First I would check to make sure the sensor is seeing the traffic you are sending it. The easiest way is to use snoop on the sensor:
(as root) snoop -d spwr0
Run your tool and see if you see the traffic you are sending.
If you are seeing the traffic check the sensor's logs to see if the alarms are firing:
check for you alarms in that output.
If you see the alarms then you know the problem is in the CSPM/Sensor communication. If you don't see alarms and you know that the sensor is seeing the traffic, then to problem lies with the tool. I'm not familiar with how Retina works so I'd start with something a little more simple.
Issue an HTTP request (you can use you browser) with a /phf? at the end of it. This should trigger an alarm. Use snoop to verify the sensor saw the traffic
Nessus is a good tool, but there are some drawbacks when testing an IDS. Cisco IDS, for example, has signatures written in such a way that some test cases won't fire unless they are actually exploits. Nessus' test cases aren't always expoits due to Denial of Service conditions that they could cause.
I'm not trying to bad-mouthing Nessus in any way, I'm only trying to highlight a reason why Cisco IDS might not fire on all of Nessus' test cases.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :