Openvas Import Plugin (Issues with No Tag)

Hi,
I have imported an Openvas scan into Dradris-ce. I have all the issues but unfortunatelly all of them are not tagged.
I tryed something tricky, add manually (in the right place) them in the Openvas XML files inserting:

I checked that the issues has this field included, but still has “no Tag” status.

Besides, I have detected something strange that IMHO is the cause of my trick not working. If I create an Issue using blank template, add the Tag field and set the ff7f0e_Medium value to it, The issue is created and taged correctly. If I do the same using the basic fields template, the created one in “No Tag”

I really appreciate any support.

Best regards,

Angel.

Hi @alopez78 , sorry for the late reply. Inserting the issue tags manually in the XML doesn’t work because our dradis-openvas plugin does not know how to read issue tags from the OpenVas XML. dradis-openvas/result.rb at main · dradis/dradis-openvas · GitHub

The issue tag is an attribute defined in the Dradis application and not exported from OpenVas.

If I do the same using the basic fields template, the created one in “No Tag”

Can you elaborate more on this please?

Hi @seanyeoh ,

Forget that second part of my previous post.

I progressed a bit more with the import part. I modifed the results.template from templates/plugins/openvas in this way.
#[Severity]#
%result.threat%

Now I can see the threat level in the Issues imported by the dradis-openvas plugin. I have created the set of tags that appears in the documentation:

  • !9467bd_Critical
  • !d62728_High
  • !ff7f0e_Medium
  • !6baed6_Low
  • !2ca02c_Info

Is it possible to automatically apply to the issues the tag based on the threat value during the import process by the dradis-openvas? It would be great to avoid doing it manually after the import…

Thank you so much fo the support.

Regards,

Angel

Hey @alopez78, Rachael with the Dradis support team here. I think the Rules Engine (available in Dradis Pro) is exactly what you’re describing: Action: Tag Finding | Dradis Pro Help. If it’s easier, we also have a video showing how that works: Discard false positives, duplicates, and update security vulnerability descriptions - Dradis - YouTube. The Rules Engine allows you to create if/then rules to manipulate the imported Issues a bit more. That isn’t currently an option in Dradis CE. But, depending on how you’re reporting, the tags may actually not be necessary as the report template may only look at the value of your Severity field (or, it may not, it all depends on how you have the report template set up!).

Hey @rachkor ,
I read about the Rules Engine but as I’m using the CE version I’m looking for another way of doing it.
I’m not going to generate reports, I just want to have a nice dashboard page with all my issues (currently there are quite a few). As they are all “unasigned” after importing, using the CE version, I’m forced to tag issues manually to have a nice one.

Thank you so much for the support.

Cheers,

Angel.