Set additional filter parameters for Tenable.io imports

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:6分

    • Customize the filtering parameters for your scheduled queries with the Tenable Vulnerability Integration to help you further refine the vulnerability data you import with the Tenable.io product.

    始める前に

    Use cases: As a vulnerability manager or analyst, you might want to filter out data from your queries so that you can review only specific vulnerability details. For example, say you want to view imported vulnerabilities that are filtered by cidr_range, num_assets, indexed_at, and plugin_family. Or, say you want to run a Tenable.io integration such that one run imports only critical vulnerabilities every four hours, and another runs every 24 hours to fetch all the other non-critical vulnerabilities.

    To help you gather this data, you might add tenable-supported parameters to help you import the specific vulnerability details you need.

    Without adding additional API calls or coding, this feature permits you to customize your HTTP Request information with Tenable parameters in your ServiceNow AI Platform. The following Tenable.io Integrations support filtering by providing JSON content in the request body:
    • Assets Integration
    • Fixed Vulnerability Integration
    • Open Vulnerabilities Integration

    Import Filter Parameters

    There are these additional filter parameters for Tenable.io Fixed/Open vulnerabilities Integration. You can apply this filter by including an epss_score, cvss4_base_score or vpr_v2_score object inside the filters object of the content field in the Tenable.io Vulnerabilities REST message.

    • epss_score: Use this filter to retrieve vulnerabilities based on their Exploit Prediction Scoring System (EPSS) score. Score ranges can be defined using comparison properties such as eq, neq, gt, lt, gte and lte.

    • cvss4_base_score: Use this filter to retrieve vulnerabilities based on their CVSS version 4 (CVSSv4) base score. Score ranges can be defined using comparison properties such as gt, lt, eq, neq, gte and lte.
    • vpr_v2_score: Use this filter to retrieve vulnerabilities based on their Vulnerability Priority Rating version 2 (VPRv2) score. Score ranges can be defined using comparison properties such as gt, lt, eq, neq, gte and lte.
    注:
    These changes will be implemented as part of Tenable 5.2.1 Version.
    表 : 1. Filter Combination Rules
    Filter Type Allowed Combinations Restrictions
    eq (equals) Cannot be combined with lt, gt, lte, or gte Should be used independently or with neq
    neq (not equals) Can be combined with any other filter No restrictions
    lt, gt, lte, gte Cannot be combined with eq Can be combined among themselves and with neq

    You should know how to use JSON strings for this feature.

    Role required: sn_vul.vulnerability_admin

    手順

    1. Locate the parameters supported by the Tenable.io product on the developer site that you want to use for your filtering.

      Parameters and values you enter from the Tenable.io product are supported only at the integration instance level.

    2. Navigate to All > Tenable Vulnerability Integration > Administration > Integrations.
    3. On the Tenable Integrations list page, click the record for the Tenable.io integration that you want to open.
    4. With the Tenable REST methods tab selected, click the information icon (I) for REST method followed by Open Record.
    5. Select the HTTP Request tab.
    6. To edit the record, at the top of the page, click the link in, To edit the record click here.
    7. In the REST Method record in the Content field, enter the JSON content that you want as part of the request body.

      As an example, you might set the severity parameter for imported vulnerabilities as, {"filters": {"severity": ["critical"]}} for the Tenable.io Assets Integration so it imports only critical vulnerabilities (CVSS score of 10.0).

      If you want to enter more than one parameter, refer to the Tenable.io documentation for more information about how to separate each value.

    8. Click Update.