OpenVAS

PlexTrac supports importing XML files from OpenVAS. OpenVAS (Open Vulnerability Assessment System) is a network security scanner and vulnerability management solution designed to identify and assess vulnerabilities in network infrastructure and web applications. It performs scans of networks and hosts to identify open ports, running services, and potential vulnerabilities.
Below are the mappings of fields and any reference notes to provide context. If a field is not listed, then PlexTrac does not currently import.
Finding Field Mappings
PlexTrac Field
OpenVAS Path
Notes
title
<result><nvt><name>
​
severity
<result><threat>
​
references
<result><nvt><xref>
<result><nvt><certs><cert_ref id=(parse out this id) type=(parse out this type)>
<result><nvt><cve>
<result><nvt><bid>
A combination of:
<xref>: we ignore "NOXREF" if populated in the <xref> element and

<cert_ref>: we take the id and type from all cert_ref tags in the <certs> element and

<cve>: we ignore "NOCVE" if populated in the <cve> element and 
​
<bid>: we ignore "NOBID" if populated in the <bid> element
recommendations
<result><nvt><tags>
​
We parse out the element into separate items based on the | delimiter that creates an array of key value pairs. Then we evaluate the array to compose description. Description is composed of the following values, if the key exists:
summary
impact
insight
affected
vuldetect
description
<result><nvt><tags>
​
We parse out the <tags> element into separate items based on the | delimiter that is used to create an array of key value pairs. Then we evaluate the array and compose recommendations from the following values, if the key exists:
solution
solution_type 
If solution is not in the array, we populate the solution with the phrase: "A solution was not provided by the scan source"
​
score: <cvss>
​
​
label: cvss
​
​
value
<result><nvt><cvss_base>
​
calculation
<result><nvt><tags>
​
We parse out the element into separate items based on the | delimiter that creates an array of key value pairs. Then we evaluate the array and compose cvss calculation: Calculation is composed of the following values, if the key exists:
cvss_base_vector
Asset Field Mappings
PlexTrac Field
OpenVAS Path
asset
<result><host>
​
​

PlexTrac Field	OpenVAS Path	Notes
title	<result><nvt><name>
severity	<result><threat>
references	<result><nvt><xref> <result><nvt><certs><cert_ref id=(parse out this id) type=(parse out this type)> <result><nvt><cve> <result><nvt><bid>	A combination of: <xref>: we ignore "NOXREF" if populated in the <xref> element and <cert_ref>: we take the id and type from all cert_ref tags in the <certs> element and <cve>: we ignore "NOCVE" if populated in the <cve> element and <bid>: we ignore "NOBID" if populated in the <bid> element
recommendations	<result><nvt><tags>	We parse out the element into separate items based on the \| delimiter that creates an array of key value pairs. Then we evaluate the array to compose description. Description is composed of the following values, if the key exists: summary impact insight affected vuldetect
description	<result><nvt><tags>	We parse out the <tags> element into separate items based on the \| delimiter that is used to create an array of key value pairs. Then we evaluate the array and compose recommendations from the following values, if the key exists: solution solution_type If solution is not in the array, we populate the solution with the phrase: "A solution was not provided by the scan source"
score: <cvss>
label: cvss
value	<result><nvt><cvss_base>
calculation	<result><nvt><tags>	We parse out the element into separate items based on the \| delimiter that creates an array of key value pairs. Then we evaluate the array and compose cvss calculation: Calculation is composed of the following values, if the key exists: cvss_base_vector

PlexTrac Field	OpenVAS Path
asset	<result><host>

NodeZero

Qualys (VM Parser)

Last modified 22h ago