Parsing Nessus Files

This topic contains 3 replies, has 3 voices, and was last updated by Profile photo of random commandline random commandline 4 months ago.

  • Author
    Posts
  • #62760
    Profile photo of Bobby
    Bobby
    Participant

    Hello,

    I am very new to PowerShell and learning mostly through the Month of Lunches book, which is great. I am trying to come up with a simple script to help me parse multiple Nessus CSV files that total around 2GB to pull out the information I need. I am trying to get a count of findings based on risk level per individual IP. For example my $mediumhost variable should display "hostIP, # of medium findings"

    Here is the code I have come up with. Please be gentle 🙂

    
    # Prompt for path to CSV file to parse
    
    $file = Read-Host -Prompt 'Input path to file'
    
    # Import CSV file to variable
    
    $all = import-csv $file
    
    # Create variable for totals of all risk count
    
    $lowall = $all | where {$_.risk -eq "low"}
    $mediumall = $all | where {$_.risk -eq "medium"}
    $highall = $all | where {$_.risk -eq "high"}
    $criticalall = $all | where {$_.risk -eq "critical"}
    
    # Create variable for risk count per host
    
    $lowhost = $lowall | select host,risk | sort
    $mediumhost = $mediumall | select host,risk | sort
    $highhost = $highall | select host,risk | sort
    $criticalhost = $criticalall | select host,risk | sort
    
    
  • #62761
    Profile photo of Ron
    Ron
    Participant

    What problem are you having? Nothing wrong is jumping out at me, except possibly a lack of output.

    • #62763
      Profile photo of Bobby
      Bobby
      Participant

      Currently the output of $mediumhost is showing

      Host Risk
      —- —-
      x.x.x.131 Medium
      x.x.x.134 Medium
      x.x.x.134 Medium
      x.x.x.134 Medium
      x.x.x.134 Medium
      x.x.x.134 Medium
      x.x.x.134 Medium
      x.x.x.134 Medium
      x.x.x.157 Medium

      I would like it to display the following:

      Host Risk
      —- —-
      x.x.x.131 1
      x.x.x.134 7
      x.x.x.157 1

  • #62766
    Profile photo of random commandline
    random commandline
    Participant
    # Prompt for path to CSV file to parse
    
    $file = Read-Host -Prompt 'Input path to file'
    # Import CSV file to variable
    $all = import-csv $file
    
    # Create variable for totals of all risk count
    $lowall = $all | Where-Object {$_.risk -eq "low"} | Group-Object -Property Host |
    Select-Object @{n='Host';exp={$_.Name}},@{n='Risk';exp={$_.Count}}
    
    $mediumall = $all | Where-Object {$_.risk -eq "medium"} | Group-Object -Property Host |
    Select-Object @{n='Host';exp={$_.Name}},@{n='Risk';exp={$_.Count}}
    
    $highall = $all | Where-Object {$_.risk -eq "high"} | Group-Object -Property Host |
    Select-Object @{n='Host';exp={$_.Name}},@{n='Risk';exp={$_.Count}}
    
    $criticalall = $all | Where-Object {$_.risk -eq "critical"} | Group-Object -Property Host |
    Select-Object @{n='Host';exp={$_.Name}},@{n='Risk';exp={$_.Count}}
    
    $lowall
    $mediumall
    $highall
    $criticalall
    

You must be logged in to reply to this topic.