }?
& attribute first { integer }?
& attribute max { integer }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_settings_response
= element get_settings_response
{
attribute status { status }
& attribute status_text { text }
& get_settings_response_filters
& get_settings_response_settings
}
get_settings_response_filters
= element filters
{
get_settings_response_filters_term
}
get_settings_response_filters_term
= element term
{
text
}
get_settings_response_settings
= element settings
{
get_settings_response_settings_setting
}
get_settings_response_settings_setting
= element setting
{
get_settings_response_settings_setting_name
& get_settings_response_settings_setting_value
}
get_settings_response_settings_setting_name
= element name
{
text
}
get_settings_response_settings_setting_value
= element value
{
text
}
7.52.3 Example: Get all settings
Client
Manager
<get_settings/>
<get_settings_response status="200"
status_text="OK">
<settings>
<setting id="5f5a8712-8017-11e1-8556-406186ea4fc5">
<name>Rows Per Page</name>
<value>15</value>
</setting>
</settings>
</get_settings_response>
7.53 Command get_slaves
In short: Get all slaves.
The client uses the get_slaves command to get slave information.
7.53.1 Structure
-
Command
- @slave_id (uuid) ID of single slave to get.
- @trash (boolean) Whether to get the trashcan slaves instead.
- @tasks (boolean) Whether to include a list of tasks using the slave.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<slave>
*
- @id (uuid)
-
<name>
The name of the slave.
-
<comment>
The comment on the slave.
-
<host>
The host that the slave Manager is running on.
-
<port>
The port that the slave Manager is serving on the host.
-
<login>
Login name on the slave Manager.
-
<password>
Password for login on the slave Manager.
-
<in_use>
Whether any tasks are using the slave.
-
<tasks>
?
-
<task>
*
- @id (uuid)
-
<name>
The name of the task.
-
<task>
*
7.53.2 RNC
Command
Response
get_slaves
= element get_slaves
{
attribute slave_id { uuid }?
& attribute trash { boolean }?
& attribute tasks { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_slaves_response
= element get_slaves_response
{
attribute status { status }
& attribute status_text { text }
& get_slaves_response_slave*
}
get_slaves_response_slave
= element slave
{
attribute id { uuid }
& get_slaves_response_slave_name
& get_slaves_response_slave_comment
& get_slaves_response_slave_host
& get_slaves_response_slave_port
& get_slaves_response_slave_login
& get_slaves_response_slave_password
& get_slaves_response_slave_in_use
& get_slaves_response_slave_tasks?
}
get_slaves_response_slave_name
= element name
{
name
}
get_slaves_response_slave_comment
= element comment
{
text
}
get_slaves_response_slave_host
= element host
{
text
}
get_slaves_response_slave_port
= element port
{
text
}
get_slaves_response_slave_login
= element login
{
text
}
get_slaves_response_slave_password
= element password
{
text
}
get_slaves_response_slave_in_use
= element in_use
{
boolean
}
get_slaves_response_slave_tasks
= element tasks
{
get_slaves_response_slave_tasks_task*
}
get_slaves_response_slave_tasks_task
= element task
{
attribute id { uuid }
& get_slaves_response_slave_tasks_task_name
}
get_slaves_response_slave_tasks_task_name
= element name
{
name
}
7.53.3 Example: Get all slaves, including task lists
Client
Manager
<get_slaves tasks="1"/>
<get_slaves_response status="200"
status_text="OK">
<slave id="c33864a9-d3fd-44b3-8717-972bfb01dfcf">
<name>Bangkok</name>
<comment>Manager in Bangkok department.</comment>
<host>192.0.32.10</host>
<login>sally</login>
<password>secret</password>
<tasks>
<task id="c33864a9-d3fd-44b3-8717-972bfb01dfc0">
<name>Debian desktops</name>
</task>
...
</tasks>
</slave>
...
</get_slaves_response>
7.54 Command get_system_reports
In short: Get all system reports.
The client uses the get_system_reports command to get system reports.
7.54.1 Structure
- Command
- Response
7.54.2 RNC
Command
Response
get_system_reports
= element get_system_reports
{
attribute name { text }?
& attribute duration { integer }?
& attribute brief { boolean }?
& attribute slave_id { uuid }?
}
get_system_reports_response
= element get_system_reports_response
{
attribute status { status }
& attribute status_text { text }
& get_system_reports_response_system_report*
}
get_system_reports_response_system_report
= element system_report
{
get_system_reports_response_system_report_name
& get_system_reports_response_system_report_title
& get_system_reports_response_system_report_report?
}
get_system_reports_response_system_report_name
= element name
{
name
}
get_system_reports_response_system_report_title
= element title
{
text
}
get_system_reports_response_system_report_report
= element report
{
text # RNC limitation: base64
& attribute format { "png" }
& attribute duration { integer }
}
7.54.3 Example: Get listing of available system reports
Client
Manager
<get_system_reports brief="1"/>
<get_system_reports_response status="200"
status_text="OK">
<system_report>
<name>proc</name>
<title>Processes</title>
</system_report>
<system_report>
<name>load</name>
<title>System Load</title>
</system_report>
<system_report>
<name>cpu_0</name>
<title>CPU Usage: CPU 0</title>
</system_report>
...
</get_system_reports_response>
7.54.3 Example: Get a system report
Client
Manager
<get_system_reports name="proc"/>
<get_system_reports_response status="200"
status_text="OK">
<system_report>
<name>proc</name>
<title>Processes</title>
<report format="png"
duration="86400">
iVBORw0KGgoAAAANSUhEUgAAArkAAAE...2bEdAAAAAElFTkSuQmCC
</report>
</system_report>
</get_system_reports_response>
7.55 Command get_target_locators
In short: Get configured target locators.
The client uses the get_target_locators command to get target locators.
7.55.1 Structure
-
Command
- Empty single element.
-
Response
- @status (status)
- @status_text (text)
-
<target_locator>
*
-
<name>
The name of the target locator.
-
<name>
7.55.2 RNC
Command
Response
get_target_locators
= element get_target_locators
{
""
}
get_target_locators_response
= element get_target_locators_response
{
attribute status { status }
& attribute status_text { text }
& get_target_locators_response_target_locator*
}
get_target_locators_response_target_locator
= element target_locator
{
get_target_locators_response_target_locator_name
}
get_target_locators_response_target_locator_name
= element name
{
name
}
7.55.3 Example: Get target locators
Client
Manager
<get_target_locators/>
<get_target_locators_response status="200"
status_text="OK">
<target_locator>
<name>ldap</name>
</target_locator>
...
</get_target_locators_response>
7.56 Command get_targets
In short: Get all targets.
The client uses the get_targets command to get target information.
7.56.1 Structure
-
Command
- @target_id (uuid) ID of single target to get.
- @filter (uuid) Filter term to use to filter query.
- @filt_id (uuid) ID of filter to use to filter query..
- @actions (actions) Actions filter for targets of observed tasks.
- @trash (boolean) Whether to get the trashcan targets instead.
- @tasks (boolean) Whether to include list of tasks that use the target.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<target>
*
-
<name>
The name of the target.
-
<comment>
The comment on the target.
-
<creation_time>
Date and time the target was created.
-
<modification_time>
Date and time the target was last modified.
-
<hosts>
A list of hosts.
-
<max_hosts>
The maximum number of hosts defined by the target.
-
<in_use>
Whether any tasks are using the target.
-
<writable>
Whether the target is writable.
-
<ssh_lsc_credential>
- @id (uuid_or_empty)
-
<name>
The name of the SSH LSC credential.
-
<port>
The port the LSCs will use.
-
<trash>
Whether the LSC credential is in the trashcan.
-
<smb_lsc_credential>
- @id (uuid_or_empty)
-
<name>
The name of the SMB LSC credential.
-
<trash>
Whether the LSC credential is in the trashcan.
-
<port_range>
Port range of the target.
-
<port_list>
- @id (uuid)
-
<name>
The name of the port_list.
-
<trash>
Whether the port_list is in the trashcan.
-
<tasks>
?All tasks using the target.
-
<task>
*
- @id (uuid)
-
<name>
The name of the task.
-
<task>
*
-
<name>
-
<filters>
- @id (uuid) UUID of filter if any, else 0.
-
<term>
Filter term.
-
<sort>
-
<field>
-
<order>
-
<order>
-
<field>
- <targets>
-
<target_count>
-
<filtered>
Number of targets after filtering.
-
<page>
Number of targets on current page.
-
<filtered>
7.56.2 RNC
Command
Response
get_targets
= element get_targets
{
attribute target_id { uuid }?
& attribute filter { uuid }?
& attribute filt_id { uuid }?
& attribute actions { actions }?
& attribute trash { boolean }?
