PlexTrac supports importing files from Nessus in XML Export 2.0 or Nessus file formats. Nessus scans vulnerabilities on various assets, including servers, network devices, virtual machines, and endpoints. It identifies vulnerabilities and configuration issues that attackers could exploit and provides detailed reports on these findings.
Below are the field mappings from Nessus to PlexTrac, broken up by findings and assets.
Tables include the following columns:
Nessus Field: the field name in Nessus
Direction: displays the direction in the flow of data occurring for the integration
PlexTrac Field: the field name in PlexTrac
Notes: Additional information on the business rules
Below are the mappings of fields. If a field is not listed, PlexTrac does not currently import it.
Below are the mappings of fields and any notes to provide context. If a field is not listed, PlexTrac does not currently import it.
When importing a Nessus file for the second time, assets that were previously closed will remain closed, even if their associated findings are open. PlexTrac currently supports reopening findings upon re-import but does not support reopening assets.
| Nessus Field | Direction | PlexTrac Field |
|---|---|---|
| Nessus Field | Direction | PlexTrac Field | Notes |
|---|---|---|---|
Plugin Id Name
-->
Finding Title
Plugin Id Description
-->
Finding Description
CVSS2
-->
CVSS Type
CVSS2 Base Score
-->
CVSS Score
CVSS2
-->
CVSS Vector
CVSS3
-->
CVSS Type
CVSS3 Base Score
-->
CVSS Score
CVSS3
-->
CVSS Vector
Synopsis
-->
Custom Field "Synopsis"
See Also
-->
Refrences
Solution
-->
Recomendations
Exploitable With
-->
Exploitable With
Known IP or FQDN
-->
Asset Name
If a FQDN value exists in Nessus, this populates both the asset and host_fqdn fields in PlexTrac.
If there is no FQDN value, the IP address from Nessus populates the asset and knownips fields.
If FQDN and IP address values exist in Nessus, the FQDN value populates both the asset and host_fqdn fields, and the IP address populates the knownips field.
Plugin Output
-->
Asset Evidence
Known Ip Addresses
-->
Known IP Addresses
NetBIOS Name
-->
NetBIOS Name
Operating System
-->
Operating System
Host RDNS
-->
Host RDNS
Total CVEs
-->
Total CVEs
Host FQDN
-->
Host FQDN
MAC Address
-->
MAC Address
Ports
-->
Affected Ports
Service
-->
Affected Ports
Protocol
-->
Affected Ports