All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do I ingest Nessus Compliance scan results

mmcfarren
New Member
‎08-05-2016 08:01 AM

Splunk will ingest the scan reports but it only reports the plugin data not that actual compliance scans. The compliance scans can be exported in .nessus .html .csv formats but the App does not appear to recognize this. is this a limitation of the Nessus API?

using Nessus Pro 6.8.1

0 Karma
Reply

kent_farries
Path Finder
‎08-05-2016 10:58 AM

We had that issue as well for the .nessus files and our Splunk consultant figured out how to make it work back in 2015. We have since moved away from the .nessus files and instead just use the API which is working well and no longer requires manual intervention. We are using this with Splulnk 6.4.2 and the Splunk Add-on for Nessus 4.0.0. We plan on upgrading to 5.0.0 soon.

We configured the Nessus Add-on with two inputs. Maybe you need to configure the nessus_scan in addition to nessus_plugin.

  • nessus_plugin
  • nessus_scan

We generated the two keys through the Nessus Pro GUI. We used the same keys for both inputs.
Settings, Account, click on the user, selected API Keys and then Generate.

  • Access Key
  • Secret Key

I hope this helps.

Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...