OMP: OpenVAS Management Protocol

### Preamble

start = command | response

command
  = authenticate
    | commands
    | create_agent
    | create_alert
    | create_asset
    | create_config
    | create_credential
    | create_filter
    | create_group
    | create_note
    | create_override
    | create_permission
    | create_port_list
    | create_port_range
    | create_report
    | create_report_format
    | create_role
    | create_scanner
    | create_schedule
    | create_tag
    | create_target
    | create_task
    | create_user
    | delete_agent
    | delete_asset
    | delete_config
    | delete_alert
    | delete_credential
    | delete_filter
    | delete_group
    | delete_note
    | delete_override
    | delete_report
    | delete_permission
    | delete_port_list
    | delete_port_range
    | delete_report_format
    | delete_role
    | delete_scanner
    | delete_schedule
    | delete_tag
    | delete_target
    | delete_task
    | delete_user
    | describe_auth
    | empty_trashcan
    | get_agents
    | get_configs
    | get_aggregates
    | get_alerts
    | get_assets
    | get_credentials
    | get_feeds
    | get_filters
    | get_groups
    | get_info
    | get_notes
    | get_nvts
    | get_nvt_families
    | get_overrides
    | get_permissions
    | get_port_lists
    | get_preferences
    | get_reports
    | get_report_formats
    | get_results
    | get_roles
    | get_scanners
    | get_schedules
    | get_settings
    | get_system_reports
    | get_tags
    | get_targets
    | get_tasks
    | get_users
    | get_version
    | help
    | modify_agent
    | modify_alert
    | modify_asset
    | modify_auth
    | modify_config
    | modify_credential
    | modify_filter
    | modify_group
    | modify_note
    | modify_override
    | modify_permission
    | modify_port_list
    | modify_report
    | modify_report_format
    | modify_role
    | modify_scanner
    | modify_schedule
    | modify_setting
    | modify_target
    | modify_tag
    | modify_task
    | modify_user
    | move_task
    | restore
    | resume_task
    | run_wizard
    | start_task
    | stop_task
    | sync_cert
    | sync_feed
    | sync_config
    | sync_scap
    | test_alert
    | verify_agent
    | verify_report_format
    | verify_scanner

response
  = authenticate_response
    | commands_response
    | create_agent_response
    | create_alert_response
    | create_asset_response
    | create_config_response
    | create_credential_response
    | create_filter_response
    | create_group_response
    | create_note_response
    | create_override_response
    | create_permission_response
    | create_port_list_response
    | create_port_range_response
    | create_report_response
    | create_report_format_response
    | create_role_response
    | create_scanner_response
    | create_schedule_response
    | create_tag_response
    | create_target_response
    | create_task_response
    | create_user_response
    | delete_agent_response
    | delete_asset_response
    | delete_config_response
    | delete_alert_response
    | delete_credential_response
    | delete_filter_response
    | delete_group_response
    | delete_note_response
    | delete_override_response
    | delete_report_response
    | delete_permission_response
    | delete_port_list_response
    | delete_port_range_response
    | delete_report_format_response
    | delete_role_response
    | delete_scanner_response
    | delete_schedule_response
    | delete_tag_response
    | delete_target_response
    | delete_task_response
    | delete_user_response
    | describe_auth_response
    | empty_trashcan_response
    | get_agents_response
    | get_configs_response
    | get_aggregates_response
    | get_alerts_response
    | get_assets_response
    | get_credentials_response
    | get_feeds_response
    | get_filters_response
    | get_groups_response
    | get_info_response
    | get_notes_response
    | get_nvts_response
    | get_nvt_families_response
    | get_overrides_response
    | get_permissions_response
    | get_port_lists_response
    | get_preferences_response
    | get_reports_response
    | get_report_formats_response
    | get_results_response
    | get_roles_response
    | get_scanners_response
    | get_schedules_response
    | get_settings_response
    | get_system_reports_response
    | get_tags_response
    | get_targets_response
    | get_tasks_response
    | get_users_response
    | get_version_response
    | help_response
    | modify_agent_response
    | modify_alert_response
    | modify_asset_response
    | modify_auth_response
    | modify_config_response
    | modify_credential_response
    | modify_filter_response
    | modify_group_response
    | modify_note_response
    | modify_override_response
    | modify_permission_response
    | modify_port_list_response
    | modify_report_response
    | modify_report_format_response
    | modify_role_response
    | modify_scanner_response
    | modify_schedule_response
    | modify_setting_response
    | modify_target_response
    | modify_tag_response
    | modify_task_response
    | modify_user_response
    | move_task_response
    | restore_response
    | resume_task_response
    | run_wizard_response
    | start_task_response
    | stop_task_response
    | sync_cert_response
    | sync_feed_response
    | sync_config_response
    | sync_scap_response
    | test_alert_response
    | verify_agent_response
    | verify_report_format_response
    | verify_scanner_response

