Build precise queries to find exactly what you need
Press ESC to close
Your review has been submitted and is pending approval.
This is a check to download and parse a given Nessus scan (see http://www.tenable.com/products/nessus-vulnerability-scanner) and return the number of critical and high vulnerabilities.
Current Version
Last Release Date
2015-02-20
Owner
Justin Miller
License
GPL
Compatible With
The plugin currently supports setting a threshold against only critical, but I may improve this to set a threshold for high at some point.
Performance data is returned, giving critical, high, and medium vulnerabilities.
Compatibility: Tested on Nessus 6.2.1. Plugin tested on Ubuntu 12.04 and OSX Darwin. May work on other Linux / UNIX type platforms.
Dependancies: Requires the jq json parsing utility. Requires curl.
Usage: ./check_nessus_report.sh -h
Usage: ./check_nessus_report.sh -s SERVER:PORT -C CREDENTIALS_FILE -t "TARGET_SCAN" -w WARNING_THRESHOLD -c CRITICAL_THRESHOLD
CREDENTIALS_FILE should be readable by the user that runs this script, the first line should be username, and second line should be the password. e.g.
myNessusUsername myPassword
Options:
(Required) -s SERVER:PORT (e.g. nessus.mydomain.net:8834 ) -C CREDENTIALS_FILE path (e.g. /etc/.my_creds ) -t TARGET_SCAN (e.g. "My Daily Network Scan" )
(Optional) -w WARNING_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999) -c CRITICAL_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999) -h Display help / usage
Example: ./check_nessus_report.sh -s nessus.mydomain.net:8834 -C /etc/.my-credentials -t "My Daily Network Scan" -w 5 -c 10
I modified the end of this to give critical to any critical issues. Then if nothing critical, it checks for any high alerts which outputs as a warning. ########### if [[ $CRIT_VULNS -gt $CRITICAL_THRESHOLD ]]; then echo "CRITICAL - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA" exit 2 elif [[ $HIGH_VULNS -gt $WARNING_THRESHOLD ]]; then echo "WARNING - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA" exit 1 else echo "OK - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA" exit 0 fi echo "UNKNOWN - Check script output" exit 3
You must be logged in to submit a review.
To:
From:
We’ve completely redesigned the world’s largest repository of Nagios plugins and monitoring tools. Join thousands of users sharing monitoring solutions for servers, applications, and everything in between.
Due to our redesign, all existing accounts require a password reset to access your account again.
Ready to explore 6,100+ projects and contribute to the community?
Reset Password Create Account
Happy Monitoring!