GMP v20.8#

Module for communication with gvmd in Greenbone Management Protocol version 20.08

Enums#

class gvm.protocols.gmpv208.AlertCondition

Enum for alert condition types

ALWAYS = 'Always'
ERROR = 'Error'
FILTER_COUNT_AT_LEAST = 'Filter count at least'
FILTER_COUNT_CHANGED = 'Filter count changed'
SEVERITY_AT_LEAST = 'Severity at least'
SEVERITY_CHANGED = 'Severity changed'
classmethod from_string(alert_condition)

Convert an alert condition string into a AlertCondition instance

class gvm.protocols.gmpv208.AlertEvent

Enum for alert event types

ASSIGNED_TICKET_CHANGED = 'Assigned ticket changed'
NEW_SECINFO_ARRIVED = 'New SecInfo arrived'
OWNED_TICKET_CHANGED = 'Owned ticket changed'
TASK_RUN_STATUS_CHANGED = 'Task run status changed'
TICKET_RECEIVED = 'Ticket received'
UPDATED_SECINFO_ARRIVED = 'Updated SecInfo arrived'
classmethod from_string(alert_event)

Convert an alert event string into a AlertEvent instance

class gvm.protocols.gmpv208.AlertMethod

Enum for alert method type

ALEMBA_VFIRE = 'Alemba vFire'
EMAIL = 'Email'
HTTP_GET = 'HTTP Get'
SCP = 'SCP'
SEND = 'Send'
SMB = 'SMB'
SNMP = 'SNMP'
SOURCEFIRE_CONNECTOR = 'Sourcefire Connector'
START_TASK = 'Start Task'
SYSLOG = 'Syslog'
TIPPINGPOINT_SMS = 'TippingPoint SMS'
VERINICE_CONNECTOR = 'verinice Connector'
classmethod from_string(alert_method)

Convert an alert method string into a AlertCondition instance

class gvm.protocols.gmpv208.AliveTest

Enum for choosing an alive test

APR_PING = 'ARP Ping'
ARP_PING = 'ARP Ping'
CONSIDER_ALIVE = 'Consider Alive'
ICMP_AND_ARP_PING = 'ICMP & ARP Ping'
ICMP_AND_TCP_ACK_SERVICE_PING = 'ICMP & TCP-ACK Service Ping'
ICMP_PING = 'ICMP Ping'
ICMP_TCP_ACK_SERVICE_AND_ARP_PING = 'ICMP, TCP-ACK Service & ARP Ping'
SCAN_CONFIG_DEFAULT = 'Scan Config Default'
TCP_ACK_SERVICE_AND_ARP_PING = 'TCP-ACK Service & ARP Ping'
TCP_ACK_SERVICE_PING = 'TCP-ACK Service Ping'
TCP_SYN_SERVICE_PING = 'TCP-SYN Service Ping'
classmethod from_string(alive_test)

Convert an alive test string into a AliveTest instance

class gvm.protocols.gmpv208.CredentialFormat

Enum for credential format

DEB = 'deb'
EXE = 'exe'
KEY = 'key'
PEM = 'pem'
RPM = 'rpm'
classmethod from_string(credential_format)
class gvm.protocols.gmpv208.CredentialType

Enum for credential types

CLIENT_CERTIFICATE = 'cc'
PASSWORD_ONLY = 'pw'
PGP_ENCRYPTION_KEY = 'pgp'
SMIME_CERTIFICATE = 'smime'
SNMP = 'snmp'
USERNAME_PASSWORD = 'up'
USERNAME_SSH_KEY = 'usk'
classmethod from_string(credential_type)

Convert a credential type string into a CredentialType instance

class gvm.protocols.gmpv208.EntityType

Enum for entity types

ALERT = 'alert'
ASSET = 'asset'
AUDIT = 'audit'
CERT_BUND_ADV = 'cert_bund_adv'
CPE = 'cpe'
CREDENTIAL = 'credential'
CVE = 'cve'
DFN_CERT_ADV = 'dfn_cert_adv'
FILTER = 'filter'
GROUP = 'group'
HOST = 'host'
INFO = 'info'
NOTE = 'note'
NVT = 'nvt'
OPERATING_SYSTEM = 'os'
OVALDEF = 'ovaldef'
OVERRIDE = 'override'
PERMISSION = 'permission'
POLICY = 'policy'
PORT_LIST = 'port_list'
REPORT = 'report'
REPORT_FORMAT = 'report_format'
RESULT = 'result'
ROLE = 'role'
SCANNER = 'scanner'
SCAN_CONFIG = 'config'
SCHEDULE = 'schedule'
TAG = 'tag'
TARGET = 'target'
TASK = 'task'
TICKET = 'ticket'
TLS_CERTIFICATE = 'tls_certificate'
USER = 'user'
VULNERABILITY = 'vuln'
classmethod from_string(entity_type)

Convert a entity type string to an actual EntityType instance

Parameters:

entity_type (Optional[str]) – Entity type string to convert to a EntityType

class gvm.protocols.gmpv208.FeedType

Enum for feed types

CERT = 'CERT'
GVMD_DATA = 'GVMD_DATA'
NVT = 'NVT'
SCAP = 'SCAP'
classmethod from_string(feed_type)

Convert a feed type string into a FeedType instance

class gvm.protocols.gmpv208.FilterType

Enum for filter types

ALERT = 'alert'
ALL_SECINFO = 'secinfo'
ASSET = 'asset'
CREDENTIAL = 'credential'
FILTER = 'filter'
GROUP = 'group'
HOST = 'host'
NOTE = 'note'
OPERATING_SYSTEM = 'os'
OVERRIDE = 'override'
PERMISSION = 'permission'
PORT_LIST = 'port_list'
REPORT = 'report'
REPORT_FORMAT = 'report_format'
RESULT = 'result'
ROLE = 'role'
SCAN_CONFIG = 'config'
SCHEDULE = 'schedule'
TAG = 'tag'
TARGET = 'target'
TASK = 'task'
TICKET = 'ticket'
TLS_CERTIFICATE = 'tls_certificate'
USER = 'user'
VULNERABILITY = 'vuln'
classmethod from_string(filter_type)

Convert a filter type string to an actual FilterType instance

Parameters:

filter_type (str) – Filter type string to convert to a FilterType

class gvm.protocols.gmpv208.HelpFormat

Enum for the help format

HTML = 'html'
RNC = 'rnc'
TEXT = 'text'
XML = 'xml'
classmethod from_string(sort_order)

Convert a sort order string to an actual SortOrder instance.

Parameters:

sort_order (Optional[str]) – Sort order string to convert to a SortOrder

class gvm.protocols.gmpv208.HostsOrdering

Enum for host ordering during scans

RANDOM = 'random'
REVERSE = 'reverse'
SEQUENTIAL = 'sequential'
classmethod from_string(hosts_ordering)

Convert a hosts ordering string to an actual HostsOrdering instance

Parameters:

hosts_ordering (Optional[str]) – Host ordering string to convert to a HostsOrdering

class gvm.protocols.gmpv208.InfoType

Enum for info types

CERT_BUND_ADV = 'CERT_BUND_ADV'
CPE = 'CPE'
CVE = 'CVE'
DFN_CERT_ADV = 'DFN_CERT_ADV'
NVT = 'NVT'
OVALDEF = 'OVALDEF'
classmethod from_string(info_type)

Convert a info type string to an actual InfoType instance

Parameters:

info_type (Optional[str]) – Info type string to convert to a InfoType

class gvm.protocols.gmpv208.PermissionSubjectType

Enum for permission subject type

GROUP = 'group'
ROLE = 'role'
USER = 'user'
classmethod from_string(subject_type)

Convert a permission subject type string to an actual PermissionSubjectType instance

Parameters:

subject_type (Optional[str]) – Permission subject type string to convert to a PermissionSubjectType

class gvm.protocols.gmpv208.PortRangeType

Enum for port range type

TCP = 'TCP'
UDP = 'UDP'
classmethod from_string(port_range_type)

Convert a port range type string to an actual PortRangeType instance

Parameters:
  • port_range_type (Optional[str]) – Port range type string to

  • PortRangeType (convert to a) –

class gvm.protocols.gmpv208.ReportFormatType

Enum for builtin report formats

ANONYMOUS_XML = '5057e5cc-b825-11e4-9d0e-28d24461215b'
ARF = '910200ca-dc05-11e1-954f-406186ea4fc5'
CPE = '5ceff8ba-1f62-11e1-ab9f-406186ea4fc5'
CSV_HOSTS = '9087b18c-626c-11e3-8892-406186ea4fc5"'
CSV_RESULTS = 'c1645568-627a-11e3-a660-406186ea4fc5'
GCR_PDF = 'dc51a40a-c022-11e9-b02d-3f7ca5bdcb11'
GSR_HTML = 'ffa123c9-a2d2-409e-bbbb-a6c1385dbeaa'
GSR_PDF = '35ba7077-dc85-42ef-87c9-b0eda7e903b6'
GXCR_PDF = 'f0d348de-c022-11e9-bc4c-4bf1d5e1a8ca'
GXR_PDF = 'ebbc7f34-8ae5-11e1-b07b-001f29eadec8'
ITG = '77bd6c4a-1f62-11e1-abf0-406186ea4fc5'
LATEX = 'a684c02c-b531-11e1-bdc2-406186ea4fc5'
NBE = '9ca6fe72-1f62-11e1-9e7c-406186ea4fc5'
PDF = 'c402cc3e-b531-11e1-9163-406186ea4fc5'
SVG = '9e5e5deb-879e-4ecc-8be6-a71cd0875cdd'
TXT = 'a3810a62-1f62-11e1-9219-406186ea4fc5'
VERINICE_ISM = 'c15ad349-bd8d-457a-880a-c7056532ee15'
VERINICE_ITG = '50c9950a-f326-11e4-800c-28d24461215b'
XML = 'a994b278-1f62-11e1-96ac-406186ea4fc5'
classmethod from_string(report_format)

Convert an report format name into a ReportFormatType instance

class gvm.protocols.gmpv208.ScannerType

Enum for scanner type

CVE_SCANNER_TYPE = '3'
GMP_SCANNER_TYPE = '4'
GREENBONE_SENSOR_SCANNER_TYPE = '5'
OPENVAS_SCANNER_TYPE = '2'
OSP_SCANNER_TYPE = '1'
classmethod from_string(scanner_type)

Convert a scanner type string to an actual ScannerType instance

Parameters:

scanner_type (Optional[str]) – Scanner type string to convert to a ScannerType

class gvm.protocols.gmpv208.SeverityLevel

Enum for severity levels

ALARM = 'Alarm'
DEBUG = 'Debug'
HIGH = 'High'
LOG = 'Log'
LOW = 'Low'
MEDIUM = 'Medium'
classmethod from_string(severity_level)

Convert a severity level string into a SeverityLevel instance

class gvm.protocols.gmpv208.SnmpAuthAlgorithm

Enum for SNMP auth algorithm

MD5 = 'md5'
SHA1 = 'sha1'
classmethod from_string(algorithm)

Convert a SNMP auth algorithm string into a SnmpAuthAlgorithm instance

class gvm.protocols.gmpv208.SnmpPrivacyAlgorithm

Enum for SNMP privacy algorithm

AES = 'aes'
DES = 'des'
classmethod from_string(algorithm)

Convert a SNMP privacy algorithm string into a SnmpPrivacyAlgorithm instance

class gvm.protocols.gmpv208.TicketStatus

Enum for ticket status

CLOSED = 'Closed'
FIXED = 'Fixed'
OPEN = 'Open'
classmethod from_string(ticket_status)

Convert a ticket status string into a TicketStatus instance

Protocol#

class gvm.protocols.gmpv208.Gmp#

Python interface for Greenbone Management Protocol

This class implements the Greenbone Management Protocol version 20.08

Parameters:
  • connection – Connection to use to talk with the gvmd daemon. See gvm.connections for possible connection types.

