Audit Files

The Tenable Nessus vulnerability scanner allows you to perform compliance audits of numerous platforms including (but not limited to) databases, Cisco, Unix, and Windows configurations as well as sensitive data discovery based on regex contained in audit files. Audit files are XML-based text files that contain the specific configuration, file permission, and access control tests to be performed. For more information, see Manage Audit Files.

After you create an audit file, you can reference the audit file in a template-based Policy Compliance Auditing scan policy or a custom scan policy. For more information about compliance options in custom scan policies, see The Compliance tab specifies compliance the audit files to reference in a scan policy. The options available depend on the type of audit file selected..

For more information on compliance checks and creating custom audits, see the Compliance Checks Reference.

Note: The maximum number of audit files you can include in a single Policy Compliance Auditing scan is limited by the total runtime and memory that the audit files require. Exceeding this limit may lead to incomplete or failed scan results. To limit the possible impact, Tenable recommends that audit selection in your scan policies be targeted and specific for the scan's scope and compliance requirements.

Template-Based Audit Files

You can add template-based audit files using templates embedded within Tenable Security Center. Tenable updates these templates regularly through the Tenable Security Center feed.

For more information, see Add a Template-Based Audit File.

Custom Audit Files

You can add custom audit files to upload any of the following:

  • a Tenable-created audit file downloaded from the Tenable downloads page.
  • a Security Content Automation Protocol (SCAP) Data Stream file downloaded from a SCAP repository (e.g.,

    The file must contain full SCAP content (Open Vulnerability and Assessment Language (OVAL) and Extensible Configuration Checklist Description Format (XCCDF) content) or OVAL standalone content.

    Note: XCCDF standalone content audit files lack automated checks and do not return scan results in Tenable Security Center.

  • a custom audit file created or customized for a specific environment. For more information, see the knowledge base article.

For more information, see Add a Custom Audit File.