Jamf Nation Community

obi-k · ‎07-24-2023

Hi everyone,

Combing over articles, including this one: http://www.cainehorr.com/jamf-workflow-for-tenable-nessus-agent/.

Is anyone using an extension attribute that tells you what host the Nessus Agent is currently linked to? This way we can see if it's incorrectly linked to the wrong host in the EA, then send a policy to re-link the Macs to the right host.

Currently using the EAs below ok:

• Nessus Agent Installation Status

• Nessus Agent Service Status

• Nessus Agent version

Thank you!

jtrant · ‎07-25-2023

We're in the cloud so I have no way of verifying this works, but it might help:

if [ -e /Library/NessusAgent/run/sbin/nessus-service ]; then
  nessusHost=$( /Library/NessusAgent/run/sbin/nessuscli agent status | grep "Connected to" | awk '{print $5}' )
  echo "<result>$nessusHost</result>"
else
  echo "<result>Not Installed</result>"
fi

I hate blank EAs in Jamf inventory so tend to always make them conditional, but you don't need to do that if you don't want to.

View solution in original post

jtrant · ‎07-25-2023

We're in the cloud so I have no way of verifying this works, but it might help:

if [ -e /Library/NessusAgent/run/sbin/nessus-service ]; then
  nessusHost=$( /Library/NessusAgent/run/sbin/nessuscli agent status | grep "Connected to" | awk '{print $5}' )
  echo "<result>$nessusHost</result>"
else
  echo "<result>Not Installed</result>"
fi

I hate blank EAs in Jamf inventory so tend to always make them conditional, but you don't need to do that if you don't want to.

obi-k · ‎07-25-2023

@jtrant That worked! Very cool. It worked exactly what we needed. Thanks a lot!!! Will test some more but looks good.

Jamf Nation Community

Nessus Agent EA - What is the agent linked to?