Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.12.3 available

The official documentation can be found on https://wiki.ocsinventory-ng.org. Read it before asking your question.

Categories

CVE Reporting - No data available in table

I setup CVE Reporting:

 VULN_CVESEARCH_ENABLE = on

 VULN_CVESEARCH_VERBOSE = on

 VULN_CVESEARCH_HOST = HTTP host serving CVE-Search on port 80

I ran the script on the OCS server to pull in initially by running:

 # cd /usr/share/ocsinventory-reports/ocsreports/crontab/ && php cron_cve.php

 CVE's Data processing ...

 0 CVE has been added to database

Printout

Did I miss a step? 

in OCS Inventory NG server for Unix by (1.9k points)
Share on
share on gp share on fb share on tw share on li

21 Answers

+1 vote

Are you running v2.7 of the OCS Server? v2.6 has the menus but it never worked for me until I upgraded to v2.7
If yes, are you able to reach the

by (870 points)
0 votes
I am on OCS 2.7. I can access the URL from OCS Server. Thanks
by (1.9k points)
edited by
+1 vote
Indeed, you need v2.7

By the way, there are instructions to set up your own CVE-search server on your OCS Server.
I did this and it's working perfectly :
The CVE-search server is downloading all CVEs and then offering them to your OCS Server in http on port 5000.
I needed to do that because my OCS Server is in a closed network (no internet connection at all).
So, I installed a CVE-search Server online that gets all CVEs. I can then dump the MongoDB of the online CVE-search server and airgap that dump into my offline OCS/CVE-search server. Then OCS is downloading all CVEs from the offline CVE-search Server on port 5000.
by (400 points)
0 votes
Update on this issue:

I tried again after a while and it just works but is extremely slow. Takes aprox. a week to sync the CVE-search results to OCS 2.7.
by (1.9k points)
0 votes
A week ??
In my case, it takes 2-3 hours...
But I give all possible resources of my laptop (8x i7 processors, 32GB RAM) to the OCS VM during the operation.
by (400 points)
0 votes
If someone has a solution (or even a slight idea) for this issue, I'm also have this exact problem and can not solve it.
by (290 points)
0 votes

@ Does the cron script finish running? The cron script seem to pull its config from the OCS configuration done from the OCS settings configured for CVE search. Once you run the script you should see requests being served by the running python service on the CVE search server.

by (1.9k points)
0 votes

@ daniedj

If I understood your question :

After launching the script "cron_cve.php", I have (nearly instantly) the following output :

CVE's Data processing ...

 0 CVE has been added to database

And then it stops running, no trace of it in the process list.

by (290 points)
0 votes

I think your issue might be with the config in OCS server. Mine looks like this and uses the :80 on http

by (1.9k points)
0 votes

@daniedj

Thanks for helping me,

I have VULN_CVESEARCH_HOST = http://cve.circl.lu:80/

I also tried VULN_CVESEARCH_HOST = http://localhost:5000/ with my local cve-search server

But I still end with the same messages that I described earlier in both cases.

by (290 points)
Page:
 
Powered by Question2Answer
...