Tenable AuditLang Extension for Visual Studio Code

The Nessus vulnerability scanner allows you to perform compliance audits of numerous platforms including (but not limited to) databases, Cisco, Unix, and Windows configurations as well as sensitive data discovery based on regex contained in audit files. Audit files are XML-like text files that contain the specific configuration, file permission, and access control tests to be performed.

Overview

The Tenable AuditLang extension for VS Code assists with creating and modifying Tenable .audit files. Core features include syntax highlighting, audit check snippets, and command shortcuts for supporting content such as Compliance Checks reference documentation, download links, etc.

Additionally, this extension can be configured to perform plugin level parse checking of the audits before they are loaded into Tenable.io, Tenable.sc or Nessus.

Installation

1. Launch VS Code.
2. In the Search Extensions in Marketplace box, search for Tenable AuditLang.
3. Select the Tenable AuditLang extension.
4. Click Install.

Next, to perform plugin level parse checking, you need to run the tenable/audit-utils docker container.

1. Obtain a shell session on your docker host.
2. Run the container. We recommend running the container locally on demand, but have included examples below. Make sure to update container name and port to appropriate values:

Local on demand container:

docker run --rm --publish 127.0.0.1:<port>:8080 tenable/audit-utils:latest check_service

Persistent container:

docker run --name <container name> --restart always --publish <port>:8080 --detach tenable/audit-utils:latest check_service

Next, configure the extension.

1. From VS Code, click View > Extensions.
2. Select the Tenable AuditLang extension, click the gear icon > Extension Settings.
3. Set Audit Language Server: Audit Check Service Url to the url of the audit-utils docker container in the format of http://<ip address/url>:<port>.

Finally, restart VS Code.

Usage

Once the extension is installed and configured, you simply need to open a file with the .audit file extension for the extension to be activated.

Syntax Highlighting

As the extension recognizes keywords and syntaxes, the color of these items will be updated to make them easier to read.

Snippets

The extension provides snippets for common check types. Currently the most common Windows and Unix check types have been added, with additional check types added in future releases. If you start typing windows or unix in an open .audit file, a pop up will apppear with the snippets that match.

Command Shortcuts

There are several command shortcuts provided by the extension. To see the list click View > Command Palette. All commands provided by this extension start with Tenable AuditLang.

Parse Checking

This extension works in conjunction with the tenable/audit-utils container to provide plugin level parse checking. In the problems section any issues detected during parse checking will be listed. In the example below, an error is displayed because a check was given an invalid type.

Uninstalling

1. To remove the extension, click View > Extensions.
2. Select the Tenable AuditLang extension and click Uninstall.