Data retrieval settings for the Tenable Vulnerability Integration

  • Release version: Zurich
  • Updated September 5, 2025
  • 5 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Data retrieval settings for the Tenable Vulnerability Integration

    This guide details how ServiceNow customers can configure data retrieval settings for the Tenable Vulnerability Integration within their ServiceNow AI Platform instance. These settings allow you to control the type and scope of vulnerability data imported from Tenable products including Tenable.io, Tenable.sc, and Tenable.cs. Proper configuration helps tailor vulnerability data import to your organizational needs, improving vulnerability management and risk assessment workflows.

    Show full answer Show less

    Settings are managed on the Integration Instance page accessible via Tenable Vulnerability Integration > Integration Instances, where you select your specific integration and adjust parameters and filters accordingly.

    Key Features

    • Severity Filters: Enable or disable import of vulnerabilities by severity level (Critical, High, Medium, Low, Info) for each Tenable product. Critical and High severities are enabled by default, while others are off by default but can be enabled as needed to broaden data coverage.
    • Insert Fixed Flag: When enabled, creates new vulnerability records for detections in the Fixed state that do not yet exist in your instance, ensuring comprehensive tracking of resolved issues.
    • Data Chunk and Page Size Controls: Configure chunk sizes for assets and vulnerabilities to optimize data retrieval performance and manage payload sizes, including parameters like numassets, chunksize, size, assetpagelimit, and vulnpagelimit.
    • Async Requests (Tenable.sc): Option to enable asynchronous API calls to avoid timeouts, improving reliability for large data sets. This requires additional setup with provided fix scripts.
    • Query Filters (Tenable.sc): Apply specific query filters configured in the Tenable console to refine the data imported into ServiceNow, allowing precise control over imported vulnerabilities.

    Practical Application for ServiceNow Customers

    • Start with default severity filters (Critical and High) enabled to import the most impactful vulnerabilities and gradually enable Medium, Low, or Info levels if broader visibility is required.
    • Use the insertfixed flag to ensure fixed vulnerabilities are tracked if your workflow requires auditing resolved issues.
    • Adjust chunk sizes and page limits to balance import performance against system resource constraints, especially when dealing with large asset or vulnerability volumes.
    • For Tenable.sc integrations, consider enabling asynchronous requests to prevent timeout issues during large data imports.
    • Leverage query filters configured in the Tenable console to tailor vulnerability data retrieval precisely to your organization’s policies and risk priorities.

    By fine-tuning these settings in your Tenable integration instance, you can ensure that your ServiceNow AI Platform receives relevant, manageable, and actionable vulnerability data tailored to your operational requirements.

    The following data retrieval settings help you determine specifically the type and scope of data you want to import from the ServiceNow® Tenable Vulnerability Integration to your ServiceNow AI Platform® instance.

    The settings described in the following sections help you control the data you want to import. Additionally, you can set the values of these filters in Integration Instances. To view integration instances, navigate to Tenable Vulnerability Integration > Integration Instances and select your integration, Tenable.io, Tenable.sc, or Tenable.cs.

    On the Integration Instance page that is displayed, select the Integration Instance Parameters to display a list of parameters, or the Vulnerability Integrations tabs for a schedule, REST Details, Integration details, Data Sources, and integration run information.

    Common severity and retrieval settings and filters for Tenable.io, Tenable.sc and Tenable.cs in your ServiceNow AI Platform instance

    The following settings are available for the Tenable.io, Tenable.sc, and Tenable.cs integrations in your ServiceNow AI Platform instance. These and other configuration settings are displayed on the Integration Instance page of your ServiceNow AI Platform instance. You may prefer to leave these settings in their defaults for the first few integration runs.

    Tenable.io

    insert_fixed
    If you enable the insert_fixed flag in Setup Assistant for the Vulnerabilities Import integration, new VIs are created for detections in the Fixed state that don’t exist in your instance.
    severity_critical
    This filter is enabled by default (true) to receive critical severity Vulnerabilities from the Tenable.io Open Vulnerabilities and Tenable.io Fixed Vulnerabilities Integrations.
    severity_high
    This filter is enabled by default (true) to receive high-level severity Vulnerabilities from the Tenable.io Open Vulnerabilities and Tenable.io Fixed Vulnerabilities Integrations.
    severity_medium
    This filter is inactive by default (false). Enable this filter to receive medium-level severity Vulnerabilities from the Tenable.io Open Vulnerabilities and Tenable.io Fixed Vulnerabilities Integrations.
    severity_info
    This filter is inactive by default (false). Enable this filter to receive info-level severity Vulnerabilities from the Tenable.io Open Vulnerabilities and Tenable.io Fixed Vulnerabilities Integrations.
    severity_low
    This filter is inactive by default (false). Enable this filter to receive low-level severity Vulnerabilities from the Tenable.io Open Vulnerabilities and Tenable.io Fixed Vulnerabilities Integrations.
    size
    This setting defines the number of plugin records to include in the result set from the Tenable.io Plugins Integration. Must be in the int32 format. The default value is 1,000. The maximum size is 10,000.
    num_assets
    The maximum number of vulnerabilities per exported chunk from the Tenable.io Fixed Vulnerabilities and Tenable.io Open Vulnerabilities Integrations. The default value is 50.
    chunk_size
    Specifies the number of assets per exported chunk by the Tenable.io Assets Integration. The default is 1,000.

