You are here: Features > Scans > Audit Files

Audit Files

The Nessus vulnerability scanner includes the ability to perform compliance audits of numerous platforms including (but not limited to) databases, Cisco, Unix, and Windows configurations as well as sensitive data discovery based on regex contained in “.audit” files. Audit files are XML-based text files that contain the specific configuration, file permission, and access control tests to be performed.

Tenable provides a wide range of audit files and new ones can be written for specific environments. Common audit files are maintained on the Tenable Support Portal and through the SecurityCenter feed for users who wish to perform compliance and configuration auditing. The screen capture below contains a listing of an audit file page with audit file information displayed including the name, owner, group, type, version, and the last time the audit file was modified.

Audit files and/or their information can be edited, exported, viewed, shared, and deleted from the web interface utilizing the gear icon. The list of audit files displayed may be modified using the filters to search on name, type, or type of access to the audit file.

Clicking on the “Add” button will display a list of audit template categories and an option for a Custom audit file to be added.

The audit file templates may be selected using two methods to find the templates. The first is to select the category of templates and select the specific template from the list available. The other option is to use the search field in the top right to search by keyword across all the available audit file templates. Once a template is selected there will be a field to add a custom name and description and, if applicable, additional fields to customize the audit file for the local environment.

Clicking “Advanced” in the custom section displays the following “Add Audit File” dialog screen, while selecting edit will display a similar screen titled Edit Audit File:

Available fields include:

Audit File Fields

Option Description

Name

A descriptive name assigned to the audit file (not necessarily the actual file name).

Description

Descriptive text about the audit file.

Audit File

An interface that allows you to browse your local system or file shares for an audit file to upload. When editing, clicking the “X” next to the existing audit file deletes it and allows for uploading a new audit file.

 

Once an audit file has been uploaded, it can be referenced from within scan policies for enhanced security policy auditing. For more information about SecurityCenter compliance auditing and audit files, refer to the Nessus Compliance Checks document located at https://support.tenable.com.

Copyright © 2016. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc. SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.