Tenable

Version: 2.0.0

Managed on-premises and powered by Nessus technology, the Tenable.sc suite of products provides the a comprehensive vulnerability coverage with real-time continuous assessment of a network. It’s a complete end-to-end vulnerability management solution.

Connect Tenable with LogicHub

Navigate to Automations > Integrations.
Search for Tenable.
Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- Server IP or Hostname: Enter Server IP or Hostname where Tenable is installed and running. Example: http://111.111.111.111:443
- Access Key: Enter Access Key for Tenable instance.
- Secret Key: Enter Secret key for the Tenable instance.
After you've entered all the details, click Connect.

Actions for Tenable

List Scan Results

Gets the list of Scan Results.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Fields	Jinja-templated comma separated field names which needs to be returned in the result set.	Required
Start Time	Start time in ISO format for scan results to be retrieved. Example: 2019-09-26T07:58:30.996+02:00. Default is execution start time.	Required
End Time	End time in ISO format for scan results to be retrieved. Example: 2019-09-26T07:58:30.996+02:00. Default is execution end time.	Required

Output

A JSON object containing multiple rows of result:

response: Array of reports
warnings: Array of any warnings
error_message: Any error message from the server

{
   "timestamp":1622212387,
   "warnings":[
      
   ],
   "response":{
      "usable":[
         {
            "id":"13464",
            "name":"Report Name",
            "description":"",
            "status":"Partial"
         }
      ]
   },
   "error_msg":"",
   "type":"regular",
   "error_code":0
}

Download Scan Result

Downloads a Scan Result by ID.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Scan ID	Jinja templated scan ID whose reports is to be downloaded.	Required
Download Type	Select download type. Default is V2. Valid options are: v2, diagnostic, oval, scap1 2.	Required

Output

A JSON object containing multiple rows of result:

file_id: File ID of the downloaded report.
error: Error message, if any.
has_error: Whether the action succeeded or failed.

{
   "file_id":"b815d171c2d8409e857ce9ca43fd1523",
   "error":null,
   "has_error":false
}

Release Notes

v2.0.0 - Updated architecture to support IO via filesystem

Updated about 1 year ago