Comments (4)
pixelsquared
commented on June 4, 2024
What type of report are you trying to export?
How many results in the report?
from gvm-docker.
iamklaus
commented on June 4, 2024
Only 221 results! Postgres heavily involved, but why?
from gvm-docker.
chris-x86-64
commented on June 4, 2024
Hi,
I ran into the same performance issue with the latest master Docker image. ( 4a4ba394a3d0 )
My guess is that this issue originates from the original gvmd. I found a gigantic query which appears to be the one used to construct the reports. It was found in /usr/local/var/log/gvm/gvmd.log
(Don't mind the UUIDs)
WITH permissions_subject AS
(SELECT *
FROM permissions
WHERE subject_location = 0
AND ((subject_type = 'user'
AND subject =
(SELECT id
FROM users
WHERE users.uuid = '44793625-35ff-44c3-83ed-3a707cb79b1e'))
OR (subject_type = 'group'
AND subject IN
(SELECT DISTINCT "group"
FROM group_users
WHERE "user" =
(SELECT id
FROM users
WHERE users.uuid = '44793625-35ff-44c3-83ed-3a707cb79b1e')))
OR (subject_type = 'role'
AND subject IN
(SELECT DISTINCT ROLE
FROM role_users
WHERE "user" =
(SELECT id
FROM users
WHERE users.uuid = '44793625-35ff-44c3-83ed-3a707cb79b1e'))))),
super_on_users AS
(SELECT DISTINCT *
FROM
(SELECT RESOURCE
FROM permissions_subject
WHERE name = 'Super'
AND resource_type = 'user'
UNION SELECT "user"
FROM role_users
WHERE ROLE IN
(SELECT RESOURCE
FROM permissions_subject
WHERE name = 'Super'
AND resource_type = 'role')
UNION SELECT "user"
FROM group_users
WHERE "group" IN
(SELECT RESOURCE
FROM permissions_subject
WHERE name = 'Super'
AND resource_type = 'group')) AS all_users)
SELECT results.id,
results.uuid,
nvts.name AS name,
'' AS COMMENT,
iso_time (date, opts.user_zone) AS creation_time,
iso_time (date, opts.user_zone) AS modification_time,
date AS created,
date AS modified,
(SELECT name
FROM users
WHERE users.id = results.owner) AS _owner,
results.owner,
HOST,
port AS LOCATION,
nvt,
severity_to_type (severity) AS original_type,
severity_to_type (
(SELECT new_severity
FROM result_new_severities
WHERE result_new_severities.result = results.id
AND result_new_severities.user = opts.user_id
AND result_new_severities.override = opts.override
AND result_new_severities.dynamic = opts.dynamic
LIMIT 1)) AS TYPE,
(SELECT autofp
FROM results_autofp
WHERE (RESULT = results.id)
AND (autofp_selection = opts.autofp)) AS auto_type,
description,
task,
report AS report_rowid,
(SELECT cvss_base
FROM nvts
WHERE nvts.oid = nvt) AS cvss_base,
nvt_version,
severity AS original_severity,
(SELECT new_severity
FROM result_new_severities
WHERE result_new_severities.result = results.id
AND result_new_severities.user = opts.user_id
AND result_new_severities.override = opts.override
AND result_new_severities.dynamic = opts.dynamic
LIMIT 1) AS severity,
nvts.name AS vulnerability, date,
(SELECT UUID
FROM reports
WHERE id = report) AS report_id,
nvts.solution_type AS solution_type,
results.qod AS qod,
results.qod_type,
(CASE
WHEN (hostname IS NULL)
OR (hostname = '') THEN
(SELECT value
FROM report_host_details
WHERE name = 'hostname'
AND report_host =
(SELECT id
FROM report_hosts
WHERE report_hosts.host=results.host
AND report_hosts.report = results.report)
LIMIT 1)
ELSE hostname
END) AS hostname,
(SELECT UUID
FROM tasks
WHERE id = task) AS task_id,
nvts.cve AS cve,
PATH,
(SELECT CASE
WHEN HOST IS NULL THEN NULL
ELSE
(SELECT UUID
FROM hosts
WHERE id =
(SELECT HOST
FROM host_identifiers
WHERE source_type = 'Report Host'
AND name = 'ip'
AND source_id =
(SELECT UUID
FROM reports
WHERE id = results.report)
AND value = results.host
LIMIT 1))
END),
(SELECT CASE
WHEN EXISTS
(SELECT *
FROM notes
WHERE (RESULT = results.id
OR (RESULT = 0
AND nvt = results.nvt))
AND (task = 0
OR task = results.task)) THEN 1
ELSE 0
END),
(SELECT CASE
WHEN EXISTS
(SELECT *
FROM overrides
WHERE (RESULT = results.id
OR (RESULT = 0
AND nvt = results.nvt))
AND (task = 0
OR task = results.task)) THEN 1
ELSE 0
END),
(SELECT EXISTS
(SELECT *
FROM tickets
WHERE id IN
(SELECT ticket
FROM ticket_results
WHERE RESULT = results.id
AND result_location = 0))), nvts.summary,
nvts.insight,
nvts.affected,
nvts.impact,
nvts.solution,
nvts.detection,
nvts.family,
nvts.tag, (ARRAY
(SELECT name::text
FROM cert_bund_advs
WHERE id IN
(SELECT adv_id
FROM cert_bund_cves
WHERE cve_name IN
(SELECT ref_id
FROM vt_refs
WHERE vt_oid = results.nvt
AND TYPE = 'cve'))
ORDER BY name DESC)), (ARRAY
(SELECT name::text
FROM dfn_cert_advs
WHERE id IN
