Feature: Report Formats
The Report Format Plugins are a very powerful feature. They take a scan result and use it to build detailed reports in different formats, summaries, export formats, graphical overviews and even small self contained applications which allow an interactive analysis of the results.
Furthermore, some plugins are configurable. This allows for easy adjustment of the plugin behavior, e.g. the size of a generated graphic.
We provide an overview of the predefined and importable report format plugins which are supported by the Greenbone Security Manager. This list is constantly updated. The Greenbone Security Explorer is a plugin as well and can being configured by Greenbone to match individual customer needs.
Managing Report Formats
An overview over all available report formats is available by navigating to "Configuration->Report Formats":
This list shows the predefined report formats shipped with the GSM (Version 1.4). Each report format plugin has the following properties:
Extension: The file name of a downloadable report through the respective plugin consists of the UUID (unique internal ID of the report) and this extension. This extension among other things is used by the browser to select the correct application to view the result in case where the content type is not sufficient.
Content Type: These identifiers comply to the HTML standard and are send with the downloaded report to select the correct application to view it.
Apart from this, the content type also has an internal role: It is used to select the report formats useful in the current context. For example, for escalation via email the report format plugins with the content type "text/*" will be offered for selection since their result can be embedded direct into the text part of the email.
Trust: Some plugins only consist of a simple transformation of the report data, while others carry out more complex tasks and use additional tools to process the report data. To prevent misuse it is generally advisable to use only digitally signed plugins. If the signature is authentic and by a supplier you trust you can be sure that the plugin your are using is exactly in the state certified by your supplied.
The signature check is not done automatically but has to be carried out manually using the icon. The date of check is then set automatically. You should always check the signatures of newly imported plugins before activating them.
Active: The plugins only become available in the respective selection lists once they have been activated. Newly imported plugins are always initially deactivated.
You can import a new report format plugin as follows. The example assumes that you have already downloaded the plugin to a temporary location.
After a successful import the new plugin shows up in the list of report formats. It is initially deactivated and, since it is not one of the built-in report formats, can be deleted once it is no longer needed.
Check the trustworthiness of the plugin before activating it:
Now access the edit mode using the icon and activate the plugin.
The new report format will now show up in the appropriate selection lists.
Using Report Formats
The interactive report view of the Greenbone Security Assistant shows all activated report formats:
Only report format plugins providing an output in text format are available for the content of automatically generated emails:
You can find more examples on using report formt plugins here: