All Apps and Add-ons

In the present version of Tenable Add-On for Splunk, why is scan result information missing in logs?

Explorer

In previous add on we used to get below information which is missing in present add on, everything else works fine except for this information missing in the data.

_is_scan_result_empty:   0  
     _scan_result_info: {   [-] 
         createdTime:    1530944450 
         finishTime:     1530945356 
         id:     ***    
         importFinish:   1530945372 
         importStart:    1530945366 
         name:   ***    
         startTime:  1530944466 
    }
1 Solution

Communicator

Unfortunately this information is no longer available. In the previous add-on they were pulling scan results directly. In this add-on we are pulling in the "summary" view of all vulns on each machine. This allows us to use much less storage and provides the state of the vulnerabilities, but did remove our ability to show scan specific information.

View solution in original post

Communicator

Unfortunately this information is no longer available. In the previous add-on they were pulling scan results directly. In this add-on we are pulling in the "summary" view of all vulns on each machine. This allows us to use much less storage and provides the state of the vulnerabilities, but did remove our ability to show scan specific information.

View solution in original post

Contributor

We unfortunately used this information block extensively in our dashboards. This is extremely disappointing.

Is there any method through the new add-on to collect the same data about the scans themselves (name/created/start/finish time, etc)??

0 Karma

Explorer

Hi,

Does this add-on supports Nessus manager?

0 Karma

Communicator

Not today, but the next version will; v2.

0 Karma