Tenable Connector for ServiceNow

Description

Tenable.io's continuous monitoring and vulnerability management platform is trusted by over 20,000 customers worldwide to protect critical applications, devices, and infrastructures. Purpose-built for ServiceNow's Vulnerability Response offering, this application imports your Tenable.io vulnerability data and lets you act on it within ServiceNow.

Application Menu

Tenable Connector

Primary Role Required: x_tsirm_api_access.user

Title Link Type Required Role
Documentation URL (from Arguments:) x_tsirm_api_access.user
API Layer Documentation URL (from Arguments:) x_tsirm_api_access.documentation_view
Contact Support URL (from Arguments:) x_tsirm_api_access.user
Configuration Separator  
General Settings Single Record x_tsirm_api_access.general_settings
Connectors List of Records x_tsirm_api_access.connector_user
Async Requests Separator x_tsirm_api_access.async_request_action.read,x_tsirm_api_access.async_request_queue.read
Async Request Queue List of Records x_tsirm_api_access.async_request_queue.read
Async Request Actions List of Records x_tsirm_api_access.async_request_action.read
Documentation URL (from Arguments:) x_tsirm_api_access.user
API Layer Documentation URL (from Arguments:) x_tsirm_api_access.documentation_view
Contact Support URL (from Arguments:) x_tsirm_api_access.user
Configuration Separator  
General Settings Single Record x_tsirm_api_access.general_settings
Connectors List of Records x_tsirm_api_access.connector_user
Async Requests Separator x_tsirm_api_access.async_request_action.read,x_tsirm_api_access.async_request_queue.read
Async Request Queue List of Records x_tsirm_api_access.async_request_queue.read

Scripted REST API

ScriptDocumentation (/api/x_tsirm_api_access/scriptdocumentation)

Contains the following resource endpoints:

Name Method Relative Path
documentation GET /

UI Action

Test the Connector

Description: Test the connection between ServiceNow and the Endpoint.

Reprocess Entry

Description: Reprocess the queue entry.

Script Include

TenableIORestApiTargetGroups

Description: REST API library for the TARGET-GROUPS endpoint of Tenable.io.

RequestQueueActionHelper

Description: A helper library for the Request Queue actions.

TenableIOVulnsFilterHelper

Description: A helper library for creating and representing vulnerability filters in the Tenable.io Mock API library.

TenableIORestApiAssets2

Description: A new API Library for interacting with the Mock Vulnerabilities API.

TenableApiHelper

Description: A general helper library for Tenable API.

TenableIORestApiScans

Description: A REST API library for the SCANS endpoint of Tenable.io.

RequestQueueHelper

Description: A helper library for the Request Queue.

TenableIORestApiVulnerabilities

Description: An API Library for interacting with the Vulnerabilities workbench.

TenableIORestApiPlugins

Description: A REST API library for the PLUGINS endpoint of Tenable.io.

TenableIOFilterHelper

Description: A helper library for creating and representing filters in the Tenable.io API Library.

TenableIORestApiAssets

Description: A library to connect to Tenable.io's REST API for the Asset Workbench.

TenableApiSystemLogHelper

Description: A library to provide logging to the application.

TenableIORestApiCore

Description: An API library for the Core components of REST communication with Tenable.io.

DocumentationHelper

Description: A helper library to generate documentation data.

TenableIOFilterHelperV2

Description: A Version 2 helper library for creating and representing filters in the Tenable.io API Library.

TenableApiGeneralSettingsHelper

Description: A library for accessing and managing the General Settings for the application.

TenableIORestApiVulns

Description: An API library for interacting with the Mock Vulnerabilities API.

ConnectorHelper

Description: A helper library for the Tenable API Layer Connector functionality.

RQSystemLogHelper

Description: A logging library for request queue functions.

Table

General Settings

Description: Contains the settings that control the integration.

Async Request Queue

Description: An asynchronous Request Queue where actions are store and processed.

Async Request Action

Description: Contains Request Queue Actions and their definitions on what to run and how to process retries and responses.

Tenable Connector

Description: Contains connector information for the integration.

Client Script

Update Name on Label Change

Description: When the label changes, the Name field updates.

Primary Roles

x_tsirm_api_access.admin

Description: An administrative user of the application.

x_tsirm_api_access.user

Description: A basic user of the application.

