• Get started
  • Documentation

Data Manager - Tenable Vulnerability Management Adapter

Assets Data Manager for Jira Service Management Cloud is currently rolling out in Open Beta and will be available to all Premium + Enterprise sites by end of October 2024.

Introduction

Tenable Vulnerability Management is a tool produced by Tenable that is used for Cyber-security.

The Tenable Vulnerability Management Adapter uses an API connection to bring data into Assets Data Manager.

How do I connect this tool to Assets Data Manager?

This task requires Data Manager Adapters admin permissions to complete. See how permissions and roles work in Data Manager.

 

Follow this procedure to connect this tool to Assets Data Manager using the custom-built Adapter:

  1. Gather all of the information listed in the Data Manager Fields section, such as the Name, Object class, Data Source Name, and Data Source Type.

  2. Gather all of the information in the Tenable Vulnerability Management Fields section - this may require consultation with your internal subject matter expert (SME) for Tenable Vulnerability Management.

  3. Within Data Manager:

    1. Create a new job by selecting the Adapter that matches your tool.

    2. Configure all of the required fields with the appropriate information.

  4. Within Tenable Vulnerability Management :

    1. Follow all of the steps listed in the Authentication and authorization section to properly configure Authentication and authorization.

    2. If you are using an API Adapter, review the information in the API Call section and ensure the endpoints are available.

    3. Review the Fields Retrieved section.

Each time this job is run, the data you have selected will be brought into Data Manager using the configured Adapter and become raw data.

Data Manager Fields

You will need to specify the following information from Assets Data Manager:

  1. Name - the name of the Connection, visible as the job name in Adapters.

  2. Object class - the name of the Object class you want to the data to be loaded into.

  3. Data Source Name - the type of data being created; which is usually the tool name, e.g AD, Qualys etc. Note: This can be the same as Name.

  4. Data Source Type - what type of data is the tool providing? For example, Assets, CMDB, user location and more.

Tenable Vulnerability Management Fields

You will need to specify the following information from within Tenable.io:

  1. API Access Key - a unique identifier to identify the user account in Vulnerability Management.

  2. API Secret Key - a secret string that the application uses for authorization.

  3. Chunk Size - maximum number of assets per chunk of the API response.

Authentication and authorization

  1. Log in to http://Tenable.io via the user interface.

  2. In the upper-right corner, click the user icon. The user account menu appears.

  3. Click My Account. The My Account page appears.

  4. Click the API Keys tab. The API Keys section appears.

  5. Click Generate. The Generate API Keys window appears with a warning.

  6. Review the warning and click Generate. http://Tenable.io generates new access and secret keys, and displays the new keys in the Custom API Keys section of the page.

API Call

The Vulnerability Manager Adapter has three API calls as noted in the steps below:

1. Export assets

  • Endpoint:  POST https://cloud.tenable.com/assets/export

  • This endpoint returns the UUID of the assets export job (export_uuid)

2. Get assets export status based on the export_uuid generated in Step 1.

  • Endpoint: GET https://cloud.tenable.com/assets/export/{export_uuid}/status

  • This endpoint returns the status of the export and a list of completed chunks available for download.

  • If the status = “FINISHED”, Step 3 is called. If status= “Cancelled”, the adapter returns the error message “Error in retrieving Export Status and Chunk IDs from http://Tenable.io”.

    • For the second call, the following errors may be received:

      • QUEUED - http://Tenable.io has queued the export request until it completes other requests currently in process.

      • PROCESSING - The export request processing has started.

      • FINISHED - The job is completed, the list of chunks is complete.

      • CANCELLED - An administrator has cancelled the export request.

      • ERROR - http://Tenable.io encountered an error while processing the export request.  Tenable recommends that you retry the request.  If the status persists, contact Support.

3: Download assets chunk:

  • Endpoint: GET https://cloud.tenable.com/assets/export/{export_uuid}/chunks/{chunk_id}

  • Downloads exported assets chunk by ID. Chunks are available for download for up to 24 hours after they have been created. http://Tenable.io returns a 404 message for expired chunks.

Fields Retrieved

The following fields are retrieved from the POST https://cloud.tenable.com/assets/export endpoint:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 ID HasAgent HasPluginResults CreatedAt Updated_at FirstSeen LastSeen FirstScanTime LastScanTime LastAuthenticatedScanDate LastLicensedScanDate LastScanId LastScheduleId BiosUuid NetworkId NetworkName InstalledSoftwares Ipv4s Ipv6s Fqdns MacAddresses NetbiosNames OperatingSystems HostNames SshFingerPrints

Still need help?

The Atlassian Community is here for you.