.TH OSPD-OpenVAS 8 "August 2019" "Greenbone Vulnerability Management" "User Manuals" .SH NAME ospd-openvas \- The OpenVAS Wrapper of the Greenbone Vulnerability Management .SH SYNOPSIS .BI "ospd-openvas [\|-v\|] [\|-h\|] [\|-c " config-file\| "] [\|--log-file " log-file\| "] .SH DESCRIPTION .B Greenbone Vulnerability Management (GVM) is a vulnerability auditing and management framework made up of several modules. The OSPD OpenVAS Wrapper, .BR ospd-openvas is in charge of the communication between the scanner OpenVAS and the clients (GVMd and gvm-tools). .BR ospd-openvas inspects the remote hosts to list all the vulnerabilities and common misconfigurations that affects them. It is a command line tool with parameters to start a daemon which keeps waiting for instructions to update the feed of vulnerability tests and to start a scan. The second part of the interface is the redis store where the parameters about a scan task need to be placed and from where the results can be retrieved, being the unique communication channel between OSPD-OpenVAS and OpenVAS. .SH OPTIONS .TP .BI "-s " ", --config-file" Use the alternate configuration file instead of .I ~/.config/ospd.conf .TP .B "--version" Print the version number and exit .TP .B "-h, --help" Show a summary of the commands .TP .BI "-p " PORT ", --port "PORT TCP Port to listen on. Default: 0 .TP .BI "-b " ADDRESS ", --bind-address "ADDRESS Address to listen on. Default: 0.0.0.0 .TP .BI "-u " UNIX_SOCKET ", --unix-socket "UNIX_SOCKET Unix file socket to listen on. Default: /var/run/ospd/ospd.sock .TP .BI "-m " SOCKET_MODE ", --socket-mode "SOCKET_MODE Unix file socket mode. Default: 0o700 .TP .BI "--pid-file "PID_FILE Location of the file for the process ID. Default: /var/run/ospd.pid .TP .BI "--lock-file-dir "LOCK_FILE_DIR Directory where the feed lock file is placed. Default: /var/run/ospd .TP .BI "-k " KEY_FILE ", --key-file "KEY_FILE Server key file. Default: /usr/var/lib/gvm/private/CA/serverkey.pem .TP .BI "-c " CERT_FILE ", --cert-file "CERT_FILE Server cert file. Default: /usr/var/lib/gvm/CA/servercert.pem .TP .BI "--ca-file "CA_FILE CA cert file. Default: /usr/var/lib/gvm/CA/cacert.pem .TP .BI "-L " LOG_LEVEL ", --log-level "LOG_LEVEL Desired level of logging. Default: WARNING .TP .BI "-f, --foreground" Run in foreground and logs all messages to console. .TP .BI "-l " LOG_FILE ", --log-file "LOG_FILE Path to the logging file. .TP .BI "--stream-timeout "TIMEOUT Set a timeout on socket operations. Default 10 seconds .TP .BI "--niceness "NICENESS Start the scan with the given niceness. Default 10 .TP .BI "--scaninfo-store-time "TIME Time in hours a scan is stored before being considered forgotten and being delete from the scan table. Default 0, disabled. .SH THE CONFIGURATION FILE The default .B ospd-openvas configuration file, .I ~/.config/ospd.conf contains these options under the section [OSPD - openvas]: .IP log_level Wished level of logging. .IP socket_mode This option defines the permissions on a socket. It must be set in octal format. E.g. socket_mode = 0o770 .IP unix_socket This option specifies the socket path. .IP pid_file Location of the file for the process ID. .IP log_file Path to the log file. If no log file is given, the system log facility is used by default. .IP foreground If this option is set to yes, the daemon logs to the standard output instead of logging to a file or syslog. .IP niceness Start the scan with the given niceness. Default 10 .IP stream_timeout Set a timeout on socket operations. Default 10 seconds .IP scaninfo_store_time Time in hours a scan is stored before being considered forgotten and being delete from the scan table. Default 0, disabled. .SH MORE INFORMATION ABOUT Greenbone Vulnerability Management The canonical places where you will find more information about OSPD-OpenVAS are: .RS .UR https://community.greenbone.net .UE (Community site) .br .UR https://github.com/greenbone/ .UE (Development site) .br .UR https://www.openvas.org/ .UE (Traditional home site) .RE .SH AUTHORS ospd-openvas code is developed by Greenbone Networks GmbH.