All Apps and Add-ons

Splunk nessus add-on does not seems to fail to get plugins information

restevan
New Member

Hi,

I've installed the add-on and configured the 2 data-inputs, one for the scans and the other for the plugins.
For scans everything works fine, I get the results without problems.
But for plugins it seems to be failing.
I get all the time the following error:

11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py"" Traceback (most recent call last):
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py", line 266, in <module>
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""     main()
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py", line 261, in main
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""     run()
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py", line 170, in run
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""     nessus_conf = get_nessus_modinput_configs(modinputs)
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py", line 147, in get_nessus_modinput_configs
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""     input_conf = config.get_data_input(input_name)
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus_config.py", line 177, in get_data_input
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""     input_stanza = self._get_raw_stanza(name, stanza_type="data_input")
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus_config.py", line 266, in _get_raw_stanza
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""     "Failed to get stanza {} by {} manager.".format(stanza_name, stanza_type))
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""   File "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus_config.py", line 27, in check_conf_mgr_result
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py""     raise NessusConfigException(msg)
11-06-2015 07:41:44.036 +0100 ERROR ExecProcessor - message from "python "C:\Program Files\Splunk\etc\apps\Splunk_TA_nessus\bin\nessus.py"" nessus_config.NessusConfigException: Failed to get stanza Nessus plugins by data_input manager.

Is there something I've forgot to configure?
Could anyone help me?

Thanks,

R.

0 Karma

darrend
Path Finder

Hi

I have found my problem with this, i am not sure if it is the same as yours.

I was unable to collect scan results for scans that were not created under the same user that i was connecting to Nessus from Splunk with, as soon as i created and ran a network scan under the user that i was connecting from Splunk with it worked fine.

Thanks
Darren

0 Karma

darrend
Path Finder

Did you manage to solve this?

I have the same error, but exactly the opposite way around, i have plugin information, but cannot get the scan data to execute without python errors similar to the ones you have included.

0 Karma

jcoates_splunk
Splunk Employee
Splunk Employee

you should file a support ticket so that we can see a diag.

0 Karma

restevan
New Member

Hi,
I'm using Splunk Enterprise in trial mode for the moment because I'm evalutating the possibility to analyze NEssus results and draw dashboard on Splunk.
Can I file anyway a support ticket?
R.

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...