Thanks everyone!

I will have to wait until Tuesday to test everything out as I am home from work now (and Monday I am swamped at work). I am stuck with an old version of office. I do have both the Windows and Linux versions of Nessus (though the report is in Linux.

Best,

Matt



------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at ***@cenzic.com for details.
------------------------------------------------------------------------------

The nessus .nbe format is delimited by |

You can grep the timestamps and results into different files and import them separately if that makes it easier.

Just import into excel with | as the delimiter.

Now the annoying part, sometimes, the description of the vulnerability will include a | in it (as in TRACK|TRACE) and one or more that I'm aware of. You'll need to be aware of these and understand that this may throw your columns off a bit unless you can identify them and change the |'s that do not belong to something else (ie. &#124)

-off
------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at ***@cenzic.com for details.
------------------------------------------------------------------------------

Matthew,

You can save Nessus report in NBE format, which is "|" ( pipe) delimited.
Then you could either programmatically ( Perl, sed, etc. ) massage it into a CSV
format , and import into the Excel.

Another way of doing that is to create a script which will read a line
of the report ( NBE formatted )
and write it into the spreadsheet via Spreadsheet::WriteExecl Perl
module http://search.cpan.org/~jmcnamara/Spreadsheet-WriteExcel-2.16/lib/Spreadsheet/WriteExcel.pm

Yet another way is to import th report right from the Excel by
specifying "|" as a delimiter to your
workbook data source.

Regards,
-dimitry.
------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at ***@cenzic.com for details.
------------------------------------------------------------------------------

Will Nessus do comma (or some other char) delimited output? If so,
those are fairly trivial to import into a spreadsheet.

Cheers,
Phil
------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at ***@cenzic.com for details.
------------------------------------------------------------------------------

You can use the XML version of the Nessus report and just directly import it
into Excel (at least in 2003).

In Excel:
- Drop down the "Data" menu on the toolbar
- Point to "XML" then click "Import"
- Click "Ok" a couple times; all the results are imported nicely into Excel

You also can convert existing Nessus reports to XML if needed:
Report conversion:
nessus -i in.[nsr|nbe] -o out.[xml|nsr|nbe|html|txt]

Tate Hansen
ClearNet Security


-----Original Message-----
From: Matthew Webster [mailto:***@mindspring.com]
Sent: Friday, April 07, 2006 8:16 AM
To: pen-***@securityfocus.com
Subject: Nessus to Excel

I'm not a database guy and not good with XML. Does anyone know a good way
to transfer Nessus documents to Excel output? I need it to compare the
output from an outside company's scan (which is in Excel) in a quick
fashion. I do have a linux box and a windows box at my disposal. Any
ideas?




------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at ***@cenzic.com for details.
------------------------------------------------------------------------------

Hi Matthew,

Try to run this command on a Linux box, where test.nbe is your Nessus Report,
and it will generate a file nessus-out.csv which you can open with Excel.

$ grep test.nbe|cut -d"|" -f3,4,5,6|sort -k1|sed s/\|/,/g|perl -e 'while (<>)
{ print $_ if (/(.*\,){3}/)}' > nessus-out.csv

You can delete the cut command in order to get the complete report.

Hope it helps.

--
Regards,
FP
----- Original Message -----
From: "Matthew Webster" <***@mindspring.com>
To: <pen-***@securityfocus.com>
Sent: Friday, April 07, 2006 10:15 AM
Subject: Nessus to Excel
------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at ***@cenzic.com for details.
------------------------------------------------------------------------------

Well, The best I could do was export my report as csv.

You can use the NessusWX client i know, im not sure about the native client.

Thats nessus's weak point, its reporting.

I do know there are a few options out there for injecting your scans into
say a mysql DB, and crystal reports will interface with mysql.

Salve,

just a thing the other postings seem to not have covered. Or I'm the only
one to always have this problem :)

Some Descriptions have a "half-return" aka carriage return w/o linefeed (or
other way around. This is considered a end of line with excel and access.

So to prep the data for the import I use emacs to replace all "^M" to a
";", then the all lines get imported without problems.

And, btw, use access, it can do acts of magic on the raw data ;)

For a comparison of vuln-ass tools see:
http://www.vulnerability-assessment.de/doku.php
--
Mit freundlichen Grüßen

Christoph Puppe
Security Consultant


We secure your business.(TM)
_______________________________________________________

HiSolutions AG Phone: +49 30 533289-0
Bouchéstrasse 12 Fax: +49 30 533289-99
D-12435 Berlin Internet: http://www.hisolutions.com
_______________________________________________________

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at ***@cenzic.com for details.
------------------------------------------------------------------------------