I didn't see anything specific as to pulling the plugin data from nessus. If
I missed it, sorry, but here is a command:
nessus -q -pS <server> <port> <user> <passwd>
This will dump the plugin information to stdout formatted as SQL statements
along the lines of:
INSERT INTO plugins VALUES (...)
If you have a database with a "plugins" table having the required fields you
can simply use the output to insert the data. If, as in our case, it doesn't
quite match (our oracle DBAs wanted some of the fields to be smaller which
requires truncating data) or you need to handle insert vs update (oracle
doesn't have the INSERT ... UPDATE syntax) then a simple script handles
updating the database.
Tim Doty
-----Original Message-----
From: nessus-bounces@list.nessus.org [mailto:nessus-bounces@list.nessus.org]
On Behalf Of Larry Petty
Sent: Monday, January 21, 2008 9:05 PM
To: Ron Gula
Cc: Nessus@list.nessus.org
Subject: Re: New Nessus File Format
If you are coding on UNIX, if you install Nessus on your system, you can use
some of the 'nessus' command line options to connect to your Nessus scanners
and obtain plugin information.
Ron Gula
Tenable Network Security
Ron,
This would solve my problem. Are you refering to converting the .NBE file to
XML via command line? If not, can you tell me the command to obtain the
plugin information via the linux command line? Will this command be
supported in Nessus 3.2? Thanks for your help!
Here is how I do it today:
/opt/nessus/bin/nessus \
-c /usr/local/bin/scripts/.nessusrc-normal \
-i /home/scan-data/${SAVETO}/nessus/nessus-scan.nbe \
-o /home/scan-data/${SAVETO}/nessus/nessus-scan.xml
________________________________
Never miss a thing. Make Yahoo your homepage.
<http://us.rd.yahoo.com/evt=51438/*http://www.yahoo.com/r/hs>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