  • transform

    Optional transform callable to convert response data. After each request the callable gets passed the plain response data which can be used to check the data and/or conversion into different representations like a xml dom.

    See gvm.transforms for existing transforms.

__init__(connection, *, transform=None)#
authenticate(username, password)#

Authenticate to gvmd.

The generated authenticate command will be send to server. Afterwards the response is read, transformed and returned.

Parameters:
  • username (str) – Username

  • password (str) – Password

Returns:

Transformed response from server.

Return type:

Any

clone_alert(alert_id)#

Clone an existing alert

Parameters:

alert_id (str) – UUID of an existing alert to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_audit(audit_id)#

Clone an existing audit

Parameters:

audit_id (str) – UUID of existing audit to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_credential(credential_id)#

Clone an existing credential

Parameters:

credential_id (str) – UUID of an existing credential to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_filter(filter_id)#

Clone an existing filter

Parameters:

filter_id (str) – UUID of an existing filter to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_group(group_id)#

Clone an existing group

Parameters:

group_id (str) – UUID of an existing group to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_note(note_id)#

Clone an existing note

Parameters:

note_id (str) – UUID of an existing note to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_override(override_id)#

Clone an existing override

Parameters:

override_id (str) – UUID of an existing override to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_permission(permission_id)#

Clone an existing permission

Parameters:

permission_id (str) – UUID of an existing permission to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_policy(policy_id)#

Clone a policy from an existing one

Parameters:

policy_id (str) – UUID of the existing policy

Returns:

The response. See send_command() for details.

Return type:

Any

clone_port_list(port_list_id)#

Clone an existing port list

Parameters:

port_list_id (str) – UUID of an existing port list to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_report_format(report_format_id)#

Clone a report format from an existing one

Parameters:

report_format_id (Union[str, ReportFormatType]) – UUID of the existing report format or ReportFormatType (enum)

Returns:

The response. See send_command() for details.

Return type:

Any

clone_role(role_id)#

Clone an existing role

Parameters:

role_id (str) – UUID of an existing role to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_scan_config(config_id)#

Clone a scan config from an existing one

Parameters:

config_id (str) – UUID of the existing scan config

Returns:

The response. See send_command() for details.

Return type:

Any

clone_scanner(scanner_id)#

Clone an existing scanner

Parameters:

scanner_id (str) – UUID of an existing scanner to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_schedule(schedule_id)#

Clone an existing schedule

Parameters:

schedule_id (str) – UUID of an existing schedule to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_tag(tag_id)#

Clone an existing tag

Parameters:

tag_id (str) – UUID of an existing tag to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_target(target_id)#

Clone an existing target

Parameters:

target_id (str) – UUID of an existing target to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_task(task_id)#

Clone an existing task

Parameters:

task_id (str) – UUID of existing task to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_ticket(ticket_id)#

Clone an existing ticket

Parameters:

ticket_id (str) – UUID of an existing ticket to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

clone_tls_certificate(tls_certificate_id)#

Modifies an existing TLS certificate.

Parameters:

tls_certificate_id (str) – The UUID of an existing TLS certificate

Returns:

The response. See send_command() for details.

Return type:

Any

clone_user(user_id)#

Clone an existing user

Parameters:

user_id (str) – UUID of existing user to clone from

Returns:

The response. See send_command() for details.

Return type:

Any

connect()#

Initiates a protocol connection

Normally connect is not called directly. Either it is called automatically when sending a protocol command or when using a with statement.

create_alert(name, condition, event, method, *, method_data=None, event_data=None, condition_data=None, filter_id=None, comment=None)#

Create a new alert

Parameters:
  • name (str) – Name of the new Alert

  • condition (AlertCondition) – The condition that must be satisfied for the alert to occur; if the event is either ‘Updated SecInfo arrived’ or ‘New SecInfo arrived’, condition must be ‘Always’. Otherwise, condition can also be on of ‘Severity at least’, ‘Filter count changed’ or ‘Filter count at least’.

  • event (AlertEvent) – The event that must happen for the alert to occur, one of ‘Task run status changed’, ‘Updated SecInfo arrived’ or ‘New SecInfo arrived’

  • method (AlertMethod) – The method by which the user is alerted, one of ‘SCP’, ‘Send’, ‘SMB’, ‘SNMP’, ‘Syslog’ or ‘Email’; if the event is neither ‘Updated SecInfo arrived’ nor ‘New SecInfo arrived’, method can also be one of ‘Start Task’, ‘HTTP Get’, ‘Sourcefire Connector’ or ‘verinice Connector’.

  • condition_data (Optional[dict]) – Data that defines the condition

  • event_data (Optional[dict]) – Data that defines the event

  • method_data (Optional[dict]) – Data that defines the method

  • filter_id (Optional[int]) – Filter to apply when executing alert

  • comment (Optional[str]) – Comment for the alert

Returns:

The response. See send_command() for details.

Return type:

Any

create_audit(name, policy_id, target_id, scanner_id, *, alterable=None, hosts_ordering=None, schedule_id=None, alert_ids=None, comment=None, schedule_periods=None, observers=None, preferences=None)#

Create a new audit task

Parameters:
  • name (str) – Name of the new audit

  • policy_id (str) – UUID of policy to use by the audit

  • target_id (str) – UUID of target to be scanned

  • scanner_id (str) – UUID of scanner to use for scanning the target

  • comment (Optional[str]) – Comment for the audit

  • alterable (Optional[bool]) – Whether the task should be alterable

  • alert_ids (Optional[List[str]]) – List of UUIDs for alerts to be applied to the audit

  • hosts_ordering (Optional[HostsOrdering]) – The order hosts are scanned in

  • schedule_id (Optional[str]) – UUID of a schedule when the audit should be run.

  • schedule_periods (Optional[int]) – A limit to the number of times the audit will be scheduled, or 0 for no limit

  • observers (Optional[List[str]]) – List of names or ids of users which should be allowed to observe this audit

  • preferences (Optional[dict]) – Name/Value pairs of scanner preferences.

Returns:

The response. See send_command() for details.

Return type:

Any

create_container_task(name, *, comment=None)#

Create a new container task

A container task is a “meta” task to import and view reports from other systems.

Parameters:
  • name (str) – Name of the task

  • comment (Optional[str]) – Comment for the task

Returns:

The response. See send_command() for details.

Return type:

Any

create_credential(name, credential_type, *, comment=None, allow_insecure=None, certificate=None, key_phrase=None, private_key=None, login=None, password=None, auth_algorithm=None, community=None, privacy_algorithm=None, privacy_password=None, public_key=None)#

Create a new credential

Create a new credential e.g. to be used in the method of an alert.

Currently the following credential types are supported:

  • Username + Password

  • Username + SSH-Key

  • Client Certificates

  • SNMPv1 or SNMPv2c protocol

  • S/MIME Certificate

  • OpenPGP Key

  • Password only

Parameters:
  • name (str) – Name of the new credential

  • credential_type (CredentialType) – The credential type.

  • comment (Optional[str]) – Comment for the credential

  • allow_insecure (Optional[bool]) – Whether to allow insecure use of the credential

  • certificate (Optional[str]) – Certificate for the credential. Required for client-certificate and smime credential types.

  • key_phrase (Optional[str]) – Key passphrase for the private key. Used for the username+ssh-key credential type.

  • private_key (Optional[str]) – Private key to use for login. Required for usk credential type. Also used for the cc credential type. The supported key types (dsa, rsa, ecdsa, …) and formats (PEM, PKC#12, OpenSSL, …) depend on your installed GnuTLS version.

  • login (Optional[str]) – Username for the credential. Required for username+password, username+ssh-key and snmp credential type.

  • password (Optional[str]) – Password for the credential. Used for username+password and snmp credential types.

  • community (Optional[str]) – The SNMP community

  • auth_algorithm (Optional[SnmpAuthAlgorithm]) – The SNMP authentication algorithm. Required for snmp credential type.

  • privacy_algorithm (Optional[SnmpPrivacyAlgorithm]) – The SNMP privacy algorithm

  • privacy_password (Optional[str]) – The SNMP privacy password

  • public_key (Optional[str]) – PGP public key in armor plain text format. Required for pgp credential type.

Examples

Creating a Username + Password credential

gmp.create_credential(
    name='UP Credential',
    credential_type=CredentialType.USERNAME_PASSWORD,
    login='foo',
    password='bar',
)

Creating a Username + SSH Key credential

with open('path/to/private-ssh-key') as f:
    key = f.read()

gmp.create_credential(
    name='USK Credential',
    credential_type=CredentialType.USERNAME_SSH_KEY,
    login='foo',
    key_phrase='foobar',
    private_key=key,
)

Creating a PGP credential

Note

A compatible public pgp key file can be exported with GnuPG via

$ gpg --armor --export alice@cyb.org > alice.asc
with open('path/to/pgp.key.asc') as f:
    key = f.read()

gmp.create_credential(
    name='PGP Credential',
    credential_type=CredentialType.PGP_ENCRYPTION_KEY,
    public_key=key,
)

Creating a S/MIME credential

with open('path/to/smime-cert') as f:
    cert = f.read()

gmp.create_credential(
    name='SMIME Credential',
    credential_type=CredentialType.SMIME_CERTIFICATE,
    certificate=cert,
)

Creating a Password-Only credential

gmp.create_credential(
    name='Password-Only Credential',
    credential_type=CredentialType.PASSWORD_ONLY,
    password='foo',
)
Returns:

The response. See send_command() for details.

Return type:

Any

create_filter(name, *, filter_type=None, comment=None, term=None)#

Create a new filter

Parameters:
  • name (str) – Name of the new filter

  • filter_type (Optional[FilterType]) – Filter for entity type

  • comment (Optional[str]) – Comment for the filter

  • term (Optional[str]) – Filter term e.g. ‘name=foo’

Returns:

The response. See send_command() for details.

Return type:

Any

create_group(name, *, comment=None, special=False, users=None)#

Create a new group

Parameters:
  • name (str) – Name of the new group

  • comment (Optional[str]) – Comment for the group

  • special (Optional[bool]) – Create permission giving members full access to each other’s entities

  • users (Optional[List[str]]) – List of user names to be in the group

Returns:

The response. See send_command() for details.

