After looking at some of the other products, I'm really beginning to wonder about writing my own front end. It's been a while since I have done much programming and I never really was a programmer, but perhaps this will give me the incentive to get involved in that again.
My question is, is there anything that documents the format of the nbe files? I have tried pulling them into Excel and Access, but unfortunately, the format does not make a lot of sense. But, if this information is documented, that would simply the task of creating our own reports. After looking over the notes for your recent script, maybe the easiest way to create a better report would be to just change the order of the devices in the nbe file. I knew that Nessus could save files in a number of formats, which is great, but unfortunately, there is only one option for each format. Of course, if I could change the order of the devices in the nbe file, perhaps that would help the final format of the reports. I guess I will need to do some more investigating. If I decide to develop something myself, though, I will have to make sure I offer it to the community for other people who have the same problem. Steve -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of George Theall Sent: Wednesday, January 14, 2004 8:54 PM To: [EMAIL PROTECTED] Subject: Re: Nessus reporting On Wed, Jan 14, 2004 at 02:47:06PM -0600, Steven A. Fletcher wrote: > Unfortunately, none of us are very happy with the reports that Nessus > generates, especially with regards to sorting. I have looked at > nessQuick ... > I have also looked at the web interface from Inprotect, There are at least two other front-ends to Nessus that alter the supplied report formats -- NessusPHP and NessusWeb. Neither seems to have seen much activity lately but might still meet your needs. Also, you might want to look into the NBE format. For example, with it you can separate results on a specific plugin that tests for, say, the latest worm of the week from other less interesting results that might otherwise be included because of the need to check for dependencies. Or you can pull apart results of one scan and generate a single report for each host. By the way, since the unix-based nessus client readily converts NBE output to other formats (eg, HTML, XML, plaintext, etc), you're not stuck with just NBE output. [If you're curious, I documented these tasks as part of a filter I just wrote to convert session data to NBE; check it out at <http://www.tifaware.com/perl/sd2nbe/>.] George -- [EMAIL PROTECTED] _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
