Configure the Tenable Connector

The Tenable Connector provides all API interactions between your Tenable applications (Tenable.ot, Tenable.io, or Tenable.sc) and ServiceNow instance.

Note: In ServiceNow, you must have the x_tsirm_api_access admin role to perform the basic connector setup process.

Note: The ServiceNow configuration only supports Tenable.sc versions 5.7 and later.

Before you begin:

For Tenable.io:

Required User Role: Administrator

  • You must have your Tenable.io API keys.

    Note: For your Tenable.io integration:

    • Generate an API key in Tenable.io to complete the configuration.  See the Tenable.io user guide for instructions on how to generate an API key. (Do not use this API key for any other third party or custom-built application or integration. A unique API key is a requirement for each installed instance of the integration.)

For Tenable.sc:

Required User Role: Security Analyst

For Tenable.ot:

Required User Role: Read Only

To configure the Tenable connector for Tenable.io, Tenable.sc, or Tenable.ot:

  1. Log in to ServiceNow.
  2. In the left navigation pane, click Tenable Connector > Connectors.

    The Tenable Connectors page appears.

  3. Click New.
  4. From the Tenable Product drop-down box, select Tenable.ot, Tenable.io or Tenable.sc.

  5. If you are in a domain-separated environment, in the Domain box, type the domain into which to bring connector data.

  6. Select the Active check box.
  7. In the Scheduled Job Run As box, type the username of the user with which you want to import data.

    Note: If you are in a domain-separated environment, this field is a requirement. The user must be part of the domain specified in step 5.

  8. In the Name text box, type a name for the connector.
  9. Complete the configurations for your selected Tenable application.

    Tip: To save your selected configuration options without navigating away from the page:

    1. Right click in the top menu that contains the Tenable Connector heading and menu.

      A list of options appears.

    1. Click Save.
  10. (Optional) In the General Settings section, you can specify your Max ECC Wait Time (in seconds) and Request Timeout (in seconds) for each of your configured connectors.
  11. In the Asset Settings section, you can set the Asset Logging Level, Asset Max Cumulative Log Entries, and Asset Max Cumulative Log Sizes. The default setting for the logging levels is Errors Only.
  12. In the Additional Asset Settings section, you can set New Record Sync Frequency (in minutes), Record Update Sync Frequency (in minutes), Asset Max Job Log (in days), and Asset Max Job Wait (in days).

Note: You may have more settings options on your connector page depending on the Tenable applications you have installed (For example, Tenable Assets [Assets Settings], Tenable.ot for VR [VR Settings], and Tenable ITSM [ITSM Settings]).

Note: For more information about ServiceNow settings, see the ServiceNow documentation.

  1. Click Update.
  2. Click Test the Connector.

    Note: If the connector test fails, check your username, password, and API Keys and retest the connector.