& attribute tasks { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_targets_response
= element get_targets_response
{
attribute status { status }
& attribute status_text { text }
& get_targets_response_target*
& get_targets_response_filters
& get_targets_response_sort
& get_targets_response_targets
& get_targets_response_target_count
}
get_targets_response_target
= element target
{
get_targets_response_target_name
& get_targets_response_target_comment
& get_targets_response_target_creation_time
& get_targets_response_target_modification_time
& get_targets_response_target_hosts
& get_targets_response_target_max_hosts
& get_targets_response_target_in_use
& get_targets_response_target_writable
& get_targets_response_target_ssh_lsc_credential
& get_targets_response_target_smb_lsc_credential
& get_targets_response_target_port_range
& get_targets_response_target_port_list
& get_targets_response_target_tasks?
}
get_targets_response_target_name
= element name
{
name
}
get_targets_response_target_comment
= element comment
{
text
}
get_targets_response_target_creation_time
= element creation_time
{
iso_time
}
get_targets_response_target_modification_time
= element modification_time
{
iso_time
}
get_targets_response_target_hosts
= element hosts
{
text
}
get_targets_response_target_max_hosts
= element max_hosts
{
integer
}
get_targets_response_target_in_use
= element in_use
{
boolean
}
get_targets_response_target_writable
= element writable
{
boolean
}
get_targets_response_target_ssh_lsc_credential
= element ssh_lsc_credential
{
attribute id { uuid_or_empty }
& get_targets_response_target_ssh_lsc_credential_name
& get_targets_response_target_ssh_lsc_credential_port
& get_targets_response_target_ssh_lsc_credential_trash
}
get_targets_response_target_ssh_lsc_credential_name
= element name
{
name
}
get_targets_response_target_ssh_lsc_credential_port
= element port
{
text
}
get_targets_response_target_ssh_lsc_credential_trash
= element trash
{
boolean
}
get_targets_response_target_smb_lsc_credential
= element smb_lsc_credential
{
attribute id { uuid_or_empty }
& get_targets_response_target_smb_lsc_credential_name
& get_targets_response_target_smb_lsc_credential_trash
}
get_targets_response_target_smb_lsc_credential_name
= element name
{
name
}
get_targets_response_target_smb_lsc_credential_trash
= element trash
{
boolean
}
get_targets_response_target_port_range
= element port_range
{
name
}
get_targets_response_target_port_list
= element port_list
{
attribute id { uuid }
& get_targets_response_target_port_list_name
& get_targets_response_target_port_list_trash
}
get_targets_response_target_port_list_name
= element name
{
name
}
get_targets_response_target_port_list_trash
= element trash
{
boolean
}
get_targets_response_target_tasks
= element tasks
{
get_targets_response_target_tasks_task*
}
get_targets_response_target_tasks_task
= element task
{
attribute id { uuid }
& get_targets_response_target_tasks_task_name
}
get_targets_response_target_tasks_task_name
= element name
{
name
}
get_targets_response_filters
= element filters
{
attribute id { uuid }
& get_targets_response_filters_term
}
get_targets_response_filters_term
= element term
{
text
}
get_targets_response_sort
= element sort
{
text
& get_targets_response_sort_field
}
get_targets_response_sort_field
= element field
{
get_targets_response_sort_field_order
}
get_targets_response_sort_field_order
= element order
{
xsd:token { pattern = "ascending|descending" }
}
get_targets_response_targets
= element targets
{
attribute start { }
& attribute max { }
}
get_targets_response_target_count
= element target_count
{
get_targets_response_target_count_filtered
& get_targets_response_target_count_page
}
get_targets_response_target_count_filtered
= element filtered
{
integer
}
get_targets_response_target_count_page
= element page
{
integer
}
7.56.3 Example: Get all targets
Client
Manager
<get_targets/>
<get_targets_response status="200"
status_text="OK">
<target id="b493b7a8-7489-11df-a3ec-002264764cea">
<name>Localhost</name>
<hosts>localhost</hosts>
<max_hosts>1</max_hosts>
<comment/>
<in_use>7</in_use>
<writable>0</writable>
<creation_time>Sun Jun 27 08:49:43 2010</creation_time>
<modification_time>Sun Jun 27 08:49:43 2010</modification_time>
<ssh_lsc_credential id="">
<name/>
</ssh_lsc_credential>
<smb_lsc_credential id="">
<name/>
</smb_lsc_credential>
</target>
...
</get_targets_response>
7.56.3 Example: Get a single target, including tasks using the target
Client
Manager
<get_targets target_id="1f28d970-17ef-4c69-ba8a-13827059f2b9"
tasks="1"/>
<get_targets_response status="200"
status_text="OK">
<target id="1f28d970-17ef-4c69-ba8a-13827059f2b9">
<name>dik</name>
<hosts>dik.example.org</hosts>
<max_hosts>1</max_hosts>
<comment>dik mm</comment>
<in_use>4</in_use>
<writable>0</writable>
<creation_time>Sun Jun 27 08:49:43 2010</creation_time>
<modification_time>Sun Jun 27 08:49:43 2010</modification_time>
<ssh_lsc_credential id="58ff2793-2dc7-43fe-85f9-20bfac5a87e4">
<name>mm</name>
</ssh_lsc_credential>
<smb_lsc_credential id="">
<name/>
</smb_lsc_credential>
<tasks>
<task id="13bb418a-4220-4575-b35b-ec398bff7417">
<name>dik mm</name>
</task>
...
</tasks>
</target>
</get_targets_response>
7.57 Command get_tasks
In short: Get all tasks.
The client uses the get_tasks command to get task information.
As a convenience for clients the response includes a task count and the values of the sort order, sort field and apply overrides flag that the manager applied when selecting the tasks.
7.57.1 Structure
-
Command
- @task_id (uuid) ID of single task to get.
- @actions (actions) Actions filter for tasks of observed tasks.
- @trash (boolean) Whether to get the trashcan tasks instead.
- @details (boolean) Whether to include full task details.
- @rcfile (boolean) Whether to include task RC file (for openvas-client).
- @apply_overrides (boolean) Whether to override result threat levels.
- @sort_order (sort_order)
- @sort_field (text)
-
Response
- @status (status)
- @status_text (text)
-
<task_count>
-
<sort>
-
<field>
*
-
<order>
-
<order>
-
<field>
*
-
<apply_overrides>
-
<task>
*
-
<name>
The name of the task.
-
<comment>
The comment on the task.
-
<status>
The run status of the task.
-
<progress>
The percentage of the task that is complete.
-
<host_progress>
*Percentage complete for a particular host.
-
<host>
-
<host>
-
<host_progress>
*
-
<config>
The scan configuration used by the task.
- @id (uuid)
-
<name>
The name of the config.
-
<trash>
Whether the config is in the trashcan.
-
<target>
The hosts scanned by the task.
- @id (uuid)
-
<name>
The name of the target.
-
<trash>
Whether the target is in the trashcan.
-
<alert>
An alert that applies to the task.
- @id (uuid_or_empty)
-
<name>
The name of the alert.
-
<trash>
Whether the alert is in the trashcan.
-
<observers>
Users allowed to observe this task.
-
<schedule>
When the task will run.
- @id (uuid_or_empty)
-
<name>
The name of the schedule.
-
<trash>
Whether the schedule is in the trashcan.
-
<slave>
The slave that the task will run on.
- @id (uuid)
-
<name>
The name of the slave.
-
<trash>
Whether the slave is in the trashcan.
-
<report_count>
Number of reports.
-
<finished>
Number of reports where the scan completed.
-
<finished>
-
<trend>
-
<first_report>
?
-
<report>
- @id (uuid)
-
<timestamp>
-
<result_count>
Result counts for this report.
-
<debug>
-
<log>
-
<info>
-
<warning>
-
<hole>
-
<debug>
-
<report>
-
<last_report>
?
-
<report>
- @id (uuid)
-
<timestamp>
-
<result_count>
Result counts for this report.
-
<debug>
-
<log>
-
<info>
-
<warning>
-
<hole>
-
<debug>
-
<report>
-
<second_last_report>
?
-
<report>
- @id (uuid)
-
<timestamp>
-
<result_count>
Result counts for this report.
-
<debug>
-
<log>
-
<info>
-
<warning>
-
<hole>
-
<debug>
-
<report>
-
<rcfile>
?
-
<reports>
*
-
<report>
*
- @id (uuid)
-
<timestamp>
-
<scan_run_status>
Run status of task scan.
-
<result_count>
Result counts for this report.
-
<debug>
-
<log>
-
<info>
-
<warning>
-
<hole>
-
<debug>
-
<report>
*
-
<preferences>
-
<preference>
*
-
<name>
Full name of preference, suitable for end users.
