Tenable Nessus

Tenable Nessus

Agent Check Agent Check

Linux Mac OS Windows OS Supported

Overview

This integration monitors Tenable Nessus logs through the Datadog Agent.

Setup

Follow the instructions below configure this integration for an Agent running on a host.

Installation

To install the Tenable integration configuration on your Agent:

Note: This step will not be necessary for Agent version >= 7.18.0.

  1. Install the 1.0 release (tenable==1.0.0).

Configuration

The Agent tails the Tenable Nessus webserver and backend logs to collect data on Nessus scans.

Log collection

Available for Agent versions >6.0

  1. Collecting logs is disabled by default in the Datadog Agent, enable it in your datadog.yaml file:

    logs_enabled: true
    
  2. Uncomment and edit this configuration block at the bottom of your tenable.d/conf.yaml:

    See the sample tenable.d/conf.yaml for available configuration options.

       logs:
        - type: file
          path: /opt/nessus/var/nessus/logs/backend.log
          service: nessus_backend
          source: tenable
    
        - type: file
          path: /opt/nessus/var/nessus/logs/www_server.log
          service: nessus_webserver
          source: tenable
    

    Customize the path and service parameter values if necessary for your environment.

  3. Restart the Agent.

Log Data collected

  1. Nessus backend logs collect data on scan names, start time, stop time, durations, target(s)
  2. Nessus webserver logs collect data on access logs for neesus webserver including Client IPs, User agents, login attempt/success/failure.

Metrics

This integration does not include any metrics.

Events

This integration does not include any events.

Troubleshooting

Need help? Contact Datadog support.