Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
New ListingsDirectory Tree
Check Nessus Scans
Last Release Date
2015-02-20
Compatible With
- Nagios 3.x
- Nagios 4.x
Owner
License
GPL
Hits
13555
Files:
| File | Description |
|---|---|
| check_nessus_report.sh | check_nessus_report.sh |
The plugin currently supports setting a threshold against only critical, but I may improve this to set a threshold for high at some point.
Performance data is returned, giving critical, high, and medium vulnerabilities.
Compatibility:
Tested on Nessus 6.2.1.
Plugin tested on Ubuntu 12.04 and OSX Darwin. May work on other Linux / UNIX type platforms.
Dependancies:
Requires the jq json parsing utility.
Requires curl.
Usage:
./check_nessus_report.sh -h
Usage: ./check_nessus_report.sh -s SERVER:PORT -C CREDENTIALS_FILE -t "TARGET_SCAN" -w WARNING_THRESHOLD -c CRITICAL_THRESHOLD
CREDENTIALS_FILE should be readable by the user that runs this script, the first line should be username,
and second line should be the password.
e.g.
myNessusUsername
myPassword
Options:
(Required)
-s SERVER:PORT (e.g. nessus.mydomain.net:8834 )
-C CREDENTIALS_FILE path (e.g. /etc/.my_creds )
-t TARGET_SCAN (e.g. "My Daily Network Scan" )
(Optional)
-w WARNING_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-c CRITICAL_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-h Display help / usage
Example:
./check_nessus_report.sh -s nessus.mydomain.net:8834 -C /etc/.my-credentials -t "My Daily Network Scan" -w 5 -c 10
Performance data is returned, giving critical, high, and medium vulnerabilities.
Compatibility:
Tested on Nessus 6.2.1.
Plugin tested on Ubuntu 12.04 and OSX Darwin. May work on other Linux / UNIX type platforms.
Dependancies:
Requires the jq json parsing utility.
Requires curl.
Usage:
./check_nessus_report.sh -h
Usage: ./check_nessus_report.sh -s SERVER:PORT -C CREDENTIALS_FILE -t "TARGET_SCAN" -w WARNING_THRESHOLD -c CRITICAL_THRESHOLD
CREDENTIALS_FILE should be readable by the user that runs this script, the first line should be username,
and second line should be the password.
e.g.
myNessusUsername
myPassword
Options:
(Required)
-s SERVER:PORT (e.g. nessus.mydomain.net:8834 )
-C CREDENTIALS_FILE path (e.g. /etc/.my_creds )
-t TARGET_SCAN (e.g. "My Daily Network Scan" )
(Optional)
-w WARNING_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-c CRITICAL_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-h Display help / usage
Example:
./check_nessus_report.sh -s nessus.mydomain.net:8834 -C /etc/.my-credentials -t "My Daily Network Scan" -w 5 -c 10
Reviews (1)
byutahluge, February 2, 2017
I modified the end of this to give critical to any critical issues. Then if nothing critical, it checks for any high alerts which outputs as a warning.
###########
if [[ $CRIT_VULNS -gt $CRITICAL_THRESHOLD ]]; then
echo "CRITICAL - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 2
elif [[ $HIGH_VULNS -gt $WARNING_THRESHOLD ]]; then
echo "WARNING - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 1
else
echo "OK - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 0
fi
echo "UNKNOWN - Check script output"
exit 3
###########
if [[ $CRIT_VULNS -gt $CRITICAL_THRESHOLD ]]; then
echo "CRITICAL - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 2
elif [[ $HIGH_VULNS -gt $WARNING_THRESHOLD ]]; then
echo "WARNING - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 1
else
echo "OK - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 0
fi
echo "UNKNOWN - Check script output"
exit 3
