Tenable Data

The Tenable Add-on for Splunk is required to collect the vulnerabilities for each IT asset/device.

Splunkbase Download: https://splunkbase.splunk.com/app/4060/

Installation and Configuration Guide: https://docs.tenable.com/integrations/Splunk/Content/Splunk%20Add%20On.htm

Note: Use index=tenable for data collection or update the macro definition for cs_tenable (Settings > Configuration).

Estimated Data Size

The Tenable Add-on for Splunk does not consume a ton of license usage, since it only collects vulnerability scan related information from all of your devices, but it is contingent on the number of devices and vulnerabilities that are present in your environment. For example, CrossRealms had around 400 devices and the total license consumption was less than 150MB.

Copyright © 2024 CrossRealms International.