Tenable Nessus

Supported OS Linux Mac OS Windows

Integration version3.0.0

Overview

This integration monitors Tenable Nessus logs through the Datadog Agent.

Setup

Follow the instructions below configure this integration for an Agent running on a host.

Installation

To install the Tenable integration configuration on your Agent:

Note: This step is not necessary for Agent version >= 7.18.0.

  1. Install the 1.0 release (tenable==1.0.0).

Configuration

The Agent tails the Tenable Nessus webserver and backend logs to collect data on Nessus scans.

Log collection

Available for Agent versions >6.0

  1. Collecting logs is disabled by default in the Datadog Agent, enable it in your datadog.yaml file:

    logs_enabled: true

  2. Uncomment and edit this configuration block at the bottom of your tenable.d/conf.yaml:

    See the sample tenable.d/conf.yaml for available configuration options.

       logs:
    - type: file
      path: /opt/nessus/var/nessus/logs/backend.log
      service: nessus_backend
      source: tenable

    - type: file
      path: /opt/nessus/var/nessus/logs/www_server.log
      service: nessus_webserver
      source: tenable

    Customize the path and service parameter values if necessary for your environment.

  3. Restart the Agent.

Log data collected

  1. Nessus backend logs collect data on scan names, start time, stop time, durations, target(s)
  2. Nessus web server logs collect data on access logs for the Nessus web server including Client IPs, User Agents, and login attempts/successes/failures.

Metrics

This integration does not include any metrics.

Events

This integration does not include any events.

Troubleshooting

Need help? Contact Datadog support.