You are here: Nessus Manager and Professional > Bug Reporting Commands

Bug Reporting Commands

The nessuscli commands also offer the ability to create an archive that can be sent to Tenable to help diagnose issues. By default, the script will run in interactive mode.

To create the bug report without any user interaction, use the --quiet option. The script will gather less information than if you ran in “full” mode.

The bug report generator can be run one of two ways: one with no command line options, and one to run in --quiet mode.

In quiet mode, there are two additional switches you can use. The --full switch will gather additional information for Tenable to use for debugging. The --scrub switch will clean any IPv4 addresses.

To create the bug report archive, run the following command:

# /opt/nessus/sbin/nessuscli bug-report-generator

This script will gather some information about your local system in order to help us diagnose the problems you are encountering.

 

This program does not send any data over the network, but simply creates an archive which contains useful information for the Nessus team to diagnose any problem you may be encountering.

 

This script can run in two modes:

 

If you run in "full" mode, this script will gather information you may deem

to be sensitive (such as IP addresses, the list of running processes and your

system log files). This information allows Tenable to better qualify your problem

 

If you do not run in "full" mode, this script will gather less information

Note that even in normal mode, depending on how you perform scanning some "sensitive" information may be contained in the resulting archive. Feel free to inspect it before sending it to Tenable.

 

Run in "full" mode? (y/n) [n]: n

 

Would you like to scrub the first two digits of any IPv4 address seen in the log files?

This may take several minutes.

 

Sanitize IPv4 subnets? (y/n) [n]: y

Bug report file name? [/opt/nessus/var/nessus/logs/nessus-bug-report-archive.tar.gz]: ~/nessus-bug-report-archive.tar.gz

 

-> Copying /etc/redhat-release...

-> Copying /etc/SuSE-release...

-> Copying /etc/debian_version...

-> Running uname -a...

-> Running /opt/nessus/sbin/nessusd -d...

-> Running ldd /opt/nessus/sbin/nessusd...

-> Running dmesg...

-> Running tail -n 10000 /opt/nessus/var/nessus/logs/nessusd.messages...

-> Running tail -n 10000 /opt/nessus/var/nessus/logs/nessusd.dump...

-> Copying /opt/nessus/var/nessus/uuid...

-> Running bash -c cd /opt/nessus/var/nessus/logs;ls | grep -v nessusd.messages | grep -v nessusd.dump | grep -v www_server.log | grep -v nessus-bug-report-archive | xargs cat...

-> Running killall -USR2 nessusd...

-> Running bash -c cd /opt/nessus/var/nessus/logs;ls | grep -v nessusd.messages | grep -v nessusd.dump | grep -v www_server.log | grep -v nessus-bug-report-archive | xargs cat...

-> Running nessuscli fix --list...

-> Running uptime...

-> Running ls -l /opt/nessus/lib/nessus/plugins...

-> Copying /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc...

-> Running bash -c ps auxwwww | grep nessus...

-> Running netstat -i...

-> Running netstat -rn...

-> Running arp -an...

-> Running df -h...

-> Running ls -l /opt/nessus/var/nessus...

-> Running cat /proc/cpuinfo...

-> Running sysctl hw.model...

-> Running free...

-> Running nessuscli fix --list-interfaces...

-> Running bash -c ls -l /opt/nessus/var/nessus/../.....

-> Running du -shk /opt/nessus/var/nessus/../.....

-> Collecting script environment information...

 

Thank you! Now please send the file /root/nessus-bug-report-archive.tar.gz to:

- bug-reports@nessus.org (if you are not a direct feed customer)

or

- Tenable Support (if you are a direct feed customer)

Note: Using --full or --scrub is dependent on using --quiet first. If the --quiet option is not used, the bug report generator ignores anything else and runs in full mode.

Note: Even in “normal” mode, the script may pick up sensitive information depending on how your scans are configured.

# /opt/nessus/sbin/nessuscli bug-report-generator --quiet

-> Copying /etc/redhat-release...

-> Copying /etc/SuSE-release...

-> Copying /etc/debian_version...

-> Running uname -a...

-> Running /opt/nessus/sbin/nessusd -d...

-> Running ldd /opt/nessus/sbin/nessusd...

-> Running dmesg...

-> Running tail -n 10000 /opt/nessus/var/nessus/logs/nessusd.messages...

-> Running tail -n 10000 /opt/nessus/var/nessus/logs/nessusd.dump...

-> Copying /opt/nessus/var/nessus/uuid...

-> Running sh -c cd /opt/nessus/var/nessus/logs;ls | grep -v nessusd.messages | grep -v nessusd.dump | grep -v www_server.log | grep -v nessus-bug-report-archive | xargs cat...

-> Running killall -USR2 nessusd...

-> Running sh -c cd /opt/nessus/var/nessus/logs;ls | grep -v nessusd.messages | grep -v nessusd.dump | grep -v www_server.log | grep -v nessus-bug-report-archive | xargs cat...

-> Running /opt/nessus/sbin/nessuscli fix --list...

-> Running uptime...

-> Running ls -l /opt/nessus/lib/nessus/plugins...

-> Copying /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc...

-> Running sh -c ps auxwwww | grep nessus...

-> Running netstat -i...

-> Running netstat -rn...

-> Running arp -an...

-> Running df -h...

-> Running ls -l /opt/nessus/var/nessus...

-> Running cat /proc/cpuinfo...

-> Running free...

-> Running /opt/nessus/sbin/nessuscli fix --list-interfaces...

-> Running du -shk /opt/nessus/var/nessus/../.....

-> Collecting script environment information...

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.