TOC & Recently Viewed

Recently Viewed Topics

Agent Scans

Path: Scans > Agent Scans

For high level information about agent scanning, see Scanning Overview.

To perform agent scanning, SecurityCenter imports agent scan results from agent-capable Tenable.io or Nessus Manager scanners. Using Nessus agents for scanning reduces network usage and allows devices to maintain their scan schedules even when disconnected from the network. SecurityCenter can import these results for review in conjunction with other acquired information about the host and network.

The Agent Scans page displays a list of all available agent scans. Newly created agent scan import schedules are shared to everyone within the same user group when users have the appropriate permissions.

When more than one Agent scan result is ready on Tenable.io™ or Nessus Manager, the scan results queue for import to SecurityCenter.

For more information, see Add an Agent Scan or Manage Agent Scans.

General Options

The table below describes options available on the General tab.

Parameter

Description

Name

The scan name associated with the scan’s results. This may be any name or phrase (e.g., SystemA, DMZ Scan, Daily Scan of the Web Farm, etc.).

Description

Descriptive information related to the scan.

Agent Scanner

The Agent-enabled scanner from which to retrieve agent results.

Agent Scan Name Filter

A filter for agent scan results to retrieve from the Nessus Agent enabled scanner. Filters can use the specific name of the result(s) to retrieve or an asterisk (*) or question mark (?) for all or part of the scan result name(s) to retrieve. You can find the available Agent Scans retrieved from the selected scanner on the Scan page of the user logged in to the Nessus server.

If the agent scan retrieves results that match the filter, they appear when you click the Preview Filter button. If the agent scan does not retrieve results, the filter matches once the results are available.

Schedule

The frequency you want to run the scan: selecting Now, Once, Daily, Weekly, Monthly, On Demand, or Dependent allows you to create an agent scan retrieval template that you can launch manually at any time. The other time frames allow you to retrieve scans at specified times and intervals.

You should retrieve agent scan results as close to the completion time of the scan as possible to most accurately display within SecurityCenter when the scan discovered the vulnerability results.

Settings Options

Parameter Description

Import Repository

Specifies the repository where you want the agent scan results to import. Select an agent repository to receive scan data.

Note: You cannot import agent scan data to a non-agent repository.

Post Scan Options

These options determine what actions occurs immediately before and after the agent scan completes. The table below describes the post scan options available to users:

Option Description

Add Report

This option provides a list of reports available to the user to run when the agent scan data import completes.

The initial choices are to click the group and owner of the report to present a list of valid report options. Next, click the report from the list that can be searched using the text search box. When hovering over a report name, you can select the information icon to display the name and description of the report. You can base the generated report on the current scan’s results or the results in the Cumulative database.

Selecting the check mark causes the report to launch once the scan completes. Selecting the X removes the changes. Once added, you can modify or delete the report information.

Copyright 2017-2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.