All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Tenable: How to troubleshoot why I am not getting any search results for sourcetype=nessus:plugin?

himapate
Explorer
‎11-08-2016 01:22 AM

Hi ,

I am not able to get the Nessus scan data ( Only informational Events ), whereas the Nessus result has medium and high count.
Also, when I search for sourcetype=nessus:plugin, there is no result popping up.

0 Karma
Reply

hunters_splunk
Splunk Employee
Splunk Employee
‎11-08-2016 05:55 AM

Hi himapate,

Are you sure you have collected data of the nessus:plugin sourcetype? The add-on supports four nessus/tennable source types; make sure you are using the right source type.

Thanks!

0 Karma
Reply

himapate
Explorer
‎11-08-2016 06:42 AM

Yes i am collecting for the nessus sourcetype below is the stanza for the same in inputs.conf

[nessus://NessusPlugin]
metric = nessus_plugin
interval = 84600
url = https://:8834
access_key = 
secret_key =
start_date = 2016/01/01
page_size = 1000
index = nessus
batch_size = 0
start_by_shell = false
0 Karma
Reply

himapate
Explorer
‎11-08-2016 03:14 AM

Managed to get all the scan data but plugin issue remains the same

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...