-
<scanner_name>
Compact name of preference, from scanner.
-
<value>
-
<name>
-
<preference>
*
-
<name>
7.57.2 RNC
Command
Response
get_tasks
= element get_tasks
{
attribute task_id { uuid }?
& attribute actions { actions }?
& attribute trash { boolean }?
& attribute details { boolean }?
& attribute rcfile { boolean }?
& attribute apply_overrides { boolean }?
& attribute sort_order { sort_order }?
& attribute sort_field { text }?
}
get_tasks_response
= element get_tasks_response
{
attribute status { status }
& attribute status_text { text }
& get_tasks_response_task_count
& get_tasks_response_sort
& get_tasks_response_apply_overrides
& get_tasks_response_task*
}
get_tasks_response_task_count
= element task_count
{
integer
}
get_tasks_response_sort
= element sort
{
get_tasks_response_sort_field*
}
get_tasks_response_sort_field
= element field
{
text
& get_tasks_response_sort_field_order
}
get_tasks_response_sort_field_order
= element order
{
xsd:token { pattern = "ascending|descending" }
}
get_tasks_response_apply_overrides
= element apply_overrides
{
xsd:token { pattern = "0|1" }
}
get_tasks_response_task
= element task
{
get_tasks_response_task_name
& get_tasks_response_task_comment
& get_tasks_response_task_status
& get_tasks_response_task_progress
& get_tasks_response_task_config
& get_tasks_response_task_target
& get_tasks_response_task_alert
& get_tasks_response_task_observers
& get_tasks_response_task_schedule
& get_tasks_response_task_slave
& get_tasks_response_task_report_count
& get_tasks_response_task_trend
& get_tasks_response_task_first_report?
& get_tasks_response_task_last_report?
& get_tasks_response_task_second_last_report?
& get_tasks_response_task_rcfile?
& get_tasks_response_task_reports*
& get_tasks_response_task_preferences
}
get_tasks_response_task_name
= element name
{
name
}
get_tasks_response_task_comment
= element comment
{
text
}
get_tasks_response_task_status
= element status
{
task_status
}
get_tasks_response_task_progress
= element progress
{
text # RNC limitation: integer
& get_tasks_response_task_progress_host_progress*
}
get_tasks_response_task_progress_host_progress
= element host_progress
{
text # RNC limitation: integer
& get_tasks_response_task_progress_host_progress_host
}
get_tasks_response_task_progress_host_progress_host
= element host
{
text
}
get_tasks_response_task_config
= element config
{
attribute id { uuid }
& get_tasks_response_task_config_name
& get_tasks_response_task_config_trash
}
get_tasks_response_task_config_name
= element name
{
name
}
get_tasks_response_task_config_trash
= element trash
{
boolean
}
get_tasks_response_task_target
= element target
{
attribute id { uuid }
& get_tasks_response_task_target_name
& get_tasks_response_task_target_trash
}
get_tasks_response_task_target_name
= element name
{
name
}
get_tasks_response_task_target_trash
= element trash
{
boolean
}
get_tasks_response_task_alert
= element alert
{
attribute id { uuid_or_empty }
& get_tasks_response_task_alert_name
& get_tasks_response_task_alert_trash
}
get_tasks_response_task_alert_name
= element name
{
name
}
get_tasks_response_task_alert_trash
= element trash
{
boolean
}
get_tasks_response_task_observers
= element observers
{
user_list
}
get_tasks_response_task_schedule
= element schedule
{
attribute id { uuid_or_empty }
& get_tasks_response_task_schedule_name
& get_tasks_response_task_schedule_trash
}
get_tasks_response_task_schedule_name
= element name
{
name
}
get_tasks_response_task_schedule_trash
= element trash
{
boolean
}
get_tasks_response_task_slave
= element slave
{
attribute id { uuid }
& get_tasks_response_task_slave_name
& get_tasks_response_task_slave_trash
}
get_tasks_response_task_slave_name
= element name
{
name
}
get_tasks_response_task_slave_trash
= element trash
{
boolean
}
get_tasks_response_task_report_count
= element report_count
{
text # RNC limitation: integer
& get_tasks_response_task_report_count_finished
}
get_tasks_response_task_report_count_finished
= element finished
{
integer
}
get_tasks_response_task_trend
= element trend
{
task_trend
}
get_tasks_response_task_first_report
= element first_report
{
get_tasks_response_task_first_report_report
}
get_tasks_response_task_first_report_report
= element report
{
attribute id { uuid }
& get_tasks_response_task_first_report_report_timestamp
& get_tasks_response_task_first_report_report_result_count
}
get_tasks_response_task_first_report_report_timestamp
= element timestamp
{
iso_time
}
get_tasks_response_task_first_report_report_result_count
= element result_count
{
get_tasks_response_task_first_report_report_result_count_debug
& get_tasks_response_task_first_report_report_result_count_log
& get_tasks_response_task_first_report_report_result_count_info
& get_tasks_response_task_first_report_report_result_count_warning
& get_tasks_response_task_first_report_report_result_count_hole
}
get_tasks_response_task_first_report_report_result_count_debug
= element debug
{
integer
}
get_tasks_response_task_first_report_report_result_count_log
= element log
{
integer
}
get_tasks_response_task_first_report_report_result_count_info
= element info
{
integer
}
get_tasks_response_task_first_report_report_result_count_warning
= element warning
{
integer
}
get_tasks_response_task_first_report_report_result_count_hole
= element hole
{
integer
}
get_tasks_response_task_last_report
= element last_report
{
get_tasks_response_task_last_report_report
}
get_tasks_response_task_last_report_report
= element report
{
attribute id { uuid }
& get_tasks_response_task_last_report_report_timestamp
& get_tasks_response_task_last_report_report_result_count
}
get_tasks_response_task_last_report_report_timestamp
= element timestamp
{
iso_time
}
get_tasks_response_task_last_report_report_result_count
= element result_count
{
get_tasks_response_task_last_report_report_result_count_debug
& get_tasks_response_task_last_report_report_result_count_log
& get_tasks_response_task_last_report_report_result_count_info
& get_tasks_response_task_last_report_report_result_count_warning
& get_tasks_response_task_last_report_report_result_count_hole
}
get_tasks_response_task_last_report_report_result_count_debug
= element debug
{
integer
}
get_tasks_response_task_last_report_report_result_count_log
= element log
{
integer
}
get_tasks_response_task_last_report_report_result_count_info
= element info
{
integer
}
get_tasks_response_task_last_report_report_result_count_warning
= element warning
{
integer
}
get_tasks_response_task_last_report_report_result_count_hole
= element hole
{
integer
}
get_tasks_response_task_second_last_report
= element second_last_report
{
get_tasks_response_task_second_last_report_report
}
get_tasks_response_task_second_last_report_report
= element report
{
attribute id { uuid }
& get_tasks_response_task_second_last_report_report_timestamp
& get_tasks_response_task_second_last_report_report_result_count
}
get_tasks_response_task_second_last_report_report_timestamp
= element timestamp
{
iso_time
}
get_tasks_response_task_second_last_report_report_result_count
= element result_count
{
get_tasks_response_task_second_last_report_report_result_count_debug
& get_tasks_response_task_second_last_report_report_result_count_log
& get_tasks_response_task_second_last_report_report_result_count_info
& get_tasks_response_task_second_last_report_report_result_count_warning
& get_tasks_response_task_second_last_report_report_result_count_hole
}
get_tasks_response_task_second_last_report_report_result_count_debug
= element debug
{
integer
}
get_tasks_response_task_second_last_report_report_result_count_log
= element log
{
integer
}
get_tasks_response_task_second_last_report_report_result_count_info
= element info
{
integer
}
get_tasks_response_task_second_last_report_report_result_count_warning
= element warning
{
integer
}
get_tasks_response_task_second_last_report_report_result_count_hole
= element hole
{
integer
}
get_tasks_response_task_rcfile
= element rcfile
{
base64
}
get_tasks_response_task_reports
= element reports
{
get_tasks_response_task_reports_report*
}
