Friday, February 15, 2013

Nessus to ELSA


How to

This is the second post in a series on getting vulnerability assessment data into ELSA. This time we tackle Nessus v2 format. I won't review all the things I did in the previous post because the concepts are exactly the same. Essentially, you can download my Python script from Github here. The commands to run the script are essentially the same:


# python NessustoELSA.py -i report.nessus -s
# mysql < nessus_db_setup.sql
# mv nessus.log /opt/elsa/node/
# cd /opt/elsa/node/
# perl elsa.pl -f nessus.log


Again, this is very similar to the OpenVAS script. Below is a screenshots of a search.






Design Decisions

I tried to tag all the fields from Nessus that I thought were significant. These include host (IP), public exploit available, port, CVSS base score, vulnerability description, severity, etc... I left out the full description and the solution fields. I plan on creating a plugin soon so a user can click the 'Info' link to visit Tenable's website to get that information. Stay tuned for the next blog post on performing searches of vulnerability assessment data and creating dash boards.

at

1 comment:

  1. Juan ClaveroApril 29, 2013 at 4:18 AM

    Do you normally use both OpenVAS AND Nessus?
    In what kind of environment do you use these tools?

    ReplyDelete

Subscribe to: Post Comments (Atom)

AWS Glue, Fitbit and a "Health Data Lake" - part 1

A couple years ago I got a Charge HR Fitbit device. I have worn it off and on for the past couple years. It has been mildly entertaining to ...