All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why aren't the severity numbers from Tenable in Splunk not matching the numbers in Security Center?

bcyates
Communicator
‎04-30-2018 10:14 AM

We are using the add-on to ingest data from Nessus SecurityCenter into Splunk. However, the numbers do not match up. Week-long searches in SecurityCenter show numbers different from week-long searches in Splunk when we do a timechart. For example, on the day of the last scan, the numbers for critical and high are off by ~200, but the mediums are off by ~2500+. Is there something we can dedup by, or a way to get the numbers closer? We have little confidence in the accuracy of what's in Splunk since the numbers are so far off of what is in SecurityCenter

0 Karma
Reply

itsGhisla1n
Engager
‎08-19-2024 12:35 AM

Any solution for this issue?

0 Karma
Reply

xpac
SplunkTrust
SplunkTrust
‎04-30-2018 11:31 AM

Are your numbers in Splunk too high or too low?

0 Karma
Reply

bcyates
Communicator
‎04-30-2018 11:35 AM

It depends on the severity. Criticals and highs area little too low, but mediums are way too high

0 Karma
Reply
Get Updates on the Splunk Community!

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

What’s New in Splunk Enterprise 9.4: Tools for Digital ResilienceTune in to What’s New in Splunk Enterprise ...

Get Schooled with Splunk Education: Explore Our Latest Courses

At Splunk Education, we’re dedicated to providing incredible learning experiences that cater to every skill ...

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL  The Splunk AI Assistant for SPL ...