INFORMATION

Tenable has made documentation available for writing custom audit policies as well as several command line tools and very detailed example policies. In most cases, Tenable customers have been able to use the default audit policies and remove unneeded tests. In cases where more detail is needed than the current example tests, Tenable has documented examples for each type of Unix and Windows audit point. These can be modified with values that are in line with your organization’s configuration guidelines.

NOTE: Technical Support Engineers cannot directly support custom audit files. Support is available for bugs or other issues with specific functions or calls. See Support for custom audit files, plugins, and API scripts for more information.

DETAILS

The following are links to Tenable documentation on Compliance checks.

The Audits Portal - This site allows you to search our audit file database from a convenient interface.

Nessus Compliance Checks - This paper discusses how to configure Nessus to perform these audits and how Tenable's SecurityCenter can be used to manage and automate this process.

Nessus Compliance Checks Reference - This document describes the syntax used to create custom .audit files that can be used to audit the configuration of Unix, Windows, database, SCADA, IBM iSeries, and Cisco systems against a compliance policy as well as search the contents of various systems for sensitive content.