====Nessus Agent Installation====

===What are Nessus Agents===
Nessus Agents are lightweight client programs that are installed locally on a host. Agents collect
vulnerability, compliance, and system data and report that information back to a Tenable Security
Center. 

Agents run under the local SYSTEM account in Windows or root on Linux-based operating systems,
and do require sufficient privileges to install software under that account on setup. Nessus Agents are
packaged for installation on their respective platforms, and after installation, a scriptable command can
be used to register the agent with an instance of Nessus Cloud or Tenable Security Center. 

===Nessus Agent Configuration Attributes===
Download the appropriate agent installer for your operating system/platform from this link.
http://www.tenable.com/products/nessus/agent-download

During installation, use the following options/attributes to link your agent to the UTK Tenable
Security Center Vulnerability Management System:
  * server=''cloud.tenable.com:443'' (or server=''cloud.tenable.com'' and port=443) 
  * key=''3b94865460bc6e1c7207ad6b203841288306f77d266a83b227dd2b85e2e815b7''
  * group name=''UTK_EECS''

=== Linux Agent Installation ===
When downloading the Tenable Nessus client for Linux as a ''.deb'' (Debian, Ubuntu, etc.) or .rpm (Red Hat, Fedora, etc.) file, you will need to configure it after installation and enable the Nessus Agent service. The command you will need to use is ''/opt/nessus_agent/sbin/nessuscli''.
  - Check the agent status. It will likely be unlinked:<file>~> sudo /opt/nessus_agent/sbin/nessuscli agent status

Running: Yes
Linked to: None
Link status: Not linked to a manager
Last successful connection with controller: 853 secs ago
Proxy: None
Plugin set: 202402291358
Scanning: No (0 jobs pending, 0 smart scan configs)
Scans run today: 1 of 10 limit
Last scanned: 1709293069
Last connect: 1709307141
Last connection attempt: 1709307141</file> You should see ''Linked to: None''. If you agent is already linked to cloud.tenable.com, you will need need to do anything else.
  - Link the agent to Tenable's cloud and the UTK_EECS group. See the above list for the currently correct parameters:<file>~> sudo /opt/nessus_agent/sbin/nessuscli agent link \
        --key=3b94865460bc6e1c7207ad6b203841288306f77d266a83b227dd2b85e2e815b7 \
        --host=cloud.tenable.com \
        --port=443 \
        --groups=UTK_EECS

[info] [agent] Successfully linked to cloud.tenable.com:443</file>
  - The ''nessuscli agent status'' should now show a properly linked agent: <file>~> sudo /opt/nessus_agent/sbin/nessuscli agent status

Running: Yes
Linked to: cloud.tenable.com:443
Link status: Connected to cloud.tenable.com:443
Last successful connection with controller: 95 secs ago
Proxy: None
Plugin set: 202402291358
Scanning: No (0 jobs pending, 0 smart scan configs)
Scans run today: 1 of 10 limit
Last scanned: 1709293069
Last connect: 1709308242
Last connection attempt: 1709308242</file>
  - Make sure that the Nessus Agent is running and configured to start at boot time. For most Linux systems, this will be done via the ''systemctl'' command:\\ ''sudo systemctl enable nessusagent.service ; sudo systemctl start nessusagent.service''\\ If your system does not use ''systemd'' for daemon management, please see your Linux distribution's documentation.