Return type:

Any

create_host(name, *, comment=None)#

Create a new host host

Parameters:
  • name (str) – Name for the new host host

  • comment (Optional[str]) – Comment for the new host host

Returns:

The response. See send_command() for details.

Return type:

Any

create_note(text, nvt_oid, *, days_active=None, hosts=None, port=None, result_id=None, severity=None, task_id=None, threat=None)#

Create a new note

Parameters:
  • text (str) – Text of the new note

  • nvt_id – OID of the nvt to which note applies

  • days_active (Optional[int]) – Days note will be active. -1 on always, 0 off

  • hosts (Optional[List[str]]) – A list of hosts addresses

  • port (Optional[str]) – Port to which the override applies, needs to be a string in the form {number}/{protocol}

  • result_id (Optional[str]) – UUID of a result to which note applies

  • severity (Optional[Real]) – Severity to which note applies

  • task_id (Optional[str]) – UUID of task to which note applies

  • threat (Optional[SeverityLevel]) – Severity level to which note applies. Will be converted to severity.

Returns:

The response. See send_command() for details.

Return type:

Any

create_override(text, nvt_oid, *, days_active=None, hosts=None, port=None, result_id=None, severity=None, new_severity=None, task_id=None, threat=None, new_threat=None)#

Create a new override

Parameters:
  • text (str) – Text of the new override

  • nvt_id – OID of the nvt to which override applies

  • days_active (Optional[int]) – Days override will be active. -1 on always, 0 off

  • hosts (Optional[List[str]]) – A list of host addresses

  • port (Optional[str]) – Port to which the override applies, needs to be a string in the form {number}/{protocol}

  • result_id (Optional[str]) – UUID of a result to which override applies

  • severity (Optional[Real]) – Severity to which override applies

  • new_severity (Optional[Real]) – New severity for result

  • task_id (Optional[str]) – UUID of task to which override applies

  • threat (Optional[SeverityLevel]) – Severity level to which override applies. Will be converted to severity.

  • new_threat (Optional[SeverityLevel]) – New severity level for results. Will be converted to new_severity.

Returns:

The response. See send_command() for details.

Return type:

Any

create_permission(name, subject_id, subject_type, *, resource_id=None, resource_type=None, comment=None)#

Create a new permission

Parameters:
  • name (str) – Name of the new permission

  • subject_id (str) – UUID of subject to whom the permission is granted

  • subject_type (PermissionSubjectType) – Type of the subject user, group or role

  • comment (Optional[str]) – Comment for the permission

  • resource_id (Optional[str]) – UUID of entity to which the permission applies

  • resource_type (Optional[EntityType]) – Type of the resource. For Super permissions user, group or role

Returns:

The response. See send_command() for details.

Return type:

Any

create_policy(name, *, policy_id=None, comment=None)#

Create a new policy

Parameters:
  • name (str) – Name of the new policy

  • policy_id (Optional[str]) – UUID of an existing policy as base. By default the empty policy is used.

  • comment (Optional[str]) – A comment on the policy

Returns:

The response. See send_command() for details.

Return type:

Any

create_port_list(name, port_range, *, comment=None)#

Create a new port list

Parameters:
  • name (str) – Name of the new port list

  • port_range (str) – Port list ranges e.g. “T: 1-1234” for tcp port 1 - 1234

  • comment (Optional[str]) – Comment for the port list

Returns:

The response. See send_command() for details.

Return type:

Any

create_port_range(port_list_id, start, end, port_range_type, *, comment=None)#

Create new port range

Parameters:
  • port_list_id (str) – UUID of the port list to which to add the range

  • start (int) – The first port in the range

  • end (int) – The last port in the range

  • port_range_type (PortRangeType) – The type of the ports: TCP, UDP, …

  • comment (Optional[str]) – Comment for the port range

Returns:

The response. See send_command() for details.

Return type:

Any

create_role(name, *, comment=None, users=None)#

Create a new role

Parameters:
  • name (str) – Name of the role

  • comment (Optional[str]) – Comment for the role

  • users (Optional[List[str]]) – List of user names to add to the role

Returns:

The response. See send_command() for details.

Return type:

Any

create_scan_config(config_id, name, *, comment=None)#

Create a new scan config

Parameters:
  • config_id (str) – UUID of the existing scan config

  • name (str) – Name of the new scan config

  • comment (Optional[str]) – A comment on the config

Returns:

The response. See send_command() for details.

Return type:

Any

create_scan_config_from_osp_scanner(scanner_id, name, *, comment=None)#

Create a new scan config from an ospd scanner.

Create config by retrieving the expected preferences from the given scanner via OSP.

Parameters:
  • scanner_id (str) – UUID of an OSP scanner to get config data from

  • name (str) – Name of the new scan config

  • comment (Optional[str]) – A comment on the config

Returns:

The response. See send_command() for details.

Return type:

Any

create_scanner(name, host, port, scanner_type, credential_id, *, ca_pub=None, comment=None)#

Create a new scanner

Parameters:
  • name (str) – Name of the scanner

  • host (str) – The host of the scanner

  • port (int) – The port of the scanner

  • scanner_type (ScannerType) – Type of the scanner.

  • credential_id (str) – UUID of client certificate credential for the scanner

  • ca_pub (Optional[str]) – Certificate of CA to verify scanner certificate

  • comment (Optional[str]) – Comment for the scanner

Returns:

The response. See send_command() for details.

Return type:

Any

create_schedule(name, icalendar, timezone, *, comment=None)#

Create a new schedule based in iCalendar data.

Example

Requires https://pypi.org/project/icalendar/

import pytz

from datetime import datetime

from icalendar import Calendar, Event

cal = Calendar()

cal.add('prodid', '-//Foo Bar//')
cal.add('version', '2.0')

event = Event()
event.add('dtstamp', datetime.now(tz=pytz.UTC))
event.add('dtstart', datetime(2020, 1, 1, tzinfo=pytz.utc))

cal.add_component(event)

gmp.create_schedule(
    name="My Schedule",
    icalendar=cal.to_ical(),
    timezone='UTC'
)
Parameters:
  • name (str) – Name of the new schedule

  • icalendar (str) – iCalendar (RFC 5545) based data.

  • timezone (str) – Timezone to use for the icalender events e.g Europe/Berlin. If the datetime values in the icalendar data are missing timezone information this timezone gets applied. Otherwise the datetime values from the icalendar data are displayed in this timezone

  • comment (Optional[str]) – Comment on schedule.

Returns:

The response. See send_command() for details.

Return type:

Any

create_tag(name, resource_type, *, resource_filter=None, resource_ids=None, value=None, comment=None, active=None)#

Create a tag.

Parameters:
  • name (str) – Name of the tag. A full tag name consisting of namespace and predicate e.g. foo:bar.

  • resource_type (EntityType) – Entity type the tag is to be attached to.

  • resource_filter (Optional[str]) – Filter term to select resources the tag is to be attached to. Only one of resource_filter or resource_ids can be provided.

  • resource_ids (Optional[List[str]]) – IDs of the resources the tag is to be attached to. Only one of resource_filter or resource_ids can be provided.

  • value (Optional[str]) – Value associated with the tag.

  • comment (Optional[str]) – Comment for the tag.

  • active (Optional[bool]) – Whether the tag should be active.

Returns:

The response. See send_command() for details.

Return type:

Any

create_target(name, *, asset_hosts_filter=None, hosts=None, comment=None, exclude_hosts=None, ssh_credential_id=None, ssh_credential_port=None, smb_credential_id=None, esxi_credential_id=None, snmp_credential_id=None, alive_test=None, reverse_lookup_only=None, reverse_lookup_unify=None, port_range=None, port_list_id=None)#

Create a new target

Parameters:
  • name (str) – Name of the target

  • asset_hosts_filter (Optional[str]) – Filter to select target host from assets hosts

  • hosts (Optional[List[str]]) – List of hosts addresses to scan

  • exclude_hosts (Optional[List[str]]) – List of hosts addresses to exclude from scan

  • comment (Optional[str]) – Comment for the target

  • ssh_credential_id (Optional[str]) – UUID of a ssh credential to use on target

  • ssh_credential_port (Optional[int]) – The port to use for ssh credential

  • smb_credential_id (Optional[str]) – UUID of a smb credential to use on target

  • snmp_credential_id (Optional[str]) – UUID of a snmp credential to use on target

  • esxi_credential_id (Optional[str]) – UUID of a esxi credential to use on target

  • alive_test (Optional[AliveTest]) – Which alive test to use

  • reverse_lookup_only (Optional[bool]) – Whether to scan only hosts that have names

  • reverse_lookup_unify (Optional[bool]) – Whether to scan only one IP when multiple IPs have the same name.

  • port_range (Optional[str]) – Port range for the target

  • port_list_id (Optional[str]) – UUID of the port list to use on target

Returns:

The response. See send_command() for details.

Return type:

Any

create_task(name, config_id, target_id, scanner_id, *, alterable=None, hosts_ordering=None, schedule_id=None, alert_ids=None, comment=None, schedule_periods=None, observers=None, preferences=None)#

Create a new scan task

Parameters:
  • name (str) – Name of the new task

  • config_id (str) – UUID of config to use by the task

  • target_id (str) – UUID of target to be scanned

  • scanner_id (str) – UUID of scanner to use for scanning the target

  • comment (Optional[str]) – Comment for the task

  • alterable (Optional[bool]) – Whether the task should be alterable

  • alert_ids (Optional[List[str]]) – List of UUIDs for alerts to be applied to the task

  • hosts_ordering (Optional[HostsOrdering]) – The order hosts are scanned in

  • schedule_id (Optional[str]) – UUID of a schedule when the task should be run.

  • schedule_periods (Optional[int]) – A limit to the number of times the task will be scheduled, or 0 for no limit

  • observers (Optional[List[str]]) – List of names or ids of users which should be allowed to observe this task

  • preferences (Optional[dict]) – Name/Value pairs of scanner preferences.

Returns:

The response. See send_command() for details.

Return type:

Any

create_ticket(*, result_id, assigned_to_user_id, note, comment=None)#

Create a new ticket

Parameters:
  • result_id (str) – UUID of the result the ticket applies to

  • assigned_to_user_id (str) – UUID of a user the ticket should be assigned to

  • note (str) – A note about opening the ticket

  • comment (Optional[str]) – Comment for the ticket

Returns:

The response. See send_command() for details.

Return type:

Any

create_tls_certificate(name, certificate, *, comment=None, trust=None)#

Create a new TLS certificate

Parameters:
  • name (str) – Name of the TLS certificate, defaulting to the MD5 fingerprint.

  • certificate (str) – The Base64 encoded certificate data (x.509 DER or PEM).

  • comment (Optional[str]) – Comment for the TLS certificate.

  • trust (Optional[bool]) – Whether the certificate is trusted.

Returns:

The response. See send_command() for details.

