Configure Tenable OT Security

Last Updated: December 19, 2024

Required User Role: Administrator

To configure Tenable OT Security in ServiceNow:

  1. Log in to your ServiceNow instance.

  2. Navigate to Tenable Connector for Assets > Connectors.

    The Tenable Connector appears.

  3. Navigate to your already existing connector whose Tenable product is Tenable OT Security.

  4. From the Module drop-down box, you can select Asset or VR.

    Note: By default, the connector’s name is populated.

    Note: For the Asset Module, you can select the Pull Assets Tenable Job Type. For the VR Module, you can select the Pull Vulnerabilities as the Tenable Job Type. The Pull Plugins Tenable Job Type is automatically created by the Pull Vulnerabilities job.

    The Pull Assets Schedule Job fetches the assets from Tenable OT Security to ServiceNow and stores the asset details in the CMDB Tables (IP Address, Network Adapter, OT Control Systems, Incomplete IP Identified Device, Operational Technology (OT), Network Gear, Industrial Sensors) and the Custom table (Tenable Asset Attributes).

    Name Description Default Value
    Active

    If selected, the scheduled job runs on the configured schedule.

    Disabled
    Initial Run - Historical Data

    The amount of time (in days) of how far back you want to pull data.

    		 Within the last 365 days
    Last Run

    The date and time that the import was last run.

    		N/A
    Edit Run Schedule

    Select this box if you want to configure the scheduled job run configuration. The following options must be configured:

    Note:Make sure not to set the run frequency too high, as this can result in congested jobs and create performance issues.

    • Run: The frequency that you want the import to run. Possible values are: Daily, Weekly, Monthly, Periodically, Once, On Demand, Business Calendar: Entry Start, or Business Calendar: Entry End.

    • Repeat Interval/Time: Set the time (hh/mm/ss) to run the import. This differs based on the Run selection.

    		 If selected, Daily is the default value.

  5. If you selected the VR Module, configure the following parameters:

    Note: This module is only be visible if the "Tenable.ot for VR" integration is installed.

    The Pull Plugins Schedule Job fetches the assets from Tenable OT Security to ServiceNow and stores the plugin details in the Custom table (Plugin Import and Tenable Plugin Additional Info).

    Note: This Scheduled job is automatically created when the Pull Vulnerabilities job is created.

    Name Description Default Value
    Active

    If selected, the scheduled job runs on the configured schedule.

    Disabled
    Initial Run - Historical Data

    The amount of time (in days) of how far back you want to pull data.

    		 Within the last 365 days
    Last Run

    The date and time that the import was last run.

    		N/A
    Last Run - Fixed

    The date and time that the fixed import was last run. The integration fetches the vulnerabilities from this data and time.

    Note: This field is for the Fixed job mode.

    		 N/A
    Run Fixed Query on Initial Run

    Pulls fixed vulnerabilities on the first import.

    		 Disabled
    Edit Run Schedule

    Select this box if you want to configure the scheduled job run configuration. The following options must be configured:

    Note: Make sure not to set the run frequency too high, as this can result in congested jobs and create performance issues.

    • Run: The frequency that you want the import to run. Possible values are: Daily, Weekly, Monthly, Periodically, Once, On Demand, Business Calendar: Entry Start, or Business Calendar: Entry End.

    • Repeat Interval/Time: Set the time (hh/mm/ss) to run the import. This differs based on the Run selection.

    		 If selected, Daily is the default value.

    The Pull Vulnerabilities Schedule Job fetches the vulnerabilities from Tenable OT Security to ServiceNow and stores the vulnerabilities in the ServiceNow able Vulnerable Item.

    Name Description Default Value
    Active

    If selected, the scheduled job runs on the configured schedule.

    Disabled
    Initial Run - Historical Data

    The amount of time (in days) of how far back you want to pull data.

    		 Within the last 365 days
    Last Run

    The date and time that the import was last run.

    		N/A
    Last Run - Fixed

    The date and time that the fixed import was last run. The integration fetches the vulnerabilities from this data and time.

    Note: This field is for the Fixed job mode.

    		 N/A
    Run Fixed Query on Initial Run

    Pulls fixed vulnerabilities on the first import.

    		 Disabled
    Edit Run Schedule

    Select this box if you want to configure the scheduled job run configuration. The following options must be configured:

    Note: Make sure not to set the run frequency too high, as this can result in congested jobs and create performance issues.

    • Run: The frequency that you want the import to run. Possible values are: Daily, Weekly, Monthly, Periodically, Once, On Demand, Business Calendar: Entry Start, or Business Calendar: Entry End.

    • Repeat Interval/Time: Set the time (hh/mm/ss) to run the import. This differs based on the Run selection.

    		 If selected, Daily is the default value.

    6. Note: The Name text box is automatically populated based on the name of the connector and Job Type.

  6. Click Submit.

Next steps: