Tenable.sc

Tenable.sc is a vulnerability management tool that scans systems and environments to identify vulnerabilities. The Network Probe can connect to the Tenable.sc API to retrieve vulnerability scan results and forward them to the Data Node index. Collected data can be analyzed using the [Vulnerability] Overview Tenable dashboard.

Configuration

1. Enable the pipeline in the Network Probe configuration:

   Edit /etc/logserver-probe/pipelines.yml and uncomment the following lines:

   - pipeline.id: tenable.sc
     path.config: "/etc/logserver-probe/conf.d/tenable.sc/*.conf"
   

2. Configure the connection to the Tenable.sc manager:

   Edit /etc/logserver-probe/conf.d/tenable.sc/venv/main.py and set the following parameters:

   • TENABLE_ADDR — IP address and port of the Tenable.sc manager

   • TENABLE_CRED — username and password

   • NETWORK_PROBE_ADDR — IP address and port of the Network Probe

   Example:

   TENABLE_ADDR = ('10.4.3.204', 443)
   TENABLE_CRED = ('admin', 'password')
   NETWORK_PROBE_ADDR = ('127.0.0.1', 10000)