Adding a Nessus Completed Report Import with the XMLRPC API
A scheduled results import using the XMLRPC API enables completed vulnerability reports to be downloaded from the Nessus server.
JSA connects to your Nessus server and downloads data from any completed reports matching the report name and maximum report age filter. The Nessus XMLRPC API is available on Nessus servers and clients using software v4.2 - V5.x.
- Log in to JSA as an administrator.
- Click the Admin tab.
- Click the VA Scanners icon.
- Click Add.
- In the Scanner Name field, type a name to identify your Nessus server.
- From the Managed Host list, select the managed host from your JSA deployment that manages the scanner import.
- From the Type list, select Scheduled Completed Report Import - XMLRPC AP.
- In the Hostname field, type the IP address or hostname of the Nessus Server containing the vulnerabilities you want to retrieve with the Nessus XMLRPC API.
- In the Port field, type the port number the
The default API port value is 8834 .
- In the Username field, type the username required to access the Nessus server.
- In the Password field, type the password required to access the Nessus server.
- In the Report Name Pattern field, type a regular
expression (regex) required to filter the list of files specified
in the Remote Directory. All matching files are included in the processing.
By default, the Report Name Pattern field contains .* as the regex pattern. The .* pattern imports all nessus formatted result files in the remote directory.
- In the Max Reports Age (Days) field, type the
maximum file age for your scan results file.
Files that are older than the specified days and timestamp on the report file are excluded when the schedule scan starts. The default value is 7 days.
- To configure a CIDR range for your scanner:
In the text field, type the CIDR range you want this scanner to consider or click Browse to select a CIDR range from the network list.
- Click Save.