Retrieving certain informations about added hosts

yannicknoah · September 30, 2020, 7:27am

Hello,
i defined a rule and i was able to get the vulnerability status of that host where the rule is applied to.
The command i used does not work in general, because i need to give the ip address and the name manually e.g.

gvm-script --gmp-username=<un> --gmp-password=<pw> tls --hostname <ip> check-gmp.gmp.py -F <ip> --last-report -T <task>" --status

So i was wondering if i can get these infos (ip,name) of the added host in check_mk somehow to use variables. Is this possible?

best regards,
yannick

kdeutsch · September 30, 2020, 8:50am

Hello,
yes it’s possible:

Show the inline help for this: Help - Toggle inline help on this page.

Karl

yannicknoah · September 30, 2020, 10:15am

This works just fine. Thank you

FJerusalem · October 9, 2020, 10:13am

@yannicknoah: Just out of interest: Are you using OpenVAS or the commercial appliance? As for some reason (probably layer-8-issue ) - i only can get gvm-script to work locally using socket. Could not find any magic described in their manual on how to enable gmp over ssh for openvas. (https://docs.greenbone.net/GSM-Manual/gos-4/en/omp.html#activating-gmp)

So my current workaround for openvas would be to run gvm-script locally on the openvas-vm via:

sudo -u gvm /usr/local/bin/gvm-script --gmp-username=“" --gmp-password="****” socket --socketpath /opt/gvm/var/run/gvmd.sock /check-gmp.gmp.py -F <ip> --last-report -T “<report-task>” --status

FJerusalem · October 9, 2020, 11:30am

BTW: My current implementation is leading me to the same problem as mentioned here: Connection to CheckMK - Greenbone Management Protocol (GMP) - Greenbone Community Portal
→ getting Null as return-value. But this is out of scope on this toppic.

Just wanted to know if ssh is possible with the open-source-edition…
As this would pretty fast solve the issues I’m currently having.

yannicknoah · October 25, 2020, 8:32pm

Hi,
sorry for the late reply. For OpenVAS i use the open source version 20.08.
Yes SSH is possible, but i use tls instead, was easier to configure.

Ler me know if i can help you somehow

best regards

FJerusalem · October 27, 2020, 3:16pm

No need to apologize for anything. Thanks or your fedback! Ah. So the TLS-issue is probably related to my env (having weird proxy-setup here…).
Just wondered how you got the plugin-output working in checkmk as i get a null as return-value as mentioned here: https://community.greenbone.net/t/connection-to-checkmk/3392
-Any adaptions you had to make to the plugin?