Configure the Tenable Connector
The Tenable Connector provides all API interactions between your ServiceNow instance and Tenable.io/Tenable.sc for the Tenable suite of ServiceNow applications.
Note: You must be logged in with a ServiceNow account that has the x_tsirm_api_access admin role to perform the basic connector setup process.
Note: The ServiceNow configuration only supports Tenable.sc versions 5.7 and later.
Before you begin:
You must have a minimum role requirement of Security Analyst in Tenable.sc.
To configure the Tenable connector for Tenable.io or Tenable.sc:
- Log in to ServiceNow.
- In the left navigation pane, go to Configuration > Connectors.
The Tenable Connectors page appears.
- Click New.
From the Tenable Product drop-down box, select Tenable.io or Tenable.sc.
- Select the Active check box.
- In the Name text box, type a name for the connector.
Complete the configurations for your selected Tenable application.For Tenable.io:
- In the Address text box, type an IP address or DNS name for the connector. ServiceNow populates this with the Tenble.io IP address.
- In the Access Key text box, type the access key provided by your Tenable administrator.
- In the Secret Key text box, type the secret key provided by your Tenable administrator.
- Click the lock button next to the Address text box.
- In the Address text box, type an IP address or DNS name for the connector.
- Click the lock button a second time to lock the address.
- In the MID Server text box, search for and select a MID server that can access your Tenable.sc server.
- In the API Username text box, type the API username provided by your Tenable administrator.
- In the API Password text box, type the API password provided by your Tenable administrator.
Tip: To save your selected configuration options without navigating away from the page:
Right click in the top menu that contains the Tenable Connector heading and menu.
A list of options appear.
- Click Save.
- In the General Settings section, you can specify your Max ECC Wait Time (in seconds) and Request Timeout (in seconds) for each of your configured connectors.
- In the Asset Settings section, you can set the Asset Logging Level, Asset Max Cumulative Log Entries, and Asset Max Cumulative Log Sizes. The default setting for the logging levels is Errors Only.
- In the Additional Asset Settings section, you can select CI Classes to Ignore. Options are also available to set New Record Sync Frequency (in minutes), Record Update Sync Frequency (in minutes), Asset Max Job Log (in days), and Asset Max Job Wait (in days).
Note: You may have additional settings options on your connector page depending on the Tenable applications you have installed, i.e., Tenable Assets (Assets Settings), Tenable VR (VR Settings), and Tenable ITSM (ITSM Settings) .
Note: For additional information about ServiceNow settings, see the ServiceNow documentation.
- Click Test the Connector.
(For Tenable.sc only) Click the Download Queries for Connector link. These queries are used when you schedule an import of asset or vulnerability data (VR/ITSM). They are used to identify the assets in Tenable.sc that you want to pull.
Note: If the connector test fails, check your API Keys/user/pass and retest the connector.
- Click Update.
The Tenable connector starts syncing ServiceNow configuration items to your selected Tenable application.
- (For Tenable.sc) In the Related Links section, click Download Queries for Connector.
ServiceNow downloads the queries for the Tenable connector.