Troubleshooting#

Warning

The commands in the following troubleshooting guidelines are only valid if you followed the source build documentation. If you installed the Greenbone Community Edition via a Linux Distribution (for example Kali Linux), the commands may be slightly different and need to be adjusted.

Facing an Issue with the Greenbone Community Edition#

If you have an issue with the Greenbone Community Edition because something doesn’t work as expected and/or you are getting an error in the web UI it is necessary to check the log files to get some technical hints about the issue.

If something doesn’t work during the scan the /var/log/gvm/ospd-openvas.log and /var/log/gvm/openvas.log files should be checked for errors.

Otherwise the /var/log/gvm/gvmd.log file needs to be inspected.

Afterwards using the collected error messages in the search of our Community Forum may bring up possible results to resolve the issue already.

If no fitting results can be found feel free to create a new topic at our Community Forum. A post in the forum should always contain the installation method and the version of the Greenbone Community Edition (build from source via this guide, official community containers, Kali packages, …) and the found error message.

Failed to find port_list ‘33d0cd82-57c6-11e1-8ed1-406186ea4fc5‘#

This error can occur when tying to use the Task Wizard to create a quick scan after the initial setup. It is cause by gvmd not being able to load the port lists from the feed into its database. To fix this issue, you need to check if /var/lib/gvm/data-objects/ contains the port list XML file:

Check if port list is already synced#
find /var/lib/gvm/data-objects/ -name "*33d0cd82-57c6-11e1-8ed1-406186ea4fc5*.xml"

If the find command does not return an XML file for your release, the data objects have not been synced from the feed (yet).

Syncing data objects processed by gvmd#
sudo -u gvm greenbone-feed-sync --type GVMD_DATA

Second, gvmd should be forced to (re-)load the data objects including the port lists from the disk.

Syncing data objects processed by gvmd#
sudo -u gvm gvmd --rebuild-gvmd-data=all

Failed to find config#

This issue is similar to Failed to find port_list. It will be raised if gvmd is not able to load the scan configs from the file system into its database. First of all you should check if the scan configs have been downloaded from the feed.

Check if scan configs are already synced#
find /var/lib/gvm/data-objects/ -name "*daba56c8-73ec-11df-a475-002264764cea*.xml"

If the find command does not return at least one XML file for your release, the data objects have not been synced from the feed (yet).

Syncing data objects processed by gvmd#
sudo -u gvm greenbone-feed-sync --type GVMD_DATA

Because scan configs reference VTs loading scan configs also requires synced VTs from the feed. You can check if the VTs are already loaded by looking at the Secinfo ‣ NVTs web UI page.

If there are no VTs visible in the web UI they need to be downloaded from the feed.

Syncing VTs processed by the openvas scanner#
sudo -u gvm greenbone-nvt-sync

Loading the VTs from the file system may take a while. From several minutes up to hours depending on your system performance and number of VTs. You can follow the process of loading VTs by looking at the /var/log/gvm/ospd-openvas.log and /var/log/gvm/gvmd.log files.

If there are still no scan configs at Configuration ‣ Scan Configs in the web UI after some hours and the logs of gvmd and ospd-openvas don’t show errors, the Feed Import Owner may not have been set.

Setting the Feed Import Owner#
gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value `gvmd --get-users --verbose | grep admin | awk '{print $2}'`

If all these steps don’t resolve the issue it is very likely a bigger problem for example with the PostgreSQL database. Therefore the /var/log/gvm/ospd-openvas.log and /var/log/gvm/gvmd.log files need to be inspected for possible error and warning messages.

Vulnerabilities are not found#

A scan report does not contain any results or some known vulnerabilities don’t show up in the report.

This may have several reasons. Most likely the feed synchronization isn’t finished yet. The feed data has been downloaded to the file system of the local machine put gvmd and ospd-openvas hadn’t enough resources to load them into their databases and memory yet. This can be checked by looking at the SecInfo ‣ NVTs page if VTs are listed here and at the Administration ‣ Feed Status page for an ongoing sync process in the web UI.

If both pages are fine you may take a look at the following sections in our product manual: