Agent Scan Settings

For more information, see Agent Scans.

General Options

Parameter

Description

Default

General

Name

The scan name associated with the scan’s results. This may be any name or phrase (for example, SystemA, DMZ Scan, or Daily Scan of the Web Farm).

--

Description

Descriptive information related to the scan.

--

Custom Policy

When enabled, select an agent scan policy to apply to the scan. For more information, see Scan Policy Templates.

When disabled, the scan uses a Tenable Nessus or Tenable Vulnerability Management Basic Agent Scan template. For more information, see Agent Scan and Policy Templates in the Tenable Agent Deployment and User Guide and Tenable-Provided Agent Templates in the Tenable Vulnerability Management User Guide.

Disabled

Policy

(If Custom Policy is enabled) The name of the agent scan policy.

--

Agent Scanner

The Agent-enabled scanner from which to retrieve agent results.

--

Agent Groups

Specifies the agent group or groups in Tenable Nessus Manager you want the scan to target. For more information, see Agent Groups in the Tenable Nessus User Guide.

--

Scan Type Specifies the type of schedule for the agent scan: Scan Window or Triggered. A Scan Window is the duration of time that an agent has from the scheduled scan start time to receive the scan job, run the scan, and upload the results. A Triggered scan configuration allows the agent or agent group to launch the scan without user intervention.  

Scan Window

Specifies the amount of time Tenable Security Center waits before fetching the results of the agent scan: 15 minutes, 30 minutes, 1 hour, 3 hours, 6 hours, 12 hours, or 1 day.

If Tenable Security Center fetches results for the scan before the scan completes, Tenable Security Center displays the results available at the time the scan window expired. The agent scan continues to run in Tenable Vulnerability Management or Tenable Nessus Manager during the scan window specified in Tenable Vulnerability Management or Tenable Nessus Manager, even if the scan window in Tenable Security Center expires.

Note: To view complete agent scan result data in Tenable Security Center, Tenable recommends setting a Scan Window value that allows your agent scans to complete before Tenable Security Center fetches the results.

1 hour

Triggered

Specifies the frequency you want Tenable Security Center to launch the scan and fetch results.

  • Interval - Enable this option to trigger the scan at a set time interval, in days or hours.

  • Filename - Enable this option to trigger the scan when a file with a specific file name is added to the agent trigger directory. The trigger file disappears after the scan begins. The agent trigger directory location varies by operating system:

    Operating System

    Location

    Windows

    C:\ProgramData\Tenable\Nessus Agent\nessus\triggers

    macOS

    /Library/NessusAgent/run/var/nessus/triggers

    Linux

    /opt/nessus_agent/var/nessus/triggers

If you enable both the Interval and Filename options, the scan searches for triggers in order. In other words, if the first trigger does not trigger the scan, the scan searches for the second trigger.

Note: Agents perform triggered scans automatically, and do not require an admin to launch or schedule them to launch at a particular time. Triggered scans also do not generate a scan DB or UUID.

Note: After you create a triggered agent scan, a background agent synchronization job begins. This agent synchronization job downloads triggered agent scan results and imports them into the repository selected for the triggered agent scan. When the last triggered agent scan for that scanner is deleted, the background agent synchronization job is deleted. This agent synchronization job does not appear on the Agent Synchronization Jobs page.

 

Schedule

Schedule

The frequency you want Tenable Security Center to fetch agent scan results: Now, Remediation, Once, Daily, Weekly, Monthly, or On Demand. This setting appears only when you select Scan Window in the Scan Type drop-down.

Note: If you schedule your scan to repeat monthly, Tenable recommends setting a start date no later than the 28th day. If you select a start date that does not exist in some months (e.g., the 29th), Tenable Security Center cannot run the scan on those days.

Tip: Retrieve agent scan results as close to the completion time of the scan as possible to most accurately display within Tenable Security Center when the scan discovered the vulnerability results.

On Demand

Settings Options

Parameter

Description

Default

Import Repository

Specifies the repository where you want the agent scan results to import. Select an agent repository to receive scan data.

Note: You cannot import agent scan data to a non-agent repository.

--

Post Scan Options

These options determine what actions occur immediately before and after the agent scan completes.

Option

Description

Default

Add Report

This option provides a list of reports available to the user to run when the agent scan data import completes. For more information, see Add a Report to a Scan.

--