Return type:

Any

create_user(name, *, password=None, hosts=None, hosts_allow=False, ifaces=None, ifaces_allow=False, role_ids=None)#

Create a new user

Parameters:
  • name (str) – Name of the user

  • password (Optional[str]) – Password of the user

  • hosts (Optional[List[str]]) – A list of host addresses (IPs, DNS names)

  • hosts_allow (Optional[bool]) – If True allow only access to passed hosts otherwise deny access. Default is False for deny hosts.

  • ifaces (Optional[List[str]]) – A list of interface names

  • ifaces_allow (Optional[bool]) – If True allow only access to passed interfaces otherwise deny access. Default is False for deny interfaces.

  • role_ids (Optional[List[str]]) – A list of role UUIDs for the user

Returns:

The response. See send_command() for details.

Return type:

Any

delete_alert(alert_id, *, ultimate=False)#

Deletes an existing alert

Parameters:
  • alert_id (str) – UUID of the alert to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_audit(audit_id, *, ultimate=False)#

Deletes an existing audit

Parameters:
  • audit_id (str) – UUID of the audit to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_credential(credential_id, *, ultimate=False)#

Deletes an existing credential

Parameters:
  • credential_id (str) – UUID of the credential to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_filter(filter_id, *, ultimate=False)#

Deletes an existing filter

Parameters:
  • filter_id (str) – UUID of the filter to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_group(group_id, *, ultimate=False)#

Deletes an existing group

Parameters:
  • group_id (str) – UUID of the group to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_host(host_id)#

Deletes an existing host

Parameters:

host_id (str) – UUID of the single host to delete.

delete_note(note_id, *, ultimate=False)#

Deletes an existing note

Parameters:
  • note_id (str) – UUID of the note to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely,or to the trashcan.

delete_operating_system(operating_system_id)#

Deletes an existing operating_system

Parameters:

operating_system_id (str) – UUID of the single operating_system to delete.

delete_override(override_id, *, ultimate=False)#

Deletes an existing override

Parameters:
  • override_id (str) – UUID of the override to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_permission(permission_id, *, ultimate=False)#

Deletes an existing permission

Parameters:
  • permission_id (str) – UUID of the permission to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_policy(policy_id, *, ultimate=False)#

Deletes an existing policy :param policy_id: UUID of the policy to be deleted. :param ultimate: Whether to remove entirely, or to the trashcan.

delete_port_list(port_list_id, *, ultimate=False)#

Deletes an existing port list

Parameters:
  • port_list_id (str) – UUID of the port list to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_port_range(port_range_id)#

Deletes an existing port range

Parameters:

port_range_id (str) – UUID of the port range to be deleted.

delete_report(report_id)#

Deletes an existing report

Parameters:

report_id (str) – UUID of the report to be deleted.

delete_report_format(report_format_id=None, *, ultimate=False)#

Deletes an existing report format

Parameters:
  • report_format_id (Optional[Union[str, ReportFormatType]]) – UUID of the report format to be deleted. or ReportFormatType (enum)

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_role(role_id, *, ultimate=False)#

Deletes an existing role

Parameters:
  • role_id (str) – UUID of the role to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_scan_config(config_id, *, ultimate=False)#

Deletes an existing config

Parameters:
  • config_id (str) – UUID of the config to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_scanner(scanner_id, *, ultimate=False)#

Deletes an existing scanner

Parameters:
  • scanner_id (str) – UUID of the scanner to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_schedule(schedule_id, *, ultimate=False)#

Deletes an existing schedule

Parameters:
  • schedule_id (str) – UUID of the schedule to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_tag(tag_id, *, ultimate=False)#

Deletes an existing tag

Parameters:
  • tag_id (str) – UUID of the tag to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_target(target_id, *, ultimate=False)#

Deletes an existing target

Parameters:
  • target_id (str) – UUID of the target to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_task(task_id, *, ultimate=False)#

Deletes an existing task

Parameters:
  • task_id (str) – UUID of the task to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_ticket(ticket_id, *, ultimate=False)#

Deletes an existing ticket

Parameters:
  • ticket_id (str) – UUID of the ticket to be deleted.

  • ultimate (Optional[bool]) – Whether to remove entirely, or to the trashcan.

delete_tls_certificate(tls_certificate_id)#

Deletes an existing tls certificate

Parameters:

tls_certificate_id (str) – UUID of the tls certificate to be deleted.

delete_user(user_id=None, *, name=None, inheritor_id=None, inheritor_name=None)#

Deletes an existing user

Either user_id or name must be passed.

Parameters:
  • user_id (Optional[str]) – UUID of the task to be deleted.

  • name (Optional[str]) – The name of the user to be deleted.

  • inheritor_id (Optional[str]) – The ID of the inheriting user or “self”. Overrides inheritor_name.

  • inheritor_name (Optional[str]) – The name of the inheriting user.

describe_auth()#

Describe authentication methods

Returns a list of all used authentication methods if such a list is available.

Returns:

The response. See send_command() for details.

Return type:

Any

disconnect()#

Disconnect the connection

Ends and closes the connection.

empty_trashcan()#

Empty the trashcan

Remove all entities from the trashcan. Attention: this command can not be reverted

Returns:

The response. See send_command() for details.

Return type:

Any

get_aggregates(resource_type, *, filter_string=None, filter_id=None, sort_criteria=None, data_columns=None, group_column=None, subgroup_column=None, text_columns=None, first_group=None, max_groups=None, mode=None, **kwargs)#

Request aggregated information on a resource / entity type

Additional arguments can be set via the kwargs parameter for backward compatibility with older versions of python-gvm, but are not validated.

Parameters:
  • resource_type (EntityType) – The entity type to gather data from

  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • sort_criteria (Optional[list]) – List of sort criteria (dicts that can contain a field, stat and order)

  • data_columns (Optional[list]) – List of fields to aggregate data from

  • group_column (Optional[str]) – The field to group the entities by

  • subgroup_column (Optional[str]) – The field to further group the entities inside groups by

  • text_columns (Optional[list]) – List of simple text columns which no statistics are calculated for

  • first_group (Optional[int]) – The index of the first aggregate group to return

  • max_groups (Optional[int]) – The maximum number of aggregate groups to return, -1 for all

  • mode (Optional[int]) – Special mode for aggregation

Returns:

The response. See send_command() for details.

Return type:

Any

get_alert(alert_id, *, tasks=None)#

Request a single alert

Parameters:

alert_id (str) – UUID of an existing alert

Returns:

The response. See send_command() for details.

Return type:

Any

get_alerts(*, filter_string=None, filter_id=None, trash=None, tasks=None)#

Request a list of alerts

Parameters:
  • filter – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – True to request the alerts in the trashcan

  • tasks (Optional[bool]) – Whether to include the tasks using the alerts

Returns:

The response. See send_command() for details.

Return type:

Any

get_audit(audit_id)#

Request a single audit

Parameters:

audit_id (str) – UUID of an existing audit

Returns:

The response. See send_command() for details.

Return type:

Any

get_audits(*, filter_string=None, filter_id=None, trash=None, details=None, schedules_only=None)#

Request a list of audits

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan audits instead

  • details (Optional[bool]) – Whether to include full audit details

  • schedules_only (Optional[bool]) – Whether to only include id, name and schedule details

Returns:

The response. See send_command() for details.

Return type:

Any

get_cert_bund_advisories(*, filter_string=None, filter_id=None, name=None, details=None)#

Request a list of CERT-BUND Advisories

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • name (Optional[str]) – Name or identifier of the requested information

  • details (Optional[bool]) – Whether to include information about references to this information

Returns:

The response. See send_command() for details.

Return type:

Any

get_cert_bund_advisory(cert_id)#

Request a single CERT-BUND Advisory

Parameters:

cert_id (str) – ID of an existing CERT-BUND Advisory

Returns:

The response. See send_command() for details.

Return type:

Any

get_cpe(cpe_id)#

Request a single CPE

Parameters:

cpe_id (str) – ID of an existing CPE

Returns:

The response. See send_command() for details.

Return type:

Any

get_cpes(*, filter_string=None, filter_id=None, name=None, details=None)#

Request a list of CPEs

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • name (Optional[str]) – Name or identifier of the requested information

  • details (Optional[bool]) – Whether to include information about references to this information

Returns:

The response. See send_command() for details.

Return type:

Any

get_credential(credential_id, *, scanners=None, targets=None, credential_format=None)#

Request a single credential

Parameters:
  • credential_id (str) – UUID of an existing credential

  • scanners (Optional[bool]) – Whether to include a list of scanners using the credentials

  • targets (Optional[bool]) – Whether to include a list of targets using the credentials

  • credential_format (Optional[CredentialFormat]) – One of “key”, “rpm”, “deb”, “exe” or “pem”

Returns:

The response. See send_command() for details.

Return type:

Any

get_credentials(*, filter_string=None, filter_id=None, scanners=None, trash=None, targets=None)#

Request a list of credentials

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • scanners (Optional[bool]) – Whether to include a list of scanners using the credentials

  • trash (Optional[bool]) – Whether to get the trashcan credentials instead

  • targets (Optional[bool]) – Whether to include a list of targets using the credentials

Returns:

The response. See send_command() for details.

Return type:

Any

get_cve(cve_id)#

Request a single CVE

Parameters:

cve_id (str) – ID of an existing CVE

Returns:

The response. See send_command() for details.

Return type:

Any

get_cves(*, filter_string=None, filter_id=None, name=None, details=None)#

Request a list of CVEs

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • name (Optional[str]) – Name or identifier of the requested information

  • details (Optional[bool]) – Whether to include information about references to this information

Returns:

The response. See send_command() for details.

Return type:

Any

get_dfn_cert_advisories(*, filter_string=None, filter_id=None, name=None, details=None)#

Request a list of DFN-CERT Advisories

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • name (Optional[str]) – Name or identifier of the requested information

  • details (Optional[bool]) – Whether to include information about references to this information

Returns:

The response. See send_command() for details.

Return type:

Any

get_dfn_cert_advisory(cert_id)#

Request a single DFN-CERT Advisory

Parameters:

cert_id (str) – ID of an existing DFN-CERT Advisory

Returns:

The response. See send_command() for details.

Return type:

Any

get_feed(feed_type)#

Request a single feed

Parameters:

feed_type (Optional[FeedType]) – Type of single feed to get: NVT, CERT or SCAP

Returns:

The response. See send_command() for details.

Return type:

Any

get_feeds()#

Request the list of feeds

Returns:

The response. See send_command() for details.

Return type:

Any

get_filter(filter_id, *, alerts=None)#

Request a single filter

Parameters:
  • filter_id (str) – UUID of an existing filter

  • alerts (Optional[bool]) – Whether to include list of alerts that use the filter.

Returns:

The response. See send_command() for details.

Return type:

Any

get_filters(*, filter_string=None, filter_id=None, trash=None, alerts=None)#

Request a list of filters

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan filters instead

  • alerts (Optional[bool]) – Whether to include list of alerts that use the filter.