get_tasks_response_task_reports_report
= element report
{
attribute id { uuid }
& get_tasks_response_task_reports_report_timestamp
& get_tasks_response_task_reports_report_scan_run_status
& get_tasks_response_task_reports_report_result_count
}
get_tasks_response_task_reports_report_timestamp
= element timestamp
{
iso_time
}
get_tasks_response_task_reports_report_scan_run_status
= element scan_run_status
{
task_status
}
get_tasks_response_task_reports_report_result_count
= element result_count
{
get_tasks_response_task_reports_report_result_count_debug
& get_tasks_response_task_reports_report_result_count_log
& get_tasks_response_task_reports_report_result_count_info
& get_tasks_response_task_reports_report_result_count_warning
& get_tasks_response_task_reports_report_result_count_hole
}
get_tasks_response_task_reports_report_result_count_debug
= element debug
{
integer
}
get_tasks_response_task_reports_report_result_count_log
= element log
{
integer
}
get_tasks_response_task_reports_report_result_count_info
= element info
{
integer
}
get_tasks_response_task_reports_report_result_count_warning
= element warning
{
integer
}
get_tasks_response_task_reports_report_result_count_hole
= element hole
{
integer
}
get_tasks_response_task_preferences
= element preferences
{
get_tasks_response_task_preferences_preference*
}
get_tasks_response_task_preferences_preference
= element preference
{
get_tasks_response_task_preferences_preference_name
& get_tasks_response_task_preferences_preference_scanner_name
& get_tasks_response_task_preferences_preference_value
}
get_tasks_response_task_preferences_preference_name
= element name
{
text
}
get_tasks_response_task_preferences_preference_scanner_name
= element scanner_name
{
text
}
get_tasks_response_task_preferences_preference_value
= element value
{
text
}
7.57.3 Example: Get all tasks
Client
Manager
<get_tasks/>
<get_tasks_response status="200"
status_text="OK">
<task_count>2</task_count>
<sort>
<field>
ROWID
<order>ascending</order>
</field>
</sort>
<apply_overrides>0</apply_overrides>
<task id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6">
<name>Scan Webserver</name>
<comment>Scan of the web server.</comment>
<status>Done</status>
<progress>-1</progress>
<config id="daba56c8-73ec-11df-a475-002264764cea">
<name>Full and fast</name>
</config>
<alert id="">
<name/>
</alert>
<target id="1f28d970-17ef-4c69-ba8a-13827059f2b9">
<name>dik</name>
</target>
<schedule id="">
<name/>
<next_time>over</next_time>
</schedule>
<slave id="">
<name/>
</slave>
<report_count>
2
<finished>2</finished>
</report_count>
<trend/>
<first_report>
<report id="f0fdf522-276d-4893-9274-fb8699dc2270">
<timestamp>Mon Feb 1 19:11:20 2010</timestamp>
<result_count>
<debug>0</debug>
<hole>0</hole>
<info>7</info>
<log>0</log>
<warning>3</warning>
</result_count>
</report>
</first_report>
<last_report>
<report id="f0fdf522-276d-4893-9274-fb8699dc2270">
<timestamp>Mon Feb 1 19:11:20 2010</timestamp>
<result_count>
<debug>0</debug>
<hole>0</hole>
<info>7</info>
<log>0</log>
<warning>3</warning>
</result_count>
</report>
</last_report>
<second_last_report>
<report id="f0fdf522-276d-4893-9274-fb8699dc2270">
<timestamp>Mon Feb 1 19:11:20 2010</timestamp>
<result_count>
<debug>0</debug>
<hole>0</hole>
<info>7</info>
<log>0</log>
<warning>3</warning>
</result_count>
</report>
</second_last_report>
</task>
<task id="f14747d3-a4d7-4e79-99bb-a0a1276cb78c">
<name>Scan Mailserver</name>
...
</task>
</get_tasks_response>
7.57.3 Example: Get a single task, including all reports
Client
Manager
<get_tasks task_id="f14747d3-a4d7-4e79-99bb-a0a1276cb78c"
details="1"/>
<get_tasks_response status="200"
status_text="OK">
<task_count>1</task_count>
<sort>
<field>
ROWID
<order>ascending</order>
</field>
</sort>
<apply_overrides>0</apply_overrides>
<task id="13bb418a-4220-4575-b35b-ec398bff7417">
<name>Scan Mailserver</name>
<comment>Scan of the web server.</comment>
<status>Done</status>
<progress>-1</progress>
<config id="daba56c8-73ec-11df-a475-002264764cea">
<name>Full and fast</name>
</config>
<alert id="">
<name/>
</alert>
<target id="1f28d970-17ef-4c69-ba8a-13827059f2b9">
<name>dik</name>
</target>
<schedule id="">
<name/>
<next_time>over</next_time>
</schedule>
<slave id="">
<name/>
</slave>
<report_count>
2
<finished>2</finished>
</report_count>
<trend/>
<first_report>
<report id="f0fdf522-276d-4893-9274-fb8699dc2270">
<timestamp>Mon Feb 1 19:11:20 2010</timestamp>
<result_count>
<debug>0</debug>
<hole>0</hole>
<info>7</info>
<log>0</log>
<warning>3</warning>
</result_count>
</report>
</first_report>
<last_report>
<report id="2688e6c7-db29-4505-80f1-0fd4a09e1011">
<timestamp>Mon Feb 1 19:11:20 2010</timestamp>
<result_count>
<debug>0</debug>
<hole>0</hole>
<info>7</info>
<log>0</log>
<warning>3</warning>
</result_count>
</report>
</last_report>
<second_last_report>
<report id="f0fdf522-276d-4893-9274-fb8699dc2270">
<timestamp>Mon Feb 1 19:11:20 2010</timestamp>
<result_count>
<debug>0</debug>
<hole>0</hole>
<info>7</info>
<log>0</log>
<warning>3</warning>
</result_count>
</report>
</second_last_report>
<reports>
<report id="f0fdf522-276d-4893-9274-fb8699dc2270">
<timestamp>Mon Feb 1 18:51:38 2010</timestamp>
<scan_run_status>Done</scan_run_status>
<result_count>
<debug>0</debug>
<hole>0</hole>
<info>7</info>
<log>0</log>
<warning>3</warning>
</result_count>
</report>
<report id="2688e6c7-db29-4505-80f1-0fd4a09e1011">
<timestamp>Mon Feb 1 19:11:20 2010</timestamp>
<scan_run_status>Done</scan_run_status>
<result_count>
<debug>0</debug>
<hole>0</hole>
<info>7</info>
<log>0</log>
<warning>3</warning>
</result_count>
</report>
</reports>
</task>
</get_tasks_response>
7.58 Command get_version
In short: Get the OpenVAS Manager Protocol version.
7.58.1 Structure
-
Command
- Empty single element.
-
Response
- @status (status)
- @status_text (text)
-
<version>
7.58.2 RNC
Command
Response
get_version
= element get_version
{
""
}
get_version_response
= element get_version_response
{
attribute status { status }
& attribute status_text { text }
& get_version_response_version
}
get_version_response_version
= element version
{
text
}
7.58.3 Example: Get the version
Client
Manager
<get_version/>
<get_version_response status="200"
status_text="OK">
<version>1.0</version>
</get_version_response>
7.59 Command help
In short: Get the help text.
7.59.1 Structure
-
Command
- @format ("html", "HTML", "rnc", "RNC", "text", "TEXT", "xml" or "XML") Required help format.
-
Response
- @status (status)
- @status_text (text)
-
<schema>
?
-
<protocol>
-
<name>
The full name of the protocol.
-
<abbreviation>
?The abbreviated name of the protocol.
-
<summary>
?A summary of the protocol.
-
<version>
?The version number of the protocol.
-
<type>
*A data type.
-
<name>
The name of the data type.
-
<summary>
?A summary of the data type.
-
<description>
?A description of the data type.
-
<p>
*A paragraph.
-
<p>
*
-
<pattern>
The RNC pattern for the data type.
-
<name>
-
<command>
*
A command.
-
<name>
-
<protocol>
7.59.2 RNC
Command
Response
help
= element help
{
attribute format { xsd:token { pattern = "html|HTML|rnc|RNC|text|TEXT|xml|XML" } }?
}
help_response
= element help_response
{
text
& attribute status { status }
& attribute status_text { text }
& help_response_schema?
}
help_response_schema
= element schema
{
help_response_schema_protocol
}
help_response_schema_protocol
= element protocol
{
help_response_schema_protocol_name
& help_response_schema_protocol_abbreviation?
& help_response_schema_protocol_summary?
& help_response_schema_protocol_version?
& help_response_schema_protocol_type*
& help_response_schema_protocol_command*
}
help_response_schema_protocol_name
= element name
{
text
}
help_response_schema_protocol_abbreviation
= element abbreviation
{
text
}
help_response_schema_protocol_summary
= element summary
{
text
}
help_response_schema_protocol_version
= element version
{
text
}
help_response_schema_protocol_type
= element type
{
help_response_schema_protocol_type_name
& help_response_schema_protocol_type_summary?
& help_response_schema_protocol_type_description?
