Tenable AuditLang Extension for Visual Studio CodeThe Nessus vulnerability scanner allows you to perform compliance audits of numerous platforms including (but not limited to) databases, Cisco, Unix, and Windows configurations as well as sensitive data discovery based on regex contained in audit files. Audit files are XML-like text files that contain the specific configuration, file permission, and access control tests to be performed. OverviewThe Tenable AuditLang extension for VS Code assists with creating and modifying Tenable .audit files. Core features include syntax highlighting, audit check snippets, and command shortcuts for supporting content such as Compliance Checks reference documentation, download links, etc. Additionally, this extension can be configured to perform plugin level parse checking of the audits before they are loaded into Tenable.io, Tenable.sc or Nessus. Installation
Next, to perform plugin level parse checking, you need to run the tenable/audit-utils docker container.
Local on demand container:
Persistent container:
Next, configure the extension.
Finally, restart VS Code. UsageOnce the extension is installed and configured, you simply need to open a file with the .audit file extension for the extension to be activated. Syntax HighlightingAs the extension recognizes keywords and syntaxes, the color of these items will be updated to make them easier to read. SnippetsThe extension provides snippets for common check types. Currently the most common Windows and Unix check types have been added, with additional check types added in future releases. If you start typing windows or unix in an open .audit file, a pop up will apppear with the snippets that match. Command ShortcutsThere are several command shortcuts provided by the extension. To see the list click View > Command Palette. All commands provided by this extension start with Tenable AuditLang. Parse CheckingThis extension works in conjunction with the tenable/audit-utils container to provide plugin level parse checking. In the problems section any issues detected during parse checking will be listed. In the example below, an error is displayed because a check was given an invalid type. Uninstalling
|