Warning Messages

The following table lists the warning messages that you may see while scanning in Nessus, and how Tenable recommends that you resolve each error. For more information about creating, modifying, and launching scans, see Scans.

Warning Description Recommended Action
0 — No valid targets in list There were no valid targets in the scan's target list.

Verify that the scan’s target list contains one or more targets in valid Nessus Scan Target format.

Check your target rules file to determine whether the targets are prohibited.

Adjust the scan’s target list to ensure at least one valid, permitted target is present and re-scan.

1 — Can't resolve target [target name] Nessus could not resolve the target IP address. Verify the target name is correct, then verify that a DNS entry exists and is correct for the target. Once the target name and DNS entries are correct, re-scan.
2 — Unparseable target [target name] Nessus did not scan the target because the name did not match any valid target specification. Correct the target name to conform to one of the valid Nessus Scan Target formats.
3 — Restricted target [target name] Nessus did not scan the target because the IP address is not scannable (for example, 0.0.0.0). Remove the target from the scan’s target list.
4 — Rejected attempt to scan [target], as it violates user-defined rules Nessus cannot scan the target due to user-specified scanning restrictions. Remove the target from the scan’s target list or adjust the target rules file.
1000 — The allowed number of live hosts scanned with Nessus Essentials has been reached - please contact Tenable to upgrade your license. Nessus did not scan the target because the number of targets for a single scan exceeded the maximum allowed under the Nessus Essentials licensing terms. Reduce the number of targets in the scan, or upgrade Nessus.
1001 — The licensed number of live hosts scanned has been reached - please contact Tenable to upgrade your license. Nessus did not scan the target because the number of targets for a single scan exceeded the maximum allowed under the Nessus licensing terms. Reduce the number of targets in the scan, or upgrade Nessus.
1002 — Your current Nessus scanner license limits your scans to [count] live IP addresses. You've now scanned over [count] different IP addresses over time, and Nessus will not let you scan any additional hosts. In order to increase this limit, please contact Tenable to upgrade your license. Nessus did not scan the target because the cumulative number of unique targets across all scans exceeded the maximum allowed under the Nessus Essentials licensing terms. Remove targets from the scan to conform to the licensing terms, or upgrade Nessus.
1003 — Your current Nessus scanner license limits your scans to [count] live IP addresses. You've now scanned over [count] different IP addresses over time, and Nessus will not let you scan any additional hosts. In order to increase this limit, please contact Tenable to upgrade your license. Nessus did not scan the target because the cumulative number of unique targets across all scans exceeded the maximum allowed under the Nessus evaluation license terms. Remove targets from the scan to conform to the licensing terms, or upgrade Nessus.
1004 — Your current Nessus scanner license limits your scans to [count] live IP addresses. You've now scanned over [count] different IP addresses, and Nessus will not let you scan any additional hosts. In order to increase this limit, please contact Tenable Nessus did not scan the target because the cumulative number of unique targets across all scans exceeded the maximum allowed under the Nessus license terms. Remove targets from the scan to conform to the licensing terms, or upgrade Nessus.

2000 — The network interface [interface] does not support packet forgery. This prevents Nessus from determining whether some of the target hosts are alive and from performing a full port scan against them.

Nessus attempted to establish a session for sending or receiving raw IP packets, but failed.

Tenable recommends scanning over a different network interface.

You may be able to resolve this problem by disabling the Ping the remote host scan setting and providing Nessus with credentials to the remote host to prevent a port scan from taking place.

2001 — VMware Fusion does not support packet forgery from the host OS to the target OSs. This prevents Nessus from determining whether some of the target hosts are alive and from performing a full port scan against them. If you want to scan your targets within VMware Fusion, either scan them from a different host or install Nessus in a Fusion VM and scan them from there. The Nessus scanner was installed in an unsupported VMWare Fusion configuration. Install Nessus on a different host.
2002 — The network interface [interface] was not always available for packet forgery, which may lead to incomplete results. This is likely to be a transient error due to a lack of resources on this host. To correct this error, reduce the number of scans and/or hosts scanned in parallel. Packet forgery succeeded at least once on the reported interface, but a subsequent attempt to open a packet forgery session failed.

Verify the current values of, and adjust, the Nessus Advanced Settings related to scanner performance.

If the problem persists, report the issue to Tenable. Include the full contents of the scanner logs nessusd.messages and nessusd.dump in the report.

