How to restore an internal target

Re-add your internal systems in just a few steps

Naomi Purvis avatar
Written by Naomi Purvis
Updated over a week ago

Re-adding an internal system can be a bit tricky, so we've gone ahead and outlined the process below.


🚨 Windows OS:
If your machine doesn't pop up after following the steps below, try rebooting.


πŸ‘‰ I scanned and deleted the internal target less than 30 days ago

This means that a license is still assigned to that target and you have the option to 'restore', without consuming a new license. (Though the consumption will be reset as soon as you run a scan on the internal target).

Relink the agent

  1. Edit the relevant command, adding the key and same name as used during the original installation

  2. Run it.

Windows (Make sure you're running as Administrator)

"C:\Program Files\Tenable\Nessus Agent\nessuscli" agent link --host="cloud.tenable.com" --port="443" --key=[KEY] --name=[Prefix_DeviceName]


Linux

/opt/nessus_agent/sbin/nessuscli agent link --host="cloud.tenable.com" --port="443" --key=[KEY] --name=[Prefix_DeviceName]

MacOS

sudo /Library/NessusAgent/run/sbin/nessuscli agent link --host="cloud.tenable.com" --port="443" --key=[KEY] --name=[Prefix_DeviceName]

It should take a couple of minutes for the internal system to pop up on your targets page.


πŸ‘‰ I deleted the internal target more than 30 days ago

There are two scenarios at this point, each with their own set of instructions, either way it can take a few minutes for the agent to show, so don't panic if it doesn't pop up immediately.

Deleted the target, but didn't uninstall the agent

If the agent is still on your machine, then it simply means you need to relink, using a different DeviceName to the one originally used for this target.

  1. Open the command terminal again – as Administrator

  2. Run the link command below (edit name accordingly)

nessuscli agent link --host="cloud.tenable.com" --port="443" --key=819652a91d674e8d5be08e21299f1a3c69bd9806c72e24bc05df6b32b8db7fe1 --name=[Prefix_DeviceName]

Deleted the target and uninstalled the agent

This means that you'll need to go through the installation process again from the beginning, but making sure you use a different DeviceName (if you use the exact same DeviceName as before, it won't show up).

And remember, it can take up to ten minutes for the internal system to pop up on your targets page.


I re-installed the operating system

If you have reinstalled the operating system, then you'll need to relink the agent with an updated DeviceName.

It's important to note that when you reinstall the OS the agent is given a new internal ID, which requires a new license for scanning. Licenses assigned to old machines will be released in line with the 30 day consumption period.


I wiped my machine

If everything is gone, you'll need to go through the installation process again.


I updated my OS

You don't need to do anything, the agent should run as normal.


My internal targets unlinked

It might be as simple as relinking, however, if the machine still hasn't popped up after relinking (and rebooting for Windows users) or you get:
​([error] [agent] Link fail: [409] Agent with uuid agentUuid=<> attempt to link, but another agent in container containerUuid=<> with different token already exists), you'll need to uninstall the agent and start the installation process again.

Relinking the agent


​Uninstalling the agent / starting again

  1. Follow the steps in the relevant OS guide (including any appended notes). Once you've done that reboot the system (Windows OS only).

  2. Install the agent again, per these manual instructions.


I'm having issues with the agent

Run a quick agent status command to check what's going on.

Did this answer your question?