Returns:

The response. See send_command() for details.

Return type:

Any

get_group(group_id)#

Request a single group

Parameters:

group_id (str) – UUID of an existing group

Returns:

The response. See send_command() for details.

Return type:

Any

get_groups(*, filter_string=None, filter_id=None, trash=None)#

Request a list of groups

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan groups instead

Returns:

The response. See send_command() for details.

Return type:

Any

get_host(host_id)#

Request a single host

Parameters:

host_id (str) – UUID of an existing host

Returns:

The response. See send_command() for details.

Return type:

Any

get_hosts(*, filter_string=None, filter_id=None)#

Request a list of hosts

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

Returns:

The response. See send_command() for details.

Return type:

Any

get_info(info_id, info_type)#

Request a single secinfo

Parameters:
  • info_id (str) – ID of an existing secinfo

  • info_type (InfoType) – Type must be either CERT_BUND_ADV, CPE, CVE, DFN_CERT_ADV, OVALDEF, NVT

Returns:

The response. See send_command() for details.

Return type:

Any

get_info_list(info_type, *, filter_string=None, filter_id=None, name=None, details=None)#

Request a list of security information

Parameters:
  • info_type (InfoType) – Type must be either CERT_BUND_ADV, CPE, CVE, DFN_CERT_ADV, OVALDEF or NVT

  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • name (Optional[str]) – Name or identifier of the requested information

  • details (Optional[bool]) – Whether to include information about references to this information

Returns:

The response. See send_command() for details.

Return type:

Any

get_note(note_id)#

Request a single note

Parameters:

note_id (str) – UUID of an existing note

Returns:

The response. See send_command() for details.

Return type:

Any

get_notes(*, filter_string=None, filter_id=None, details=None, result=None)#

Request a list of notes

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • details (Optional[bool]) – Add info about connected results and tasks

  • result (Optional[bool]) – Return the details of possible connected results.

Returns:

The response. See send_command() for details.

Return type:

Any

get_nvt(nvt_id)#

Request a single NVT

Parameters:

nvt_id (str) – ID of an existing NVT

Returns:

The response. See send_command() for details.

Return type:

Any

get_nvt_families(*, sort_order=None)#

Request a list of nvt families

Parameters:

sort_order (Optional[str]) – Sort order

Returns:

The response. See send_command() for details.

get_nvt_preference(name, *, nvt_oid=None)#

Request a nvt preference

Parameters:
  • name (str) – name of a particular preference

  • nvt_oid (Optional[str]) – OID of nvt

  • config_id – UUID of scan config of which to show preference values

Returns:

The response. See send_command() for details.

Return type:

Any

get_nvt_preferences(*, nvt_oid=None)#

Request a list of preferences

The preference element includes just the name and value, with the NVT and type built into the name.

Parameters:

nvt_oid (Optional[str]) – OID of nvt

Returns:

The response. See send_command() for details.

Return type:

Any

get_nvts(*, filter_string=None, filter_id=None, name=None, details=None)#

Request a list of NVTs

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • name (Optional[str]) – Name or identifier of the requested information

  • details (Optional[bool]) – Whether to include information about references to this information

Returns:

The response. See send_command() for details.

Return type:

Any

get_operating_system(operating_system_id)#

Request a single operating_system

Parameters:

operating_system_id (str) – UUID of an existing operating_system

Returns:

The response. See send_command() for details.

Return type:

Any

get_operating_systems(*, filter_string=None, filter_id=None)#

Request a list of operating_systems

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

Returns:

The response. See send_command() for details.

Return type:

Any

get_oval_definition(oval_id)#

Request a single Oval definition

Parameters:

oval_id (str) – ID of an existing Oval definition

Returns:

The response. See send_command() for details.

Return type:

Any

get_oval_definitions(*, filter_string=None, filter_id=None, name=None, details=None)#

Request a list of OVAL definitions

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • name (Optional[str]) – Name or identifier of the requested information

  • details (Optional[bool]) – Whether to include information about references to this information

Returns:

The response. See send_command() for details.

Return type:

Any

get_override(override_id)#

Request a single override

Parameters:

override_id (str) – UUID of an existing override

Returns:

The response. See send_command() for details.

Return type:

Any

get_overrides(*, filter_string=None, filter_id=None, details=None, result=None)#

Request a list of overrides

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • details (Optional[bool]) – Whether to include full details

  • result (Optional[bool]) – Whether to include results using the override

Returns:

The response. See send_command() for details.

Return type:

Any

get_permission(permission_id)#

Request a single permission

Parameters:

permission_id (str) – UUID of an existing permission

Returns:

The response. See send_command() for details.

Return type:

Any

get_permissions(*, filter_string=None, filter_id=None, trash=None)#

Request a list of permissions

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get permissions in the trashcan instead

Returns:

The response. See send_command() for details.

Return type:

Any

get_policies(*, audits=None, filter_string=None, filter_id=None, details=None, families=None, preferences=None, trash=None)#

Request a list of policies

Parameters:
  • audits (Optional[bool]) – Whether to get audits using the policy

  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • details (Optional[bool]) – Whether to get families, preferences, nvt selectors and tasks.

  • families (Optional[bool]) – Whether to include the families if no details are requested

  • preferences (Optional[bool]) – Whether to include the preferences if no details are requested

  • trash (Optional[bool]) – Whether to get the trashcan audits instead

Returns:

The response. See send_command() for details.

Return type:

Any

get_policy(policy_id, *, audits=None)#

Request a single policy

Parameters:
  • policy_id (str) – UUID of an existing policy

  • audits (Optional[bool]) – Whether to get audits using this policy

Returns:

The response. See send_command() for details.

Return type:

Any

get_port_list(port_list_id)#

Request a single port list

Parameters:

port_list_id (str) – UUID of an existing port list

Returns:

The response. See send_command() for details.

get_port_lists(*, filter_string=None, filter_id=None, details=None, targets=None, trash=None)#

Request a list of port lists

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • details (Optional[bool]) – Whether to include full port list details

  • targets (Optional[bool]) – Whether to include targets using this port list

  • trash (Optional[bool]) – Whether to get port lists in the trashcan instead

Returns:

The response. See send_command() for details.

Return type:

Any

static get_protocol_version()#

Determine the Greenbone Management Protocol (gmp) version used by python-gvm version.

Returns:

Implemented version of the Greenbone Management Protocol

Return type:

tuple

get_report(report_id, *, filter_string=None, filter_id=None, delta_report_id=None, report_format_id=None, ignore_pagination=None, details=True)#

Request a single report

Parameters:
  • report_id (str) – UUID of an existing report

  • filter_string (Optional[str]) – Filter term to use to filter results in the report

  • filter_id (Optional[str]) – UUID of filter to use to filter results in the report

  • delta_report_id (Optional[str]) – UUID of an existing report to compare report to.

  • report_format_id (Optional[Union[str, ReportFormatType]]) – UUID of report format to use or ReportFormatType (enum)

  • ignore_pagination (Optional[bool]) – Whether to ignore the filter terms “first” and “rows”.

  • details (Optional[bool]) – Request additional report information details defaults to True

Returns:

The response. See send_command() for details.

Return type:

Any

get_report_format(report_format_id)#

Request a single report format

Parameters:

report_format_id (Union[str, ReportFormatType]) – UUID of an existing report format or ReportFormatType (enum)

Returns:

The response. See send_command() for details.

Return type:

Any

get_report_formats(*, filter_string=None, filter_id=None, trash=None, alerts=None, params=None, details=None)#

Request a list of report formats

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan report formats instead

  • alerts (Optional[bool]) – Whether to include alerts that use the report format

  • params (Optional[bool]) – Whether to include report format parameters

  • details (Optional[bool]) – Include report format file, signature and parameters

Returns:

The response. See send_command() for details.

Return type:

Any

get_reports(*, filter_string=None, filter_id=None, note_details=None, override_details=None, ignore_pagination=None, details=None)#

Request a list of reports

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • note_details (Optional[bool]) – If notes are included, whether to include note details

  • override_details (Optional[bool]) – If overrides are included, whether to include override details

  • ignore_pagination (Optional[bool]) – Whether to ignore the filter terms “first” and “rows”.

  • details (Optional[bool]) – Whether to exclude results

Returns:

The response. See send_command() for details.

Return type:

Any

get_result(result_id)#

Request a single result

Parameters:

result_id (str) – UUID of an existing result

Returns:

The response. See send_command() for details.

Return type:

Any

get_results(*, filter_string=None, filter_id=None, task_id=None, note_details=None, override_details=None, details=None)#

Request a list of results

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • task_id (Optional[str]) – UUID of task for note and override handling

  • note_details (Optional[bool]) – If notes are included, whether to include note details

  • override_details (Optional[bool]) – If overrides are included, whether to include override details

  • details (Optional[bool]) – Whether to include additional details of the results

Returns:

The response. See send_command() for details.

Return type:

Any

get_role(role_id)#

Request a single role

Parameters:

role_id (str) – UUID of an existing role

Returns:

The response. See send_command() for details.

Return type:

Any

get_roles(*, filter_string=None, filter_id=None, trash=None)#

Request a list of roles

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan roles instead

Returns:

The response. See send_command() for details.

Return type:

Any

get_scan_config(config_id, *, tasks=None)#

Request a single scan config

Parameters:
  • config_id (str) – UUID of an existing scan config

  • tasks (Optional[bool]) – Whether to get tasks using this config

Returns:

The response. See send_command() for details.

Return type:

Any

get_scan_config_nvt(nvt_oid)#

Request a single nvt

Parameters:

nvt_oid (str) – OID of an existing nvt

Returns:

The response. See send_command() for details.

get_scan_config_nvts(*, details=None, preferences=None, preference_count=None, timeout=None, config_id=None, preferences_config_id=None, family=None, sort_order=None, sort_field=None)#

Request a list of nvts

Parameters:
  • details (Optional[bool]) – Whether to include full details

  • preferences (Optional[bool]) – Whether to include nvt preferences

  • preference_count (Optional[bool]) – Whether to include preference count

  • timeout (Optional[bool]) – Whether to include the special timeout preference

  • config_id (Optional[str]) – UUID of scan config to which to limit the NVT listing

  • preferences_config_id (Optional[str]) – UUID of scan config to use for preference values

  • family (Optional[str]) – Family to which to limit NVT listing

  • sort_order (Optional[str]) – Sort order

  • sort_field (Optional[str]) – Sort field

Returns:

The response. See send_command() for details.

get_scan_config_preference(name, *, nvt_oid=None, config_id=None)#

Request a nvt preference

Parameters:
  • name (str) – name of a particular preference

  • nvt_oid (Optional[str]) – OID of nvt

  • config_id (Optional[str]) – UUID of scan config of which to show preference values

Returns:

The response. See send_command() for details.

Return type:

Any

get_scan_config_preferences(*, nvt_oid=None, config_id=None)#

Request a list of scan_config preferences

When the command includes a config_id attribute, the preference element includes the preference name, type and value, and the NVT to which the preference applies. If the command includes a config_id and an nvt_oid, the preferences for the given nvt in the config will be shown.

