Quick Links:

 

Screenshots:  

Help:  

   

Web Reporting: Nessus Integration

You can significantly improve the reporting capabilities of Nessus by integrating Nessus output files (.nbe files) into the EventSentry web reports. This will allow you to get information that is otherwise difficult or impossible to retrieve, including:

• Search across multiple reports from different hosts
• Filter output based on Plugin ID, risk factor, CVSS code and more
• Group output to display charts
• View time-line charts to see the number of vulnerabilities on your network at any given time

Importing Data

In order to see Nessus data in the EventSentry web reports, you will have to first import it using the EventSentry Nessus NBE Importer. This command-line utility reads .nbe files and writes them to the EventSentry database. You can either run this utility manually or automate the import with the EventSentry Application Scheduler or the Windows Scheduled Tasks.

Finding Nessus Scan Information

Once the Nessus data is present in the database, you can search the Nessus results just like you search for event log records. Using this feature, you can search for information like:

• All hosts that have a certain vulnerability
• All hosts that have a certain port open
• All hosts that matched a certain Plugin ID
• All vulnerabilities that contain a particular text

Charts and Diagrams

You can group and chart Nessus information to view statistics and trends of your vulnerability scans. For example, you can:

• Group vulnerabilities by port (e.g. see which port has the most vulnerabilities)
• Group by computer to see which computer has the most vulnerabilities
• View a time-line of vulnerabilities, e.g. based on the risk factor. This allows managers to see whether the overall count of vulnerabilties is increasing or decreasing over time.