To check if your agent has been installed correctly or to diagnose any issues you might be experiencing, the best place to start would be to take a look at the agent status.
⚠️ The command must run the command as Admin, in the Nessus Agent folder. The default locations are below, if the agent is in a non-default location, edit the command accordingly.
MacOS:
cd /Library/NessusAgent/run/sbin/Windows:
cd "C:\Program Files\Tenable\Nessus Agent\"Linux:
cd /opt/nessus_agent/sbin/
It might also be worth checking your notifications to see if the agent has been uninstalled or unlinked. You might see a notification message like the following:
If you see this notification, you will need to follow the appropriate OS-specific instructions to relink the agent to Intruder.
The agent status command
MacOS
Open Terminal (press command + space bar, and type
terminal)In the terminal type
sudo /Library/NessusAgent/run/sbin/nessuscli agent statusand hit return.Compare your output to the responses below
Windows
** Ensure you are running the command as Administrator. (Not admin?) **
** Ensure you are running in Command Prompt and not Powershell)**
Open Command Prompt (open search bar, type
cmd, scroll to Command Prompt, right-click + click on Run as administrator)At the prompt, type
"C:\Program Files\Tenable\Nessus Agent\nessuscli" agent statusand hit return.Compare your output to the responses below
Linux
Open a terminal.
In the terminal, type
sudo /opt/nessus_agent/sbin/nessuscli agent statusand hit return.Compare your output to the responses below
Expected Output
Running: Yes
Linked to: sensor.cloud.tenable.com:443
Link status: Connected to cloud.tenable.com:443
Unexpected Output
❗️ 'command not found' or 'nessuscli' is not recognized'
If you see one of the following errors, then you're in the wrong directory.
MacOS |
|
Windows |
|
Linux |
|
Change to the right directory
Assuming nessuscli is installed in the default location (mentioned at the top of this article), you can change your command prompt/ terminal to the right folder by running:
MacOS:
cd /Library/NessusAgent/run/sbin/Windows:
cd "C:\Program Files\Tenable\Nessus Agent\"(Must run as Admin)Linux:
cd /opt/nessus_agent/sbin/
Once there, you can re-run the agent status command.
Re-run the linking command
If you suspect that you ran the linking command from the wrong directory, then you'll need to run it again. This time, make sure that you're either in the folder where nessuscli is installed, or add the path to the command.
For example (Windows OS only)
👉 If you're in the folder where nessuscli is installed:
msiexec /i NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=[KEY] NESSUS_NAME=[Your Prefix]_%computername% /qn
👉 You're adding the path to the default folder:
msiexec /i "C:\Program Files\Tenable\NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=[KEY] NESSUS_NAME=[Your Prefix]_%computername% /qn
👉 You moved the installer and need to add the path to a different folder:
msiexec /i "[the path to where the installer was downloaded]\NessusAgent-8.2.4-x64.msi" NESSUS_SERVER="cloud.tenable.com:443" NESSUS_KEY=[KEY] NESSUS_NAME=[Your Prefix]_%computername% /qn
❗️ 'Could not open'
If you get one of the following errors, then you are not running the agent status command as Administrator.
MacOS |
|
Windows |
|
MacOS
Be sure to use sudo before the command
Windows
1. Hit Start
2. Type “command,” and you’ll see “Command Prompt” listed as the main result.
3. Right-click that result and choose “Run as administrator.”
So long as you don't close that window, all subsequent commands run in that command terminal will be run as Admin (see below):
❗️ 'Running: No' and 'Not linked to a manager'
All OS |
|
Then it could mean one of two things:
The agent hasn't installed
It is possible that your original install command contained errors (wrong filename, wrong path,name/NESSUS_NAMEetc) so we would recommend going back and trying the installation process again.Your system cannot reach out to tenable
You need to check that you are connected to the internet and that the agent can reach out to cloud.tenable.com on port 443. (This is the only relevant firewall rule). When you are certain that the system is connected to the internet, try running the command again. If it still says "not linked to a manager" then you will need to try the installation process again.
