Enhanced Logging for SMB in Tenable Scans - On Hold

*** UPDATE 20 JUN 2023 ***: As a temporary workaround, enhanced SMB debug logging has been reverted due to an internal impact on Cloud file transfer and storage. Once a long-term solution to this issue has been developed, enhanced SMB debug logging will be reintroduced. Both the rollback and the reintroduction will be provided via the plugin feed. No customer action is required for these changes.

Summary

Tenable products now have enhanced logging of SMB details for scans. When issues occur in SMB, we now have the ability to see better logging to help determine what went wrong.

Change

Each SMB library now includes meaningful logging when errors are encountered, as well as indicators about what functions are being executed and for what purpose.

Impact

Because there is a substantial amount of logging and a substantial amount of SMB communications against Windows targets (much higher traffic than SSH against Linux/Device targets), anyone enabling plugin debugging in a policy with Windows targets will see substantially more log files attached to their scans (thousands), additional scan time to allocate those, and additional DB size when exported. Customers not requiring these debug logs for getting assistance from Tenable should turn off plugin debugging when it is not needed. As a reminder, T.sc customers can only receive plugin debugging through Diagnostic Scans, and should not run those unless specifically needed.

Target Release Date

TBD