Tenable.SC Connector Unable to Pull SC Queries (Tenable Version)

Zach40
Tera Contributor

‎02-05-2021 10:52 AM

Hi all, I am unable to pull SC Queries from my Tenable.SC environment into my ServiceNow Tenable Connector.

  

I have tried the following:

  • Ensuring I have the Security Manager role in Tenable.SC
  • Ensuring I have the proper roles in ServiceNow to configure the Tenable.SC connector
  • I have the Tenable Connector connection successfully connected
  • I re-authenticated, downloaded credentials, queries, plugins, and full plugins for the connector
  • I have the latest ServiceNow Tenable Connector and Tenable for Assets plugins
  • I have a compatible version of Tenable.SC per documentation requirements

 

Any Suggestions, and is there a specific way I should be setting up my Tenable.SC query for the Tenable for Assets pull?

Labels:
0 Helpfuls
  • 2,478 Views
16 REPLIES 16

Chris McDevitt
ServiceNow Employee
ServiceNow Employee
In response to Zach40

‎02-06-2021 07:45 AM

Oh, I assumed from the title you had the "ServiceNow Tenable.sc connector....". Sorry....

I would run the integration and check the raw that it returns for hint on what is going on. The integration should have a data source and the data source should have an attachment. Also, the integration run should (hopefully) record any error message. 

Sorry, I do not have a Tenable build integration setup to very this...

 

 
0 Helpfuls

SNDeveloper
Tera Expert
In response to Chris McDevitt

‎04-07-2021 03:04 PM

Hi Chris, 

Can you help me with this question that I'm facing with ServiceNow new plugin "VR Integration for Tenable".

https://community.servicenow.com/community?id=community_question&sys_id=854fa38ddb972010ab0202d5ca96...

 

Also, I have the same issue. Which scheduled Plugin helps populate SC Queries Table? As of the new version, the documentation is not detailed and the SC Queries table is not getting updated with new tenable queries. 

 

Thanks in Advance...!

0 Helpfuls

Adam Stevens
Kilo Contributor
In response to Chris McDevitt

‎05-27-2021 03:17 PM

Wow, I am glad I found this post!  I have been struggling trying to get new queries I create within Tenable.sc to load into ServiceNow.  Once I changed the one I wanted to use to use Vulnerability Detail List instead of Vulnerability Summary, it loaded right in.

 

@Chris McDevitt do you by chance have any additional guidance on other Tenable.sc query settings?  For example, we are using "Vulnerability Last Observed" set to "within the last day", but I am wondering if we should be using "Vulnerability Discovered" instead, or neither of those?  TIA!

Adam

0 Helpfuls

Chris McDevitt
ServiceNow Employee
ServiceNow Employee
In response to Adam Stevens

‎06-01-2021 06:54 AM

Unless you have a compelling reasion... I would keep it very simple like so:

find_real_file.png

 

 
Preview file
30 KB
0 Helpfuls

Adam Stevens
Kilo Contributor
In response to Chris McDevitt

‎06-01-2021 01:25 PM

Thanks @Chris McDevitt - my only thought there is without the query filtering on the last time Tenable saw it i.e. "Within the last day", how would ServiceNow know whether it was Open/Fixed?

0 Helpfuls