All Apps and Add-ons

Splunk And Tenable Nessus

katy27
New Member

why I am not getting any search results for sourcetype=nessus:plugin and nessus:scan
I had configured all correctly but no data appears in my search.

Tags (2)
0 Karma

xpac
SplunkTrust
SplunkTrust

Your question is lacking a lot of details, but a possible approach could go like this:

  • Create a new index
  • Setup your input to send it's data to that index
  • Wait some time
  • In the Indexes settings page, check if there are any events in that index.

If yes - you can just search that new index. If not, something has gone wrong with the input itself.

Hope that helps - if it does I'd be happy if you would upvote/accept this answer, so others could profit from it. 🙂

0 Karma

katy27
New Member

Thanks for your answer,
i'd done all what you have mentioned and i follow the tenable Splunk guide :

https://docs.tenable.com/other/Integration_Guide-Splunk.pdf

Moreover, all the scans in my Nessus scanner are not getting in my Splunk.
I'd be very thankful if you have an recommendation regarding this issue.

0 Karma
Get Updates on the Splunk Community!

Unlock New Opportunities with Splunk Education: Explore Our Latest Courses!

At Splunk Education, we’re dedicated to providing top-tier learning experiences that cater to every skill ...

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Hey, Splunk Community! Ready to take your data management skills to the next level? Join us for a 3-part ...

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

In today's digital financial ecosystem, security teams face an unprecedented challenge. The sheer volume of ...