Instance: San Diego Patch 9a, using tenable 3.x connector

Our vulnerability imports from tenable.sc have failed for the last 3 days.  We increased timeout today from 300 secs to 600 secs and managed to get though the import and processing of the cumulative and patched updates, but are yet to work out why the change in behaviour.

we have observed the following

• no delay in the REST call to our tenable.sc environment. 
  • the ECC queue output record is processed almost immediately
  • the corresponding ECC queue input record creates about 10 seconds later and the attachment containing the vulnerabilities looks OK
• There appears to be a delay updating the tenable job chunk record, including the processing of the ECC queue input record attachment (payload.txt) and attaching the output to the tenable job chunk record (as an example JOB0007631-15.json).   Time varies from a couple of mins to almost 10 mins.
• Once all tenable job chunks are processed, the creation of import sets and import set row tables is very quick, as are their transforms.

Working through the tenable code / business rules / jobs is difficult.  Hoping someone can assist with the following

• what is processing the ECC queue input record?  I believe it gets triggered from scheduled job JOB:VR:P:0060: Process SC Vulnerability Queue, but not sure which script include / function is doing the actual work.
• Where is the code for the processing of the payload.txt file into the json file?
• any thoughts on what might be causing the increase in processing time (as job chunk size has not changed and expect the a payload contents from tenable to be similar)?  Note I have logged a case with ServiceNow asking about the async business rules and how to report on queue depth / delays actioning them at a point in time

thanks,

Steve