This cookbook installs Tenable Nessus and does some initial setup. Currently it can enable the service and activate your feed subscription.
Tenable does not currently offer direct download of the Nessus installer so currently we have to rely on it being somewhere on the filesystem. This can be accomplished with another cookbook, shared directory, etc.
- installer_file - Where to find the installer file.
- enable - Boolean - Whether to enable/start the service
- activate - Boolean - Whether to activate the subscription
- activation_code - String - Nessus Feed activation code
Just include nessus in your node's run_list to install and start:
{
"name":"my_node",
"run_list": [
"recipe[nessus]"
]
}To activate as well:
{
"name":"my_node",
"run_list": [
"recipe[nessus]"
],
"default_attributes": {
"nessus":{
"installer_file":"/vagrant/installers/Nessus-*",
"activation_code":"FFFF-AAAA-BBBB-CCCC-DDDD"
}
}
}Will automatically be included if you configure a chef-vault item
with Nessus users.
{
"name":"my_node",
"run_list": [
"recipe[nessus]"
],
"default_attributes": {
"nessus":{
"installer_file":"/vagrant/installers/Nessus-*",
"activation_code":"FFFF-AAAA-BBBB-CCCC-DDDD"
"vault":"nessus",
"vault_users_item":"users"
}
}
}Creating the vault might look something like this:
bin/knife vault create nessus users \
'{"bob":"thebuilder","diego":"theDESTROYER"}' \
--search "role:some_role" \
--admin some_guy
With each pair being user:password.
- Fork the repository on Github
- Create a named feature branch (like
add_component_x) - Write your change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request using Github
Forked from Jason Rohwedder jro@risk.io