in addition to scan results, store and ship scan metadata about scans

[cybergoof]

Use to track when scans are running, supposed to run, and latest results. This should be a separate scan index.

It should include all the data about a scan result, without the history information. Including:

status, control, uuid, name, read, enabled, owner, creation_date, user_permissions, folder_id, starttime, timezone, last_modification_date, shared, type, id, rrules)

[qmontal]

Hi @cybergoof,

Could you explain a bit more how do you exactly visualize that? I feel that the track of running scans, scheduled scans its something that would be interesting if VulnWhisperer had an API by itself, to check in an specific moment the status of the scans (this is how we had it on my company).

I guess the intention is to have downloaded all the scan results once the scan is finished, so that you can work with them, so in that case the status field would always be done.

Regarding the rest of the data, I was thinking that it would be one row of data for each scan file, and that the best would be to have it in a separate place (e.g. Nessus/scandata/files, Nessus/scandata/metadata/files), where the metadata file would be having the same name as its correspondent results file from nessus but just one row with the metadata of the scan.

Is this similar to how you thought about it?

[cybergoof]

The idea was to display the information about what a scan is, when it was scanned, and the systems that it scanned. This is for auditors to evaluate to make sure that scans are being run.