Manage Plugin Rules

Required user role when using Tenable Nessus Manager: Standard, Administrator, or System Administrator

Use the following procedures to manage plugin rules. For more information about plugin rules, see Plugin Rules.

Create a Plugin Rule

  1. In the top navigation bar, click Scans.

    The My Scans page appears.

  2. In the left navigation bar, click Plugin Rules.

  3. In the upper right corner, click the New Rule button.

    The New Rule window appears.

  4. Configure the settings:

    Option Description
    Host

    The host that the plugin rule applies to. You can enter a single IP address or DNS address, or you can leave the box blank to apply the rule to all hosts.

    The Host option must follow the same formatting as the Designate hosts by their DNS name setting. In other words, if you disabled the setting, enter an IP address for Host. If you have the setting enabled, enter a DNS address for Host.

    Note: If the plugin is enabled in two different scan configurations that have conflicting Designate hosts by their DNS name settings, Tenable recommends creating two separate plugin rules for the plugin: one rule for the IP address, and one rule for the DNS address.
    Plugin ID The plugin that the plugin rule applies to.
    Expiration Date (Optional) The date on which the plugin rule ages out.
    Severity The severity that Nessus assigns the plugin while the plugin rule is active.

  5. Click the Save button.

    Tenable Nessus saves the plugin rule.

Modify a Plugin Rule

  1. In the top navigation bar, click Scans.

    The My Scans page appears.

  2. In the left navigation bar, click Plugin Rules.

  3. On the plugin rules table, select the plugin rule that you want to modify.

    The Edit Rule window appears.

  4. Modify the settings as necessary:

    Option Description
    Host

    The host that the plugin rule applies to. You can enter a single IP address or DNS address, or you can leave the box blank to apply the rule to all hosts.

    The Host option must follow the same formatting as the Designate hosts by their DNS name setting. In other words, if you disabled the setting, enter an IP address for Host. If you have the setting enabled, enter a DNS address for Host.

    Note: If the plugin is enabled in two different scan configurations that have conflicting Designate hosts by their DNS name settings, Tenable recommends creating two separate plugin rules for the plugin: one rule for the IP address, and one rule for the DNS address.
    Plugin ID The plugin that the plugin rule applies to.
    Expiration Date (Optional) The date on which the plugin rule ages out.
    Severity The severity that Nessus assigns the plugin while the plugin rule is active.

  5. Click the Save button.

    Tenable Nessus saves the settings.

Delete a Plugin Rule

  1. In the top navigation bar, click Scans.

    The My Scans page appears.

  2. In the left navigation bar, click Plugin Rules.

  3. On the plugin rules table, in the row for the plugin that you want to modify, click the button.

    A dialog box appears, confirming your selection to delete the plugin rule.

  4. Click the Delete button.

    Tenable Nessus deletes the plugin rule.