Can anyone give me an insight on how to make a Nessus plugin output available in Splunk? I would like to make a dashboard for expiring SSL certificates based on the Nessus scanned results.
I tried to use Nessus plugin "SSL Certificate Expiry - Future Expiry = Plugin ID 42981". The events in Splunk do not include the plugin's output.
Nessus plugin output should like below: Output
The SSL certificate will expire within 60 days, at
Apr 12 12:48:49 2018 GMT :
Subject : CN=test.websitename.com
Issuer : CN=test.websitename.com
Not valid before : Oct 19 12:48:49 2017 GMT
Not valid after : Apr 12 12:48:49 2018 GMT
I'm also having this problem. There are several fields including Synopsis, Description, Solution, See Also, and Plugin Output that I would like for Splunk to index. Please let me know if you came up with any solution.