Login: Support | Partner    
 
Home » Technology » Report Formats 

Report Formats

Report Formats are plugins that create reports from scan results. This ranges from PDF documents according to corporate identity up to interactive reports such as the Greenbone Security Explorer. Also connectors to other applications (for example IDS or compliance management) can be implemented as such plugins.

Our support team is available for creating special or individual plugins. Please submit your ideas, proposals and drafts. The section Report Formats in our Learning Center shows how to organize and use the plugins.

Features of the Report Format plugin framework:

  • Simple import/export: A plugin is always a single XML file.

  • Customizable: Plugins can be furnished with parameters that can be changed via the graphical user interface according to needs.

  • Content Type: Each plugin is associated with the type of the result. The terminology of HTTP is used here, for example "application/pdf", "graphics/png" or "text/plain".

    Depending on the Content Type plugins appear in corresponding selections. For example, the types "text/*" appear for in-line content of emails.

  • Signature support: Signatures for trustworthy plugins are provided via the Greenbone Security Feed. This way it can be verified that a imported plugin is certified by Greenbone.

Default Report Formats

Greenbone Executive Report

This plugin creates a report summary with graphical elements as PDF file.

Download:
  Example: GXR-1.0.2-Sample-Report.pdf

Content Type: application/pdf
Parameters: none
Language: English

Greenbone Security Report

This plugin creates a report with all scan details as as PDF file. The first sections consist of the graphical summaries of the Greenbone Executive Report (GXR).

Download:
  Example: GSR-1.0.8-Sample-Report.pdf

Content Type: application/pdf
Parameters: none
Language: English

CPE

Table of all detected products using the identification scheme Common Product Enumeration (CPE), always referring to the host system where found.

Content Type: text/csv
Parameter: none
Language: -/-

HTML

Detailed list with full textual description of found vulnerabilities including notes and with internal clickable cross-references. The document is kept neutral and does neither contain a Greenbone logo or any other hint on the origin. There are no links to external images. The HTML document is independent and can be used offline.

Content Type: text/html
Parameter: none
Language: English

ITG

Tabular overview on results of a IT-Grundschutz check. For each target system and each measure a result is provided.

Content Type: text/csv
Parameter: none
Language: German

LaTeX

Detailed list with full textual description of found vulnerabilities including notes and with internal clickable cross-references. This is a LaTeX source file that can be further customized or processed.

Content Type: text/plain
Parameter: none
Language: English

NBE

Reduced report in CSV format compatible with older Nessus generation. Notes, false positive marks, log category and other information will be missing as the NBE format does not support this.

Content Type: text/plain
Parameter: none
Language: -/-

PDF

Detailed list with full textual description of found vulnerabilities including notes and with internal clickable cross-references. The document is kept neutral and does neither contain a Greenbone logo or any other hint on the origin.

Content Type: application/pdf
Parameter: none
Language: English

TXT

Detailed list with full textual description of found vulnerabilities including notes. It is a text without formatting elements and can be used for example as text body for email notifications.

Content Type: text/plain
Parameter: none
Language: English

XML

The representation as XML is the elementary raw data format for scan results. It is the basis for any other Report Formats.

Content Type: text/xml
Parameter: none
Language: -/-

Report Format Plugins for Download

Sourcefire Host Input Import

This plugin creates a import file for the Sourcefire Defense Center. Please refer to the Sourcefire 3D System Host Input API Guide on how to run the import (page 96 in Version 4.9).

Download:
  GOS ≥ 2.0: sourcefire-1.1.0.xml

Content Type: text/csv
Parameter: none
Language: -/-

OVAL System Characteristics

This plugin creates a OVAL System Characteristics file. It assumes that a suitable scan was performed, see: OVAL SC in our Learning Center.

Download:
  GOS ≥ 1.7: oval-sc-1.0.1.xml

Content Type: text/xml
Parameter: none
Language: -/-

OVAL System Characteristics Archive

This plugin creates an archive with many OVAL System Characteristics files, one for each target system. It assumes that a suitable scan was performed, see: OVAL SC in our Learning Center.

Download:
  GOS ≥ 1.7: oval-sc-archive-1.0.0.xml

Content Type: application/zip
Parameter: none
Language: -/-

Greenbone Security Explorer

Content: Threat categories for geo-referenced target systems
Background map: Google Streets or OpenStreetMap
Technology: JavaScript
Tested compatibility: Firefox 3.6, IE 8

Screenshot GSE (ca. 240 KByte)
Start GSE with sample scan report (ca. 800 KByte)

Features of Greenbone Security Explorer:

  • Color-coding of all vulnerable systems on a map.
  • Overview statitics for taget systems lacking a location information.
  • Simple built-in map for offline use.
  • Change of background map at any time: Google Streets or OpenStreetMap. Zoom is possible down to the level of single buildings.
  • Zoom to location of Greenbone Security Managers (GSM).
  • Zoom to all located vulnerable systems.
  • Mouse-over context information on threat statistics.
  • Context zoom to location of each single target system.
  • Base informationen about report (task, time range of scan).
  • Offline capable: No loading of any data necessary. GSE is completely independent of the GSM or any other server. Only in case a map service is selected GSE will access a remote server. Please try this with the above demo.

Typically the geographic location of target systems can not be retrieved automatically because most of the systems are nore publicly accessible. The locations are invidually configured for the plugin.