You are here: Additional Resources > Real-Time Traffic Analysis Configuration Theory > Selecting Rule Libraries and Filtering Rules

Selecting Rule Libraries and Filtering Rules

Tenable ships an encrypted library of passive vulnerability detection scripts. This file cannot be modified by the end users of PVS. However, if certain scripts must be disabled, they can be specified by the PASL ID and “.pasl” appended. For example, 1234.pasl, disables the PASL with the ID of 1234 on a single line in the disabled-scripts.txt file.

If a plugin must be disabled, enter its ID on a single line in the disabled-plugins.txt file. If a plugin must be real-time enabled, enter its ID on a single line in the realtime-plugins.txt file.

When adding PVS plugins to the disabled plugin list, be sure to leave an empty blank line after entering in the last plugin to be disabled. Failure to return to the next line can result in a non-functional disabled plugin list.

Example: 1234 [return]

If any of the referenced files do not exist, create them using the appropriate method for the operating system. The file locations are in the following table for each operating system:

Operating System

File Path

Linux

/opt/pvs/var/pvs

Windows

C:\ProgramData\Tenable\PVS\pvs

macOS

/Library/PVS/var/pvs

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.