OpenVAS: NagiosPlugin

The NagiosPlugin is included in the openvas-cli.

Nagios can display the results of a scan as an additional monitored service of a host.

In this case, the scanned systems are automatically linked to the monitored systems.

Thus, the scan results are also available for an alarm via Nagios.

The basic functionality without access to a task can be tested with the following command:

root@sv-openvas ~ # check_omp -H sv-openvas.joed.local -u omp -w password --ping
OMP OK: Alive and kicking!

In OpenVAS, an extra user should be created, which must then have readability to the task from which the report should be used.

Nagios reads only scan results, but does not initiate scans. The OpenVAS tasks should be performed automatically at regular intervals using a schedule.

root@sv-openvas ~ # check_omp -H sv-openvas.joed.local -u omp -w password --
status -T 'Immediate scan of IP 192.168.1.102' --last-report -F
192.168.1.102
OMP WARNING: 5 vulnerabilities found - High: 0 Medium: 4 Low: 1
|High=0 Medium=4 Low=1

Important:

  • User omp must have at least read permission for the task.
  • There must be a complete scan to provide a finished report.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s