Parse Nessus compliance and vulnerability information from the server or a .nessus file and pass it to Zabbix.
Can read both from cli (nessus2zabbix -h) or from config file (see example).
Can read from local .nessus file (-i ./path/to/file) or talk to the API of the server.
#use config file
python nessus2zabbix.py -c nessus2zabbix.config
note: using a config file overwrites ALL other cli arguments
#use cli with local nessus file and remote Zabbix server, compliance information only
python nessus2zabbix.py -i ./my_scan.nessus -t compliance -zs 192.168.1.30
#use cli with remote Nessus server (untrusted SSL certificate) and remote Zabbix server
python nessus2zabbix.py -ns 192.168.1.230 -nr "my_scan" -ni True -nk ./nessus_api.key.json.example -zs 192.168.1.30
-h, --help show this help message and exit
-i INPUT, --input INPUT
Input file in .nessus format
-zs ZABBIXSERVER, --zabbixserver ZABBIXSERVER
Zabbix server (Default: 127.0.0.1)
-zp ZABBIXPORT, --zabbixport ZABBIXPORT
Zabbix port (Default: 10051)
-t {both,vulnerability,compliance}, --type {both,vulnerability,compliance}
What type of result to parse the file for. (Default: Both)
-f, --fake Do everything but actually send data to Zabbix (Default: False)
-ns NESSUSSERVER, --nessusserver NESSUSSERVER
Nessus server (Default: 127.0.0.1)
-nr NESSUSSCANNAME, --nessusscanname NESSUSSCANNAME
The scan report to download
-np NESSUSPORT, --nessusport NESSUSPORT
Nessus server port (Default: 8834)
-nc NESSUSCAPATH, --nessuscapath NESSUSCAPATH
Nessus CA server path (Default: None)
-ni NESSUSINSECURE, --nessusinsecure NESSUSINSECURE
Allow insecure certificates for Nessus API connection (Default: False)
-nk NESSUSKEYFILE, --nessuskeyfile NESSUSKEYFILE
Nessus API key file for authentication (Default: ./nessus_api.key.json)
-nt NESSUSTMP, --nessustmp NESSUSTMP
Nessus tmp path to save exported file (Default: /tmp)
-nd, --nessusdeletetmp
Delete the downloaded file in the tmp directory after
parsing (Default: True)
-c CONFIG, --config CONFIG
Config file for script to read settings from.
Overwrites all other cli parameters!
cis.compliance.failed
cis.compliance.passed
cis.compliance.warning
nessus.policy.name
nessus.scan.name
nessus.date.latest.scan
vulnerability.critical
vulnerability.high
vulnerability.low
vulnerability.medium