In short: An alive test.

5.1.1 RNC

alive_test = xsd:token { pattern = "ICMP, TCP Service & ARP Ping|TCP Service & ARP Ping|I↵
CMP & ARP Ping|ICMP & TCP Service Ping|ARP Ping|TCP Service Ping|ICMP Ping|S↵
can Config Default" }

In short: Base64 encoded data.

5.2.1 RNC

base64 = xsd:base64Binary

In short: A true or false value.

Zero is false, anything else is true. As a result, the empty string is considered true.

5.3.1 RNC

boolean = text

In short: A true or false value, after conversion to an integer.

Zero is false, anything else is true. The value is first converted to an integer, as by the C `atoi' routine. This means that an empty string is considered false.

5.4.1 RNC

boolean_atoi = text

In short: A date and time, in the C `ctime' format.

An example string in this format is "Wed Jun 30 21:49:08 1993\n".

5.5.1 RNC

ctime = text

In short: A name of a data type.

5.6.1 RNC

type_name = xsd:Name

In short: An integer.

5.7.1 RNC

integer = xsd:integer

In short: A date and time, in ISO 8601 format.

An example string in this format is "2011-11-08T19:57:06+02:00".

5.8.1 RNC

iso_time = text

In short: A string that may include the characters h, m, l, g and d.

5.9.1 RNC

levels = xsd:token { pattern = "h?m?l?g?d?" }

In short: A name.

Typically this is the name of one of the manager resources, like a task or target.

5.10.1 RNC

name = xsd:string

In short: A port.

5.11.1 RNC

port = xsd:token { pattern = "[0-9]{1,5}" }

In short: A space separated list of users.

5.12.1 RNC

user_list = text

In short: An Object Identifier (OID).

5.13.1 RNC

oid = xsd:token { pattern = "[0-9\.]{1,80}" }

In short: A severity score.

A severity score is a decimal number between 0.0 and 10.0 (inclusive) with one digit after the decimal point or a special negative value (-1.0, -2.0 or -3.0). If a single severity score defines a constraint, e.g. on whether an override applies, for values 0.0 and lower the severity must be equal to match while for > 0.0 the compared value must be greater or equal.

5.14.1 RNC

severity = xsd:token { pattern = "-[1-3](\.0)?|[0-9](\.[0-9])?|10(\.0)?" }

In short: A string describing an order for sorting.

The string "descending" denotes descending order, anything else means ascending.

5.15.1 RNC

sort_order = text

In short: The success or failure status of a command.

5.16.1 RNC

status = xsd:token { pattern = "200|201|202|400|401|403|404|409|500|503" }

In short: A task run status.

5.17.1 RNC

task_status = xsd:token { pattern = "Delete Requested|Done|New|Requested|Running|Stop Requ↵
ested|Stopped|Internal Error" }

In short: The trend of results for a task.

5.18.1 RNC

task_trend = xsd:token { pattern = "up|down|more|less|same" }

In short: A threat level.

