ospd-openvas - The OpenVAS Wrapper of the Greenbone Vulnerability Management

       ospd-openvas code is developed by Greenbone AG.

Greenbone Vulnerability Management                 August 2019                                   OSPD-OpenVAS(8)

GreenboneVulnerabilityManagement(GVM) is a vulnerability auditing and management framework made up of
       several modules.  The OSPD OpenVAS Wrapper, ospd-openvas is in charge of the  communication  between  the
       scanner OpenVAS and the clients (GVMd and gvm-tools).

       ospd-openvas  inspects the remote hosts to list all the vulnerabilities and common misconfigurations that
       affects them.

       It is a command line tool with parameters to start a daemon  which  keeps  waiting  for  instructions  to
       update the feed of vulnerability tests and
        to  start a scan.  The second part of the interface is the redis store where the parameters about a scan
       task need to be placed and from where the results  can  be  retrieved,  being  the  unique  communication
       channel between OSPD-OpenVAS and OpenVAS.

       The canonical places where you will find more information about OSPD-OpenVAS are:

              Community Portal
              Development Platform
              Traditional home site

       ospd-openvas - The OpenVAS Wrapper of the Greenbone Vulnerability Management

-s<config-file>,--config-file<config-file>
              Use the alternate configuration file instead of ~/.config/ospd.conf--version
              Print the version number and exit

       -h,--help
              Show a summary of the commands

       -pPORT,--portPORT
              TCP Port to listen on. Default: 0

       -bADDRESS,--bind-addressADDRESS
              Address to listen on. Default: 0.0.0.0

       -uUNIX_SOCKET,--unix-socketUNIX_SOCKET
              Unix file socket to listen on. Default: /var/run/ospd/ospd.sock

       -mSOCKET_MODE,--socket-modeSOCKET_MODE
              Unix file socket mode. Default: 0o700

       --pid-filePID_FILE
              Location of the file for the process ID. Default: /var/run/ospd.pid

       --lock-file-dirLOCK_FILE_DIR
              Directory where the feed lock file is placed. Default: /var/run/ospd

       -kKEY_FILE,--key-fileKEY_FILE
              Server key file. Default: /usr/var/lib/gvm/private/CA/serverkey.pem

       -cCERT_FILE,--cert-fileCERT_FILE
              Server cert file. Default: /usr/var/lib/gvm/CA/servercert.pem

       --ca-fileCA_FILE
              CA cert file. Default: /usr/var/lib/gvm/CA/cacert.pem

       -LLOG_LEVEL,--log-levelLOG_LEVEL
              Desired level of logging. Default: WARNING

       -f,--foreground
              Run in foreground and logs all messages to console.

       -lLOG_FILE,--log-fileLOG_FILE
              Path to the logging file.

       --stream-timeoutTIMEOUT
              Set a timeout on socket operations. Default 10 seconds

       --nicenessNICENESS
              Start the scan with the given niceness. Default 10

       --scaninfo-store-timeTIME
              Time  in  hours  a scan is stored before being considered forgotten and being delete from the scan
              table. Default 0, disabled.

       --max-scansVALUE
              Max. amount of parallel task that can be started. Default 0, disabled.

       --min-free-mem-scan-queueMB
              Minimum free memory in MB required to run the scan. If no enough free  memory  is  available,  the
              scan is queued. Default 0, disabled.

       --max-queued-scansVALUE
              Maximum number allowed of queued scans before starting to reject new scans.  Default 0, disabled.

openvas(8), gsad(8), gvmd(8), greenbone-nvt-sync(8),

ospd-openvas[-v][-h][-cconfig-file][--log-filelog-file]

       The default ospd-openvas configuration file, ~/.config/ospd.conf contains these options under the section
       [OSPD - openvas]:

       log_level
              Wished level of logging.

       socket_mode
              This option defines the permissions on a socket.  It must be set in octal format. E.g. socket_mode
              = 0o770

       unix_socket
              This option specifies the socket path.

       pid_file
              Location of the file for the process ID.

       log_file
              Path to the log file. If no log file is given, the system log facility is used by default.

       foreground
              If  this option is set to yes, the daemon logs to the standard output instead of logging to a file
              or syslog.

       niceness
              Start the scan with the given niceness. Default 10

       stream_timeout
              Set a timeout on socket operations. Default 10 seconds

       scaninfo_store_time
              Time in hours a scan is stored before being considered forgotten and being delete  from  the  scan
              table. Default 0, disabled.

       max_scans
              Max. amount of parallel task that can be started. Default 0, disabled.

       min_free_mem_scan_queue
              Minimum  free  memory  in  MB required to run the scan. If no enough free memory is available, the
              scan is queued. Default 0, disabled.

       max_queued_scans
              Maximum number allowed of queued scans before starting to reject new scans.  Default 0, disabled.