# Nessus
PlexTrac supports importing files from **Nessus** in XML Export 2.0 or Nessus file formats. Nessus scans vulnerabilities on various assets, including servers, network devices, virtual machines, and endpoints. It identifies vulnerabilities and configuration issues that attackers could exploit and provides detailed reports on these findings.
## Field Mappings
Below are the field mappings from Nessus to PlexTrac, broken up by findings and assets.
Tables include the following columns:
* **Nessus Field:** the field name in Nessus
* **Direction:** displays the direction in the flow of data occurring for the integration
* **PlexTrac Field:** the field name in PlexTrac
* **Notes:** Additional information on the business rules
### Finding Field Mappings
Below are the mappings of fields. If a field is not listed, PlexTrac does not currently import it.
| Nessus Field | Direction | PlexTrac Field |
|---|
| Plugin Id Name | --> | Finding Title |
| Plugin Id Description | --> | Finding Description |
| CVSS2 | --> | CVSS Type |
| CVSS2 Base Score | --> | CVSS Score |
| CVSS2 | --> | CVSS Vector |
| CVSS3 | --> | CVSS Type |
| CVSS3 Base Score | --> | CVSS Score |
| CVSS3 | --> | CVSS Vector |
| Synopsis | --> | Custom Field "Synopsis" |
| See Also | --> | Refrences |
| Solution | --> | Recomendations |
| Exploitable With | --> | Exploitable With |
### Asset Field Mappings
Below are the mappings of fields and any notes to provide context. If a field is not listed, PlexTrac does not currently import it.
{% hint style="info" %}
When importing a Nessus file for the second time, assets that were previously closed will remain closed, even if their associated findings are open. PlexTrac currently supports reopening findings upon re-import but does not support reopening assets.
{% endhint %}
| Nessus Field | Direction | PlexTrac Field | Notes |
| ------------------ | :-------: | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Known IP or FQDN | --> | Asset Name | If a FQDN value exists in Nessus, this populates both the asset and host\_fqdn fields in PlexTrac.
If there is no FQDN value, the IP address from Nessus populates the asset and knownips fields.
If FQDN and IP address values exist in Nessus, the FQDN value populates both the asset and host\_fqdn fields, and the IP address populates the knownips field.
|
| Plugin Output | --> | Asset Evidence | |
| Known Ip Addresses | --> | Known IP Addresses | |
| NetBIOS Name | --> | NetBIOS Name | |
| Operating System | --> | Operating System | |
| Host RDNS | --> | Host RDNS | |
| Total CVEs | --> | Total CVEs | |
| Host FQDN | --> | Host FQDN | |
| MAC Address | --> | MAC Address | |
| Ports | --> | Affected Ports | |
| Service | --> | Affected Ports | |
| Protocol | --> | Affected Ports | |
