Giters

billyJoePiano / TenaPull

TenaPull is a configurable Java application which fetches and processes the data from one or more Nessus APIs, and converts it into JSON ouputs that are usable by Splunk

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

javanessussecuritysplunk

TenaPull: Processing Nessus Data for Splunk

The Problem

Nessus is a powerful vulnerability scanning app which helps to identify security vulnerabilities on networks, devices, and servers. Many CyberSecurity and Technology Services teams who utilize Nessus also use Splunk, a NoSQL database designed for logging machine-generated data. Previously, there was a Python script which transferred data from the Nessus API into Splunk. However, this Python script no longer works, and so Nessus data is effectively inaccessible to most of the people in any organization which uses Splunk for data storage. Often technology service teams beyond just Security -- including Desktop Engineering, Server Teams, and Help Desks, among others -- would benefit from Nessus data.

The Solution

TenaPull is a configurable Java application which fetches and processes the data from one or more Nessus APIs, and converts it into JSON ouputs that are usable by Splunk, and possibly by other NoSQL databases. TenaPull uses a MySQL database with the Hibernate ORM for its local cache of data, Jackson for serialization/deserialization, and the Jersey client to reach the Nessus API.

For a complete demonstration, click the below picture which will take you to a YouTube video.

Demo video

Resources

TenaPull Documentation

Tenable / Nessus

Importing a custom Certificate Authority into Java

About

TenaPull is a configurable Java application which fetches and processes the data from one or more Nessus APIs, and converts it into JSON ouputs that are usable by Splunk

javanessussecuritysplunk

Languages

Language:Java 99.6%Language:Shell 0.2%Language:JavaScript 0.2%