Edit a Terrascan Scan Configuration
You can update the settings of a Terrascan scan configuration whenever you are not using it to perform a scan.
Before you begin:
-
Install Terrascan on your Nessus instance.
To edit a Terrascan scan configuration:
-
Under Resources in the left-side navigation pane, click Terrascan.
The Scans page appears.
-
In the scan table, roll over the scan you want to edit.
-
In the scan row, click the
button.The scan configuration page appears.
-
Edit the scan configuration settings:
-
info
-
debug
-
warn
-
error
-
panic
-
fatal
-
all
-
arm
-
cft
-
docker
-
helm
-
k8s
-
kustomize
-
terraform
-
tfplan
-
human
-
json
-
yaml
-
xml
-
junit-xml
-
sarif
-
github-sarif
-
all
-
aws
-
azure
-
docker
-
gcp
-
github
-
k8s
-
git
-
s3
-
gcs
-
http
-
terraform-registry
-
Click Save.
Tenable Nessus Expert saves the new configuration options.
| Setting | Description |
|---|---|
| Configuration Name | The name of the Terrascan scan configuration. |
| Logging | |
| Command Output Format | Determines the output logging format (separate from the actual scan results). You can chose json or console. |
| Log Level |
Determines the output verbosity level: |
| Verbose Violations | Determines whether the scan logs violations with details. |
| Scanning | |
| IAC Type |
Determines the Infrastructure as Code (IAC) type. |
| Minimum Severity | Determines the minimum violation severity that Terrascan reports. You can choose low, medium, or high. |
| Non-recursive | Determines whether the scan recurses into subdirectories of the repository. |
| Output Format |
Determines the scan result output format: |
| Output Passed Rules | Determines whether the scan results show passed rules. |
| Policy Type |
The policy type or types to include in the scan: |
| Remote Type |
Determines the remote repository type: Note: You need to make Git available on the Nessus host to select the Git type.
|
| Remote URL |
The URL of the remote IAC registry. |
| Remote URL Branch | The branch of the remote IAC registry. |