These examples assume you're using my Get-TenablePluginOutput PowerShell function. You can load it from the web here:
$Content = Invoke-WebRequest -Uri https://gist.githubusercontent.com/jasonadsit/db19229634c788276419c5a4134a1b7e/raw/Get-TenablePluginOutput.ps1 | Select-Object -ExpandProperty Content
. ([scriptblock]::Create($Content))Also assumes you've already set your working directory to one with some .nessus files in it. ;-)
Get-TenablePluginOutput -PluginID 92425 -Flatten | Where-Object { $_.PluginOutput -and $_.PluginOutput -notmatch 'folderid_|report\sattached|item\s\d' } | Select-Object -Property IpAddress,NetBiosName,@{n='PluginOutput';e={$_.PluginOutput -replace ':\\\\',':\'}} | Export-Csv .\xyz-tenable-92425-office-file-history.csvGet-TenablePluginOutput -PluginID 92428 -Flatten | Where-Object { $_.PluginOutput -and $_.PluginOutput -notmatch 'Recent files found in registry and appdata attached' } | Select-Object -Property IpAddress,NetBiosName,@{n='PluginOutput';e={$_.PluginOutput -replace ':\\\\',':\'}} | Export-Csv .\xyz-tenable-92428-recent-files.csvGet-TenablePluginOutput -PluginID 92434 -Flatten | Where-Object { $_.PluginOutput -and $_.PluginOutput -notmatch 'Download folder content report attached' } | Select-Object -Property IpAddress,NetBiosName,@{n='PluginOutput';e={$_.PluginOutput -replace ':\\\\',':\'}} | Export-Csv .\xyz-tenable-92434-user-downloads-folder-files.csvGet-TenablePluginOutput -PluginID 23974 -Flatten | Where-Object { $_.PluginOutput -match '^-\s' } | Select-Object -Property IpAddress,NetBiosName,@{n='PluginOutput';e={$_.PluginOutput -replace '^-\s'}} | Export-Csv .\xyz-tenable-23974-smb-share-office-files.csvGet-TenablePluginOutput -PluginID 92427 -Flatten | Where-Object { $_.PluginOutput -match '^-\s' } | Select-Object -Property IpAddress,NetBiosName,@{n='PluginOutput';e={$_.PluginOutput -replace '^-\s'}} | Export-Csv .\xyz-tenable-92427-ms-paint-recent-file-history.csvGet-TenablePluginOutput -PluginID 92414 -Flatten | Where-Object { $_.PluginOutput -and $_.PluginOutput -notmatch 'Adobe file history report attached' } | Select-Object -Property IpAddress,NetBiosName,@{n='PluginOutput';e={$_.PluginOutput -replace '^/'}} | ForEach-Object { if ($_.PluginOutput -notmatch '^http') { $_.PluginOutput = $_.PluginOutput -replace '/','\' } $_ } | Export-Csv .\xyz-tenable-92414-adobe-recent-files.csvGet-TenablePluginOutput -PluginID 92413 -Flatten | Where-Object { $_.PluginOutput -match '^-\s' } | Select-Object -Property IpAddress,NetBiosName,@{n='PluginOutput';e={$_.PluginOutput -replace '^-\s'}} | Export-Csv .\xyz-tenable-92413-7zip-recent-files.csvGet-TenablePluginOutput -PluginID 92429 -Flatten | Where-Object { $_.PluginOutput } | Select-Object -Property IpAddress,NetBiosName,@{n='PluginOutput';e={$_.PluginOutput -replace '\\\\','\'}} | Export-Csv .\xyz-tenable-92429-recycle-bin-files.csvGet-TenablePluginOutput -PluginID 92438 -Flatten | Where-Object { $_.PluginOutput -and $_.PluginOutput -notmatch 'WordPad report attached' } | Export-Csv .\xyz-tenable-92438-wordpad-history.csvGet-TenablePluginOutput -PluginID 11777 -Flatten | Where-Object { $_.PluginOutput -and $_.PluginOutput -notmatch 'Here\sis\sa\slist\sof|Some\sof\sthese\sfiles|movies\sor\smusic\sfiles|^\+|\\WindowsApps\\|^C:\\Program\sFiles|\\ProgramData\\' } | Export-Csv .\xyz-tenable-11777-potentially-copyrighted-files.csv