Getting Data In

How to forward events to syslog/nessus security center?

nicocin
Path Finder

Hello

We want to forward all events to Nessus LCE Server (Nessus Security Center).

Since we have all Splunk Servers deployed on Windows, we cannot use the Nessus LCE Agent which is only available for some Linux Distros.

So we've tried to forward the events using the outputs.conf (tried tcpout and syslog).

Unfortunately the LCE Server is not able to normalize these events since they aren't sent in a proper syslog format.

One Event is splittet into multiple lines. I'm not sure if it's a splunk or a nessus lce issue.

Anybody who has a similar setup with splunk and nessus? Any hints?

Thx & Regards
Nicolas

Labels (1)
0 Karma

wanderson7
Explorer

Hi, I realize this is an older question, and I am not sure if this directly answers your question, but perhaps it could be of some help.

I recently developed a free open-source application called TenaPull, which processes Nessus data for ingestion by Splunk.  There is more information here:

https://community.splunk.com/t5/Getting-Data-In/I-developed-an-application-to-process-Nessus-data-fo...

GitHub repo:
https://github.com/billyJoePiano/TenaPull

0 Karma

gcusello
Esteemed Legend

Hi nicocin,
in http://docs.splunk.com/Documentation/Splunk/6.5.1/Forwarding/Forwarddatatothird-partysystemsd
you can find all the configuration for your need
About the format problem , you could send not raw data but parsed data (sendCookedData=True) so you can structure events as you prefer.
Bye.
Giuseppe

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...