Tenable.SC Connector Unable to Pull SC Queries (Tenable Version)

Zach40 · ‎02-05-2021

Hi all, I am unable to pull SC Queries from my Tenable.SC environment into my ServiceNow Tenable Connector.

I have tried the following:

Ensuring I have the Security Manager role in Tenable.SC
Ensuring I have the proper roles in ServiceNow to configure the Tenable.SC connector
I have the Tenable Connector connection successfully connected
I re-authenticated, downloaded credentials, queries, plugins, and full plugins for the connector
I have the latest ServiceNow Tenable Connector and Tenable for Assets plugins
I have a compatible version of Tenable.SC per documentation requirements

Any Suggestions, and is there a specific way I should be setting up my Tenable.SC query for the Tenable for Assets pull?

Chris McDevitt · ‎02-05-2021

Hi,

When creating the Query Filter in Tenable.sc you need it to be

Type: "Vulnerability" and Tool: "Vulnerability Details List".

Once that is set, it will show up.

Zach40 · ‎02-05-2021

Hi Chris, will this one integration be enough to for both my Tenable for Assets pull and Tenable for Vulnerabilities pull? Thanks!

Chris McDevitt · ‎02-05-2021

Zach:

1. Will process the hosts only and populate the Discovered Items Module / CMDB.

2. & 3. Will bring in vulnerabilities and IF there is no entry in the Discovered Items module it will also process the host data as in step one.

I believe the filter is only applied to #2 and #3 and not the asset integration.

In short, yes.

Zach40 · ‎02-05-2021

Hey Chris, I set up my query just like you have shown but still am unable to populate my SC Query table. Just to clarify I have the Tenable vendor created SNOW plugin (Connector, Tenable for Assets, Tenable for Vulnerabilities), not the SNOW Tenable created plugin. Any other ideas on how to troubleshoot this? Thanks.