Helpful Guidelines

Determining Success of the Integration

Nutanix Data Collection (Plugin ID 160185)

If data collection was successful, this plugin reports a variety of data collected on the target through the API. In the event this plugin does not report, you can run an audit trail on the host and plugin ID.

Integration Status (Plugin ID 204872)

This plugin reports success or failure based on Tenable’s attempt to gather cluster information.

Additional Logs

In the event that you encounter integration failure, if debug log reporting is enabled (Tenable recommends level 3 or 4) you can review the nutanix_collect.nasl~Nutanix Prism Central log to troubleshoot issues like authentication failure, HTTP error codes from API responses, and custom log messages with helpful pointers.

Advanced Troubleshooting

Tenable requests data from three different Nutanix Prism Central API resources. Following are a set of curl commands, either of which you can run to help troubleshoot potential problems. Tenable recommends running these from the terminal that hosts the scanner.

Collecting Cluster Data

Data collected from Nutanix Prism Central integration from this cluster resource is used for vulnerability detections. Replace the ip_address, username, and password variables with your own data:

Copy


curl -kv --request POST \
    --url https://ip_address:9440/api/nutanix/v3/clusters/list \
    --header 'Accept: application/json' \
    -u 'username:password' \
    --header 'Content-Type: application/json' \
    --data '{
    "kind": "cluster",
    "length": 1,
    "offset": 0,
    "sort_attribute": "uuid",
    "sort_order": "ASCENDING"
}'

A successful response contains the following schema, which goes into great detail regarding the cluster list of hosts and details in the entities attribute.

Copy


{
  "api_version": "3.1",
  "metadata": {...},
  "entities": [
    {...}
  ]
}

If a connection is established with the web server and you encounter errors, the following schema is shown with the HTTP error code and detailed messaging. Otherwise, the -v flag is added in the curl command for verbosity to expose curl errors which can be troubleshooted with a simple web search.

Copy


{
  "kind": "cluster",
  "code": 0,
  "message_list": [
    {...}
   ],
  "state": "string",
  "api_version": "3.1.0"
}

Collecting Hypervisors and VMs using Auto Discovery (Optional)

Tenable provides the options to discover hypervisors and/or virtual machines during a scan and automatically add them as targets to be scanned against. This is less likely to be a troubleshooting avenue, but to be thorough, here are commands that can be run. The schema for success and error responses from the API are identical to the cluster request above.

Collecting Hypervisors

Copy


curl -kv --request POST \
    --url https://ip_address:9440/api/nutanix/v3/hosts/list \
    --header 'Accept: application/json' \
    -u 'username:password' \
    --header 'Content-Type: application/json' \
    --data '{
    "kind": "host",
    "length": 1,
    "offset": 0,
    "sort_attribute": "uuid",
    "sort_order": "ASCENDING"
}'

Collecting Virtual Machines

Copy


curl -kv --request POST \
    --url https://ip_address:9440/api/nutanix/v3/vms/list \
    --header 'Accept: application/json' \
    -u 'username:password' \
    --header 'Content-Type: application/json' \
    --data '{
    "kind": "vm",
    "length": 1,
    "offset": 0,
    "sort_attribute": "uuid",
    "sort_order": "ASCENDING"
}'