& help_response_schema_protocol_type_pattern
}
help_response_schema_protocol_type_name
= element name
{
type_name
}
help_response_schema_protocol_type_summary
= element summary
{
text
}
help_response_schema_protocol_type_description
= element description
{
text
& help_response_schema_protocol_type_description_p*
}
help_response_schema_protocol_type_description_p
= element p
{
text
}
help_response_schema_protocol_type_pattern
= element pattern
{
text
}
help_response_schema_protocol_command
= element command # type command_definition
{
command_definition_name
& command_definition_summary?
& command_definition_description?
& ( ( command_definition_pattern
& command_definition_response )
| ( command_definition_type
& command_definition_ele* ) )
& command_definition_example*
}
7.59.3 Example: Get the help text
Client
Manager
<help/>
<help_response status="200"
status_text="OK">
AUTHENTICATE Authenticate with the manager.
COMMANDS Run a list of commands.
CREATE_AGENT Create an agent.
CREATE_CONFIG Create a config.
CREATE_ALERT Create an alert.
CREATE_FILTER Create a filter.
CREATE_LSC_CREDENTIAL Create a local security check credential.
CREATE_NOTE Create a note.
CREATE_OVERRIDE Create an override.
CREATE_PORT_LIST Create a port list.
CREATE_PORT_RANGE Create a port range in a port list.
CREATE_REPORT_FORMAT Create a report format.
CREATE_REPORT Create a report.
CREATE_SCHEDULE Create a schedule.
CREATE_SLAVE Create a slave.
CREATE_TARGET Create a target.
CREATE_TASK Create a task.
DELETE_AGENT Delete an agent.
DELETE_CONFIG Delete a config.
DELETE_ALERT Delete an alert.
DELETE_FILTER Delete a filter.
DELETE_LSC_CREDENTIAL Delete a local security check credential.
DELETE_NOTE Delete a note.
DELETE_OVERRIDE Delete an override.
DELETE_PORT_LIST Delete a port list.
DELETE_PORT_RANGE Delete a port range.
DELETE_REPORT Delete a report.
DELETE_REPORT_FORMAT Delete a report format.
DELETE_SCHEDULE Delete a schedule.
DELETE_SLAVE Delete a slave.
DELETE_TARGET Delete a target.
DELETE_TASK Delete a task.
EMPTY_TRASHCAN Empty the trashcan.
GET_AGENTS Get all agents.
GET_CONFIGS Get all configs.
GET_DEPENDENCIES Get dependencies for all available NVTs.
GET_ALERTS Get all alerts.
GET_FILTERS Get all filters.
GET_LSC_CREDENTIALS Get all local security check credentials.
GET_NOTES Get all notes.
GET_NVTS Get one or all available NVTs.
GET_NVT_FAMILIES Get a list of all NVT families.
GET_NVT_FEED_CHECKSUM Get checksum for entire NVT collection.
GET_OVERRIDES Get all overrides.
GET_PORT_LISTS Get all port lists.
GET_PREFERENCES Get preferences for all available NVTs.
GET_REPORTS Get all reports.
GET_REPORT_FORMATS Get all report formats.
GET_RESULTS Get results.
GET_SCHEDULES Get all schedules.
GET_SETTINGS Get all settings.
GET_SLAVES Get all slaves.
GET_SYSTEM_REPORTS Get all system reports.
GET_TARGET_LOCATORS Get configured target locators.
GET_TARGETS Get all targets.
GET_TASKS Get all tasks.
GET_VERSION Get the OpenVAS Manager Protocol version.
GET_INFO Get raw information for a given item.
HELP Get this help text.
MODIFY_CONFIG Update an existing config.
MODIFY_LSC_CREDENTIAL Modify an existing LSC credential.
MODIFY_FILTER Modify an existing filter.
MODIFY_NOTE Modify an existing note.
MODIFY_OVERRIDE Modify an existing override.
MODIFY_REPORT Modify an existing report.
MODIFY_REPORT_FORMAT Modify an existing report format.
MODIFY_SCHEDULE Modify an existing schedule.
MODIFY_SETTING Modify an existing setting.
MODIFY_TARGET Modify an existing target.
MODIFY_TASK Update an existing task.
PAUSE_TASK Pause a running task.
RESTORE Restore a resource.
RESUME_OR_START_TASK Resume task if stopped, else start task.
RESUME_PAUSED_TASK Resume a paused task.
RESUME_STOPPED_TASK Resume a stopped task.
RUN_WIZARD Run a wizard.
START_TASK Manually start an existing task.
STOP_TASK Stop a running task.
TEST_ALERT Run an alert.
VERIFY_AGENT Verify an agent.
VERIFY_REPORT_FORMAT Verify a report format.
</help_response>
7.59.3 Example: Get the OMP schema
Client
Manager
<help format="XML"/>
<help_response status="200"
status_text="OK">
<schema format="XML"
extension="xml"
content_type="text/xml">
<protocol>
<name>OpenVAS Management Protocol</name>
<abbreviation>OMP</abbreviation>
<summary>
The "management" protocol of the Open Vulnerability Assessment System
</summary>
<version>1.0</version>
<type>
<name>base64</name>
<summary>Base64 encoded data</summary>
<pattern>xsd:base64Binary</pattern>
</type>
...
<command>
<name>authenticate</name>
<summary>Authenticate with the manager</summary>
<description>
<p>
The client uses the authenticate command to authenticate with the
Manager.
</p>
<p>
The client normally executes this command at the beginning of each
connection. The only commands permitted before authentication are
get_version and commands.
</p>
</description>
<pattern>
<e>credentials</e>
</pattern>
<ele>
<name>credentials</name>
<pattern>
<e>username</e>
<e>password</e>
</pattern>
<ele>
<name>username</name>
<summary>The login name of the user</summary>
<pattern>text</pattern>
</ele>
<ele>
<name>password</name>
<summary>The user's password</summary>
<pattern>text</pattern>
</ele>
</ele>
<response>
<pattern>
<attrib>
<name>status</name>
<type>status</type>
<required>1</required>
</attrib>
<attrib>
<name>status_text</name>
<type>text</type>
<required>1</required>
</attrib>
</pattern>
</response>
<example>
<summary>Authenticate with a good password</summary>
<request>
<authenticate>
<credentials>
<username>sally</username>
<password>secret</password>
</credentials>
</authenticate>
</request>
<response>
<authenticate_response status="200"
status_text="OK">
<role>User</role>
<timezone>UTC</timezone>
</authenticate_response>
</response>
</example>
...
</command>
...
</protocol>
</schema>
</help_response>
7.60 Command modify_config
In short: Update an existing config.
This command can take five forms: with a preference, with a family selection, with an NVT selection, or with a name or comment.
The first form modifies a preference on the config. If the preference includes an NVT, then the preference is an NVT preference, otherwise the preference is a scanner preference. If the preference includes a value then the manager updates the value of the preference, otherwise the manager removes the preference. The value must be base64 encoded.
The second form, with a family selection, lets the client modify the NVTs selected by the config at a family level. The idea is that the client modifies the entire family selection at once, so a client will often need to include many families in a family selection.
The family_selection may include a growing element to indicate whether new families should be added to the selection. It may also include any number of family elements.
A family element must always include a name and may include a growing element and an all element. The all element indicates whether all NVTs in the family should be selected. The growing element indicates whether new NVTs in the family should be added to the selection as they arrive. Leaving a family out of the family_selection is equivalent to including the family with all 0 and growing 0.
The effect of the all 0 and growing 0 case is subtle: if all NVTs were selected then all are removed (effectively removing the family from the config). However if some NVTs were selected then they remain selected. As a result the client must include in the family_selection all families that must have all NVTs selected.
The third option, an NVT selection, must include a family and may include any number of NVTs. The manager updates the given family in the config to include only the given NVTs.
If there was no error with the command sent by the client, the manager will apply the changes to the config and will reply with a response code indicating success.
7.60.1 Structure
-
Command
- @config_id (uuid) ID of config to modify.
-
One of
-
<name>
New name for the config.
-
<comment>
New comment for the config.
-
<preference>
-
<name>
The name of the preference to modify.
-
<nvt>
?NVT associated with preference to modify.
- @oid (oid)
-
<value>
?New value for preference.
-
<name>
-
<family_selection>
-
<growing>
?Whether new families should be added to the config.
-
<family>
*
-
<all>
?Whether to select all NVTs initially.
-
<growing>
?Whether to add newly arrived nvts to the selection.
-
<name>
-
<all>
?
-
<growing>
?
-
<nvt_selection>
-
<family>
Name of family to modify.
-
<nvt>
*
- @oid (oid)
-
<family>
-
<name>
-
Response
- @status (status)
- @status_text (text)
7.60.2 RNC
Command
Response
modify_config
= element modify_config
{
attribute config_id { uuid }
& ( modify_config_name
| modify_config_comment
| modify_config_preference
| modify_config_family_selection
| modify_config_nvt_selection )
}
modify_config_name
= element name
{
name
}
modify_config_comment
= element comment
{
text
}
modify_config_preference
= element preference
{
modify_config_preference_name
& modify_config_preference_nvt?