Secondary Roles

x_tsirm_api_access.async_request_action.create

Description: Ability to create async request actions.

x_tsirm_api_access.async_request_action.user

Description: User access to the async request action table.

x_tsirm_api_access.async_request_action.delete

Description: Ability to delete async request actions.

x_tsirm_api_access.async_request_action.write

Description: Ability to modify entries in the async request actions.

x_tsirm_api_access.async_request_action.read

Description: Ability to see request actions.

x_tsirm_api_access.async_request_queue.delete

Description: Ability to delete async request queue entries.

x_tsirm_api_access.async_request_queue.create

Description: Ability to create entries in the async request queue.

x_tsirm_api_access.async_request_queue.write

Description: Ability to modify entries in the async request queue.

x_tsirm_api_access.async_request_queue.user

Description: User access to the async request queue.

x_tsirm_api_access.async_request_queue.read

Description: Ability to see entries in the async request queue.

x_tsirm_api_access.documentation_view

Description: Ability to see documentation of script.

x_tsirm_api_access.connector_user

Description: User access to the connectors.

x_tsirm_api_access.documentation_writer

Description: Users that edit scripts with documentation.

x_tsirm_api_access.general_settings

Description: Access to the general settings.

UI Policy

Show Request Timeout Field

Description: Shows the Request Timeout field if the Advanced checkbox is checked.

Table: x_tsirm_api_access_connector


Condition: show_advanced_settings=true^EQ

Field Mandatory Visible Read Only
request_timeout_sec Leave alone True Leave alone

Hide Request Timeout Field

Description: Hides the Request Timeout field if the Advanced checkbox is not checked.

Table: x_tsirm_api_access_connector


Condition: show_advanced_settings=false^EQ

Field Mandatory Visible Read Only
request_timeout_sec Leave alone False Leave alone

Show Max ECC Wait Time Field

Description: Shows the Max ECC Wait Time field if the Advanced checkbox is checked.

Table: x_tsirm_api_access_connector


Condition: show_advanced_settings=true^EQ

Field Mandatory Visible Read Only

max_ecc_wait_time_sec

Leave alone True Leave alone

Hide Max ECC Wait Time Field

Description: Hides the Max ECC Queue Wait Time field if the Advanced checkbox is checked.

Table: x_tsirm_api_access_connector


Condition: show_advanced_settings=false^EQ

Field Mandatory Visible Read Only

max_ecc_wait_time_sec

Leave alone False Leave alone

UI Scripts

x_tsirm_api_access.bootstrap.min.js.3.3.

Description: Standard library for bootstrap.

x_tsirm_api_access.documentationContent

Description: Documentation Structure that offers a static page for applications that offer protected libraries.

x_tsirm_api_access.docViewerApp

Description: Angular Library for DocumentationViewer Application.

x_tsirm_api_access.angular.min.js.1.6.6

Description: Standard library for angular.

Business Rule

Set Duration for Queue Requests

Description: Calculates the duration of the request running when state changes to Complete or Error.

Test Connector on Changes

Description: If anything changes in the connector, it triggers a test of the connection.

Create settings if None exist

Description: Automatically creates a general settings record with default values if one doesn’t exist.

Sync Action Name with Label

Description: If the label changes on an Sync Request Action, the name changes to match.

Set a Default Connector

Description: When a new connector is created and there is not a default connector, it sets a default.

Set Application Prefix Variable

Description: Display Business Rule to set the application scope prefix on the Async Request Action table entries.

Update Documentation

Description: Triggers the auto-documents to be regenerated if a script included in the application scope changes.

Set Next Available Action

Description: Sets the next available action in the Async Request Queue.

Warn if No Active Default Connector Exists

Description: Warns if no active default connector is set in the UI.

Execute New Requests

Description: Executes the new requests that come into the Async Request Queue.

Set Processing Started

Description: Sets the timestamp on the queue action when it starts processing.

Scheduled Script Execution

Reprocess Stalled API Queue Requests

Description: Runs every 5 minutes to reprocess stalled queue entries.

Process Available Request Queue Entries

Description: Runs every minute to process any new queue entries.

Clean Up Old Request Queue Entries

Description: Runs every hour to clean up the old request queue entries.

Check Connector Health

Description: Runs every 5 minutes to check the connector health and connectivity.