Nessus report upload issue

[ghost]

Hi, I'm trying to upload a nessus report through VulntoES. This is command that i run: python VulntoES.py -i name.nessus -e 127.0.0.1 -r nessus -I nessus_report

The response is the follow:

Traceback (most recent call last): File "VulntoES.py", line 433, in main() File "VulntoES.py", line 415, in main np = NessusES(in_file,es_ip,es_port,index_name, static_fields) File "VulntoES.py", line 56, in init self.es.indices.put_mapping(index=index_name, doc_type="vuln", body=json.dumps(vulnmapping)) File "/usr/local/lib/python2.7/dist-packages/elasticsearch/client/utils.py", line 76, in _wrapped return func(*args, params=params, **kwargs) File "/usr/local/lib/python2.7/dist-packages/elasticsearch/client/indices.py", line 271, in put_mapping '_mapping', doc_type), params=params, body=body) File "/usr/local/lib/python2.7/dist-packages/elasticsearch/transport.py", line 314, in perform_request status, headers, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout) File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/http_urllib3.py", line 161, in perform_request self._raise_error(response.status, raw_data) File "/usr/local/lib/python2.7/dist-packages/elasticsearch/connection/base.py", line 125, in _raise_error raise HTTP_EXCEPTIONS.get(status_code, TransportError)(status_code, error_message, additional_info) elasticsearch.exceptions.RequestError: TransportError(400, u'mapper_parsing_exception', u'No handler for type [string] declared on field [svcid]')

best regard

[infsy]

I confirm this issue, have the same !

Our Nessus version is 7.0.0 and ElasticSearch is 6.1.0.

Regards

[splendid12]

Hi I am also having some issues

running the Elastic search version 5.6.8 and Nessus version 7.0.2

below is the output, can anyone provide some advise?

Thanks in advance...

python VulntoES.py -i netgear.nessus -e 127.0.0.1 -r nessus -I nessus_report Sending Nessus data to Elasticsearch Traceback (most recent call last): File "VulntoES.py", line 433, in main() File "VulntoES.py", line 415, in main np = NessusES(in_file,es_ip,es_port,index_name, static_fields) File "VulntoES.py", line 25, in init self.tree = self.importXML() File "VulntoES.py", line 63, in importXML return xml.parse(self.input_file) File "/usr/lib/python2.7/xml/etree/ElementTree.py", line 1182, in parse tree.parse(source, parser) File "/usr/lib/python2.7/xml/etree/ElementTree.py", line 657, in parse self._root = parser.close() File "/usr/lib/python2.7/xml/etree/ElementTree.py", line 1665, in close self._raiseerror(v) File "/usr/lib/python2.7/xml/etree/ElementTree.py", line 1517, in _raiseerror raise err xml.etree.ElementTree.ParseError: no element found: line 2109, column 34

[ach-eddine]

Hi All, after some search, elasticsearch changed its mapping, to fix the issue you need to change the vulnmapping properties in the code, you can find below the correction to made :) :

vulnmapping = { "properties": { "pluginName": { "type": "keyword", "fields": { "raw": { "type": "keyword" } } }, "ip": { "type": "ip", "fields": { "raw": { "type": "ip" } } }, "risk_factor": { "type": "keyword", "fields": { "raw": { "type": "keyword" } } }, "severity": { "type": "integer" }, "port": { "type": "integer" }, "pluginFamily": { "type": "keyword", "fields": { "raw": { "type": "keyword" } } }, "plugin_type": { "type": "keyword", "fields": { "raw": { "type": "keyword" } } }, "svc_name": { "type": "keyword", "fields": { "raw": { "type": "keyword" } } }, "svcid": { "type": "keyword", "fields": { "raw": { "type": "keyword" } } }, "synopsis": { "type": "keyword", "fields": { "raw": { "type": "keyword" } } }, "solution": { "type": "keyword", "fields": { "raw": { "type": "keyword" } } }, } } it's work fine for me, I hope it works for you too :)

Regards, Achraf