Parameters:
  • nvt_oid (Optional[str]) – OID of nvt

  • config_id (Optional[str]) – UUID of scan config of which to show preference values

Returns:

The response. See send_command() for details.

Return type:

Any

get_scan_configs(*, filter_string=None, filter_id=None, trash=None, details=None, families=None, preferences=None, tasks=None)#

Request a list of scan configs

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan scan configs instead

  • details (Optional[bool]) – Whether to get config families, preferences, nvt selectors and tasks.

  • families (Optional[bool]) – Whether to include the families if no details are requested

  • preferences (Optional[bool]) – Whether to include the preferences if no details are requested

  • tasks (Optional[bool]) – Whether to get tasks using this config

Returns:

The response. See send_command() for details.

Return type:

Any

get_scanner(scanner_id)#

Request a single scanner

Parameters:

scanner_id (str) – UUID of an existing scanner

Returns:

The response. See send_command() for details.

Return type:

Any

get_scanners(*, filter_string=None, filter_id=None, trash=None, details=None)#

Request a list of scanners

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan scanners instead

  • details (Optional[bool]) – Whether to include extra details like tasks using this scanner

Returns:

The response. See send_command() for details.

Return type:

Any

get_schedule(schedule_id, *, tasks=None)#

Request a single schedule

Parameters:
  • schedule_id (str) – UUID of an existing schedule

  • tasks (Optional[bool]) – Whether to include tasks using the schedules

Returns:

The response. See send_command() for details.

Return type:

Any

get_schedules(*, filter_string=None, filter_id=None, trash=None, tasks=None)#

Request a list of schedules

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan schedules instead

  • tasks (Optional[bool]) – Whether to include tasks using the schedules

Returns:

The response. See send_command() for details.

Return type:

Any

get_system_reports(*, name=None, duration=None, start_time=None, end_time=None, brief=None, slave_id=None)#

Request a list of system reports

Parameters:
  • name (Optional[str]) – A string describing the required system report

  • duration (Optional[int]) – The number of seconds into the past that the system report should include

  • start_time (Optional[str]) – The start of the time interval the system report should include in ISO time format

  • end_time (Optional[str]) – The end of the time interval the system report should include in ISO time format

  • brief (Optional[bool]) – Whether to include the actual system reports

  • slave_id (Optional[str]) – UUID of GMP scanner from which to get the system reports

Returns:

The response. See send_command() for details.

Return type:

Any

get_tag(tag_id)#

Request a single tag

Parameters:

tag_id (str) – UUID of an existing tag

Returns:

The response. See send_command() for details.

Return type:

Any

get_tags(*, filter_string=None, filter_id=None, trash=None, names_only=None)#

Request a list of tags

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get tags from the trashcan instead

  • names_only (Optional[bool]) – Whether to get only distinct tag names

Returns:

The response. See send_command() for details.

Return type:

Any

get_target(target_id, *, tasks=None)#

Request a single target

Parameters:
  • target_id (str) – UUID of an existing target

  • tasks (Optional[bool]) – Whether to include list of tasks that use the target

Returns:

The response. See send_command() for details.

Return type:

Any

get_targets(*, filter_string=None, filter_id=None, trash=None, tasks=None)#

Request a list of targets

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan targets instead

  • tasks (Optional[bool]) – Whether to include list of tasks that use the target

Returns:

The response. See send_command() for details.

Return type:

Any

get_task(task_id)#

Request a single task

Parameters:

task_id (str) – UUID of an existing task

Returns:

The response. See send_command() for details.

Return type:

Any

get_tasks(*, filter_string=None, filter_id=None, trash=None, details=None, schedules_only=None)#

Request a list of tasks

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – Whether to get the trashcan tasks instead

  • details (Optional[bool]) – Whether to include full task details

  • schedules_only (Optional[bool]) – Whether to only include id, name and schedule details

Returns:

The response. See send_command() for details.

Return type:

Any

get_ticket(ticket_id)#

Request a single ticket

Parameters:

ticket_id (str) – UUID of an existing ticket

Returns:

The response. See send_command() for details.

Return type:

Any

get_tickets(*, trash=None, filter_string=None, filter_id=None)#

Request a list of tickets

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • trash (Optional[bool]) – True to request the tickets in the trashcan

Returns:

The response. See send_command() for details.

Return type:

Any

get_tls_certificate(tls_certificate_id)#

Request a single TLS certificate

Parameters:

tls_certificate_id (str) – UUID of an existing TLS certificate

Returns:

The response. See send_command() for details.

Return type:

Any

get_tls_certificates(*, filter_string=None, filter_id=None, include_certificate_data=None, details=None)#

Request a list of TLS certificates

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

  • include_certificate_data (Optional[bool]) – Whether to include the certificate data in the response

  • details (Optional[bool]) – Whether to include additional details of the tls certificates

Returns:

The response. See send_command() for details.

Return type:

Any

get_user(user_id)#

Request a single user

Parameters:

user_id (str) – UUID of an existing user

Returns:

The response. See send_command() for details.

Return type:

Any

get_user_setting(setting_id)#

Request a single user setting

Parameters:

setting_id (str) – UUID of an existing setting

Returns:

The response. See send_command() for details.

Return type:

Any

get_user_settings(*, filter_string=None)#

Request a list of user settings

Parameters:

filter_string (Optional[str]) – Filter term to use for the query

Returns:

The response. See send_command() for details.

Return type:

Any

get_users(*, filter_string=None, filter_id=None)#

Request a list of users

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

Returns:

The response. See send_command() for details.

Return type:

Any

get_version()#

Get the Greenbone Vulnerability Manager Protocol version used by the remote gvmd.

Returns:

The response. See send_command() for details.

Return type:

Any

get_vulnerabilities(*, filter_string=None, filter_id=None)#

Request a list of vulnerabilities

Parameters:
  • filter_string (Optional[str]) – Filter term to use for the query

  • filter_id (Optional[str]) – UUID of an existing filter to use for the query

Returns:

The response. See send_command() for details.

Return type:

Any

get_vulnerability(vulnerability_id)#

Request a single vulnerability

Parameters:

vulnerability_id (str) – ID of an existing vulnerability

Returns:

The response. See send_command() for details.

Return type:

Any

help(*, help_format=None, brief=None)#

Get the help text

Parameters:
  • help_format (Optional[HelpFormat]) – Format of of the help: “html”, “rnc”, “text” or “xml

  • brief (Optional[bool]) – If True help is brief

Returns:

The response. See send_command() for details.

Return type:

Any

import_policy(policy)#

Import a policy from XML

Parameters:

policy (str) – Policy XML as string to import. This XML must contain a <get_configs_response> root element.

Returns:

The response. See send_command() for details.

Return type:

Any

import_report(report, *, task_id=None, in_assets=None)#

Import a Report from XML

Parameters:
  • report (str) – Report XML as string to import. This XML must contain a <report> root element.

  • task_id (Optional[str]) – UUID of task to import report to

  • in_asset – Whether to create or update assets using the report

Returns:

The response. See send_command() for details.

Return type:

Any

import_report_format(report_format)#

Import a report format from XML

Parameters:

report_format (str) – Report format XML as string to import. This XML must contain a <get_report_formats_response> root element.

Returns:

The response. See send_command() for details.

Return type:

Any

import_scan_config(config)#

Import a scan config from XML

Parameters:

config (str) – Scan Config XML as string to import. This XML must contain a <get_configs_response> root element.

Returns:

The response. See send_command() for details.

Return type:

Any

is_authenticated()#

Checks if the user is authenticated

If the user is authenticated privileged GMP commands like get_tasks may be send to gvmd.

Returns:

True if an authenticated connection to gvmd has been established.

Return type:

bool

is_connected()#

Status of the current connection

Returns:

True if a connection to the remote server has been established.

Return type:

bool

modify_alert(alert_id, *, name=None, comment=None, filter_id=None, event=None, event_data=None, condition=None, condition_data=None, method=None, method_data=None)#

Modifies an existing alert.

Parameters:
  • alert_id (str) – UUID of the alert to be modified.

  • name (Optional[str]) – Name of the Alert.

  • condition (Optional[AlertCondition]) – The condition that must be satisfied for the alert to occur. If the event is either ‘Updated SecInfo arrived’ or ‘New SecInfo arrived’, condition must be ‘Always’. Otherwise, condition can also be on of ‘Severity at least’, ‘Filter count changed’ or ‘Filter count at least’.

  • condition_data (Optional[dict]) – Data that defines the condition

  • event (Optional[AlertEvent]) – The event that must happen for the alert to occur, one of ‘Task run status changed’, ‘Updated SecInfo arrived’ or ‘New SecInfo arrived’

  • event_data (Optional[dict]) – Data that defines the event

  • method (Optional[AlertMethod]) – The method by which the user is alerted, one of ‘SCP’, ‘Send’, ‘SMB’, ‘SNMP’, ‘Syslog’ or ‘Email’; if the event is neither ‘Updated SecInfo arrived’ nor ‘New SecInfo arrived’, method can also be one of ‘Start Task’, ‘HTTP Get’, ‘Sourcefire Connector’ or ‘verinice Connector’.

  • method_data (Optional[dict]) – Data that defines the method

  • filter_id (Optional[str]) – Filter to apply when executing alert

  • comment (Optional[str]) – Comment for the alert

Returns:

The response. See send_command() for details.

Return type:

Any

modify_audit(audit_id, *, name=None, policy_id=None, target_id=None, scanner_id=None, alterable=None, hosts_ordering=None, schedule_id=None, schedule_periods=None, comment=None, alert_ids=None, observers=None, preferences=None)#

Modifies an existing task.

Parameters:
  • audit_id (str) – UUID of audit to modify.

  • name (Optional[str]) – The name of the audit.

  • policy_id (Optional[str]) – UUID of policy to use by the audit

  • target_id (Optional[str]) – UUID of target to be scanned

  • scanner_id (Optional[str]) – UUID of scanner to use for scanning the target

  • comment (Optional[str]) – The comment on the audit.

  • alert_ids (Optional[List[str]]) – List of UUIDs for alerts to be applied to the audit

  • hosts_ordering (Optional[HostsOrdering]) – The order hosts are scanned in

  • schedule_id (Optional[str]) – UUID of a schedule when the audit should be run.

  • schedule_periods (Optional[int]) – A limit to the number of times the audit will be scheduled, or 0 for no limit.

  • observers (Optional[List[str]]) – List of names or ids of users which should be allowed to observe this audit

  • preferences (Optional[dict]) – Name/Value pairs of scanner preferences.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_auth(group_name, auth_conf_settings)#

Modifies an existing auth.

Parameters:
  • group_name (str) – Name of the group to be modified.

  • auth_conf_settings (dict) – The new auth config.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_credential(credential_id, *, name=None, comment=None, allow_insecure=None, certificate=None, key_phrase=None, private_key=None, login=None, password=None, auth_algorithm=None, community=None, privacy_algorithm=None, privacy_password=None, public_key=None)#

Modifies an existing credential.

