Bug Reporting Commands

Required User Role: User with administrator privileges

You can create a bug report that can be sent to Tenable to help diagnose issues.

To see and copy the full command for your specific operating system, see the Command Quick Reference.

Usage

To create the bug report archive, use the following command:

# nessuscli bug-report-generator

By default, the script runs in interactive mode.

The following is example output in Linux:

# /opt/nessus/sbin/nessuscli bug-report-generator

This script will gather some information about your local system in order to help us diagnose the problems you are encountering.

 

This program does not send any data over the network, but simply creates an archive which contains useful information for the Nessus team to diagnose any problem you may be encountering.

 

This script can run in two modes:

 

If you run in "full" mode, this script will gather information you may deem

to be sensitive (such as IP addresses, the list of running processes and your

system log files). This information allows Tenable to better qualify your problem

 

If you do not run in "full" mode, this script will gather less information

Note that even in normal mode, depending on how you perform scanning some "sensitive" information may be contained in the resulting archive. Feel free to inspect it before sending it to Tenable.

 

Run in "full" mode? (y/n) [n]: n

 

Would you like to scrub the first two digits of any IPv4 address seen in the log files?

This may take several minutes.

 

Sanitize IPv4 subnets? (y/n) [n]: y

Bug report file name? [/opt/nessus/var/nessus/logs/nessus-bug-report-archive.tar.gz]: ~/nessus-bug-report-archive.tar.gz

 

-> Copying /etc/redhat-release...

-> Copying /etc/SuSE-release...

-> Copying /etc/debian_version...

-> Running uname -a...

-> Running /opt/nessus/sbin/nessusd -d...

-> Running ldd /opt/nessus/sbin/nessusd...

-> Running dmesg...

-> Running tail -n 10000 /opt/nessus/var/nessus/logs/nessusd.messages...

-> Running tail -n 10000 /opt/nessus/var/nessus/logs/nessusd.dump...

-> Copying /opt/nessus/var/nessus/uuid...

-> Running bash -c cd /opt/nessus/var/nessus/logs;ls | grep -v nessusd.messages | grep -v nessusd.dump | grep -v www_server.log | grep -v nessus-bug-report-archive | xargs cat...

-> Running killall -USR2 nessusd...

-> Running bash -c cd /opt/nessus/var/nessus/logs;ls | grep -v nessusd.messages | grep -v nessusd.dump | grep -v www_server.log | grep -v nessus-bug-report-archive | xargs cat...

-> Running nessuscli fix --list...

-> Running uptime...

-> Running ls -l /opt/nessus/lib/nessus/plugins...

-> Copying /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc...

-> Running bash -c ps auxwwww | grep nessus...

-> Running netstat -i...

-> Running netstat -rn...

-> Running arp -an...

-> Running df -h...

-> Running ls -l /opt/nessus/var/nessus...

-> Running cat /proc/cpuinfo...

-> Running sysctl hw.model...

-> Running free...

-> Running nessuscli fix --list-interfaces...

-> Running bash -c ls -l /opt/nessus/var/nessus/../.....

-> Running du -shk /opt/nessus/var/nessus/../.....

-> Collecting script environment information...

 

Thank you! Now please send the file /root/nessus-bug-report-archive.tar.gz to:

- (if you are not a direct feed customer)

or

- Tenable Support (if you are a direct feed customer)

You can also add the following options:

--quiet: run the bug report generator without prompting user for feedback.

--scrub: when in quiet mode, bug report generator sanitizes the last two octets of the IPv4 address.

--full: when in quiet mode, bug report generator collects extra data.

Note: Using --full or --scrub is dependent on using --quiet first. If the --quiet option is not used, the bug report generator ignores anything else and runs in full mode.

Note: Even in normal mode, the script may pick up sensitive information, depending on how your scans are configured.

Command Quick Reference

For the full command for your operating system, see the following: