Security

integration with nessus server outside network?

abdullahalhabba
Explorer

How to integration with nessus server Knowing that this server exist in cloud network environment, means this server contains public IP and Splunk servers contains privet IP, is there any method that helps me in that, for example am i use URL for success integration?

Please I want full details?
Thanks my friends.

0 Karma

Richfez
SplunkTrust
SplunkTrust

abdullahalhabbash,

[EDIT: I realized that I was coming off inappropriately negative, so I reworded to make it more fair]

The Splunk Add-on for Tenable should do what you need.

NOTES:
Your concern about it having a public address and your own Splunk server having a private address is of no concern. Think of it like your PC/Mac having a private address, yet you can still go to Google or Amazon.

There are instructions for setting up the connection here, but you may need to read through this answer about getting data from tenable.io, too.

While this app really should work OK, it is under development right now. There have been some issues in the past that are mostly resolved, but if you get it sort of working but it's flaky or failure prone, make sure you are on the latest version and if the problem still persists open a ticket with Splunk. They can often help get it working, as long as you've done due diligence with your configs and things.

I hope this helps!
Happy Splunking!
-Rich

0 Karma
Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...