& modify_config_preference_value?
}
modify_config_preference_name
= element name
{
name
}
modify_config_preference_nvt
= element nvt
{
attribute oid { oid }
}
modify_config_preference_value
= element value
{
base64
}
modify_config_family_selection
= element family_selection
{
modify_config_family_selection_growing?
& modify_config_family_selection_family*
}
modify_config_family_selection_growing
= element growing
{
boolean_atoi
}
modify_config_family_selection_family
= element family
{
modify_config_family_selection_family_all?
& modify_config_family_selection_family_growing?
& modify_config_family_selection_family_name
}
modify_config_family_selection_family_all
= element all
{
boolean_atoi
}
modify_config_family_selection_family_growing
= element growing
{
boolean_atoi
}
modify_config_family_selection_family_name
= element name
{
name
}
modify_config_nvt_selection
= element nvt_selection
{
modify_config_nvt_selection_family
& modify_config_nvt_selection_nvt*
}
modify_config_nvt_selection_family
= element family
{
name
}
modify_config_nvt_selection_nvt
= element nvt
{
attribute oid { oid }
}
modify_config_response
= element modify_config_response
{
attribute status { status }
& attribute status_text { text }
}
7.60.3 Example: Modify a config NVT preference
Client
Manager
<modify_config config_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6">
<preference>
<nvt oid="1.3.6.1.4.1.25623.1.0.14259"/>
<name>Nmap (NASL wrapper)[checkbox]:UDP port scan</name>
<value>eWVz</value>
</preference>
</modify_config>
<modify_config_response status="200"
status_text="OK"/>
7.60.3 Example: Modify a config Scanner preference
Client
Manager
<modify_config config_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6">
<preference>
<name>scanner[scanner]:vhosts</name>
<value>ZXhhbXBsZQ==</value>
</preference>
</modify_config>
<modify_config_response status="200"
status_text="OK"/>
7.60.3 Example: Modify the families that a config selects
The outer "growing" element sets the config to add any new families that arrive.
The client requests the Manager to keep a single selected family (Debian Local Security Checks), to select all NVTs in this family, and to automatically add any new NVTs in this family to the config.
Client
Manager
<modify_config config_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6">
<family_selection>
<growing>1</growing>
<family>
<name>Debian Local Security Checks</name>
<all>1</all>
<growing>1</growing>
</family>
</family_selection>
</modify_config>
<modify_config_response status="200"
status_text="OK"/>
7.60.3 Example: Modify the NVTs that a config selects in a particular family
Client
Manager
<modify_config config_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6">
<nvt_selection>
<family>Debian Local Security Checks</family>
<nvt oid="1.3.6.1.4.1.25623.1.0.53797"/>
<nvt oid="1.3.6.1.4.1.25623.1.0.63272"/>
<nvt oid="1.3.6.1.4.1.25623.1.0.55615"/>
<nvt oid="1.3.6.1.4.1.25623.1.0.53546"/>
</nvt_selection>
</modify_config>
<modify_config_response status="200"
status_text="OK"/>
7.61 Command modify_filter
In short: Modify an existing filter.
The client uses the modify_filter command to change an existing filter.
7.61.1 Structure
-
Command
- @filter_id (uuid) ID of filter to modify.
-
<comment>
?Comment on filter.
-
<name>
?Name of filter.
-
<term>
?Filter term.
-
<type>
?Resource type filter applies to.
-
Response
- @status (status)
- @status_text (text)
7.61.2 RNC
Command
Response
modify_filter
= element modify_filter
{
attribute filter_id { uuid }
& modify_filter_comment?
& modify_filter_name?
& modify_filter_term?
& modify_filter_type?
}
modify_filter_comment
= element comment
{
text
}
modify_filter_name
= element name
{
name
}
modify_filter_term
= element term
{
text
}
modify_filter_type
= element type
{
text
}
modify_filter_response
= element modify_filter_response
{
attribute status { status }
& attribute status_text { text }
}
7.61.3 Example: Modify the term of a filter
Client
Manager
<modify_filter filter_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <term>name=local</term> </modify_filter>
<modify_filter_response status="200"
status_text="OK"/>
7.62 Command modify_lsc_credential
In short: Modify an existing LSC credential.
The client uses the modify_lsc_credential command to change an existing LSC credential.
The login and password can only be changed for password LSC credentials. Modification of login or password on package credentials is forbidden.
7.62.1 Structure
-
Command
- @lsc_credential_id (uuid) ID of LSC credential to modify.
-
<comment>
?A comment on the LSC credential.
-
<name>
?A name for the LSC credential.
-
<password>
?The password for the credential login.
-
<login>
?The user name of the credential.
-
Response
- @status (status)
- @status_text (text)
7.62.2 RNC
Command
Response
modify_lsc_credential
= element modify_lsc_credential
{
attribute lsc_credential_id { uuid }
& modify_lsc_credential_comment?
& modify_lsc_credential_name?
& modify_lsc_credential_password?
& modify_lsc_credential_login?
}
modify_lsc_credential_name
= element name
{
name
}
modify_lsc_credential_comment
= element comment
{
text
}
modify_lsc_credential_login
= element login
{
text
}
modify_lsc_credential_password
= element password
{
text
}
modify_lsc_credential_response
= element modify_lsc_credential_response
{
attribute status { status }
& attribute status_text { text }
}
7.62.3 Example: Modify the comment of an LSC credential
Client
Manager
<modify_lsc_credential lsc_credential_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <comment>Credential for all machines in lab 4.</comment> </modify_lsc_credential>
<modify_lsc_credential_response status="200"
status_text="OK"/>
7.63 Command modify_note
In short: Modify an existing note.
The client uses the modify_note command to change an existing note.
If an optional element is left out, the existing value will be cleared, generalising that constraint.
7.63.1 Structure
-
Command
- @note_id (uuid) ID of note to modify.
-
<active>
?Seconds note will be active. -1 on always, 0 off.
-
<hosts>
?A textual list of hosts.
-
<port>
?Port to which note applies.
-
<result>
?Result to which note applies.
- @id (uuid)
-
<task>
?Task to which note applies.
- @id (uuid)
-
<text>
The text of the note.
-
<threat>
?Threat level to which note applies.
-
Response
- @status (status)
- @status_text (text)
7.63.2 RNC
Command
Response
modify_note
= element modify_note
{
attribute note_id { uuid }
& modify_note_active?
& modify_note_hosts?
& modify_note_port?
& modify_note_result?
& modify_note_task?
& modify_note_text
& modify_note_threat?
}
modify_note_active
= element active
{
integer
}
modify_note_hosts
= element hosts
{
text
}
modify_note_port
= element port
{
text
}
modify_note_text
= element text
{
text
}
modify_note_threat
= element threat
{
threat
}
modify_note_task
= element task
{
attribute id { uuid }
}
modify_note_result
= element result
{
attribute id { uuid }
}
modify_note_response
= element modify_note_response
{
attribute status { status }
& attribute status_text { text }
}
7.63.3 Example: Modify the text and result of a note
Client
Manager
<modify_note note_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <text>This issue should be resolved after the upgrade.</text> <result result_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c"/> </modify_note>
<modify_note_response status="200"
status_text="OK"/>
7.64 Command modify_override
In short: Modify an existing override.
The client uses the modify_override command to change an existing override.
If an optional element is left out, the existing value will be cleared, generalising that constraint.
7.64.1 Structure
-
Command
- @override_id (uuid) ID of override to modify.
-
<active>
?Seconds override will be active. -1 on always, 0 off.
-
<hosts>
?A textual list of hosts.
-
<new_threat>
?New threat level for result.
-
<port>
?Port to which override applies.
-
<result>
?Result to which override applies.
- @id (uuid)
-
<task>
?Task to which override applies.
- @id (uuid)
-
<text>
Text describing the override.
-
<threat>
?Threat level to which override applies.
-
Response
- @status (status)
- @status_text (text)
7.64.2 RNC
Command
Response
modify_override
= element modify_override
{
attribute override_id { uuid }
& modify_override_active?
& modify_override_hosts?
& modify_override_new_threat?
& modify_override_port?
& modify_override_result?
& modify_override_task?
& modify_override_text
& modify_override_threat?
