OpenVAS
PlexTrac supports importing a file from OpenVAS. Below are the mappings of fields.
PlexTrac finding field
OpenVAS path
Notes
title
<result><nvt><name>
severity
<result><threat>
references
<result><nvt><xref> <result><nvt><certs><cert_ref id=(parse out this id) type=(parse out this type)> <result><nvt><cve> <result><nvt><bid>
A combination of: <xref>: we ignore "NOXREF" if populated in the <xref> element and <cert_ref>: we take the id and type from all cert_ref tags in the <certs> element and
<cve>: we ignore "NOCVE" if populated in the <cve> element and
<bid>: we ignore "NOBID" if populated in the <bid> element
recommendations
<result><nvt><tags>
We parse out the element into separate items based on the | delimiter that creates an array of key value pairs. Then we evaluate the array to compose description. Description is composed of the following values, if the key exists:
  • summary
  • impact
  • insight
  • affected
  • vuldetect
description
<result><nvt><tags>
We parse out the <tags> element into separate items based on the | delimiter that is used to create an array of key value pairs. Then we evaluate the array and compose recommendations from the following values, if the key exists:
  • solution
  • solution_type
If solution is not in the array, we populate the solution with the phrase: "A solution was not provided by the scan source"
score: <cvss>
label: cvss
value
<result><nvt><cvss_base>
calculation
<result><nvt><tags>
We parse out the element into separate items based on the | delimiter that creates an array of key value pairs. Then we evaluate the array and compose cvss calculation: Calculation is composed of the following values, if the key exists:
  • cvss_base_vector
PlexTrac Asset field
OpenVAS path
asset
<result><host>
hostname
knownIps
operating_system
findingConnection
number
protocol
service
version
Click Next below to see more mappings.
Copy link