Tenable Vulnerability Management data source
Data Manager is included in all Service Collection Premium and Enterprise plans.
Tenable Vulnerability Management is a Tenable tool used for cyber‑security and vulnerability management.
The Tenable Vulnerability Management data source uses an API connection to bring asset information into Data Manager.
This task requires Data Manager & Adapters admin permissions to complete. See how permissions and roles work in Data Manager.
How do I connect Tenable Vulnerability Management to Data Manager?
Gather all of the Data Manager type information, including the data source name, short display name, and the data source type.
Gather the Tenable Vulnerability Management fields – this may require consultation with the Tenable Vulnerability Management subject matter expert (SME).
In Data Manager, add a new data source by selecting the tool you which to connect and configure with all the gathered information.
Each time this data source is fetched the data becomes raw data.
Data Manager fields
You need to specify the following information from Data Manager:
Data source name – the name of the data source used to run, transform, map, cleanse, and import the data.
Short display name – a unique name as a data source label.
Data source type – what type of data the tool is providing. For example, Assets, CMDB, user location.
Tenable Vulnerability Management fields
From Tenable.io:
API access key – identifies the user account in Tenable.
API secret key – secret string used for authorization.
Chunk size – maximum number of assets per chunk in the API response.
認証と承認
Log in to
https://tenable.io.Select the user icon (top right) and choose My account.
Go to the API keys tab.
Select Generate.
Review the warning and select Generate again.
Tenable.io generates and displays access and secret keys.
API calls
The adapter uses three steps:
Export assets
メソッド:
POSTEndpoint:
https://cloud.tenable.com/assets/exportReturns:
export_uuidfor the export job.
Get export status (using
export_uuid)メソッド:
GETEndpoint:
https://cloud.tenable.com/assets/export/{export_uuid}/statusReturns job status and list of chunks available.
Status values:
QUEUED– export is queued.PROCESSING– export is in progress.FINISHED– export complete; chunk list complete.CANCELLED– export cancelled; adapter returns an error.ERROR– Tenable encountered an error; retry and contact support if persistent.
Download assets chunk
メソッド:
GETEndpoint:
https://cloud.tenable.com/assets/export/{export_uuid}/chunks/{chunk_id}Chunks remain downloadable for up to 24 hours; expired chunks return
404.
次のフィールドは POST https://cloud.tenable.com/assets/export エンドポイントから取得されます。
ID
HasAgent
HasPluginResults
CreatedAt
Updated_at
FirstSeen
LastSeen
FirstScanTime
LastScanTime
LastAuthenticatedScanDate
LastLicensedScanDate
LastScanId
LastScheduleId
BiosUuid
NetworkId
NetworkName
InstalledSoftwares
Ipv4s
Ipv6s
Fqdns
MacAddresses
NetbiosNames
OperatingSystems
HostNames
SshFingerPrintsこの内容はお役に立ちましたか?