Getting Data In

How to accomplish a manual nessus upload and parsing the fields?

teubertg
New Member

Hello,

I am trying to upload Nessus data into Splunk by uploading the .nessus / CSV or html file. Using the API to connect Splunk to Nessus is no option in this specific case.
I can't get the fields parsed. The Splunk_TA_nessus app seems to solely work with API and not by manually uploading the Nessus-reports/files.
I read that the .nessus file should be copied to the spools directory if I want to manually upload it. But that does not work either - no upload nor parsing. I even changed the inputs.conf.windows srcdir to the spool directory.

Does anybody have an idea - how to accomplish a manual nessus upload and parsing the fields?

Thank you !

Labels (1)
0 Karma

wanderson7
Explorer

Hi, I am not sure if this directly answers your question, but perhaps it could be of some help.  I recently developed a free open-source application called TenaPull, which processes Nessus data for ingestion by Splunk.  There is more information here:

https://community.splunk.com/t5/Getting-Data-In/I-developed-an-application-to-process-Nessus-data-fo...

GitHub repo:
https://github.com/billyJoePiano/TenaPull

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...