Tenable AuditLang Extension for Visual Studio Code
The Nessus vulnerability scanner allows you to perform compliance audits of numerous platforms including (but not limited to) databases, Cisco, Unix, and Windows configurations as well as sensitive data discovery based on regex contained in audit files. Audit files are XML-like text files that contain the specific configuration, file permission, and access control tests to be performed.
The Tenable AuditLang extension for VS Code assists with creating and modifying Tenable .audit files. Core features include syntax highlighting, audit check snippets, and command shortcuts for supporting content such as Compliance Checks reference documentation, download links, etc.
Additionally, this extension can be configured to perform plugin level parse checking of the audits before they are loaded into Tenable.io, Tenable.sc or Nessus.
Next, to perform plugin level parse checking, you need to run the tenableofficial/audit-utils docker container.
Local on demand container:
Next, configure the extension.
Finally, restart VS Code.
Once the extension is installed and configured, you simply need to open a file with the .audit file extension for the extension to be activated.
As the extension recognizes keywords and syntaxes, the color of these items will be updated to make them easier to read.
The extension provides snippets for common check types. Currently the most common Windows and Unix check types have been added, with additional check types added in future releases. If you start typing windows or unix in an open .audit file, a pop up will apppear with the snippets that match.
There are several command shortcuts provided by the extension. To see the list click View > Command Palette. All commands provided by this extension start with Tenable AuditLang.
This extension works in conjunction with the tenableofficial/audit-utils container to provide plugin level parse checking. In the problems section any issues detected during parse checking will be listed. In the example below, an error is displayed because a check was given an invalid type.