All Apps and Add-ons

Splunk And Tenable Nessus

katy27
New Member

why I am not getting any search results for sourcetype=nessus:plugin and nessus:scan
I had configured all correctly but no data appears in my search.

Tags (2)
0 Karma

xpac
SplunkTrust
SplunkTrust

Your question is lacking a lot of details, but a possible approach could go like this:

  • Create a new index
  • Setup your input to send it's data to that index
  • Wait some time
  • In the Indexes settings page, check if there are any events in that index.

If yes - you can just search that new index. If not, something has gone wrong with the input itself.

Hope that helps - if it does I'd be happy if you would upvote/accept this answer, so others could profit from it. 🙂

0 Karma

katy27
New Member

Thanks for your answer,
i'd done all what you have mentioned and i follow the tenable Splunk guide :

https://docs.tenable.com/other/Integration_Guide-Splunk.pdf

Moreover, all the scans in my Nessus scanner are not getting in my Splunk.
I'd be very thankful if you have an recommendation regarding this issue.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...