Documentation Center
AlienVault® USM Appliance™

Importing Scan Results

Applies to Product: USM Appliance™ AlienVault OSSIM®

This option allows you to import results from external scanners to create reports or perform cross-correlation.

To import a scan result file

  1. Navigate to Environment > Vulnerabilities > Scan Jobs.
  2. Click Import Results.

    Import Results dialog box.

  3. Type a Report Name.
  4. Choose the file to import.
  5. Select the source of your file

    • Nessus .nbe file — if importing Nessus scan report in an NBE file
    • Nessus .csv file — if importing Nessus scan report in a CSV file (available in USM Appliance version 5.6 and later)
    • Custom 1 Qualys .csv file — if importing custom Qualys scan results in a CSV file (available in USM Appliance version 5.6 and later)

      The CSV file must contain at least the following column headers (as the first line in the CSV file).

      IP,DNS,NetBIOS,QID,Title,CVE ID,Threat,Impact,Solution,Results

      You can include other column headers, but the first three columns must be IP, DNS, and NetBIOS, in that exact order. The order of the other columns can vary. For example

      IP,DNS,NetBIOS,OS,IP Status,QID,Title,Type,Severity,Port,Protocol,

      FQDN,SSL,CVE ID,Vendor,Reference,Bugtraq ID,CVSS Base,CVSS Temporal,

      CVSS3 Base,CVSS3 Temporal,Threat,Impact,Solution,Exploitability,

      Associated Malware,Results,PCI Vuln,Instance,Category

    • AlienVault Vulnerability Assessment .nbe file — if importing scan results generated by another instance of USM Appliance in an NBE file
  6. In the Assign to list, select a single user or an entity.

    The chosen user or entity becomes the owner of the scan in the USM Appliance.

  7. To import the vulnerabilities and add the new assets, click Import & Asset Insertion.

    To import the vulnerabilities only, click Import .

    A message appears to inform you that the file has been imported successfully.

  8. Close the window by clicking the close icon (Close icon).