}
modify_override_active
= element active
{
integer
}
modify_override_hosts
= element hosts
{
text
}
modify_override_new_threat
= element new_threat
{
threat
}
modify_override_port
= element port
{
text
}
modify_override_text
= element text
{
text
}
modify_override_threat
= element threat
{
threat
}
modify_override_task
= element task
{
attribute id { uuid }
}
modify_override_result
= element result
{
attribute id { uuid }
}
modify_override_response
= element modify_override_response
{
attribute status { status }
& attribute status_text { text }
}
7.64.3 Example: Set the override threat to Low
Client
Manager
<modify_override override_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <text>This issue is less important in our setup.</text> <new_threat>Low</new_threat> </modify_override>
<modify_override_response status="200"
status_text="OK"/>
7.65 Command modify_report
In short: Modify an existing report.
The client uses the modify_report command to change an existing report.
7.65.1 Structure
-
Command
- @report_id (uuid) ID of report to modify.
-
<comment>
The comment on the report.
-
Response
- @status (status)
- @status_text (text)
7.65.2 RNC
Command
Response
modify_report
= element modify_report
{
attribute report_id { uuid }
& modify_report_comment
}
modify_report_comment
= element comment
{
text
}
modify_report_response
= element modify_report_response
{
attribute status { status }
& attribute status_text { text }
}
7.65.3 Example: Modify a report comment
Client
Manager
<modify_report report_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <comment>Monthly scan of the webserver.</comment> </modify_report>
<modify_report_response status="200"
status_text="OK"/>
7.66 Command modify_report_format
In short: Update an existing report format.
The client uses the modify_report_format command to change an existing report format.
7.66.1 Structure
-
Command
- @report_format_id (uuid) ID of report format to modify.
-
One of
-
<active>
Whether the report format is active.
-
<name>
The name of the report format.
-
<summary>
A summary of the report format.
-
<param>
-
<name>
The name of the param.
-
<value>
?New value for the param.
-
<name>
-
<active>
-
Response
- @status (status)
- @status_text (text)
7.66.2 RNC
Command
Response
modify_report_format
= element modify_report_format
{
attribute report_format_id { uuid }
& ( modify_report_format_active
| modify_report_format_name
| modify_report_format_summary
| modify_report_format_param )
}
modify_report_format_active
= element active
{
boolean
}
modify_report_format_name
= element name
{
name
}
modify_report_format_summary
= element summary
{
text
}
modify_report_format_param
= element param
{
modify_report_format_param_name
& modify_report_format_param_value?
}
modify_report_format_param_name
= element name
{
name
}
modify_report_format_param_value
= element value
{
base64
}
modify_report_format_response
= element modify_report_format_response
{
attribute status { status }
& attribute status_text { text }
}
7.66.3 Example: Modify a report format param
Client
Manager
<modify_report_format report_format_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6">
<param>
<name>Background Colour</name>
<value>cmVk</value>
</param>
</modify_report_format>
<modify_report_format_response status="200"
status_text="OK"/>
7.66.3 Example: Modify the name of a report format
Client
Manager
<modify_report_format report_format_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <name>New name</name> </modify_report_format>
<modify_report_format_response status="200"
status_text="OK"/>
7.67 Command modify_schedule
In short: Modify an existing schedule.
The client uses the modify_schedule command to change an existing schedule.
7.67.1 Structure
-
Command
- @schedule_id (uuid) ID of schedule to modify.
-
<comment>
?Comment on schedule.
-
<name>
?Name of schedule.
-
<first_time>
?First time the task will run.
-
<day_of_month>
?
-
<hour>
?
-
<minute>
?
-
<month>
?
-
<year>
?
-
<day_of_month>
?
-
<duration>
?How long the task will run for.
-
<unit>
?
-
<unit>
?
-
<period>
?How often the task will run.
-
<unit>
?
-
<unit>
?
-
<timezone>
?The timezone the schedule will follow.
-
Response
- @status (status)
- @status_text (text)
7.67.2 RNC
Command
Response
modify_schedule
= element modify_schedule
{
attribute schedule_id { uuid }
& modify_schedule_comment?
& modify_schedule_name?
& modify_schedule_first_time?
& modify_schedule_duration?
& modify_schedule_period?
& modify_schedule_timezone?
}
modify_schedule_comment
= element comment
{
text
}
modify_schedule_name
= element name
{
name
}
modify_schedule_first_time
= element first_time
{
modify_schedule_first_time_day_of_month?
& modify_schedule_first_time_hour?
& modify_schedule_first_time_minute?
& modify_schedule_first_time_month?
& modify_schedule_first_time_year?
}
modify_schedule_first_time_day_of_month
= element day_of_month
{
text
}
modify_schedule_first_time_hour
= element hour
{
text
}
modify_schedule_first_time_minute
= element minute
{
text
}
modify_schedule_first_time_month
= element month
{
text
}
modify_schedule_first_time_year
= element year
{
text
}
modify_schedule_timezone
= element timezone
{
text
}
modify_schedule_duration
= element duration
{
text
& modify_schedule_duration_unit?
}
modify_schedule_duration_unit
= element unit
{
time_unit
}
modify_schedule_period
= element period
{
text
& modify_schedule_period_unit?
}
modify_schedule_period_unit
= element unit
{
time_unit
}
modify_schedule_response
= element modify_schedule_response
{
attribute status { status }
& attribute status_text { text }
}
7.67.3 Example: Modify the name of a schedule
Client
Manager
<modify_schedule schedule_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <name>Weekly Scan</name> </modify_schedule>
<modify_schedule_response status="200"
status_text="OK"/>
7.68 Command modify_setting
In short: Modify an existing setting.
The client uses the modify_setting command to change an existing setting. These are user settings that can be controlled via OMP. The settings "Password" and "Timezone" can be modified by name, the rest by UUID.
7.68.1 Structure
-
Command
- @setting_id (uuid)
-
<name>
The name of the setting.
-
<value>
The value of the setting.
-
Response
- @status (status)
- @status_text (text)
7.68.2 RNC
Command
Response
modify_setting
= element modify_setting
{
attribute setting_id { uuid }?
& modify_setting_name
& modify_setting_value
}
modify_setting_name
= element name
{
text
}
modify_setting_value
= element value
{
text
}
modify_setting_response
= element modify_setting_response
{
attribute status { status }
& attribute status_text { text }
}
7.68.3 Example: Modify the timezone
Client
Manager
<modify_setting> <name>Timezone</name> <value>Africa/Johannesburg</value> </modify_setting>
<modify_setting_response status="200"
status_text="OK"/>
7.69 Command modify_target
In short: Modify an existing target.
The client uses the modify_target command to change an existing target.
7.69.1 Structure
-
Command
- @target_id (uuid) ID of target to modify.
-
<comment>
?Comment on target.
-
<name>
?Name of target.
-
<hosts>
?Target hosts.
-
<ssh_lsc_credential>
?SSH credential to use on target.
- @id (uuid)
-
<smb_lsc_credential>
?SMB credential to use on target.
- @id (uuid)
-
<port_list>
?Port List describing ports to scan.
- @id (uuid)
-
<target_locator>
?
-
<username>
-
<password>
-
<username>
-
Response
- @status (status)
- @status_text (text)
7.69.2 RNC
Command
Response
modify_target
= element modify_target
{
attribute target_id { uuid }
& modify_target_comment?
& modify_target_name?
& modify_target_hosts?
& modify_target_ssh_lsc_credential?
& modify_target_smb_lsc_credential?
& modify_target_port_list?
& modify_target_target_locator?
}
modify_target_comment
= element comment
{
text
}
modify_target_name
= element name
{
name
}
modify_target_hosts
= element hosts
{
text
}
modify_target_ssh_lsc_credential
= element ssh_lsc_credential
{
attribute id { uuid }
}
modify_target_smb_lsc_credential
= element smb_lsc_credential
{
attribute id { uuid }
}
modify_target_port_list
= element port_list
{
attribute id { uuid }
}
modify_target_target_locator
= element target_locator
{
modify_target_target_locator_username
& modify_target_target_locator_password
}
modify_target_target_locator_username
= element username
{
text
}
modify_target_target_locator_password
= element password
{
text
}
modify_target_response
= element modify_target_response
{
attribute status { status }
& attribute status_text { text }
}
7.69.3 Example: Modify the name of a target
Client
Manager
<modify_target target_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <name>Upstairs Lab</name> </modify_target>
<modify_target_response status="200"
status_text="OK"/>
7.70 Command modify_task
In short: Modify an existing task.
The client uses the modify_task command to change an existing task.
7.70.1 Structure
-
Command
- @task_id (uuid) ID of task to modify.
-
One of
-
<comment>
The comment on the task.
-
<alert>
*Task alert.
- @id (uuid)
-
<name>
The name of the task.
-
<observers>
Users allowed to observe this task.
-
<preferences>
-
<preference>
*
-
<scanner_name>
Compact name of preference, from scanner.