    Tenable.sc

    async_request
    This parameter is inactive by default (false). Enable or disable this parameter to make asynchronous or synchronous API calls with Tenable.sc respectively. For synchronous calls, if there’s a timeout at 30 seconds, contact support for the Tenable product to tune the box. This parameter once enabled is applicable for all the integrations of Tenable.sc. For existing customers using asynchronous calls, a fix script is available, which adds a new async_request parameter to the existing Tenable.sc integration instances. To view the fix scripts, navigate to System Definition > Fix Scripts.
    insert_fixed
    If you enable the insert_fixed flag in Setup Assistant for the Vulnerabilities Import integration, new VIs are created fordetections in the Fixed state that don’t exist in your instance.
    offset
    Specifies the number of assets, plugins, and vulnerabilities imported in one integration run.
    Query filters
    Query filters are configured from within the Tenable console. These query filters have IDs that can be selected from Setup Assistant or from the Integration Instances page in your ServiceNow AI Platform instance. These filters are applied while retrieving the data from the Tenable.sc integrations.
    Tenable.cs
    compute_severity_critical
    This filter is enabled by default (true) to receive critical severity Vulnerabilities from the Tenable.cs Open Cloud Host Vulnerabilities Integration and Tenable.cs Fixed Cloud Host Vulnerabilities Integration.
    compute_severity_high
    This filter is enabled by default (true) to receive high-level severity Vulnerabilities from the Tenable.cs Open Cloud Host Vulnerabilities Integration and Tenable.cs Fixed Cloud Host Vulnerabilities Integration.
    compute_severity_medium
    This filter is inactive by default (false). Enable this filter to receive medium-level severity Vulnerabilities from the Tenable.cs Open Cloud Host Vulnerabilities Integration and Tenable.cs Fixed Cloud Host Vulnerabilities Integration.
    compute_severity_info
    This filter is inactive by default (false). Enable this filter to receive info-level severity Vulnerabilities from the Tenable.cs Open Cloud Host Vulnerabilities Integration and Tenable.cs Fixed Cloud Host Vulnerabilities Integration.
    compute_severity_low
    This filter is inactive by default (false). Enable this filter to receive low-level severity Vulnerabilities from the Tenable.cs Open Cloud Host Vulnerabilities Integration and Tenable.cs Fixed Cloud Host Vulnerabilities Integration.
    container_severity_critical
    This filter is enabled by default (true) to receive critical severity Container Vulnerabilities from the Tenable.cs Open Cloud Container Vulnerabilities Integration and Tenable.cs Fixed Cloud Container Vulnerabilities Integration.
    container_severity_high
    This filter is enabled by default (true) to receive high-level severity Container Vulnerabilities from the Tenable.cs Open Cloud Container Vulnerabilities Integration and Tenable.cs Fixed Cloud Container Vulnerabilities Integration.
    container_severity_medium
    This filter is inactive by default (false). Enable this filter to receive medium-level severity Container Vulnerabilities from the Tenable.cs Open Cloud Container Vulnerabilities Integration and Tenable.cs Fixed Cloud Container Vulnerabilities Integration.
    container_severity_info
    This filter is inactive by default (false). Enable this filter to receive info-level severity Vulnerabilities from the Container Vulnerabilities from the Tenable.cs Open Cloud Container Vulnerabilities Integration and Tenable.cs Fixed Cloud Container Vulnerabilities Integration.
    container_severity_low
    This filter is inactive by default (false). Enable this filter to receive low-level severity Container Vulnerabilities from the Tenable.cs Open Cloud Container Vulnerabilities Integration and Tenable.cs Fixed Cloud Container Vulnerabilities Integration.
    asset_page_limit
    This setting defines the number of container asset records to include in the result set from the Tenable.cs Cloud Container Assets Integration. The default value is 1,000. The maximum size is 1,000.
    vuln_page_limit
    This setting defines the number of vulnerabilities records to include in the result set from the Tenable.cs Open Cloud Host Vulnerabilities Integration, Tenable.cs Fixed Cloud Host Vulnerabilities Integration, Tenable.cs Open Cloud Container Vulnerabilities Integration, and Tenable.cs Fixed Cloud Container Vulnerabilities Integration. The default value is 1,000. The maximum size is 10,000.