Threat levels are a textual classification of severity scores only supported for importing reports from OpenVAS-6 and older. The use of these elements is deprecated as they are otherwise replaced by severity elements, which should be used instead.

5.19.1 RNC

threat = xsd:token { pattern = "High|Medium|Low|Alarm|Log|Debug" }

In short: A unit of time.

5.20.1 RNC

time_unit = xsd:token { pattern = "second|minute|hour|day|week|month|year|decade" }

In short: A timezone.

The format of a timezone is the same as that of the TZ environment variable on GNU/Linux systems. That is, the same value accepted by the tzset C function. There are three versions of the format. Note the lack of spaces in the examples.

"std offset" defines a simple timezone. For example, "FOO+2" defines a timezone FOO which is 2 hours behind UTC.

"std offset dst [offset],start[/time],end[/time]" defines a timezone, including daylight savings time. For example, "NZST-12.00:00NZDT-13:00:00,M10.1.0,M3.3.0".

":[filespec]" refers to a predefined timezone. For example, ":Africa/Johannesburg". Note that the colon is optional. Certain acronyms are predefined, such as GB, NZ and CET.

5.21.1 RNC

timezone = text

In short: A Universally Unique Identifier (UUID).

5.22.1 RNC

uuid = xsd:token { pattern = "[0-9abcdefABCDEF\-]{1,40}" }

In short: A Universally Unique Identifier (UUID), or the empty string.

5.23.1 RNC

uuid_or_empty = xsd:token { pattern = "[0-9abcdefABCDEF\-]{0,40}" }

In short: A reference to a command.

6.1.1 Structure

6.1.2 RNC

c
 = element c
     {
       text
     }

In short: A reference to an element.

6.2.1 Structure

6.2.2 RNC

e
 = element e
     {
       text
     }

In short: A reference to a response.

6.3.1 Structure

6.3.2 RNC

r
 = element r
     {
       text
     }

In short: An optional pattern item.

6.4.1 Structure

• • One of
    • <c>
      A reference to a command.
    • <e>
      A reference to an element.
    • <r>
      A reference to a response.
    • <g>
      A group of pattern items.

6.4.2 RNC

o
 = element o
     {
       ( c
           | e
           | r
           | g )
     }

In short: A group of pattern items.

6.5.1 Structure

• • <c> *
    A reference to a command.
  • <e> *
    A reference to an element.
  • <r> *
    A reference to a response.
  • <o> *
    An optional pattern item.
  • <any> *
    Pattern item indicating "any number of".

6.5.2 RNC

g
 = element g
     {
       c*
       & e*
       & r*
       & o*
       & any*
     }

In short: Pattern item indicating "any number of".

6.6.1 Structure

• • One of
    • <c>
      A reference to a command.
    • <e>
      A reference to an element.
    • <r>
      A reference to a response.
    • <g>
      A group of pattern items.

6.6.2 RNC

any
 = element any
     {
       ( c
           | e
           | r
           | g )
     }

In short: The pattern element of a command or command descendant.

It's actually either a 't' element, or the word "text", or "".

6.7.1 Structure

• • <attrib> *
    An attribute.
    • <name>
    • <type>
    • <required>
    • <filter_keywords> *
      Optional description of filter keywords usable in the attribute.
  • <c> *
    A reference to a command.
  • <e> *
    A reference to an element.
  • <r> *
    A reference to a response.
  • <o> *
    An optional pattern item.
  • <g> *
    A group of pattern items.
  • <any> *
    Pattern item indicating "any number of".
  • <t> ?
    The type of the text of the element.

6.7.2 RNC

pattern
 = element pattern
     {
       text
       & pattern_attrib*
       & c*
       & e*
       & r*
       & o*
       & g*
       & any*
       & pattern_t?
     }

pattern_attrib
 = element attrib
     {
       pattern_attrib_name
       & pattern_attrib_type
       & pattern_attrib_required
       & pattern_attrib_filter_keywords*
     }

pattern_attrib_name
 = element name
     {
       type_name
     }

pattern_attrib_type
 = element type
     {