If you are using the Tenable Add-on for Splunk
You can pull out compliance scan results separately with sourcetype=tenable:sc:vuln "family.type"=compliance. Within the pluginText field values you can find the results of your compiance scan, PASSED, INFO, FAILED, & ERROR.
I had to use some regex to pull out the results cleanly. You should also look at the xref field if your compliance scans include more than just Windows systems. I had to separate out database and Windows on my systems where SQL and Windows are installed so I could see specific resullts.
... View more