Nessus Agent Installation
What are Nessus Agents
Nessus Agents are lightweight client programs that are installed locally on a host. Agents collect vulnerability, compliance, and system data and report that information back to a Tenable Security Center.
Agents run under the local SYSTEM account in Windows or root on Linux-based operating systems, and do require sufficient privileges to install software under that account on setup. Nessus Agents are packaged for installation on their respective platforms, and after installation, a scriptable command can be used to register the agent with an instance of Nessus Cloud or Tenable Security Center.
Nessus Agent Configuration Attributes
Download the appropriate agent installer for your operating system/platform from this link. http://www.tenable.com/products/nessus/agent-download
During installation, use the following options/attributes to link your agent to the UTK Tenable Security Center Vulnerability Management System:
- server=
cloud.tenable.com:443
(or server=cloud.tenable.com
and port=443) - key=
3b94865460bc6e1c7207ad6b203841288306f77d266a83b227dd2b85e2e815b7
- group name=
UTK_EECS
Linux Agent Installation
When downloading the Tenable Nessus client for Linux as a .deb
(Debian, Ubuntu, etc.) or .rpm (Red Hat, Fedora, etc.) file, you will need to configure it after installation and enable the Nessus Agent service. The command you will need to use is /opt/nessus_agent/sbin/nessuscli
.
- Check the agent status. It will likely be unlinked:
~> sudo /opt/nessus_agent/sbin/nessuscli agent status Running: Yes Linked to: None Link status: Not linked to a manager Last successful connection with controller: 853 secs ago Proxy: None Plugin set: 202402291358 Scanning: No (0 jobs pending, 0 smart scan configs) Scans run today: 1 of 10 limit Last scanned: 1709293069 Last connect: 1709307141 Last connection attempt: 1709307141
You should see
Linked to: None
. If you agent is already linked to cloud.tenable.com, you will need need to do anything else. - Link the agent to Tenable's cloud and the UTK_EECS group. See the above list for the currently correct parameters:
~> sudo /opt/nessus_agent/sbin/nessuscli agent link \ --key=3b94865460bc6e1c7207ad6b203841288306f77d266a83b227dd2b85e2e815b7 \ --host=cloud.tenable.com \ --port=443 \ --groups=UTK_EECS [info] [agent] Successfully linked to cloud.tenable.com:443
- The
nessuscli agent status
should now show a properly linked agent:~> sudo /opt/nessus_agent/sbin/nessuscli agent status Running: Yes Linked to: cloud.tenable.com:443 Link status: Connected to cloud.tenable.com:443 Last successful connection with controller: 95 secs ago Proxy: None Plugin set: 202402291358 Scanning: No (0 jobs pending, 0 smart scan configs) Scans run today: 1 of 10 limit Last scanned: 1709293069 Last connect: 1709308242 Last connection attempt: 1709308242
- Make sure that the Nessus Agent is running and configured to start at boot time. For most Linux systems, this will be done via the
systemctl
command:
sudo systemctl enable nessusagent.service ; sudo systemctl start nessusagent.service
If your system does not usesystemd
for daemon management, please see your Linux distribution's documentation.