Plugin Rules

Plugin Rules allow you to hide or change the severity of any given plugin. In addition, rules can be limited to a specific host or specific time frame. From this page you can view, create, edit, and delete your rules.

The Plugin Rules option provides a facility to create a set of rules that dictate the behavior of certain plugins related to any scan performed. A rule can be based on the Host (or all hosts), Plugin ID, an optional Expiration Date, and manipulation of Severity.

This allows you to re-prioritize the severity of plugin results to better account for your organization’s security posture and response plan.

Example Plugin Rule

Host: 192.168.0.6

Plugin ID: 79877

Expiration Date: 12/31/2016

Severity: Low

This rule is created for scans performed on IP address 192.168.0.6. Once saved, this Plugin Rule changes the default severity of plugin ID 79877 (CentOS 7 : rpm (CESA-2014:1976) to a severity of low until 12/31/2016. After 12/31/2016, the results of plugin ID 79877 will return to its critical severity.