Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to accomplish a manual nessus upload and parsing the fields?

teubertg
New Member
‎03-25-2019 06:42 AM

Hello,

I am trying to upload Nessus data into Splunk by uploading the .nessus / CSV or html file. Using the API to connect Splunk to Nessus is no option in this specific case.
I can't get the fields parsed. The Splunk_TA_nessus app seems to solely work with API and not by manually uploading the Nessus-reports/files.
I read that the .nessus file should be copied to the spools directory if I want to manually upload it. But that does not work either - no upload nor parsing. I even changed the inputs.conf.windows srcdir to the spool directory.

Does anybody have an idea - how to accomplish a manual nessus upload and parsing the fields?

Thank you !

Labels (1)
Labels
0 Karma
Reply

wanderson7
Explorer
‎05-21-2022 12:17 PM

Hi, I am not sure if this directly answers your question, but perhaps it could be of some help.  I recently developed a free open-source application called TenaPull, which processes Nessus data for ingestion by Splunk.  There is more information here:

https://community.splunk.com/t5/Getting-Data-In/I-developed-an-application-to-process-Nessus-data-fo...

GitHub repo:
https://github.com/billyJoePiano/TenaPull

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk on November 6 at 11AM PT, and empower your SOC to reach new heights! Duration: ...

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...