Tenable Nessus
Security Monitoring is now available Security Monitoring is now available

Tenable Nessus

Agent Check Agent Check

Supported OS: Linux Mac OS Windows

Overview

This integration monitors Tenable Nessus logs through the Datadog Agent.

Setup

Follow the instructions below configure this integration for an Agent running on a host.

Installation

To install the Tenable integration configuration on your Agent:

Note: This step will not be necessary for Agent version >= 7.18.0.

  1. Install the 1.0 release (tenable==1.0.0).

Configuration

The Agent tails the Tenable Nessus webserver and backend logs to collect data on Nessus scans.

Log collection

Available for Agent versions >6.0

  1. Collecting logs is disabled by default in the Datadog Agent, enable it in your datadog.yaml file:

    logs_enabled: true
  2. Uncomment and edit this configuration block at the bottom of your tenable.d/conf.yaml:

See the sample tenable.d/conf.yaml for available configuration options.

      logs:
       - type: file
         path: /opt/nessus/var/nessus/logs/backend.log
         service: nessus_backend
         source: tenable

       - type: file
         path: /opt/nessus/var/nessus/logs/www_server.log
         service: nessus_webserver
         source: tenable
Customize the `path` and `service` parameter values if necessary for your environment.
  1. Restart the Agent.

Log Data collected

  1. Nessus backend logs collect data on scan names, start time, stop time, durations, target(s)
  2. Nessus webserver logs collect data on access logs for neesus webserver including Client IPs, User agents, login attempt/success/failure.

Metrics

This integration does not include any metrics.

Events

This integration does not include any events.

Troubleshooting

Need help? Contact Datadog support.