Nessus Parser V0.10
Nessus Parser v0.10 – This is a program to parse a series of Nessus XMLv2 files into a XLSX file. The data from the XML file is placed into a series of tabs to for easier review and reporting. New features with this edition are better reporting of policy plugin families, user account reporting, summary graphs, and a home page with summary data. For more information and questions please contact Cody Dumont from the NWN STAR team.
Email – cdumont”AT”nwnit.com and cody”AT”melcara.com
The Nessus parser requires some additional modules, they are:
• XML::TreePP;
• Data::Dumper;
• Math::Round;
• Excel::Writer::XLSX;
• Data::Table;
• Excel::Writer::XLSX::Chart;
To use the Nessus Parser simply install Perl and the modules above. Then change directory to the folder where the Nessus XMLv2 data files are stored. The enter the following command “perl parse_nessus_xml.v10.pl .” The “.” means the current directory. The parser looks in the directory passes as the command line argument and searches for XML files. Then parses through each file. Once the data from each file is collected, the parser will put the data into the XLSX file. Once the parser is finished there will be an XLSX file in the same folder passed earlier. Review the file and find the results of your Nessus scan.
I want to give a special thanks to John McNamara
parse_nessus_xml.v10.pl
Cody,
This is a great perl script and I appreciate you publishing it for the world. I did want to point out one thing that I noticed with the output.
On the “Home Worksheet” in the field “Total High Severity Vulnerability” it seems to count the number of hosts with high severity vulnerabilities and not the total of high vulnerabilities found in the scan. So I may have a host with multiple highs but only one high from that host is counted in that field. Could you please confirm and if confirmed post a fix?
Thanks!
Chris
You are correct, I will work on a fix for it and post it later this week.
Great script! i did notice a small issue im having when i moved from the .8 version, it seems if i try to parse results from a system that is part of a domain the script runs into issues and is not able to complete, does anybody else have this issue?
I have a newer version that might correct the issue, that just have not released jet, I will email it to you.
I was able to execute the script succesfully however, when I open the .xslx file is empty.
The options to save as file in nessus are .nessus or .nessus(v1), I am not able to save the file as xml v2 could be that the problem?.
thanks.
This is usually caused by the XML file not having any data. If you could send me the XML file I could tell you why it seems to fail.
I’m running into the same problem Gabriel is where the .xslx file contains no results. I’m certain the .nessus files I’m using contain data, most are around 10MB and I have over 40 files. I’m running nessus 4.4
From the Nessus documentation here are the export options I have tried with parse_nessus_xml.v10.pl
.nessus An XML-based format and the de-facto standard in Nessus
4.2 and later. This format uses an expanded set of XML
tags to make extracting and parsing information more
granular.
.nessus (v1) An XML-based format used in Nessus 3.2 through 4.0.2,
compatible with Nessus 4.x and Security Center 3.
I have a 53MB .nessus file from Nessus 4.4 and I am getting any data like Gabriel and Chris.
I like your xlsx format though…
@John
sorry – I meant NOT getting any data…
v13 worked like a charm – thank you!
Cody,
Any chance you can e-mail me v13? I hate the crappy reporting in SecurityCenter 4.
Thanks in advance!
The ver 14 is in the blog, and 15 will be out shortly.
Also let me know how the script works with SecurityCenter I have never tested that.
Cody,
Thanks for the response. However, I can’t get it to work. I get no data. SecurityCenter only allows NSR and nessus v1 export. I have tried both. I love the layout of the spreadsheet. Nicely done.
Yeah my script does not do the Nessus v1. The XML structure is totally different. If you have regular Nessus you can import the v1 and the export the v2. Then run my script.
The v1 format would require a completely different preprocessing of the data.
Cody,
Thanks for the workaround but that is way to much effort for a report. After all, SecurityCenter should really do a better job at reporting.
Compiled parse_nessus_xml.v18.pl so it can be portable parse_nessus_xml.v18.pl.exe I had to add PIE to the end because pp PAR::Packer does not include the types use Excel::Writer::XLSX::Chart::Pie;
Binary :
http://www.rmccurdy.com/scripts/parse_nessus_xml.v18.pl.exe
I dont see an option to export data as XML in nessus. Am I missing something?
The .nessus format is the XML format.