Skip to content

goubx/Agent-Based-Monitoring-Linux

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 

Repository files navigation

Agent-Based-Monitoring-Linux

I will demonstrate how to set up and run local agent-based scans on tenable.io for Windows devices.

Requirements for this Lab

  • Azure
  • Ubuntu Server 22 VM
  • Tenable.IO

After creating a Linux virtual machine, I will now show you how to create a local-based agent to scan my Linux device. The purpose of this is that in work settings, employees are given devices to work on outside of the office. Instead of having to manually check all of those devices, I can set up an agent that does a self-assessment on the device it's installed on.

1. While my VM is booting up, I will log onto Tenable.

Now I'm gonna create the Agent Group

Agent groups are used to organize and manage the agents linked to your account. Each agent can be added to any number of groups, and scans can be configured to use these groups as targets.

Go to:

  • Settings
  • Sensors
  • Nessus Agents
  • Agent Groups

Agent Group created


As you can see, the Agent Group above was created.

2. Next, I'm going to create a Basic Agent Scan

  • Go to Scanner
  • Press New Scan
  • Press the Nessus agent
  • Then select the Basic Agent Scan Template

This is what it looks like when you get there.

Agent Group created


Configurations:

  • I selected the group I created in the "agent groups" section.
  • Then I named the scan
  • For the Scan Type, I am selecting a triggered scan so that when a filename I select ends up in the directory, & the agent discovers it, it will know it's time to scan.

For this scenario, the key file will be

goub.txt

I will now leave the scan as is and save it.

Now it's time to log into the Virtual Machine from Terminal.

Agent Group created


To SSH into the Linux computer, the command is

ssh username@publicIP , then enter the password of the computer

As you can see, I have successfully SSH'd into the VM.

Agent Group created


I am now going back to Tenable to add the Nessus Agent.

Copy and paste this command from settings in Tenable. This is the code that will be used to install the agent on the VM.

  • Settings
  • Sensors
  • Nessus Agents
  • Linked Agents
  • Look at the instructions for installing the Agent on Windows Platforms

It should appear on the right side of the screen.

Agent Group created


Copy and paste the command as seen:

curl -H 'X-Key: 58aab372289ac80911e4c5ad40a07b23b5524319f9ff5c010aa50ec625ccf389' 'https://sensor.cloud.tenable.com/install/agent?name=agent-name&groups=agent-group' | bash

I know have to edit the command to match my machines so it properly knows what to scan.

After editing, the new command should read

curl -H 'X-Key: 58aab372289ac80911e4c5ad40a07b23b5524319f9ff5c010aa50ec625ccf389' 'https://sensor.cloud.tenable.com/install/agent?groups=Linux-Agent-Goub' | bash

  • I removed the agent name, since we only have 1 VM in the group. As long as I include the agent group name, it will scan all devices in that group.

I now have to open up the root shell in terminal

The command is

sudo -i <br / To confirm I'm in the root, I will use the ID command

Agent Group created


It should look like this after finishing. Now I will copy and paste the command to install the agent.

After you enter the command, the Nessus agent should begin installing. It will look like this

Agent Group created


After finishing, it looked like this with confirmation "The Nessus Agent is now linked to sensor.cloud.tenable.com

Now it's time to create the file name. I named the trigger file "goub.txt" to begin the scan.
The command for this is:

touch /opt/nessus_agent/var/nessus/triggers/goub.txt

As you can see below, the file is now in the trigger folder. I will keep checking until the file disappears. This will confirm that the scan has begun.

Agent Group created


To check the status, I can also use the command below

sudo systemctl status nessusagent.service

Now I just have to wait for the scan to commence and wait for the results.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors