Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Adding a Nessus Live Scan with the XMLRPC API

 

JSA can use the XMLRPC API to start a pre-configured scan that is based on a scan name and optional policy name on the Nessus server.

To start a live scan from JSA, you must specify the scan name and the policy name for the live scan data you want to retrieve. As the live scan progresses, you can point your mouse over the Nessus scanner in the Scan Scheduling window to view the percentage of the live scan that is complete. After the live scan reaches completion, JSA uses the XMLRPC API to retrieve the scan data and update the vulnerability information for your assets.

The Nessus XMLRPC API is only available on Nessus servers and clients with software v4.2 to v5.0.

  1. Click the Admin tab.
  2. Click the VA Scanners icon.
  3. Click Add.
  4. In the Scanner Name field, type a name to identify your Nessus scanner.
  5. From the Managed Host list, select the managed host from your JSA deployment that manages the scanner import.
  6. From the Type list, select Nessus Scanner.
  7. From the Collection Type list, select Scheduled Live Scan - XMLRPC API.
  8. Configure the following parameters:

    Parameter

    Description

    Hostname

    The IP address or host name of the Nessus server.

    Port

    The port number the Nessus server.

    Username

    The user name that is required to access to access Nessus server

    Password

    Your Nessus server password must not contain the exclamation mark (!) character or authentication failures can occur over SSH.

    Scan Name

    The name of the scan you want displayed when the live scan runs on the Nessus server.

    If this field is clear, the API attempts to start a live scan for JSA Scan. This field does not support by using the ampersand (&) character in this field.

    Policy Name

    The name of a policy on your Nessus server to start a live scan.

    The policy must exist on the Nessus server when the system attempts to start the scan. If the policy does not exist, an error is displayed in the Status column. Systems can have custom policy names, but several default policy names are included. External Network Scan, Internal Network Scan, Web App Tests, Prepare for PCI DSS audits are default policy names.

  9. To configure a CIDR range for your scanner:

    1. In the text field, type the CIDR range that you want this scanner to consider or click Browse to select a CIDR range from the network list.

    2. Click Add.

  10. Click Save.

Related Documentation