There is no firewall blocking rules (tested with telnet and curl), but logstash throws the following error and nothing else:
Requests Library Error: ('Connection aborted.', ConnectionResetError(104, 'Connection reset by peer'))
I tried to connect to nessus both through login/password and access/secret key. The error is the same. Also seems like api access to the specified account is not disabled, so I am stuck now

5 days later

Hi,
We would like more detail information.
Could you run command below:

curl -XGET '127.0.0.1:9200/tenable/_search?q=' -u user:password

You will send me result please.

Hello,
We still waiting for answer for you.
We are the same time did deep analise and you can connect ELS to tenable.sc.
If you want connect directly to Nessus you can't.

Below screen from ELS with tenable.sc

Hi,
there is no index called just tenable, but tenable-2024.04 so I put it on my curl request
[root@siem_els ~]# curl -XGET '127.0.0.1:9200/tenable-2024.04/_search?q=' -u logserver
Enter host password for user 'logserver':
{"took":6,"timed_out":false,"_shards":{"total":2,"successful":2,"skipped":0,"failed":0},"hits":{"total":{"value":0,"relation":"eq"},"max_score":null,"hits":[]}}

Here what I see in discover

Hi,

Could you check set variable base_url from file main.py ?

Should be for example only IP:
base_url ="192.168.0.101"

The IP address in this variable is set correctly, I checked it twice

8 days later
Write a Reply...