OpenVAS

PlexTrac supports importing XML files from OpenVAS. OpenVAS (Open Vulnerability Assessment System) is a network security scanner and vulnerability management solution designed to identify and assess vulnerabilities in network infrastructure and web applications. It performs scans of networks and hosts to identify open ports, running services, and potential vulnerabilities.

Below are the mappings of fields and any reference notes to provide context. If a field is not listed, PlexTrac does not currently import it.

Finding Field Mappings

PlexTrac Field	OpenVAS Path	Notes
title	<result><nvt><name>
severity	<result><threat>
references	<result><nvt><xref> <result><nvt><certs><cert_ref id=(parse out this id) type=(parse out this type)> <result><nvt><cve> <result><nvt><bid>	A combination of: <xref>: we ignore "NOXREF" if populated in the <xref> element and <cert_ref>: we take the id and type from all cert_ref tags in the <certs> element and <cve>: we ignore "NOCVE" if populated in the <cve> element and <bid>: we ignore "NOBID" if populated in the <bid> element
recommendations	<result><nvt><tags>	PlexTrac parses the element into separate items based on the \| delimiter that creates an array of key value pairs. Then we evaluate the array to compose description. Description is composed of the following values, if the key exists: summary impact insight affected vuldetect
description	<result><nvt><tags>	PlexTrac parses the <tags> element into separate items based on the \| delimiter that is used to create an array of key value pairs. Then we evaluate the array and compose recommendations from the following values, if the key exists: solution solution_type If solution is not in the array, we populate the solution with the phrase: "A solution was not provided by the scan source"
score: <cvss>
label: cvss
value	<result><nvt><cvss_base>
calculation	<result><nvt><tags>	PlexTrac parses the element into separate items based on the \| delimiter that creates an array of key value pairs. Then we evaluate the array and compose cvss calculation: Calculation is composed of the following values, if the key exists: cvss_base_vector

PlexTrac Field

OpenVAS Path

Notes

title

severity

references

A combination of: <xref>: we ignore "NOXREF" if populated in the <xref> element and <cert_ref>: we take the id and type from all cert_ref tags in the <certs> element and

<cve>: we ignore "NOCVE" if populated in the <cve> element and

<bid>: we ignore "NOBID" if populated in the <bid> element

recommendations

PlexTrac parses the element into separate items based on the | delimiter that creates an array of key value pairs. Then we evaluate the array to compose description. Description is composed of the following values, if the key exists:

summary
impact
insight
affected
vuldetect

description

PlexTrac parses the <tags> element into separate items based on the | delimiter that is used to create an array of key value pairs. Then we evaluate the array and compose recommendations from the following values, if the key exists:

solution
solution_type

If solution is not in the array, we populate the solution with the phrase: "A solution was not provided by the scan source"

score: <cvss>

label: cvss

value

calculation

PlexTrac parses the element into separate items based on the | delimiter that creates an array of key value pairs. Then we evaluate the array and compose cvss calculation: Calculation is composed of the following values, if the key exists:

cvss_base_vector

Asset Field Mappings

PlexTrac Field	OpenVAS Path
asset	<result><host>

PlexTrac Field

OpenVAS Path

asset

PreviousNodeZero NextPentera

Last updated 1 month ago