To check if your agent has been installed correctly or to diagnose any issues you might be experiencing, the best place to start would be to take a look at the agent status.
⚠️ The command must be run as an admin in the Nessus Agent folder. The default locations are below; if the agent is in a non-default location, edit the command accordingly.
MacOS:
cd /Library/NessusAgent/run/sbin/Windows:
cd "C:\Program Files\Tenable\Nessus Agent\"Linux:
cd /opt/nessus_agent/sbin/
It might also be worth checking your notifications to see if the agent has been uninstalled or unlinked. You might see a notification message like the following:
If you see this notification, you will need to follow the appropriate OS-specific instructions to relink the agent to Intruder.
The agent status command
MacOS
Open Terminal (press command + space bar, and type
terminal)In the terminal type
sudo /Library/NessusAgent/run/sbin/nessuscli agent statusand hit return.Compare your output to the responses below
Windows
** Ensure you are running the command as Administrator (Not admin?) **
** Ensure you are running in Command Prompt and not Powershell **
Open Command Prompt (open search bar, type
cmd, scroll to Command Prompt, right-click, + select Run as administrator)At the prompt, type
"C:\Program Files\Tenable\Nessus Agent\nessuscli" agent statusand hit return.Compare your output to the responses below
Linux
Open a terminal.
In the terminal, type
sudo /opt/nessus_agent/sbin/nessuscli agent statusand hit return.Compare your output to the responses below
Expected Output
Running: Yes
Linked to: sensor.cloud.tenable.com:443
Link status: Connected to sensor.cloud.tenable.com:443
Unexpected Output
❗️ 'command not found' or 'nessuscli' is not recognized'
If you see one of the following errors, then you're in the wrong directory.
MacOS |
|
Windows |
|
Linux |
|
Change to the right directory
Assuming nessuscli is installed in the default location (mentioned at the top of this article), you can move into the right folder by running:
MacOS:
cd /Library/NessusAgent/run/sbin/Windows:
cd "C:\Program Files\Tenable\Nessus Agent\"(Must be admin)Linux:
cd /opt/nessus_agent/sbin/
Once there, you can re-run the agent status command.
Re-run the linking command
If you suspect that you ran the linking command from the wrong directory, then you'll need to run it again. This time, make sure that you're either in the folder where nessuscli is installed, or add the path to the command.
For example (Windows only)
👉 If you're in the folder where nessuscli is installed:
msiexec /i NessusAgent-10.9.0-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=[KEY] NESSUS_NAME=[Your Prefix]_%computername% /qn
👉 You're adding the path to the default folder:
msiexec /i "C:\Program Files\Tenable\NessusAgent-10.9.0-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=[KEY] NESSUS_NAME=[Your Prefix]_%computername% /qn
👉 You moved the installer and need to add the path to a different folder:
msiexec /i "[path to the installer file]\NessusAgent-10.9.0-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=[KEY] NESSUS_NAME=[Your Prefix]_%computername% /qn
❗️ 'Could not open'
If you get one of the following errors, then you are not running the agent status command as Administrator.
MacOS |
|
Windows |
|
MacOS/Linux
Be sure to use sudo before the command
Windows
1. Hit Start
2. Type “cmd” and you’ll see “Command Prompt” listed as the main result.
3. Right-click that result and choose “Run as administrator.”
So long as you don't close that window, all subsequent commands run in that command terminal will be run as admin (see below):
❗️ 'Running: No' and 'Not linked to a manager'
All OS |
|
Then it could mean one of two things:
The agent hasn't installed
It is possible that your original install command contained errors (wrong filename, wrong path,name/NESSUS_NAME, etc.), so we would recommend going back and trying the installation process again.Your system cannot reach out to Tenable
You need to check that you are connected to the internet and that the agent can reach out tosensor.cloud.tenable.comon port443. (This is the only relevant firewall rule). When you are certain that the system is connected to the internet, try running the command again. If it still says "not linked to a manager" then you will need to try the installation process again.
❗️ 'Running': No
All OS |
|
Then you need to either:
Reboot the internal system (if possible), or
Start the Nessus Agent service manually by running the command below as an admin:
MacOS |
|
Windows |
|
Linux |
|
RedHat, CentOS, and Oracle Linux |
|
SUSE |
|
Free BSD |
|
Debian and Kali |
|
Ubuntu (*init.d) |
|
Ubuntu (*systemd) |
|
(*) To identify your init daemon, search ps 1 in your command prompt, to see which manager you're using.
❗️ 'Running', but is 'Not linked to a manager'
All OS |
|
Although it says 'running', the link status here tells us that something has gone wrong during the installation. There are two scenarios here, the first being the most common:
Your linking command is incorrect.
Be sure to check:💡
name/NESSUS_NAMEincludes the prefix and the target name (eg.DQEGBQUAAAc_paul)
💡 You have included the key
💡 The command reflects your current operating system💡 You haven't added or missed any characters
An internet proxy/filter is getting in the way
The agent cannot connect to the manager; this could be due to internal network controls, such as an outbound proxy. If your environment has these types of controls, please refer to the documentation here and use the proxy parameters on install to ensure the agent connects to the manager via the proxy.
To resolve this, you'll need to link again:
Link (again):
Open the command terminal again – as Administrator
Copy the relevant link command for your OS, insert the
KeyandPREFIX_DEVICENAME, and run it.
MacOS:
/Library/NessusAgent/run/sbin/nessuscli agent link --cloud --key=[Key] --name=[Prefix_DeviceName]
Windows:"C:\Program Files\Tenable\Nessus Agent\nessuscli" agent link --cloud --key=[Key] --name=[Prefix_DeviceName]
Linux:
/opt/nessus_agent/sbin/nessuscli agent link --cloud --key=[Key] --name=[Prefix_DeviceName]
Check out the targets page to see if it has appeared.
❗️ 'Running', but there's an 'authentication error'
All OS |
|
This indicates that the agent has been removed (intentionally or not). To resolve this, you'll need to link again:
Link (again):
Open the command terminal again – as Administrator
Copy the relevant link command for your OS, insert the
KEYandPREFIX_DEVICENAME, and run it.MacOS:
/Library/NessusAgent/run/sbin/nessuscli agent link --cloud --key=[Key] --name=[Prefix_DeviceName]
Windows:
"C:\Program Files\Tenable\Nessus Agent\nessuscli" agent link --cloud --key=[Key] --name=[Prefix_DeviceName]
Linux:
/opt/nessus_agent/sbin/nessuscli agent link --cloud --key=[Key] --name=[Prefix_DeviceName]
Check out the targets page to see if it has appeared.
❗️ It's running and is linked, but I still can't see my internal system on the targets page. What now?
All OS |
|
This means that it has been linked to Tenable, but there is an underlying issue that is stopping it from working as intended.
If you have checked your linking command and everything looks good, then your best bet at this point would be to start over.
Link (again):
Unlink the agent
Windows (must be run as Admin)"C:\Program Files\Tenable\Nessus Agent\nessuscli.exe" agent unlink
Linuxsudo /opt/nessus_agent/sbin/nessuscli agent unlink
MacOSsudo /Library/NessusAgent/run/sbin/nessuscli agent unlink
In the terminal, as an admin, run the following command:nessuscli agent unlink
Check that the unlink command worked by running the agent status
It should return:
Linked to: None
Link status: Not linked to a managerUninstall the agent by following the steps in the relevant OS guide (including any appended notes).
Reboot the system.
Re-add the internal system, following the steps in our installation articles.
Check out the targets page to see if it has appeared.
If, after following these steps, it still doesn't show up, it might be worth heading over to our troubleshooting documentation.