Built-In Checks

The checks that could not be covered by the checks described above are required to be written as custom names in NASL. All such checks fall under the “built-in” category. Each check starts with a <item> tag and ends with </item>. Enclosed within the tags are lists of one or more keywords that are interpreted by the compliance check parser to perform the checks. The following is a list of available checks.

Note: The system keyword is not available for the built-in checks and will result in a syntax error if used.

Note: All built-in and custom_item checks support the following optional keywords:

info — Allows you to add a more detailed description to the check that is being performed. Multiple info fields are allowed with no preset limit. The info content must be enclosed in double-quotes.

Example: info: "Verifies login authentication configuration."
solution — Allows you to add solution text to fix a compliance failure.

Example: solution: "Modify the configuration to add missing line"
see_also —Allows you to include links that might provide helpful information about a check.

Example: see_also: "http://www.fireeye.com/support/"
reference — Allows you to include cross references for audit checks.

Example: reference: "PCI|2.2.3,SANS-CSC|1"

This section includes the following information:

Copyright © 2025 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.