(SELECT adv_id
FROM dfn_cert_cves
WHERE cve_name IN
(SELECT ref_id
FROM vt_refs
WHERE vt_oid = results.nvt
AND TYPE = 'cve'))
ORDER BY name DESC))
FROM results
LEFT OUTER JOIN nvts ON results.nvt = nvts.oid,
(SELECT 'user_zone'::text AS user_zone,
1 AS user_id,
0 AS autofp,
0 AS override,
0 AS DYNAMIC) AS opts
WHERE ((results.owner =
(SELECT id
FROM users
WHERE users.uuid = '44793625-35ff-44c3-83ed-3a707cb79b1e'))
OR EXISTS
(SELECT *
FROM permissions_subject
WHERE name = 'Super'
AND (RESOURCE = 0))
OR results.owner IN
(SELECT *
FROM super_on_users)
OR EXISTS
(SELECT id
FROM permissions_subject
WHERE RESOURCE = results.id
AND resource_type = 'result'
AND resource_location = 0
AND (t ()))
OR EXISTS
(SELECT id
FROM permissions_subject
WHERE RESOURCE = results.task
AND resource_type = 'task'
AND (t ())))
AND (report = 1)
AND (((NULL IS NULL)
AND (severity_in_level (
(SELECT new_severity
FROM result_new_severities
WHERE result_new_severities.result = results.id
AND result_new_severities.user =
(SELECT id
FROM users
WHERE UUID = '44793625-35ff-44c3-83ed-3a707cb79b1e')
AND override = 0
AND DYNAMIC = 0
LIMIT 1), 'high', 'nist')
OR severity_in_level (
(SELECT new_severity
FROM result_new_severities
WHERE result_new_severities.result = results.id
AND result_new_severities.user =
(SELECT id
FROM users
WHERE UUID = '44793625-35ff-44c3-83ed-3a707cb79b1e')
AND override = 0
AND DYNAMIC = 0
LIMIT 1), 'medium', 'nist')
OR severity_in_level (
(SELECT new_severity
FROM result_new_severities
WHERE result_new_severities.result = results.id
AND result_new_severities.user =
(SELECT id
FROM users
WHERE UUID = '44793625-35ff-44c3-83ed-3a707cb79b1e')
AND override = 0
AND DYNAMIC = 0
LIMIT 1), 'low', 'nist'))))
AND (results.qod >= CAST (70 AS INTEGER))
ORDER BY CASE CAST (
(SELECT new_severity
FROM result_new_severities
WHERE result_new_severities.result = results.id
AND result_new_severities.user = opts.user_id
AND result_new_severities.override = opts.override
AND result_new_severities.dynamic = opts.dynamic
LIMIT 1) AS text)
WHEN '' THEN NULL
ELSE CAST (
(SELECT new_severity
FROM result_new_severities
WHERE result_new_severities.result = results.id
AND result_new_severities.user = opts.user_id
AND result_new_severities.override = opts.override
AND result_new_severities.dynamic = opts.dynamic
LIMIT 1) AS REAL)
END DESC
LIMIT ALL
OFFSET 0;Collecting slowquery logs might bring you more information.
I think it's also noteworthy when I tried to explain analyze this query, I got an error saying:
ERROR: relation "cert_bund_advs" does not exist
LINE 1: ..., nvts.tag, (ARRAY (SELECT name::text FROM cert_bund_...
However, there is a schema called cert and it contains cert_bund_advs , thus it should be cert.cert_bund_advs .
from gvm-docker.
chris-x86-64
commented on June 4, 2024
A guy from Greenbone gave me a hint about search_path in PostgreSQL greenbone/gvmd#1295 (comment) (footnote 1)
With his help, I was able to EXPLAIN ANALYZE the query in my last comment:
Planning Time: 39.566 ms
JIT:
Functions: 1468
Options: Inlining true, Optimization true, Expressions true, Deforming true
Timing: Generation 310.212 ms, Inlining 103.604 ms, Optimization 13086.448 ms, Emission 8432.459 ms, Total 21932.722 ms
Execution Time: 22108.801 ms
(872 rows)
This looks like an upstream issue with query tuning.
*1 This also suggests that my PR to gvmd might not do any help.
from gvm-docker.
Related Issues (20)
- Report outdated / end-of-life Scan Engine / Environment (local) HOT 5
- [Bug] Postfix not working with debian-master HOT 3
- Rsync failing behind proxies HOT 3
- [Enhancement] Log4Shell Scan HOT 3
- About update Feeds HOT 4
- [Bug] PDF reports are corrupt HOT 2
- [Bug] Cannot create container image for i386 HOT 3
- docker install HOT 5
- [Bug] GVMD_DATA "..more than x days old." HOT 3
- Upgrade Greenbone to debian-master (Report outdated / end-of-life Scan Engine) HOT 42
- [Enhancement]where is password for page HOT 2
- [Enhancement] Modifying PDF report template HOT 1
- docker build problem HOT 1
- [Bug]Failed to find config 'daba56c8-73ec-11df-a475-002264764cea' HOT 4
- [Enhancement] Squid proxy for restricted environments HOT 1
- ssl.SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:997)
- [Enhancement] Upgrade to 22.4
- ssl.SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:997) HOT 1
- Is this repo still being maintained?[Enhancement] HOT 2
- [Bug]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gvm-docker.