-
<value>
-
<scanner_name>
-
<preference>
*
-
<rcfile>
An openvasrc style file describing the task.
-
<schedule>
Task schedule.
- @id (uuid)
-
<slave>
Task slave.
- @id (uuid)
-
<file>
File to attach to task.
- @name (text)
- @action ("update" or "remove")
-
<comment>
-
Response
- @status (status)
- @status_text (text)
7.70.2 RNC
Command
Response
modify_task
= element modify_task
{
attribute task_id { uuid }
& ( modify_task_comment
| modify_task_alert*
| modify_task_name
| modify_task_observers
| modify_task_preferences
| modify_task_rcfile
| modify_task_schedule
| modify_task_slave
| modify_task_file )
}
modify_task_comment
= element comment
{
text
}
modify_task_alert
= element alert
{
attribute id { uuid }
}
modify_task_name
= element name
{
name
}
modify_task_observers
= element observers
{
user_list
}
modify_task_preferences
= element preferences
{
modify_task_preferences_preference*
}
modify_task_preferences_preference
= element preference
{
modify_task_preferences_preference_scanner_name
& modify_task_preferences_preference_value
}
modify_task_preferences_preference_scanner_name
= element scanner_name
{
text
}
modify_task_preferences_preference_value
= element value
{
text
}
modify_task_rcfile
= element rcfile
{
base64
}
modify_task_schedule
= element schedule
{
attribute id { uuid }
}
modify_task_slave
= element slave
{
attribute id { uuid }
}
modify_task_file
= element file
{
text # RNC limitation: base64
& attribute name { text }
& attribute action { xsd:token { pattern = "update|remove" } }
}
modify_task_response
= element modify_task_response
{
attribute status { status }
& attribute status_text { text }
}
7.70.3 Example: Modify a task comment
Client
Manager
<modify_task task_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6"> <comment>Monthly scan of the webserver.</comment> </modify_task>
<modify_task_response status="200"
status_text="OK"/>
7.71 Command pause_task
In short: Pause a running task.
The client uses the pause_task command to manually pause a running task.
7.71.1 Structure
7.71.2 RNC
Command
Response
pause_task
= element pause_task
{
attribute task_id { uuid }
}
pause_task_response
= element pause_task_response
{
attribute status { status }
& attribute status_text { text }
}
7.71.3 Example: Pause a running task
Client
Manager
<pause_task task_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<pause_task_response status="200"
status_text="OK"/>
7.72 Command restore
In short: Restore a resource.
The client uses the restore a resource from the trashcan.
7.72.1 Structure
7.72.2 RNC
Command
Response
restore
= element restore
{
attribute id { uuid }
}
restore_response
= element restore_response
{
attribute status { status }
& attribute status_text { text }
}
7.72.3 Example: Restore a target
Client
Manager
<restore id="97390ade-e075-11df-9973-002264764cea"/>
<restore_response status="200"
status_text="OK"/>
7.73 Command resume_or_start_task
In short: Resume task if stopped, else start task.
The client uses the resume_or_start_task command to manually start an existing task, ensuring that the task will resume from its previous position if the task is in the Stopped state.
7.73.1 Structure
7.73.2 RNC
Command
Response
resume_or_start_task
= element resume_or_start_task
{
attribute task_id { uuid }
}
resume_or_start_task_response
= element resume_or_start_task_response
{
attribute status { status }
& attribute status_text { text }
}
7.73.3 Example: Resume a running task
Client
Manager
<resume_or_start_task task_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<resume_or_start_task_response status="200"
status_text="OK"/>
7.74 Command resume_paused_task
In short: Resume a paused task.
The client uses the resume_paused_task command to manually resume a paused task.
7.74.1 Structure
7.74.2 RNC
Command
Response
resume_paused_task
= element resume_paused_task
{
attribute task_id { uuid }
}
resume_paused_task_response
= element resume_paused_task_response
{
attribute status { status }
& attribute status_text { text }
}
7.74.3 Example: Resume a paused task
Client
Manager
<resume_paused_task task_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<resume_paused_task_response status="200"
status_text="OK"/>
7.75 Command resume_stopped_task
In short: Resume a stopped task.
The client uses the resume_stopped_task command to manually resume a stopped task.
7.75.1 Structure
7.75.2 RNC
Command
Response
resume_stopped_task
= element resume_stopped_task
{
attribute task_id { uuid }
}
resume_stopped_task_response
= element resume_stopped_task_response
{
attribute status { status }
& attribute status_text { text }
}
7.75.3 Example: Resume a stopped task
Client
Manager
<resume_stopped_task task_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<resume_stopped_task_response status="200"
status_text="OK"/>
7.76 Command run_wizard
In short: Run a wizard.
The client uses the run_wizard command to run a wizard.
7.76.1 Structure
-
Command
-
<name>
The name of the wizard.
-
<params>
Paramaters for the wizard.
-
<param>
*
-
<name>
Parameter name.
-
<value>
Value of parameter.
-
<name>
-
<param>
*
-
<name>
-
Response
- @status (status)
- @status_text (text)
7.76.2 RNC
Command
Response
run_wizard
= element run_wizard
{
run_wizard_name
& run_wizard_params
}
run_wizard_name
= element name
{
name
}
run_wizard_params
= element params
{
run_wizard_params_param*
}
run_wizard_params_param
= element param
{
run_wizard_params_param_name
& run_wizard_params_param_value
}
run_wizard_params_param_name
= element name
{
text
}
run_wizard_params_param_value
= element value
{
text
}
run_wizard_response
= element run_wizard_response
{
attribute status { status }
& attribute status_text { text }
}
7.76.3 Example: Run the Quick Start wizard to scan localhost
Client
Manager
<run_wizard>
<name>quick_first_scan</name>
<params>
<param>
<name>hosts</name>
<value>localhost</value>
</param>
</params>
</run_wizard>
<run_wizard_response status="202"
status_text="OK, request submitted"/>
7.77 Command start_task
In short: Manually start an existing task.
The client uses the start_task command to manually start an existing task.
7.77.1 Structure
7.77.2 RNC
Command
Response
start_task
= element start_task
{
attribute task_id { uuid }
}
start_task_response
= element start_task_response
{
attribute status { status }
& attribute status_text { text }
}
7.77.3 Example: Start a task
Client
Manager
<start_task task_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<start_task_response status="200"
status_text="OK"/>
7.78 Command stop_task
In short: Stop a running task.
The client uses the stop_task command to manually stop a running task.
7.78.1 Structure
7.78.2 RNC
Command
Response
stop_task
= element stop_task
{
attribute task_id { uuid }
}
stop_task_response
= element stop_task_response
{
attribute status { status }
& attribute status_text { text }
}
7.78.3 Example: Stop a running task
Client
Manager
<stop_task task_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<stop_task_response status="200"
status_text="OK"/>
7.79 Command test_alert
In short: Run an alert.
The client uses the test_alert command to invoke a test run of an alert.
7.79.1 Structure
7.79.2 RNC
Command
Response
test_alert
= element test_alert
{
attribute alert_id { uuid }
}
test_alert_response
= element test_alert_response
{
attribute status { status }
& attribute status_text { text }
}
7.79.3 Example: Test an alert
Client
Manager
<test_alert alert_id="97390ade-e075-11df-9973-002264764cea"/>
<test_alert_response status="200"
status_text="OK"/>
7.80 Command verify_agent
In short: Verify an agent.
The client uses the verify_agent command to verify the trust level of an existing agent.
The Manager checks whether the signature of the agent currently matches the agent. This includes the agent installer file. The Manager searches for the signature first in the feed, then in the agent itself.
7.80.1 Structure
7.80.2 RNC
Command
Response
verify_agent
= element verify_agent
{
attribute agent_id { uuid }
}
verify_agent_response
= element verify_agent_response
{
attribute status { status }
& attribute status_text { text }
}
7.80.3 Example: Verify an agent
Client
Manager
<verify_agent agent_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<verify_agent_response status="200"
status_text="OK"/>
7.81 Command verify_report_format
In short: Verify a report format.
The client uses the verify_report_format command to verify the trust level of an existing report format.
The Manager checks whether the signature of the report format currently matches the report format. This includes the script and files used to generate reports of this format. The Manager searches for the signature first in the feed, then in the report format itself.
7.81.1 Structure
7.81.2 RNC
Command
Response
verify_report_format
= element verify_report_format
{
attribute report_format_id { uuid }
}
verify_report_format_response
= element verify_report_format_response
{
attribute status { status }
& attribute status_text { text }
}
7.81.3 Example: Verify a report format
Client
Manager
<verify_report_format report_format_id="267a3405-e84a-47da-97b2-5fa0d2e8995e"/>
<verify_report_format_response status="200"
status_text="OK"/>
