Bug Reporting Commands
Required User Role: User with administrator privileges
You can create a bug report that can be sent to Tenable to help diagnose issues.
To see and copy the full command for your specific operating system, see the Command Quick Reference.
Usage
To create the bug report archive, use the following command:
# nessuscli bug-report-generator
By default, the script runs in interactive mode.
The following is example output in Linux:
# /opt/nessus/sbin/nessuscli bug-report-generator
This script gathers some information about your local system in order to help us diagnose the problems you are encountering.
This program does not send any data over the network, but simply creates an archive which contains useful information for the Nessus team to diagnose any problem you may be encountering.
This script can run in two modes:
If you run in "full" mode, this script gathers information you may deem
to be sensitive (such as IP addresses, the list of running processes and your
system log files). This information allows Tenable to qualify your problem.
If you do not run in "full" mode, this script gathers less information.
Even in normal mode, depending on how you perform scanning some "sensitive" information may be contained in the resulting archive. Feel free to inspect it before sending it to Tenable.
Run in "full" mode? (y/n) [n]: n
Would you like to scrub the first two digits of any IPv4 address seen in the log files?
This may take several minutes.
Sanitize IPv4 subnets? (y/n) [n]: y
Bug report file name? [/opt/nessus/var/nessus/logs/nessus-bug-report-archive.tar.gz]: ~/nessus-bug-report-archive.tar.gz
-> Copying /etc/redhat-release...
-> Copying /etc/SuSE-release...
-> Copying /etc/debian_version...
-> Running uname -a...
-> Running /opt/nessus/sbin/nessusd -d...
-> Running ldd /opt/nessus/sbin/nessusd...
-> Running dmesg...
-> Running tail -n 10000 /opt/nessus/var/nessus/logs/nessusd.messages...
-> Running tail -n 10000 /opt/nessus/var/nessus/logs/nessusd.dump...
-> Copying /opt/nessus/var/nessus/uuid...
-> Running bash -c cd /opt/nessus/var/nessus/logs;ls | grep -v nessusd.messages | grep -v nessusd.dump | grep -v www_server.log | grep -v nessus-bug-report-archive | xargs cat...
-> Running killall -USR2 nessusd...
-> Running bash -c cd /opt/nessus/var/nessus/logs;ls | grep -v nessusd.messages | grep -v nessusd.dump | grep -v www_server.log | grep -v nessus-bug-report-archive | xargs cat...
-> Running nessuscli fix --list...
-> Running uptime...
-> Running ls -l /opt/nessus/lib/nessus/plugins...
-> Copying /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc...
-> Running bash -c ps auxwwww | grep nessus...
-> Running netstat -i...
-> Running netstat -rn...
-> Running arp -an...
-> Running df -h...
-> Running ls -l /opt/nessus/var/nessus...
-> Running cat /proc/cpuinfo...
-> Running sysctl hw.model...
-> Running free...
-> Running nessuscli fix --list-interfaces...
-> Running bash -c ls -l /opt/nessus/var/nessus/../.....
-> Running du -shk /opt/nessus/var/nessus/../.....
-> Collecting script environment information...
Thank you. Send the file /root/nessus-bug-report-archive.tar.gz to:
- [email protected] (if you are not a direct feed customer)
or
- Tenable Support (if you are a direct feed customer)
You can also add the following options:
-
--quiet — Run the bug report generator without prompting the user for feedback.
-
--scrub — When in quiet mode, the bug report generator sanitizes the first two octets of the IPv4 address.
-
--full — When in quiet mode, the bug report generator collects extra data.
Note: Using --full
or --scrub
is dependent on using --quiet
first. If the --quiet
option is not used, the bug report generator ignores anything else and runs in full mode.
Note: Even in normal mode, the script may pick up sensitive information, depending on how your scans are configured.
For the full command for your operating system, see the following: