All Apps and Add-ons

In the present version of Tenable Add-On for Splunk, why is scan result information missing in logs?

pagillar
Explorer

In previous add on we used to get below information which is missing in present add on, everything else works fine except for this information missing in the data.

_is_scan_result_empty:   0  
     _scan_result_info: {   [-] 
         createdTime:    1530944450 
         finishTime:     1530945356 
         id:     ***    
         importFinish:   1530945372 
         importStart:    1530945366 
         name:   ***    
         startTime:  1530944466 
    }
1 Solution

nkeuning
Communicator

Unfortunately this information is no longer available. In the previous add-on they were pulling scan results directly. In this add-on we are pulling in the "summary" view of all vulns on each machine. This allows us to use much less storage and provides the state of the vulnerabilities, but did remove our ability to show scan specific information.

View solution in original post

nkeuning
Communicator

Unfortunately this information is no longer available. In the previous add-on they were pulling scan results directly. In this add-on we are pulling in the "summary" view of all vulns on each machine. This allows us to use much less storage and provides the state of the vulnerabilities, but did remove our ability to show scan specific information.

tmeader
Contributor

We unfortunately used this information block extensively in our dashboards. This is extremely disappointing.

Is there any method through the new add-on to collect the same data about the scans themselves (name/created/start/finish time, etc)??

0 Karma

pagillar
Explorer

Hi,

Does this add-on supports Nessus manager?

0 Karma

nkeuning
Communicator

Not today, but the next version will; v2.

0 Karma

osasfrancis
Path Finder

HI,

We are using the v5.2.3. Is there a way to get the scan name information?

Thanks

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...