Nitin, Glad you figured it out. I didn't realize you only needed it in XML format.
I have found the NBE format to be more flexible overall (e.g., if you need to quickly grep something out of a report), and you can convert it into any other format, so I always generate the NBE file first and then convert it (using NessusClient -i ... -o ...) to the format I really want (or to multiple formats). NBE files are also easy to filter you can easily grep -v 'Security Note' and 'Security Warning' findings out if the file, then generate an HTML report with just security holes (though you can do the same thing with an XML file using a good parser). John -----Original Message----- From: Shingari, Nitin V. <[EMAIL PROTECTED]> To: John Scherff; [email protected] <[email protected]> Sent: Wed Jan 24 23:38:33 2007 Subject: RE: Periodic Scan with nessus? Hi, I could find the problem. .. The problem was when result is generated in .nbe format the scanner list & plugin list information is not reported in it. Now I generated report directly into .xml format and the scanner, plugin & version info. is coming in it. $NCMD –c $NCONFIG –T xml –xq $NHOST $NPORT $NUSER $NPASS $NTARGET $NRESULT Thanks to all of you & John… Regards Nitin Shingari [EMAIL PROTECTED] ________________________________ From: Shingari, Nitin V. Sent: Thursday, January 25, 2007 11:47 AM To: 'John Scherff' Cc: '[email protected]' Subject: RE: Periodic Scan with nessus? Hi john, I configured as per your suggestion but my report is not coming accurate. Below is what is missing: <info> <!-- no version information found --> </info> <config> <global> </global> </config> <plugins> <error txt="No scanners list."/> <error txt="No plugins list."/> </plugins> <results> <result> What could be wrong?? Regards Nitin ________________________________ From: John Scherff [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 16, 2007 12:29 AM To: Shingari, Nitin V.; [email protected] Subject: RE: Periodic Scan with nessus? Nitin: Use a cron job. The below instructions assume you have Nessus Server 3.0.4 and NessusClient installed on a *nix box in the default locations. It will generate both an NBE file and an HTML report every month at Midnight on the first Sunday, over-writing the result file and report from the previous month. Step 0: create a directory structure similar to the following (just an example… create it however/wherever you want): /opt/Nscans/configs – to hold configuration stuff /opt/Nscans/targets – to hold scan target files /opt/Nscans/scripts – to hold scripts you write /opt/Nscans/results – to hold raw scan results (NBE files) /opt/Nscans/reports – to hold scan reports (e.g., HTML files) Step 1: create a file (e.g., /opt/Nscans/targets/prod_servers.txt) containing the targets you want to scan, each separated by a newline; for example: 192.168.1.2-192.168.1.254 192.168.2.129-192.168.1.254 Myhost.myorg.com 192.168.3.75 Step 2: copy an existing .nessusrc file (usually found somewhere under $HOME/.nessus) to /opt/Nscans/configs/prod_servers.cfg, tweak it as desired. Step 3: Create a nessus user and password using /opt/nessus/sbin/nessus-adduser (e.g., Nscan_User / N5c4n_U53r) Step 4: create a script named (for example) prod_servers.sh in /opt/Nscans/scripts: #!/bin/sh NCMD=/usr/local/bin/NessusClient NHOST=myhost.myorg.com NPORT=1241 NUSER=Nscan_User NPASS=N5c4n_U53r NCONFIG=/opt/Nscans/configs/prod_servers.cfg NTARGET=/opt/Nscans/targets/prod_servers.txt NRESULT=/opt/Nscans/results/prod_servers.nbe NREPORT=/opt/Nscans/reports/prod_servers.html $NCMD –c $NCONFIG –T nbe –xq $NHOST $NPORT $NUSER $NPASS $NTARGET $NRESULT $NCMD –i $NRESULT –o $NREPORT Step 5: Create a crontab entry similar to the following (this will run the scan at midnight on the first Sunday of every month): 00 00 * * Sun [`date +\%d` -lt 8] && /opt/Nscans/scripts/prod_servers.sh Note: You will have to do something to keep the copied nessusrc file up-to-date with current plugins. George Theall's update-nessusrc perl script is a good choice, and he keeps it current. John Scherff Sr. IT Security Analyst 24 Hour Fitness ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shingari, Nitin V. Sent: Sunday, January 14, 2007 7:29 PM To: [email protected] Subject: Periodic Scan with nessus? Hi folks, How we can set nessus to do periodic scan and save report in specific folder after every scan with specific name and overwrite existing report? Warm Regards Nitin Shingari [EMAIL PROTECTED]
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