Parameters:
  • credential_id (str) – UUID of the credential

  • name (Optional[str]) – Name of the credential

  • comment (Optional[str]) – Comment for the credential

  • allow_insecure (Optional[bool]) – Whether to allow insecure use of the credential

  • certificate (Optional[str]) – Certificate for the credential

  • key_phrase (Optional[str]) – Key passphrase for the private key

  • private_key (Optional[str]) – Private key to use for login

  • login (Optional[str]) – Username for the credential

  • password (Optional[str]) – Password for the credential

  • auth_algorithm (Optional[SnmpAuthAlgorithm]) – The authentication algorithm for SNMP

  • community (Optional[str]) – The SNMP community

  • privacy_algorithm (Optional[SnmpPrivacyAlgorithm]) – The privacy algorithm for SNMP

  • privacy_password (Optional[str]) – The SNMP privacy password

  • public_key (Optional[str]) – PGP public key in armor plain text format

Returns:

The response. See send_command() for details.

Return type:

Any

modify_filter(filter_id, *, comment=None, name=None, term=None, filter_type=None)#

Modifies an existing filter.

Parameters:
  • filter_id (str) – UUID of the filter to be modified

  • comment (Optional[str]) – Comment on filter.

  • name (Optional[str]) – Name of filter.

  • term (Optional[str]) – Filter term.

  • filter_type (Optional[FilterType]) – Resource type filter applies to.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_group(group_id, *, comment=None, name=None, users=None)#

Modifies an existing group.

Parameters:
  • group_id (str) – UUID of group to modify.

  • comment (Optional[str]) – Comment on group.

  • name (Optional[str]) – Name of group.

  • users (Optional[List[str]]) – List of user names to be in the group

Returns:

The response. See send_command() for details.

Return type:

Any

modify_host(host_id, *, comment=None)#

Modifies an existing host.

Parameters:
  • host_id (str) – UUID of the host to be modified.

  • comment (Optional[str]) – Comment for the host. Not passing a comment arguments clears the comment for this host.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_note(note_id, text, *, days_active=None, hosts=None, port=None, result_id=None, severity=None, task_id=None, threat=None)#

Modifies an existing note.

Parameters:
  • note_id (str) – UUID of note to modify.

  • text (str) – The text of the note.

  • days_active (Optional[int]) – Days note will be active. -1 on always, 0 off.

  • hosts (Optional[List[str]]) – A list of hosts addresses

  • port (Optional[str]) – Port to which the override applies, needs to be a string in the form {number}/{protocol}

  • result_id (Optional[str]) – Result to which note applies.

  • severity (Optional[Real]) – Severity to which note applies.

  • task_id (Optional[str]) – Task to which note applies.

  • threat (Optional[SeverityLevel]) – Threat level to which note applies. Will be converted to severity.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_operating_system(operating_system_id, *, comment=None)#

Modifies an existing operating system.

Parameters:
  • operating_system_id (str) – UUID of the operating_system to be modified.

  • comment (Optional[str]) – Comment for the operating_system. Not passing a comment arguments clears the comment for this operating system.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_override(override_id, text, *, days_active=None, hosts=None, port=None, result_id=None, severity=None, new_severity=None, task_id=None, threat=None, new_threat=None)#

Modifies an existing override.

Parameters:
  • override_id (str) – UUID of override to modify.

  • text (str) – The text of the override.

  • days_active (Optional[int]) – Days override will be active. -1 on always, 0 off.

  • hosts (Optional[List[str]]) – A list of host addresses

  • port (Optional[str]) – Port to which the override applies, needs to be a string in the form {number}/{protocol}

  • result_id (Optional[str]) – Result to which override applies.

  • severity (Optional[Real]) – Severity to which override applies.

  • new_severity (Optional[Real]) – New severity score for result.

  • task_id (Optional[str]) – Task to which override applies.

  • threat (Optional[SeverityLevel]) – Threat level to which override applies. Will be converted to severity.

  • new_threat (Optional[SeverityLevel]) – New threat level for results. Will be converted to new_severity.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_permission(permission_id, *, comment=None, name=None, resource_id=None, resource_type=None, subject_id=None, subject_type=None)#

Modifies an existing permission.

Parameters:
  • permission_id (str) – UUID of permission to be modified.

  • comment (Optional[str]) – The comment on the permission.

  • name (Optional[str]) – Permission name, currently the name of a command.

  • subject_id (Optional[str]) – UUID of subject to whom the permission is granted

  • subject_type (Optional[PermissionSubjectType]) – Type of the subject user, group or role

  • resource_id (Optional[str]) – UUID of entity to which the permission applies

  • resource_type (Optional[EntityType]) – Type of the resource. For Super permissions user, group or role

Returns:

The response. See send_command() for details.

Return type:

Any

modify_policy_set_comment(policy_id, comment=None)#

Modifies the comment of an existing policy

Parameters:
  • policy_id (str) – UUID of policy to modify.

  • comment (Optional[str]) – Comment to set on a policy. Default is an empty comment and the previous comment will be removed.

modify_policy_set_family_selection(policy_id, families, *, auto_add_new_families=True)#

Selected the NVTs of a policy at a family level.

Parameters:
  • policy_id (str) – UUID of policy to modify.

  • families (List[Tuple[str, bool, bool]]) – A list of tuples with the first entry being the name of the NVT family selected, second entry a boolean indicating whether new NVTs should be added to the family automatically, and third entry a boolean indicating whether all nvts from the family should be included.

  • auto_add_new_families (Optional[bool]) – Whether new families should be added to the policy automatically. Default: True.

modify_policy_set_name(policy_id, name)#

Modifies the name of an existing policy

Parameters:
  • policy_id (str) – UUID of policy to modify.

  • name (str) – New name for the policy.

modify_policy_set_nvt_preference(policy_id, name, nvt_oid, *, value=None)#

Modifies the nvt preferences of an existing policy.

Parameters:
  • policy_id (str) – UUID of policy to modify.

  • name (str) – Name for preference to change.

  • nvt_oid (str) – OID of the NVT associated with preference to modify

  • value (Optional[str]) – New value for the preference. None to delete the preference and to use the default instead.

modify_policy_set_nvt_selection(policy_id, family, nvt_oids)#

Modifies the selected nvts of an existing policy

The manager updates the given family in the policy to include only the given NVTs.

Parameters:
  • policy_id (str) – UUID of policy to modify.

  • family (str) – Name of the NVT family to include NVTs from

  • nvt_oids (List[str]) – List of NVTs to select for the family.

modify_policy_set_scanner_preference(policy_id, name, *, value=None)#

Modifies the scanner preferences of an existing policy

Parameters:
  • policy_id (str) – UUID of policy to modify.

  • name (str) – Name of the scanner preference to change

  • value (Optional[str]) – New value for the preference. None to delete the preference and to use the default instead.

modify_port_list(port_list_id, *, comment=None, name=None)#

Modifies an existing port list.

Parameters:
  • port_list_id (str) – UUID of port list to modify.

  • name (Optional[str]) – Name of port list.

  • comment (Optional[str]) – Comment on port list.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_report_format(report_format_id=None, *, active=None, name=None, summary=None, param_name=None, param_value=None)#

Modifies an existing report format.

Parameters:
  • report_format_id (Optional[Union[str, ReportFormatType]]) – UUID of report format to modify or ReportFormatType (enum)

  • active (Optional[bool]) – Whether the report format is active.

  • name (Optional[str]) – The name of the report format.

  • summary (Optional[str]) – A summary of the report format.

  • param_name (Optional[str]) – The name of the param.

  • param_value (Optional[str]) – The value of the param.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_role(role_id, *, comment=None, name=None, users=None)#

Modifies an existing role.

Parameters:
  • role_id (str) – UUID of role to modify.

  • comment (Optional[str]) – Name of role.

  • name (Optional[str]) – Comment on role.

  • users (Optional[List[str]]) – List of user names.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_scan_config(config_id, selection=None, **kwargs)#

Modifies an existing scan config.

DEPRECATED. Please use modify_scan_config_set_ methods instead.

modify_config has four modes to operate depending on the selection.

Parameters:
  • config_id (str) – UUID of scan config to modify.

  • selection (Optional[str]) – one of ‘scan_pref’, ‘nvt_pref’, ‘nvt_selection’ or ‘family_selection’

  • name – New name for preference.

  • value – New value for preference.

  • nvt_oids – List of NVTs associated with preference to modify.

  • family – Name of family to modify.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_scan_config_set_comment(config_id, *, comment=None)#

Modifies the comment of an existing scan config

Parameters:
  • config_id (str) – UUID of scan config to modify.

  • comment (Optional[str]) – Comment to set on a config. Default is an empty comment and the previous comment will be removed.

modify_scan_config_set_family_selection(config_id, families, *, auto_add_new_families=True)#

Selected the NVTs of a scan config at a family level.

Parameters:
  • config_id (str) – UUID of scan config to modify.

  • families (List[Tuple[str, bool, bool]]) – A list of tuples (str, bool, bool): str: the name of the NVT family selected, bool: add new NVTs to the family automatically, bool: include all NVTs from the family

  • auto_add_new_families (Optional[bool]) – Whether new families should be added to the scan config automatically. Default: True.

modify_scan_config_set_name(config_id, name)#

Modifies the name of an existing scan config

Parameters:
  • config_id (str) – UUID of scan config to modify.

  • name (str) – New name for the config.

modify_scan_config_set_nvt_preference(config_id, name, nvt_oid, *, value=None)#

Modifies the nvt preferences of an existing scan config.

Parameters:
  • config_id (str) – UUID of scan config to modify.

  • name (str) – Name for nvt preference to change.

  • nvt_oid (str) – OID of the NVT associated with preference to modify

  • value (Optional[str]) – New value for the preference. None to delete the preference and to use the default instead.

modify_scan_config_set_nvt_selection(config_id, family, nvt_oids)#

Modifies the selected nvts of an existing scan config

The manager updates the given family in the config to include only the given NVTs.

Parameters:
  • config_id (str) – UUID of scan config to modify.

  • family (str) – Name of the NVT family to include NVTs from

  • nvt_oids (List[str]) – List of NVTs to select for the family.

modify_scan_config_set_scanner_preference(config_id, name, *, value=None)#

Modifies the scanner preferences of an existing scan config

Parameters:
  • config_id (str) – UUID of scan config to modify.

  • name (str) – Name of the scanner preference to change

  • value (Optional[str]) – New value for the preference. None to delete the preference and to use the default instead.

modify_scanner(scanner_id, *, scanner_type=None, host=None, port=None, comment=None, name=None, ca_pub=None, credential_id=None)#

Modifies an existing scanner.

Parameters:
  • scanner_id (str) – UUID of scanner to modify.

  • scanner_type (Optional[ScannerType]) – New type of the Scanner.

  • host (Optional[str]) – Host of the scanner.

  • port (Optional[int]) – Port of the scanner.

