VMware Cloud Community
Dthompson04
Contributor
Contributor
‎09-28-2020 02:30 PM

How to Pull VCSA/ESXi 6.7 Audit Files for Tenable.SC

Hello all, I'm looking for assistance on how to pull "Audit Files" for VCSA and ESXi 6.7 systems.  We are required to upload these files to Tenable.SC as discussed in the document in the link below.  I know how to setup the scans, but I can't find the methods of pulling and downloading the files.

We are running a virtual VCSA 6.7 managing a number of ESXi 6.7 hosts.

Up until SecurityCenter 5.13 was available a scan could not be completed on a 6.5 or newer vSphere device so I'm still looking to be able to resolve this capability.  See link below.

Tenable Community

0 Kudos
2 Replies
ashilkrishnan
VMware Employee
VMware Employee
‎09-28-2020 08:28 PM

Hi

Not sure if these audit files are from VMware. I came across following documents from Tenable:

https://www.tenable.com/downloads/configuration-audit-policies

https://docs.tenable.com/nessus/compliancechecksreference/Content/VMwareCheckTypes.htm

Compliance and audit home page --> https://www.tenable.com/downloads/audit

Hope that helps.

0 Kudos
Dthompson04
Contributor
Contributor
‎09-29-2020 08:05 AM

If you look at the link below the process is to download an audit file from the VMware device and upload it to Tenable.SC to be scanned.

Tenable Community

[Unnecessary copy/paste of text from link removed by moderator]

I've checked with the two help desks for this software, but they say that I have to get with VMware on how to download (Audit Files) from specific vendor devices.

0 Kudos