TOC & Recently Viewed

Recently Viewed Topics

Linux Command Line Operations

You must run all commands with root privileges.

Start, Stop, or Restart NNM

Action Command to Manage NNM

Start

# service nnm start

then

# ps aux|grep nnm

Stop

# service nnm stop

Restart

# service nnm restart

Once a day, as scheduled, if SecurityCenter CV has received new NNM plugins from Tenable, it installs them in the NNM plugin directory. NNM detects the change, automatically reloads, and begins using the new plugins.

Real-time NNM data is communicated to the configured LCE server or Syslog server(s) in real-time.

Configure HugePages

Before You Begin

These steps assume that your system meets the hardware and software requirements necessary for running NNM in High Performance mode.

Steps

  1. Ensure your HugePages settings are correct by using the following command:

    # grep Huge /proc/meminfo

    AnonHugePages: 0kB

    HugePages_Total: 1024

    HugePages_Free: 1024

    HugePages_Rsvd: 0

    HugePages_Surp: 0

    Hugepagesize: 2048kB

    The Hugepagesize parameter is set to 2048 kB by default, but this option is configurable. NNM requires a minimum of 1024 HugePages that are at least 2048 kB in size.

    Note: In some cases, the HugePages_Free parameter may be set to 0, however, this does not necessarily indicate insufficient HugePage memory.

  2. Reserve a certain amount of memory to be used as HugePages by using the following command to update the kernel parameter manually:

    /bin/echo 1024 > /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages

    The number of HugePages reserved by the kernel changes to 1024, and HugePages become available.

    Note: If the kernel does not have enough memory available to satisfy this request, the command may fail without notifying the user. After running this command, the HugePages configuration should be checked again using the command in step 1.

  3. To ensure that your HugePages configuration persists across system reboots, refer to the following section that corresponds to your Linux kernel version.

    Linux Kernel Version 6

    Update the persistent kernel configuration files using one of the following commands:

    In the /etc/sysctl.conf file, add the vm.nr_hugepages=1024 parameter and reload the kernel configuration with the sysctl -p command. Alternatively, you can reboot the system.

    -or-

    In the /etc/grub.conf file, on the kernel startup line, add the hugepages=1024 parameter and reboot the system.

    Linux Kernel Version 7

    Update the persistent kernel configuration files using one of the following commands:

    In the /etc/sysctl.conf file, add the vm.nr_hugepages=1024 parameter and reload the kernel configuration with the sysctl -p command. Alternatively, you can reboot the system.

    -or-

    In the /etc/sysconfig/grub file, on the kernel startup command (GRUB_CMDLINE_LINUX), add the hugepages=1024 parameter. Reload the kernel configuration with the grub2-mkconfig -o /etc/grub2 command and reboot the system.

  4. Connect the file system to the HugePages subsystem using the following steps:

    1. Execute the /bin/mkdir -p /mnt/NNM_huge command.

    2. Execute the /bin/mount -t hugetlbfs nodev /mnt/NNM_huge command.

    3. Additionally, open the /etc/fstab file location and add the following record:

      nodev /mnt/NNM_huge hugetlbfs rw 0 0

File Locations

NNM installs its files in the following locations:

Path

Purpose

/opt/nnm

Base directory.

/opt/nnm/bin

Location of the NNM and NNM Proxy executables, plus several helper tools for the NNM Proxy daemon.

/opt/nnm/docs

Contains the software license agreement for NNM.

/opt/nnm/var

Contains the folders for NNM and the NNM-Proxy.

/opt/nnm/var/nnm

Contains plugins, discovered vulnerabilities, log files, keys, and other miscellaneous items.

db

Contains the database files relating to the configuration, reports, and users for NNM.

kb

Stores the NNM knowledge base, if used.

logs

Contains NNM logs.

plugins

Contains the NNM plugins delivered via SecurityCenter, Tenable.io, the NNM Feed, or updated via the command line or web interface if NNM is running in Offline mode.

Note: If SecurityCenter CV is being used to manage the plugins, do not change this path from the default /opt/nnm/var/nnm.

nnm-services

A file NNM uses to map service names to ports. This file may be edited by the user. Plugin updates do not overwrite modifications to the file.

reports

Contains reports generated by NNM. This folder contains the .nessus file generated by default.

scripts

Contains the files for the NNM Web server.

ssl

Contains SSL certificates used by the proxy and web server for the SSL connection between itself and SecurityCenter CV or the web browser.

users

Contains folders for user files and reports.

www

Contains the files for the NNM web front-end.

/opt/nnm/var/nnm-proxy

Parent folder for files used/created by the NNM proxy.

logs

Contains the NNM proxy and NNM proxy service logs.

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.