Fix Agent Settings

For a list of agent settings, see Advanced Settings in the Tenable Nessus Agent User Guide.

Updates agent hostnames automatically in Tenable Vulnerability Management or Tenable Nessus Manager.

You can set the update_hostname parameter to yes or no. By default, this preference is disabled.

(Tenable Vulnerability Management-linked agents only)

Sets the agent update plan to determine what version the agent automatically updates to.

Values:

• ga — Automatically updates to the latest Tenable NessusAgent version when it is made generally available (GA). Note: This date is the same day the version is made generally available.This date is usually one week after the version is made generally available. For versions that address critical security issues, Tenable may make the version available immediately.

• ea — Automatically updates to the latest Tenable NessusAgent version as soon as it is released for Early Access (EA), typically a few weeks before general availability.

• stable — Does not automatically update to the latest Tenable NessusTenable Nessus Agent version. Remains on an earlier version of Tenable NessusTenable Nessus Agent set by Tenable, usually one release older than the current generally available version, but no earlier than 8.10.0.7.7.0. When Tenable NessusTenable Nessus Agent releases a new version, your Tenable Nessus instance agent updates software versions, but stays on a version prior to the latest release.

Note: For agents linked to Tenable Vulnerability Management, you need to run the agent_update_channel command from the agent nessuscli utility. For agents linked to Tenable Nessus Manager, you need to run the agent_update_channel command from the Tenable Nessus Managernessuscli utility.

(Tenable Vulnerability Management-linked agents only)

Sets the maximum number of scans an agent can run per day. The minimum amount is 1, the maximum amount is 48, and the default amount is 10.

Sets the maximum number of times an agent should retry in the event of a failure when executing the agent link, agent status, or agent unlink commands. The commands retry, the specified number of times, consecutively, sleeping increasing increments of time set by retry_sleep_milliseconds between attempts. The default value for max_retries is 0. The minimum value is 0, and the maximum value is 10.

For example, if you set max_retries to 4 and set retry_sleep_milliseconds to the default of 1500, then the agent will sleep for 1.5 seconds after the first try, 3 seconds after the second try, and 4.5 seconds after the third try.

Sets the number of milliseconds that an agent sleeps for between retries in event of a failure when executing the agent link, agent status, or agent unlink commands. The default is 1500 milliseconds (1.5 seconds).

Enforces NIAP mode for Tenable Nessus Agent. For more information about NIAP mode, see Configure Tenable Nessus Agent for NIAP Compliance.

Disables NIAP mode for Nessus Agent. For more information about NIAP mode, see Configure Tenable Nessus Agent for NIAP Compliance.

Enforces the current validated FIPS module for Tenable Nessus Agent communication and database encryption. The FIPS module does not affect scanning encryption.

Note:Tenable Nessus Agent also enforces the FIPS module when you enforce NIAP mode. For more information, see Configure Tenable Nessus Agent for NIAP Compliance.

Disables the FIPS module for Tenable Nessus Agent communication and database encryption.

Note:Tenable Nessus Agent also disables the FIPS module when you disable NIAP mode. For more information, see Configure Tenable Nessus Agent for NIAP Compliance.

# nessuscli fix --set process_priority="<value>"

# nessuscli fix --get process_priority

# nessuscli fix --delete process_priority

Set, get, or delete the process_priority setting.

You can control the priority of the Tenable Nessus Agent relative to the priority of other tasks running on the system by using the process_priority preference.

For valid values and more information on how the setting works, see Agent CPU Resource Control.