Giters

Ar0xA / Nessus2Zabbix

Parse Nessus compliance and vulnerability information from the server or a .nessus file and pass it to Zabbix

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Nessus2Zabbix

Parse Nessus compliance and vulnerability information from the server or a .nessus file and pass it to Zabbix.

Can read both from cli (nessus2zabbix -h) or from config file (see example).

Can read from local .nessus file (-i ./path/to/file) or talk to the API of the server.

Example 1:

#use config file
python nessus2zabbix.py -c nessus2zabbix.config
note: using a config file overwrites ALL other cli arguments

Example 2:

#use cli with local nessus file and remote Zabbix server, compliance information only
python nessus2zabbix.py -i ./my_scan.nessus -t compliance -zs 192.168.1.30

Example 3:

#use cli with remote Nessus server (untrusted SSL certificate) and remote Zabbix server
python nessus2zabbix.py -ns 192.168.1.230 -nr "my_scan" -ni True -nk ./nessus_api.key.json.example -zs 192.168.1.30

Parameters:

-h, --help show this help message and exit

-i INPUT, --input INPUT
Input file in .nessus format

-zs ZABBIXSERVER, --zabbixserver ZABBIXSERVER
Zabbix server (Default: 127.0.0.1)

-zp ZABBIXPORT, --zabbixport ZABBIXPORT
Zabbix port (Default: 10051)

-t {both,vulnerability,compliance}, --type {both,vulnerability,compliance}
What type of result to parse the file for. (Default: Both)

-f, --fake Do everything but actually send data to Zabbix (Default: False)

-ns NESSUSSERVER, --nessusserver NESSUSSERVER
Nessus server (Default: 127.0.0.1)

-nr NESSUSSCANNAME, --nessusscanname NESSUSSCANNAME
The scan report to download

-np NESSUSPORT, --nessusport NESSUSPORT
Nessus server port (Default: 8834)

-nc NESSUSCAPATH, --nessuscapath NESSUSCAPATH
Nessus CA server path (Default: None)

-ni NESSUSINSECURE, --nessusinsecure NESSUSINSECURE
Allow insecure certificates for Nessus API connection (Default: False)

-nk NESSUSKEYFILE, --nessuskeyfile NESSUSKEYFILE
Nessus API key file for authentication (Default: ./nessus_api.key.json)

-nt NESSUSTMP, --nessustmp NESSUSTMP
Nessus tmp path to save exported file (Default: /tmp)

-nd, --nessusdeletetmp
Delete the downloaded file in the tmp directory after
parsing (Default: True)

-c CONFIG, --config CONFIG
Config file for script to read settings from.
Overwrites all other cli parameters!

Zabbix keys

cis.compliance.failed
cis.compliance.passed
cis.compliance.warning
nessus.policy.name
nessus.scan.name
nessus.date.latest.scan
vulnerability.critical
vulnerability.high
vulnerability.low
vulnerability.medium

About

Parse Nessus compliance and vulnerability information from the server or a .nessus file and pass it to Zabbix

Languages

Language:Python 100.0%