problem when to run Nessus-ES

[Pouriaks]

Hi dear
I installed nesses on Ubuntu 20.0.4 and ran Elasticsearch on another node and the command on my system.
I ran your code on my pc (windows10 ,powershell 7)
is my command is true ? (Nessus_File_Download_Location)
I do not understand these (-Nessus_Archive_Folder_Name , Export_Scans_From_Today , Export_Day)

.\Invoke-NessusTo-Elastic.ps1 -Nessus_URL "https://192.168.4.59:8834" -Nessus_File_Download_Location "D:\result-nessus" -Nessus_Access_Key "redacted" -Nessus_Secret_Key "redacted" -Nessus_Source_Folder_Name "/opt/nessus/var/nessus/users/Nessus/reports/" -Nessus_Archive_Folder_Name "Archive-Ingested" -Export_Scans_From_Today "false" -Export_Day "01/11/2024" -Export_Custom_Extended_File_Name_Attribute "scan" -Elasticsearch_URL "http://192.168.100.169:9200" -Elasticsearch_Index_Name "logs-nessus.vulnerability" -Elasticsearch_Api_Key "redacted:redacted"

---

And other questions is that i dont have the value that you mentioned as _scanner1 in (Export_Custom_Extended_File_Name_Attribute)

[nicpenning]

This looks good! What error are you seeing?

[nicpenning]

Breaking down your command I think I see your issue, here is what is happening at the surface level:

.\Invoke-NessusTo-Elastic.ps1 Starting Script
This looks good

-Nessus_URL "https://192.168.4.59:8834/" This is the URL of your Nessus scanner. Also the / at the end of the URL won't work. See the example in the script.
This is a problem and the script will never work

-Nessus_File_Download_Location "D:\result-nessus" This appears to be a Windows device and you want files exported from Nessus to this directory
This looks good

-Nessus_Access_Key "redacted" This is your Nessus Access key. I recommend redacting these keys in the future.
This looks good

-Nessus_Secret_Key "redacted" This is your Nessus Secret key. I recommend redacting these keys in the future.
This looks good

-Nessus_Source_Folder_Name "/opt/nessus/var/nessus/users/Nessus/reports/" This is the Nessus source Folder name that should be found in the UI when you log into Nessus. By default this is My Scans. You put a directory here, so this will not work This is a problem and the script will never work

-Nessus_Archive_Folder_Name "Archive-Ingested" This is another Nessus folder name in the UI where you want the scans to go. If this is not created, you will need to create it before the scans can be moved from the source folder name to this folder after files get exported.
This looks good if you have this folder created in the Nessus UI.

-Export_Scans_From_Today "false" This telling the script to only export scans from today, which you are not.
This looks good

-Export_Day "01/11/2024" This is the day you want to export all scans from.
This looks good

-Export_Custom_Extended_File_Name_Attribute "scan" This is what gets added to the end of the scan name when it is exported locally. In your case to D:\result-nessus and your scan name will end with _scan
This looks good, but is not required

-Elasticsearch_URL "http://192.168.100.169:9200/" This is the URL for where your Nessus data needs to be ingested. Make sure you run the setup step 0 before exporting your Nessus scans for ingest! Also the / at the end of the URL won't work. See the example in the script.
This is a problem and the script will never work

-Elasticsearch_Index_Name "logs-nessus.vulnerability" This is the index name/data stream that will be used. This is the default so you don't need this setting.
This looks good, but is not required

-Elasticsearch_Api_Key "redacted:redacted" This is supposed to be the API key for Elasticsearch. This is an incorrect format and needs to be Base 64 encoded. Having the ID:Key format will not work. Also, do not share API keys either as they are secret keys.
This is a problem and the script will never work

[nicpenning]

Closing since there has been no response in the last 30 days.