Ingest .nessus files from Tenable's Nessus scanner into Elasticsearch.
This project has taken on it's own form due to the major changes from the original work: iwikmai/Nessus-ES. A huge thanks to the original creator of Nessus-ES as it has given me the foundation to begin learning how to ingest data into the Elastic stack programmatically. Thank you!
The old project that I had forked and made my changes to is now archived/read-only and may eventually be deleted nicpenning/Nessus-ES.
This new project comes with some new changes such as bug fixes, pipeline/mapping updates, and the new ability to do a patch summary from previously ingested Nessus scan data that contain the same hosts.
A way to ingest Nessus Scan data into Elasticsearch using PowerShell. Tracking vulnerabilities can be scary and overwhelming but this tool is designed to wrangle up those vulnerabilities into a manageable way.
As always, feel free to post issues / questions in this project to make it even better. Enjoy!
sequenceDiagram
PowerShell->>Nessus: Downloads .Nessus File(s) via Nessus API
Nessus->>PowerShell: .nessus File(s) Saved Locally
PowerShell->>Kibana: Dashboards, Index Templates and other Setup items
PowerShell->>Elasticsearch: Ingest Parsed XML Data via Elasticsearch API
With some careful setup of your Elastic stack and a little PowerShell you can turn your .nessus files into this:
The Power-Nessie project is a simplified way of taking .nessus files and ingesting them into Elasticsearch using PowerShell on Windows, Mac, or Linux.
Requirements
- Functioning Elastic Stack (7.0+, 8.13.4 Latest Tested)
- PowerShell 7.0+ (7.4.2 Latest Tested)
- .nessus File(s) Exported (Power-Nessie can do this!)
Script includes a Menu to help you use Power-Nessie:
- Index Template
- Data View, Searches, Visualizations, and Dashboards
- ECS coverage across as many fields as possible
- Documentation (Wiki)
- Automated Nessus File Download
- Automated Elasticsearch Ingest
- Setup Script (Template, Objects, API, etc..)
- Compare Scans (New Data Stream and Dashboard)
- Generate Reports (PDF/PNG) & Send via Email
- Configuration File Support
- 💝 Community, join here: https://teams.live.com/l/community/FBANlP3DgeNDPOagwI
New Patch Summary Dashboard:
- Add Detection Rules
Automated or Manual Download and Ingest capability - Check the Wiki!
Invoke-Power-Nessie.ps1