/Power-Nessie

Ingest Nessus files into Elasticsearch using PowerShell!

Primary LanguagePowerShellMIT LicenseMIT

⚡Power-Nessie🦕

drawing

Ingest .nessus files from Tenable's Nessus scanner into Elasticsearch.

❔ Why the new repo?

This project has taken on it's own form due to the major changes from the original work: iwikmai/Nessus-ES. A huge thanks to the original creator of Nessus-ES as it has given me the foundation to begin learning how to ingest data into the Elastic stack programmatically. Thank you!

The old project that I had forked and made my changes to is now archived/read-only and may eventually be deleted nicpenning/Nessus-ES.

This new project comes with some new changes such as bug fixes, pipeline/mapping updates, and the new ability to do a patch summary from previously ingested Nessus scan data that contain the same hosts.

⚡Power-Nessie🦕

A way to ingest Nessus Scan data into Elasticsearch using PowerShell. Tracking vulnerabilities can be scary and overwhelming but this tool is designed to wrangle up those vulnerabilities into a manageable way.

As always, feel free to post issues / questions in this project to make it even better. Enjoy!

  sequenceDiagram
    PowerShell->>Nessus: Downloads .Nessus File(s) via Nessus API
    Nessus->>PowerShell: .nessus File(s) Saved Locally
    PowerShell->>Kibana: Dashboards, Index Templates and other Setup items
    PowerShell->>Elasticsearch: Ingest Parsed XML Data via Elasticsearch API
Loading

With some careful setup of your Elastic stack and a little PowerShell you can turn your .nessus files into this: image

The Power-Nessie project is a simplified way of taking .nessus files and ingesting them into Elasticsearch using PowerShell on Windows, Mac, or Linux.

Requirements

  • Functioning Elastic Stack (7.0+, 8.13.4 Latest Tested)
  • PowerShell 7.0+ (7.4.2 Latest Tested)
  • .nessus File(s) Exported (Power-Nessie can do this!)

Script includes a Menu to help you use Power-Nessie: image

Now

  • Index Template
  • Data View, Searches, Visualizations, and Dashboards
  • ECS coverage across as many fields as possible
  • Documentation (Wiki)
  • Automated Nessus File Download
  • Automated Elasticsearch Ingest
  • Setup Script (Template, Objects, API, etc..)

New

New Patch Summary Dashboard: image

Future

  • Add Detection Rules

Automated or Manual Download and Ingest capability - Check the Wiki!

Invoke-Power-Nessie.ps1

Full dashboard preview

full_preview_dashboard.mp4