This scanner takes the following parameters:
- --policy
- Name of policy or template to use for this scan
- --hosts
- Specification of hosts to scan. Follows the Tenable.io rules for specifying hosts, or path to a file containing such specification
- --accesskey
- API access key to log into Tenable.io. You can generate this key via Settings->My Account->API-Leys (https://cloud.tenable.com/app.html#/settings/my-account/api-keys)
- --secretkey
- API secret key to log into Tenable.io. (See accesskey)
- --scanner
- Name of the scanner to use for this scan.
- --api
- Can be used to overwrite the url of the Tenable.io API
- --export
- Export the scan in these formats (specify more then once for more formats), currently supported formats are: nessus, html, pdf, csv, db.
- --nosslcheck
- Don't validate Tenable.io' TLS certificate Common Name (default: true when port is 8834 false when port is 443)
- --retries
- How many times should rest calls be retried before aborting the scan (default=3)
- --sleep
- Seconds to sleep between polls of the Tenable.io engine (default=30)
You must use --hosts @HOSTS
- $HOSTS is subsituted with the contents of the host field
- @HOSTS is subsituted with the path of a file containig the hosts field
- $WORSKPACE is subsituted with the workspace name
- $SCAN is substituted with the scan name
- $PASSWORD is substituted with the value in the password field