Nessus update may be required for bugs and vulnerabilities fixing, and to enable some new features as well.
Someone might think that it is possible to put running Nessus scan task on pause and launch it when update process is finished. All paused scan tasks will be marked as “aborted” after updating.
Even if Tenable will ever fix this, delayed scans may still be incorrect.
Different targets should be scanned at the right time.
It’s not a good idea to scan windows desktops after the end of the working day, when they will be probably turned off. If we turn off Nessus when scanning task should be started we will lose the results.
And if this scan results are used in some complex report, we may never know that report is not complete.
As a rule, the best time for update when no scan task is running and will not launch soon.
And detecting a good time window is not a trivial task when you are dealing with a huge amount of scan task. How to determine which scans are running now and which will be launched in the near future (today)?
Just make Thus, if for some scans “status”: “running”, it would be a good idea to wait until they are completed. In order to estimate the time required to complete scanning task we can make /scans/[id] query (see example in “Retrieving scan results through Nessus API” post) to see the difference between “last_modification_date” and “creation_date” for past scans.
This will give us an approximate time (in seconds) for completion of the scanning task.
As for the schedules scans, see rrules, timezone and starttime params of Every 2 months (repeating by the day) at PM, starting Friday, June 17th, 2016 FREQ=MONTHLY; INTERVAL=2; BYMONTHDAY=17 Every 2 months (repeating by the week) at PM, starting Friday, June 17th, 2016 FREQ=MONTHLY; INTERVAL=2; BYDAY=3FR Every 2 years on June 17th at PM FREQ=YEARLY; INTERVAL=2 Well, you get the idea.
You should detect the start time using rrules line and starttime “timestamp”.