I have been testing the Splunk Add-on for Nessus and want to start using the feature with fresh data. Is there a way to clear out all previously imported scans so we can start from scratch?
Answered my own question, just had to check out the python scripts and how they parsed/assigned the data.
I did an all time search for: index=* (sourcetype=nessus OR orig_sourcetype=nessus) | delete
This removed the Nessus data from the vulnerabilities section of Enterprise Security.
View solution in original post