The update is here! Click Here to go to Power-Nessie, the update to this project.
For the maintained version of this project, please navigate to the link above. This project will be archived and set to read only. Thank you!
Ingest .nessus files from Tenable's Nessus scanner directly into ElasticSearch with most of the ECS mappings.
sequenceDiagram
PowerShell->>Nessus: Downloads .Nessus File(s) via Nessus API
Nessus->>PowerShell: .nessus File(s) Saved Locally
PowerShell->>Kibana: Dashboards, Index Templates and other Setup items
PowerShell->>Elasticsearch: Ingest Parsed XML Data via Elasticsearch API
With some careful setup of your Elastic stack and a little PowerShell you can turn your .nessus files into this:
The Nessus-ES project is a simplified way of taking .nessus files and ingesting them into Elastic using PowerShell on Windows, Mac, or Linux.
Requirements
- Functioning Elastic Stack (7.0+, 8.12.1 Latest Tested)
- PowerShell 7.0+ (7.4.1 Latest Tested)
- .nessus File(s) Exported (Script included to export these files!)
Script includes a Menu to help you through how you would like to use this tool:
- Index Template (How To)
- Index Pattern, Searches, Visualizations, and Dashboards
- ECS coverage across as many fields as possible
- Documentation (Wiki)
- Automated Nessus File Download Script
- Automated Elasticsearch Ingest
- Setup Script (Template, Objects, API, etc..)
- Add Detection Rules
- Compare Scans (New Data Stream)
- Automate/Implement Latest CISA KEVs (Feature Request)
Automated or Manual Download and Ingest capability - Check the Wiki!
Invoke-NessusTo-Elastic.ps1