Hi
I have Splunk Add-on for Nessus running in a distributed environment. I successfully configured "nessus:scan" and the data is coming in, but I am having issues with "nessus:plugin". I have created a similar input for "nesssus:plugin", but when I enable the inputs, I am seeing the following errors in internal logs:
10-28-2015 17:31:57.196 -0400 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/Splunk_TA_nessus/bin/nessus.py" for plugin in plugins:
10-28-2015 17:31:57.196 -0400 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/Splunk_TA_nessus/bin/nessus.py" File "/opt/splunk/etc/apps/Splunk_TA_nessus/bin/nessus_data_collector.py", line 331, in _collect_plugin_id
10-28-2015 17:31:57.196 -0400 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/Splunk_TA_nessus/bin/nessus.py" plugin_id_set = self._collect_plugin_id(plugin_families)
10-28-2015 17:31:57.196 -0400 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/Splunk_TA_nessus/bin/nessus.py" File "/opt/splunk/etc/apps/Splunk_TA_nessus/bin/nessus_data_collector.py", line 443, in collect_plugin_data
10-28-2015 17:31:57.196 -0400 ERROR ExecProcessor - message from "python /opt/splunk/etc/apps/Splunk_TA_nessus/bin/nessus.py" collector.collect_plugin_data()
Here is my inputs on the heavy forwarder:
[nessus://Nessus-plugins]
access_key = ********
batch_size = 100000
interval = 300
metric = nessus_plugin
secret_key = ********
start_date = 2015/01/01
url = https://x.x.x.x:8834
index = nessus
disabled = 0
... View more