Check Nessus Scans

Submit review Recommend Print

Rating

2 votes

Favoured:

Last Release Date

2015-02-20

Compatible With

Nagios 3.x
Nagios 4.x

Owner

justin.miller

License

GPL

Hits

14151

Files:

File	Description
check_nessus_report.sh	check_nessus_report.sh

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Download Now

Monitoring Made Magically Better

Nagios Core on Overdrive
Powerful Monitoring Dashboards
Time-Saving Configuration Wizards
Open Source Powered Monitoring On Steroids
And So Much More!

This is a check to download and parse a given Nessus scan (see http://www.tenable.com/products/nessus-vulnerability-scanner) and return the number of critical and high vulnerabilities.

The plugin currently supports setting a threshold against only critical, but I may improve this to set a threshold for high at some point.

Performance data is returned, giving critical, high, and medium vulnerabilities.

Compatibility:
Tested on Nessus 6.2.1.
Plugin tested on Ubuntu 12.04 and OSX Darwin. May work on other Linux / UNIX type platforms.

Dependancies:
Requires the jq json parsing utility.
Requires curl.

Usage:
./check_nessus_report.sh -h

Usage: ./check_nessus_report.sh -s SERVER:PORT -C CREDENTIALS_FILE -t "TARGET_SCAN" -w WARNING_THRESHOLD -c CRITICAL_THRESHOLD

CREDENTIALS_FILE should be readable by the user that runs this script, the first line should be username,
and second line should be the password.
e.g.

myNessusUsername
myPassword

Options:

(Required)
-s SERVER:PORT (e.g. nessus.mydomain.net:8834 )
-C CREDENTIALS_FILE path (e.g. /etc/.my_creds )
-t TARGET_SCAN (e.g. "My Daily Network Scan" )

(Optional)
-w WARNING_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-c CRITICAL_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-h Display help / usage

Example:
./check_nessus_report.sh -s nessus.mydomain.net:8834 -C /etc/.my-credentials -t "My Daily Network Scan" -w 5 -c 10

Reviews (1)

Nice work :) Slight Critical/Warning Modification

byutahluge, February 2, 2017

I modified the end of this to give critical to any critical issues. Then if nothing critical, it checks for any high alerts which outputs as a warning.
###########
if [[ $CRIT_VULNS -gt $CRITICAL_THRESHOLD ]]; then
echo "CRITICAL - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 2
elif [[ $HIGH_VULNS -gt $WARNING_THRESHOLD ]]; then
echo "WARNING - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 1
else
echo "OK - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 0
fi

echo "UNKNOWN - Check script output"
exit 3

Nagios, the Nagios logo, and Nagios graphics are the servicemarks, trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the property of their respective owner. The files and information on this site are the property of their respective owner(s). Nagios Enterprises makes no claims or warranties as to the fitness of any file or information on this website, for any purpose whatsoever. In fact, we officially disclaim all liability. We do, however, think these community contributions are pretty damn cool. Website Copyright © 2009-2024 Nagios Enterprises, LLC. All rights reserved.