Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
Check Nessus Scans
Meet The New Nagios Core Services Platform
Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.
Monitoring Made Magically Better
- Nagios Core on Overdrive
- Powerful Monitoring Dashboards
- Time-Saving Configuration Wizards
- Open Source Powered Monitoring On Steroids
- And So Much More!
The plugin currently supports setting a threshold against only critical, but I may improve this to set a threshold for high at some point.
Performance data is returned, giving critical, high, and medium vulnerabilities.
Compatibility:
Tested on Nessus 6.2.1.
Plugin tested on Ubuntu 12.04 and OSX Darwin. May work on other Linux / UNIX type platforms.
Dependancies:
Requires the jq json parsing utility.
Requires curl.
Usage:
./check_nessus_report.sh -h
Usage: ./check_nessus_report.sh -s SERVER:PORT -C CREDENTIALS_FILE -t "TARGET_SCAN" -w WARNING_THRESHOLD -c CRITICAL_THRESHOLD
CREDENTIALS_FILE should be readable by the user that runs this script, the first line should be username,
and second line should be the password.
e.g.
myNessusUsername
myPassword
Options:
(Required)
-s SERVER:PORT (e.g. nessus.mydomain.net:8834 )
-C CREDENTIALS_FILE path (e.g. /etc/.my_creds )
-t TARGET_SCAN (e.g. "My Daily Network Scan" )
(Optional)
-w WARNING_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-c CRITICAL_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-h Display help / usage
Example:
./check_nessus_report.sh -s nessus.mydomain.net:8834 -C /etc/.my-credentials -t "My Daily Network Scan" -w 5 -c 10
Performance data is returned, giving critical, high, and medium vulnerabilities.
Compatibility:
Tested on Nessus 6.2.1.
Plugin tested on Ubuntu 12.04 and OSX Darwin. May work on other Linux / UNIX type platforms.
Dependancies:
Requires the jq json parsing utility.
Requires curl.
Usage:
./check_nessus_report.sh -h
Usage: ./check_nessus_report.sh -s SERVER:PORT -C CREDENTIALS_FILE -t "TARGET_SCAN" -w WARNING_THRESHOLD -c CRITICAL_THRESHOLD
CREDENTIALS_FILE should be readable by the user that runs this script, the first line should be username,
and second line should be the password.
e.g.
myNessusUsername
myPassword
Options:
(Required)
-s SERVER:PORT (e.g. nessus.mydomain.net:8834 )
-C CREDENTIALS_FILE path (e.g. /etc/.my_creds )
-t TARGET_SCAN (e.g. "My Daily Network Scan" )
(Optional)
-w WARNING_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-c CRITICAL_THRESHOLD (number of critical vulnerabilities, integer, defaults to 999)
-h Display help / usage
Example:
./check_nessus_report.sh -s nessus.mydomain.net:8834 -C /etc/.my-credentials -t "My Daily Network Scan" -w 5 -c 10
Reviews (1)
byutahluge, February 2, 2017
I modified the end of this to give critical to any critical issues. Then if nothing critical, it checks for any high alerts which outputs as a warning.
###########
if [[ $CRIT_VULNS -gt $CRITICAL_THRESHOLD ]]; then
echo "CRITICAL - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 2
elif [[ $HIGH_VULNS -gt $WARNING_THRESHOLD ]]; then
echo "WARNING - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 1
else
echo "OK - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 0
fi
echo "UNKNOWN - Check script output"
exit 3
###########
if [[ $CRIT_VULNS -gt $CRITICAL_THRESHOLD ]]; then
echo "CRITICAL - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 2
elif [[ $HIGH_VULNS -gt $WARNING_THRESHOLD ]]; then
echo "WARNING - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 1
else
echo "OK - There are $CRIT_VULNS critical and $HIGH_VULNS high vulnerabilities in $TARGET_SCAN. | $PERF_DATA"
exit 0
fi
echo "UNKNOWN - Check script output"
exit 3