Re: Nessus manual file upload - parsing?

teubertg · ‎03-25-2019

Hello,

I am trying to upload Nessus data into Splunk by uploading the .nessus / CSV or html file. Using the API to connect Splunk to Nessus is no option in this specific case.
I can't get the fields parsed. The Splunk_TA_nessus app seems to solely work with API and not by manually uploading the Nessus-reports/files.
I read that the .nessus file should be copied to the spools directory if I want to manually upload it. But that does not work either - no upload nor parsing. I even changed the inputs.conf.windows srcdir to the spool directory.

Does anybody have an idea - how to accomplish a manual nessus upload and parsing the fields?

Thank you !

wanderson7 · ‎05-21-2022

Hi, I am not sure if this directly answers your question, but perhaps it could be of some help. I recently developed a free open-source application called TenaPull, which processes Nessus data for ingestion by Splunk. There is more information here:

https://community.splunk.com/t5/Getting-Data-In/I-developed-an-application-to-process-Nessus-data-fo...

GitHub repo:
https://github.com/billyJoePiano/TenaPull

How to accomplish a manual nessus upload and parsing the fields?

CSV

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Announcing the General Availability of Splunk Enterprise Security 8.1!

Developer Spotlight with William Searle

Are you a member of the Splunk Community?

How to accomplish a manual nessus upload and parsing the fields?

CSV

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Announcing the General Availability of Splunk Enterprise Security 8.1!

Developer Spotlight with William Searle