View Linked Agent Health Events

Required Tenable Vulnerability Management User Role: Scan Manager or Administrator

In Tenable Vulnerability Management, you can view information about the health of the Tenable Nessus Agent software on your installed endpoints linked to Tenable Vulnerability Management. You can use the agent health information to troubleshoot agent issues, or you can forward the agent health information to Tenable support.

Tenable Vulnerability Management-linked agents provide health event updates every 60 minutes by default.

To view a linked agent's health events in Tenable Vulnerability Management:

  1. In the left navigation, click Sensors.

    The Sensors page appears. By default, the Nessus Scanners tab is active and Linked Scanners is selected in the drop-down box.

  2. Click the Nessus Agents tab.

    The list of agents appears and Linked Agents is selected in the drop-down box.

  3. In the agents table, click the agent for which you want to view health events.

    The details page for that agent appears.

  4. Click the Agent Health Events tab.

    A table shows the linked agent's health events. Tenable Vulnerability Management shows the events in the detected order (the newest event shows at the top of the table). The table shows the following information about each health event:

    ColumnDescription
    Type

    The agent health event type:

    • Comms Backoff State (related to continuous assessment scanning)

      • Check Frequency — Every hour

      • Possible States — HEALTHY (last Tenable Vulnerability Management upload was successful), WARNING (last Tenable Vulnerability Management upload was not successful), CRITICAL (last Tenable Vulnerability Management upload was not successful and received a 409 error)

    • Comms Waiting Batches (related to continuous assessment scanning)

      • Check Frequency — Every hour

      • Possible States — HEALTHY (0-9 events waiting to upload), WARNING (10-39 events waiting to upload), CRITICAL (> 39 events waiting to upload)

    • Module Asset Identity

      • Check Frequency — Every 60 seconds

      • Possible States — HEALTHY, CRITICAL (the open agent port service is not working, even though it is configured for the agent profile)

    • Module Runtime Scan (related to continuous assessment scanning)

      • Check Frequency — Every 60 seconds

      • Possible States — HEALTHY, CRITICAL (the continuous assessment scanning service is not working, even though it is configured for the agent profile)

    • Module Comms (related to continuous assessment scanning)

      • Check Frequency — Every 60 seconds

      • Possible States — HEALTHY, CRITICAL (the agent cannot successfully send continuous assessment scanning data to Tenable Vulnerability Management)

    • Plugin Compilation

      • Check Frequency — Once upon agent startup

      • Possible States — HEALTHY, CRITICAL (agent plugin compilation failure)

    • Plugin Disk Usage

      Note: This event only shows for Tenable Nessus Agents on version 10.8.0 or later.

      • Check Frequency — Once upon agent startup

      • Possible States — HEALTHY, WARNING (< 2,000 MB disk space remaining)

    • Plugin Integrity Checks

      • Check Frequency — Every 24 hours

      • Possible States — HEALTHY, CRITICAL (the plugins database failed an integrity check)

    • Plugin Updates

      • Check Frequency — Every 24 hours, or whenever the agent plugins are updated

      • Possible States — HEALTHY, CRITICAL (the agent cannot successfully update plugins)

    • System Disk Usage

      • Check Frequency — Every 60 seconds

      • Possible States — HEALTHY, WARNING (< 350 MB disk space remaining), CRITICAL (< 150 MB disk space remaining)

    Status

    • Healthy — The health event is healthy and requires no action.

    • Warning — The health event is unhealthy and may cause minimal impact on the agent's performance.

    • Critical — The health event is unhealthy and may cause a major impact on the agent's performance. Tenable recommends working to resolve any Critical health events.

    • Unknown — The health event status is currently unknown.

    SummaryThe summary of the health event's current status.
    Last UpdatedThe date and time at which Tenable Vulnerability Management last updated the health event.
    Resolved

    Indicates whether the health event was resolved (in other words, whether the event recently changed from Warning or Critical to Healthy).

    If this column shows N/A, Tenable Vulnerability Management has not recently detected a health problem for the Type.

    Previous Status

    The previous health event status before the Last Updated date and time.

    • Healthy — The health event is healthy and requires no action.

    • Warning — The health event is unhealthy and may cause minimal impact on the agent's performance.

    • Critical — The health event is unhealthy and may cause a major impact on the agent's performance. Tenable recommends working to resolve any Critical health events.

    • Unknown — The health event status is currently unknown.

    Previous SummaryThe summary of the health event's Previous Status.
    Previously UpdatedThe date and time at which Tenable Vulnerability Management previously updated the event before the Last Updated date and time.