  • comment (Optional[str]) – Comment on scanner.

  • name (Optional[str]) – Name of scanner.

  • ca_pub (Optional[str]) – Certificate of CA to verify scanner’s certificate.

  • credential_id (Optional[str]) – UUID of the client certificate credential for the Scanner.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_schedule(schedule_id, *, name=None, icalendar=None, timezone=None, comment=None)#

Modifies an existing schedule

Parameters:
  • schedule_id (str) – UUID of the schedule to be modified

  • name (Optional[str]) – Name of the schedule

  • icalendar (Optional[str]) – iCalendar (RFC 5545) based data.

  • timezone (Optional[str]) – Timezone to use for the icalender events e.g Europe/Berlin. If the datetime values in the icalendar data are missing timezone information this timezone gets applied. Otherwise the datetime values from the icalendar data are displayed in this timezone

  • comment (Optional[str]) – Comment on schedule.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_tag(tag_id, *, comment=None, name=None, value=None, active=None, resource_action=None, resource_type=None, resource_filter=None, resource_ids=None)#

Modifies an existing tag.

Parameters:
  • tag_id (str) – UUID of the tag.

  • comment (Optional[str]) – Comment to add to the tag.

  • name (Optional[str]) – Name of the tag.

  • value – Value of the tag.

  • active – Whether the tag is active.

  • resource_action (Optional[str]) – Whether to add or remove resources instead of overwriting. One of ‘’, ‘add’, ‘set’ or ‘remove’.

  • resource_type (Optional[EntityType]) – Type of the resources to which to attach the tag. Required if resource_filter is set.

  • resource_filter (Optional[str]) – Filter term to select resources the tag is to be attached to.

  • resource_ids (Optional[List[str]]) – IDs of the resources to which to attach the tag.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_target(target_id, *, name=None, comment=None, hosts=None, exclude_hosts=None, ssh_credential_id=None, ssh_credential_port=None, smb_credential_id=None, esxi_credential_id=None, snmp_credential_id=None, alive_test=None, reverse_lookup_only=None, reverse_lookup_unify=None, port_list_id=None)#

Modifies an existing target.

Parameters:
  • target_id (str) – ID of target to modify.

  • comment (Optional[str]) – Comment on target.

  • name (Optional[str]) – Name of target.

  • hosts (Optional[List[str]]) – List of target hosts.

  • exclude_hosts (Optional[List[str]]) – A list of hosts to exclude.

  • ssh_credential_id (Optional[str]) – UUID of SSH credential to use on target.

  • ssh_credential_port (Optional[bool]) – The port to use for ssh credential

  • smb_credential_id (Optional[str]) – UUID of SMB credential to use on target.

  • esxi_credential_id (Optional[str]) – UUID of ESXi credential to use on target.

  • snmp_credential_id (Optional[str]) – UUID of SNMP credential to use on target.

  • port_list_id (Optional[str]) – UUID of port list describing ports to scan.

  • alive_test (Optional[AliveTest]) – Which alive tests to use.

  • reverse_lookup_only (Optional[bool]) – Whether to scan only hosts that have names.

  • reverse_lookup_unify (Optional[bool]) – Whether to scan only one IP when multiple IPs have the same name.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_task(task_id, *, name=None, config_id=None, target_id=None, scanner_id=None, alterable=None, hosts_ordering=None, schedule_id=None, schedule_periods=None, comment=None, alert_ids=None, observers=None, preferences=None)#

Modifies an existing task.

Parameters:
  • task_id (str) – UUID of task to modify.

  • name (Optional[str]) – The name of the task.

  • config_id (Optional[str]) – UUID of scan config to use by the task

  • target_id (Optional[str]) – UUID of target to be scanned

  • scanner_id (Optional[str]) – UUID of scanner to use for scanning the target

  • comment (Optional[str]) – The comment on the task.

  • alert_ids (Optional[List[str]]) – List of UUIDs for alerts to be applied to the task

  • hosts_ordering (Optional[HostsOrdering]) – The order hosts are scanned in

  • schedule_id (Optional[str]) – UUID of a schedule when the task should be run.

  • schedule_periods (Optional[int]) – A limit to the number of times the task will be scheduled, or 0 for no limit.

  • observers (Optional[List[str]]) – List of names or ids of users which should be allowed to observe this task

  • preferences (Optional[dict]) – Name/Value pairs of scanner preferences.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_ticket(ticket_id, *, status=None, note=None, assigned_to_user_id=None, comment=None)#

Modify a single ticket

Parameters:
  • ticket_id (str) – UUID of an existing ticket

  • status (Optional[TicketStatus]) – New status for the ticket

  • note (Optional[str]) – Note for the status change. Required if status is set.

  • assigned_to_user_id (Optional[str]) – UUID of the user the ticket should be assigned to

  • comment (Optional[str]) – Comment for the ticket

Returns:

The response. See send_command() for details.

Return type:

Any

modify_tls_certificate(tls_certificate_id, *, name=None, comment=None, trust=None)#

Modifies an existing TLS certificate.

Parameters:
  • tls_certificate_id (str) – UUID of the TLS certificate to be modified.

  • name (Optional[str]) – Name of the TLS certificate, defaulting to the MD5 fingerprint

  • comment (Optional[str]) – Comment for the TLS certificate.

  • trust (Optional[bool]) – Whether the certificate is trusted.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_user(user_id=None, name=None, *, new_name=None, comment=None, password=None, auth_source=None, role_ids=None, hosts=None, hosts_allow=False, ifaces=None, ifaces_allow=False, group_ids=None)#

Modifies an existing user.

Most of the fields need to be supplied for changing a single field even if no change is wanted for those. Else empty values are inserted for the missing fields instead.

Parameters:
  • user_id (Optional[str]) – UUID of the user to be modified. Overrides name element argument.

  • name (Optional[str]) – The name of the user to be modified. Either user_id or name must be passed.

  • new_name (Optional[str]) – The new name for the user.

  • comment (Optional[str]) – Comment on the user.

  • password (Optional[str]) – The password for the user.

  • auth_source (Optional[UserAuthType]) – Source allowed for authentication for this user.

  • roles_id – List of roles UUIDs for the user.

  • hosts (Optional[List[str]]) – User access rules: List of hosts.

  • hosts_allow (Optional[bool]) – Defines how the hosts list is to be interpreted. If False (default) the list is treated as a deny list. All hosts are allowed by default except those provided by the hosts parameter. If True the list is treated as a allow list. All hosts are denied by default except those provided by the hosts parameter.

  • ifaces (Optional[List[str]]) – User access rules: List of ifaces.

  • ifaces_allow (Optional[bool]) – Defines how the ifaces list is to be interpreted. If False (default) the list is treated as a deny list. All ifaces are allowed by default except those provided by the ifaces parameter. If True the list is treated as a allow list. All ifaces are denied by default except those provided by the ifaces parameter.

  • group_ids (Optional[List[str]]) – List of group UUIDs for the user.

Returns:

The response. See send_command() for details.

Return type:

Any

modify_user_setting(setting_id=None, name=None, value=None)#

Modifies an existing user setting.

Parameters:
  • setting_id (Optional[str]) – UUID of the setting to be changed.

  • name (Optional[str]) – The name of the setting. Either setting_id or name must be passed.

  • value (Optional[str]) – The value of the setting.

Returns:

The response. See send_command() for details.

Return type:

Any

move_task(task_id, *, slave_id=None)#

Move an existing task to another GMP slave scanner or the master

Parameters:
  • task_id (str) – UUID of the task to be moved

  • slave_id (Optional[str]) – UUID of slave to reassign the task to, empty for master.

Returns:

The response. See send_command() for details.

Return type:

Any

restore_from_trashcan(entity_id)#

Restore an entity from the trashcan

Parameters:

entity_id (str) – ID of the entity to be restored from the trashcan

Returns:

The response. See send_command() for details.

Return type:

Any

resume_audit(audit_id)#

Resume an existing stopped audit

Parameters:

audit_id (str) – UUID of the audit to be resumed

Returns:

The response. See send_command() for details.

Return type:

Any

resume_task(task_id)#

Resume an existing stopped task

Parameters:

task_id (str) – UUID of the task to be resumed

Returns:

The response. See send_command() for details.

Return type:

Any

send_command(cmd)#

Send a command to the remote server

If the class is not connected to the server yet the connection will be established automatically.

Parameters:

cmd (str) – Command as string to be send over the connection to the server.

Returns:

The actual returned type depends on the set transform.

Per default - if no transform is set explicitly - the response is returned as string.

Return type:

any

start_audit(audit_id)#

Start an existing audit

Parameters:

audit_id (str) – UUID of the audit to be started

Returns:

The response. See send_command() for details.

Return type:

Any

start_task(task_id)#

Start an existing task

Parameters:

task_id (str) – UUID of the task to be started

Returns:

The response. See send_command() for details.

Return type:

Any

stop_audit(audit_id)#

Stop an existing running audit

Parameters:

audit_id (str) – UUID of the audit to be stopped

Returns:

The response. See send_command() for details.

Return type:

Any

stop_task(task_id)#

Stop an existing running task

Parameters:

task_id (str) – UUID of the task to be stopped

Returns:

The response. See send_command() for details.

Return type:

Any

sync_scan_config()#

Request an OSP config synchronization with scanner

Returns:

The response. See send_command() for details.

Return type:

Any

test_alert(alert_id)#

Run an alert

Invoke a test run of an alert

Parameters:

alert_id (str) – UUID of the alert to be tested

Returns:

The response. See send_command() for details.

Return type:

Any

trigger_alert(alert_id, report_id, *, filter_string=None, filter_id=None, report_format_id=None, delta_report_id=None)#

Run an alert by ignoring its event and conditions

The alert is triggered to run immediately with the provided filtered report by ignoring the even and condition settings.

Parameters:
  • alert_id (str) – UUID of the alert to be run

  • report_id (str) – UUID of the report to be provided to the alert

  • filter – Filter term to use to filter results in the report

  • filter_id (Optional[str]) – UUID of filter to use to filter results in the report

  • report_format_id (Optional[Union[str, ReportFormatType]]) – UUID of report format to use or ReportFormatType (enum)

  • delta_report_id (Optional[str]) – UUID of an existing report to compare report to.

Returns:

The response. See send_command() for details.

Return type:

Any

verify_report_format(report_format_id)#

Verify an existing report format

Verifies the trust level of an existing report format. It will be checked whether the signature of the report format currently matches the report format. This includes the script and files used to generate reports of this format. It is not verified if the report format works as expected by the user.

Parameters:

report_format_id (Union[str, ReportFormatType]) – UUID of the report format to be verified or ReportFormatType (enum)

Returns:

The response. See send_command() for details.

Return type:

Any

verify_scanner(scanner_id)#

Verify an existing scanner

Verifies if it is possible to connect to an existing scanner. It is not verified if the scanner works as expected by the user.

Parameters:

scanner_id (str) – UUID of the scanner to be verified

Returns:

The response. See send_command() for details.

Return type:

Any