- Splunk Answers
- :
- Using Splunk
- :
- Dashboards & Visualizations
- :
- Trouble with Integration with Nessus Professional
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Trouble with Integration with Nessus Professional
Hi,
I am trying to pull logs from Nessus Professional installed on ec2 instance into Splunk. I installed Tenable Add-on for Splunk and Tenable App for Splunk. I am trying to configure Account within Tenable Add-on for Splunk. I am using Splunk 7.3.5. In the Add Account form, I see Tenable.io, Tenable.sc credentials, and Tenable.sc certificate inTenable Account Type drop down list. I chose Tenable.sc credentials based on some documentation found online. Is it correct selection? Also, within Address, I chose ip address of Nessus Professional in the format of 10.20.30.40 format. I did not mention any port such as 8834. I unselected 'Verify SSL Support' checkbox. I provided the username and password of service account created with Nessus Professional. There is no proxy. So I unchecked 'Proxy Enable' checkbox. When I saved, I am getting exception to check IP Address, Username and Password. I tried Tenable.io Account Type, just for curiosity, even though it is incorrect. I provided the access key ID and Secret Access Key for the user created in Nessus Professional within 'Add Account' form for Tenable.io Type. I am still getting same exception. Can you please let me know what I am doing wrong. What all ports do I need to open for communication between my machine with Splunk browser and Nessus Professional machine? Also, what prirvileges should the Nessus Professional user need to have? Also, is there a better way to feed Nessus Professional logs into Splunk?
Thanks a lot for your help
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good day.
Have you found an option to upload Nessus reports to Splunk?
If yes, please share information.
Thank you!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @nspires. I'm attempting to do the same thing. Did you have any luck with
Nessus Pro? I've done it successfully with Tenable.io for a client but now need to get Pro working.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It is 2023 and I have not find a way to integrate Splunk with Nessus professional 10.
Anyone knows how to do it ?
Splunk Add-on for Tenable was withdrawer in 2019 from Splunk base by Tenable, so we can not use it anymore.
--
Mladen
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Tenable for last few years has been pushing more and more forcefully for users to use .sc or .io by removing functionality from the Nessus Pro scanner. And API is the main victim here. So I wouldn't count on getting a quick and easy solution for this.
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics!
New in Observability Cloud - Explicit Bucket Histograms
