Upload a Custom Audit File

When you configure the Compliance settings of a Nessus scan, you can upload the following custom audit files:

  • a Tenable-created audit file downloaded from the Tenable downloads page.
  • a Security Content Automation Protocol (SCAP) Data Stream file downloaded from a SCAP repository (for example, https://nvd.nist.gov/ncp/repository).

    The file must contain full SCAP content (Open Vulnerability and Assessment Language (OVAL) and Extensible Configuration Checklist Description Format (XCCDF) content) or OVAL standalone content.

  • a custom audit file created or customized for a specific environment. For more information, see the Nessus Compliance Checks Reference.

Before you begin:

  • Download or prepare the file you intend to upload.

To upload a custom audit file:

  1. Log in to the Tenable Nessus user interface.

  2. In the top navigation bar, click Scans.

    The My Scans page appears.

  3. In the upper right corner, click the New Scan button.

    The Scan Templates page appears.

  4. Click the scan template that you want to use.

    The scan settings page appears.

  5. Open the Compliance tab.

  6. In the Filter Compliance box, type custom.

    A list of the custom audit file types that you can upload appears.

  7. Select the custom audit file type that you want to upload.

    An Upload a custom audit file pane appears.

  8. Click Add File. Select the custom audit file to upload from your machine.

    Depending on the audit type, you may need to configure additional settings once you upload the custom audit.

  9. Do one of the following:

    • To launch the scan immediately, click the down button, and then click Launch.

      Tenable Nessus saves and launches the scan.

    • To launch the scan later, click the Save button.

      Tenable Nessus saves the scan.