Where did the documentation went?

[david-colombo]

Describe the bug Well... I'm missing the documentation that was previously in the README. I've seen the gitbook link but there's basically nothing, beside "How to deploy the GVM docker".

But where is the rest??? Where did things like "Accessing Web Interface", "Change GVM report result limit", "Checking the GVM logs", "Monitoring scan progress", "Updating the NVTs" and all the other stuff like the Environment informations went?

(I found the latest original documentation in this commit, if anyone wonders the same and needs it)

Maybe I'm just looking at the wrong places. Looking forward to get an update about this issue.

[disarmm]

The variables are all listed in the "Deploying Greenbone GVM GSA with OpenVAS" guide. https://securecompliance.gitbook.io/projects/openvas-greenbone-deployment-full-guide/deploying-greenbone-gvm-gsa-with-openvas

I could maybe create a different page called "Container Variables" but I thought they were pretty accessible.

The NVTs are automatically updated now without needing to restart the container.

We are also going to publish instructions on how to setup metabase and/or an ELK stack to handle reviewing and reporting. Using ELK or Metabase, we can eliminate duplicate results and remove any report limitations that greenbone imposes.. We should have this documentation done in the next week or two.

I will add sections for checking the GVM logs and the scan progress.

Does this help at all? What other information do you feel is missing?

I'm open to rearranging the documentation if it helps.

[david-colombo]

Hey @disarmm, thanks for your reply!

I am already using your docker and follow this project since a while (many thanks to you guys for keeping it alive) and even I used to look up stuff at the documentation from time to time. But new users have no idea at all and if I would be a new user I'm afraid I'd immediately go look for another project. Because it feels like now there's just no info at all.

I mean, what about "Change GVM report result limit", isn't that important? What about how SCAP data get updated? Automatically? On restart? Via a command? The section "Components of the Greenbone Vulnerability Stack" is gone too? Email reports/alerts? What about them? Is there any way to change environment variables on an existing container? (Like publish additional ports or change the database password) For people coming from Dockerhub the "Image tags" section would be great too. (What exactly is the scanner image?) I wouldn't even know that NVT's get updated automatically now if you didn't tell me.

What about Upgrading???

So there's actually a lot missing in my opinion. Especially for people seeing this project the first time.

I totally get that your focus currently might be on other things like ELK integration but this shouldn't affect all the other things that were really great already.

Is there any way for me to contribute to your gitbook project so I can propose/add the informations I'd consider important?

[disarmm]

fair enough. I'll add a link back to the old files for now. They are all still in our repo wiki.

[ciscoqid]

I am curious -- how is the sync automated now? I looked through the Dockerfile and scripts and I don't see how it is scheduled. Does gvmd itself run the sync-all.sh script periodically? I had setup a cron job outside the container to run that, but will disable if it is not needed.

[disarmm]

@ciscoqid yeah I looked through it myself after i said that and I misspoke in my earlier comment. I would like to add it back in, but we need to review why we removed it (i dont remember). We used to have it run every 12 hours, but something didn't work quite right.

[ciscoqid]

OK, then I am not blind :). If it helps anyone, this is what I did in the container host crontab:

sync data from Greenbone community feed

45 21 * /bin/docker inspect gvm.service | jq -e '.[].State.Status == "running"' - >/dev/null && /bin/docker exec -it gvm.service /sync-all.sh >/dev/null

Could probably also use docker ps, but I wanted to figure out the inspect JSON output method :). Probably could just add and enable a pair of systemd files for this (for boot run and scheduled run) -- this is untested, but seems like it should do the trick.

/etc/systemd/system/gvm-sync.service:

[Unit] Description=Run GVM sync-all.sh script

[Service] Type=oneshot ExecStart=/sync-all.sh

/etc/systemd/system/gvm-sync.timer:

[Unit] Description=Run gvm-sync.service shortly after boot and then every 12 hours

[Timer] OnBootSec=5min OnUnitActiveSec=12h

[Install] WantedBy=multi-user.target