Audit File Scan Tutorial

This tutorial walks you through creating a policy compliance scan using a custom audit file. The tutorial is written with the assumption that the scan will be run on a known and scanned target. Additionally, when selecting a target to scan, the system should be RHEL 7 or CentOS 7 server. For ease of operation, Tenable recommends that you scan a single system and set up a single repository so the data will not be a part of any other scan result. By using a target that is known, and scans that are already working, the policy creation is much easier. The tutorial also assumes that the target system is being scanned with valid credentials, and the credentials have elevated permissions. Note that these audit checks will not actually do any scanning on the system, but the individual plugins that are used to perform the audit needs the same access as if a typical audit scan is being executed. Finally, we’ll want to create a new repository and scan zone to isolate the scan data to ensure that only the desired target is being scanned.