❗️ 'Running': No
All OS |
|
Then you need to either:
Reboot the internal system (if possible), or
Start the Nessus Agent system manually, by running the relevant command as Admin:
MacOS |
|
Windows |
|
Linux |
|
RedHat, CentOS, and Oracle Linux |
|
SUSE |
|
Free BSD |
|
Debian and Kali |
|
Ubuntu (*init.d) |
|
Ubuntu (*systemd) |
|
(*) To identify your init daemon search ps 1 in your command prompt to see which manager you're using.
❗️ 'Running', but is 'Not linked to a manager'
All OS |
|
Although it says 'running', the link status here tells us that something has gone wrong during the installation. There are two scenarios here, the first being the most common:
Your linking command is incorrect.
Be sure to check:💡
name/NESSUS_NAMEincludes the prefix and the target name (eg.DQEGBQUAAAc_paul)
💡 You have included the key
💡 The command reflects your current operating system💡 You haven't added or missed any characters
An internet proxy/filter is getting in the way
The agent cannot connect to the manager, this could be due to internal network controls such as an outbound proxy. If your environment has these types of controls, please refer to documentation here, and use the proxy parameters on install to ensure the agent connects to the manager via the proxy.
To resolve this, you'll need to link again:
Link (again):
Open the command terminal again – as Administrator
Copy the relevant link command for your OS, edit/insert
PREFIX_DEVICENAMEand run it.
MacOS:
/Library/NessusAgent/run/sbin/nessuscli agent link --host="cloud.tenable.com" --port="443" --key=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 --name=[Prefix_DeviceName]
Windows:"C:\Program Files\Tenable\Nessus Agent\nessuscli" agent link --host="cloud.tenable.com" --port="443" --key=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 --name=[Prefix_DeviceName]
Linux:
/opt/nessus_agent/sbin/nessuscli agent link --host="cloud.tenable.com" --port="443" --key=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 --name=[Prefix_DeviceName]
Check out the targets page to see if it has appeared.
❗️ 'Running', but there's an 'authentication error'
All OS |
|
This indicates that the agent has been removed (intentionally or not). To resolve this, you'll need to link again:
Link (again):
Open the command terminal again – as Administrator
Copy the relevant link command for your OS, edit/insert
PREFIX_DEVICENAMEand run it.
MacOS:
/Library/NessusAgent/run/sbin/nessuscli agent link --host="cloud.tenable.com" --port="443" --key=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 --name=[Prefix_DeviceName]
Windows:"C:\Program Files\Tenable\Nessus Agent\nessuscli" agent link --host="cloud.tenable.com" --port="443" --key=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 --name=[Prefix_DeviceName]
Linux:
/opt/nessus_agent/sbin/nessuscli agent link --host="cloud.tenable.com" --port="443" --key=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 --name=[Prefix_DeviceName]
Check out the targets page to see if it has appeared.
❗️ It's Running and is linked, but I still can't see my internal system on the targets page. What now?
All OS |
|
This means that it has been linked to Tenable, but there is an underlying issue that is stopping it from working as intended.
If you have checked your linking command and everything looks good, then your best bet at this point would be to start over.
Link (again):
Unlink the agent
Windows (must be run as Admin)"C:\Program Files\Tenable\Nessus Agent\nessuscli.exe" agent unlink
Linux
sudo /opt/nessus_agent/sbin/nessuscli agent unlink
MacOS
sudo /Library/NessusAgent/run/sbin/nessuscli agent unlink
In the terminal, as Admin, run the following command:nessuscli agent unlinkCheck that the unlink command worked by running the agent status
It should return:Linked to: None
Link status: Not linked to a managerUninstall the agent by following the steps in the relevant OS guide (including any appended notes).
Reboot the system
Re-add the internal system, following the steps in our installation articles.
Check out the targets page to see if it has appeared.
If after following these steps, it still doesn't show up, it might be worth heading over to our troubleshooting doc.