All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Tenable: How to troubleshoot why I am not getting any search results for sourcetype=nessus:plugin?

himapate
Explorer
‎11-08-2016 01:22 AM

Hi ,

I am not able to get the Nessus scan data ( Only informational Events ), whereas the Nessus result has medium and high count.
Also, when I search for sourcetype=nessus:plugin, there is no result popping up.

0 Karma
Reply

hunters_splunk
Splunk Employee
Splunk Employee
‎11-08-2016 05:55 AM

Hi himapate,

Are you sure you have collected data of the nessus:plugin sourcetype? The add-on supports four nessus/tennable source types; make sure you are using the right source type.

Thanks!

0 Karma
Reply

himapate
Explorer
‎11-08-2016 06:42 AM

Yes i am collecting for the nessus sourcetype below is the stanza for the same in inputs.conf

[nessus://NessusPlugin]
metric = nessus_plugin
interval = 84600
url = https://:8834
access_key = 
secret_key =
start_date = 2016/01/01
page_size = 1000
index = nessus
batch_size = 0
start_by_shell = false
0 Karma
Reply

himapate
Explorer
‎11-08-2016 03:14 AM

Managed to get all the scan data but plugin issue remains the same

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing Splunk Enterprise 9.2

WATCH HERE! Watch this Tech Talk to learn about the latest features and enhancements shipped in the new Splunk ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...