2003 — A packet with actual length of [length] bytes was truncated to [truncated length] bytes. The current snapshot length of [snapshot length] for interface [interface name] is too small. Consider either setting the pcap.snaplen preference to at least [%] or ensuring your network is configured so that packets received by the OS are not greater than the device's MTU Nessus attempts to capture raw IP packets for analysis during a scan. This error can occur when the received packet is larger than expected and is truncated. In rare circumstances, this may affect the accuracy of scan results. Verify the current values of, and adjust, the Nessus Advanced Settings related to scanning.
3001 — [target] has been turned off, crashed or became unreachable during the audit – scan was interrupted prior to completion

Nessus determined that the target was alive, and began scanning. During the scan, the target stopped responding, and the scanner terminated the scan for that target only. The scan results may be incomplete.

This may be the result of a temporary network disruption, a service that failed or restarted on the target, or the target may have crashed or been removed from the network.

Verify that the target is active and running. Check any running services and start or restart as needed. Once the target is determined to be active, re-scan.
3002 — Some network congestion was detected during the scan. This may indicate that one or more of the remote hosts are connected through a connection that does not have enough bandwidth to cope with this scan. To reduce the risk of congestion: - Reduce 'max hosts' to a lower value - Increase the 'network read timeout' in your policy There were intermittent failures to connect to a target port that is known to be open.

Verify the current values of, and adjust, the Nessus Advanced Settings related to scanner performance.

Increase the Network timeout setting in the scan policy, then re-scan.

4000 — Scan not started for Nessus Agent [agent name] During an agent scan, the agent did not start the scan.

Check whether the agent is present on the network. Verify network connectivity between the agent and the Nessus Manager/Tenable.io.

Re-run the agent scan once you verify the agent is online.

4001 — [count] Nessus Agents didn't start scan: [agent names] During an agent scan, the agent did not start the scan.

Check whether each agent is present on the network. Verify network connectivity between the agents and the Nessus Manager/Tenable.io.

Re-run the agent scan once you verify the agents are online.

4002 — Scan not completed for Nessus Agent [agent name] at [agent IP] During an agent scan, the agent did not report a scan result.

Check whether the agent is present on the network. Verify network connectivity between the agent and the Nessus Manager/Tenable.io.

Re-run the agent scan once you verify the agent is online.

4003 — [count] Nessus Agents didn't complete scan: [agent names] During an agent scan, the agents did not report a scan result.

Check whether each agent is present on the network. Verify network connectivity between the agents and the Nessus Manager/Tenable.io.

Re-run the agent scan once you verify the agents are online.

4004 — [count] Nessus Agents aborted scan: [agent names] During an agent scan, the agents aborted the scan.  
5000 — Failed to import scan results from remote scanner A managed Nessus scanner uploaded a scan result to Nessus Manager, but Nessus Manager could not process the scan result. Check if the Nessus Manager has enough disk space, or if the scan result uploaded by the scanner is corrupted due to network or disk errors.
5001 — Failed to import scan results from remote Nessus Agent [agent name] at [agent IP] - [error]

An agent uploaded a scan result to either a cluster child node or Nessus Manager, but the scan result could not be processed.

Check if the Nessus Manager has enough disk space, or if the scan result uploaded by the scanner is corrupted due to network or disk errors.
5002 — Failed to import scan results from remote node

In a clustered scan, a cluster "child node" is a Nessus scanner that manages agents, and is managed by a Nessus Manager.

This error happens when a scan result is uploaded by a child node to a Nessus Manager, but the result processing fails.

Check if the Nessus Manager has enough disk space, or if the scan result uploaded by the scanner is corrupted due to network or disk errors.
6000 — The scan report file was not found A plugin attempted to attach a file to a scan result, but the file does not exist. Check the disk space on the scanner. If there is insufficient space, make room by removing unneeded files, or by adding disk space.
6001 — The scan report was [size] which is greater than the [max size] threshold for attaching. A plugin attempted to attach a file to a scan result, but the file is too large. Try adjusting the attached_report_maximum_size setting. If it is over 50MB, try to filter out the results in the report to reduce the size.
7000 — This audit has been deprecated and was not executed: [audit file name] A Nessus Compliance Audit scan specified an audit file that is no longer supported. The scan will proceed, but the deprecated audit file will be skipped. Remove the deprecated audit from the scan settings.
8000 — It was not possible to email this scan: [error] Nessus has been configured to email scan results when a scan has completed, but the attempt to email the results failed. Check that the configured email address and server are correct, and that the server is online and can be reached from the scanner.
9000 — Varies A plugin reported an error.