Configure Tenable Vulnerability Management

Last Updated: December 19, 2024

Required User Role: Administrator

To configure Tenable Vulnerability Management in ServiceNow:

  1. Log in to your ServiceNow instance.

  2. Navigate to Tenable Connector for Assets > Connectors.

    The Tenable Connector appears.

  3. Navigate to your already existing connector whose Tenable product is Tenable Vulnerability Management.

  4. From the Module drop-down box, you can select Asset or ITSM.

    Note: By default, the connector’s name is populated.

    Note: For the Asset Module, you can select the Pull Assets or Push Assets Tenable Job Type. For the ITSM Module, you can select Pull Vulnerabilities as the Tenable Job Type.

    The Pull Assets Schedule Job fetches the assets from Tenable Vulnerability Management to ServiceNow and stores the asset details in the CMDB Tables (Incomplete IP Identified Device, Unclassed Hardware, Computer, Network Adaptor, IP Address) and the Custom table (Tenable Asset Attributes).

    Name Description Default Value
    Active

    If selected, the scheduled job runs on the configured schedule.

    Disabled
    Initial Run - Historical Data

    The amount of time (in days) of how far back you want to pull data.

    		 Within the last 365 days
    Last Run

    The date and time that the import was last run.

    		N/A
    Edit Run Schedule

    Select this box if you want to configure the scheduled job run configuration. The following options must be configured:

    Note:Make sure not to set the run frequency too high, as this can result in congested jobs and create performance issues.

    • Run: The frequency that you want the import to run. Possible values are: Daily, Weekly, Monthly, Periodically, Once, On Demand, Business Calendar: Entry Start, or Business Calendar: Entry End.

    • Repeat Interval/Time: Set the time (hh/mm/ss) to run the import. This differs based on the Run selection.

    		 If selected, Daily is the default value.

    The Push Assets Scheduled Job pushes the assets from ServiceNow to Tenable Vulnerability Management. In Tenable Vulnerability Management, Group is created with the name that you entered when creating the Schedule Job task.

    Name Description Default Value
    Active

    If selected, the scheduled job runs on the configured schedule.

    Disabled
    Initial Run - Historical Data

    The amount of time (in days) of how far back you want to pull data.

    		 Within the last 365 days
    Last Run

    The date and time that the import was last run.

    		N/A
    Edit Run Schedule

    Select this box if you want to configure the scheduled job run configuration. The following options must be configured:

    Note: Make sure not to set the run frequency too high, as this can result in congested jobs and create performance issues.

    • Run: The frequency that you want the import to run. Possible values are: Daily, Weekly, Monthly, Periodically, Once, On Demand, Business Calendar: Entry Start, or Business Calendar: Entry End.

    • Repeat Interval/Time: Set the time (hh/mm/ss) to run the import. This differs based on the Run selection.

    		 If enabled, Daily is the default value.

  5. In the Conditions > Configuration Item Source Table dropdown, select the table on which you want the query to run in order to export the assets to Tenable Vulnerability Management.

  6. In the Conditions > Conditions dropdown, apply the filter conditions on the Configuration Item Source Table that you have selected.

  7. If you selected the ITSM Module, configure the following parameters:

    The Pull Vulnerabilities Schedule Job fetches the vulnerabilities from Tenable Vulnerability Management to ServiceNow and stores the vulnerabilities in the Custom table (Tenable Vulnerability).

    Name Description Default Value
    Active

    If selected, the scheduled job runs on the configured schedule.

    Disabled
    Initial Run - Historical Data

    The amount of time (in days) of how far back you want to pull data.

    		 Within the last 365 days
    Last Run

    The date and time that the import was last run.

    		N/A
    Last Run - Fixed

    The date and time that the fixed import was last run. The integration fetches the vulnerabilities from this data and time.

    		 N/A
    Run Fixed Query on Initial Run

    Pulls fixed vulnerabilities on the first import.

    		 Disabled
    Included Severities

    Specify the severities for the vulnerabilities being imported.

    		 By default, the value is empty and only vulnerabilities with high and critical severities are fetched.
    Edit Run Schedule

    Select this box if you want to configure the scheduled job run configuration. The following options must be configured:

    Note: Make sure not to set the run frequency too high, as this can result in congested jobs and create performance issues.

    • Run: The frequency that you want the import to run. Possible values are: Daily, Weekly, Monthly, Periodically, Once, On Demand, Business Calendar: Entry Start, or Business Calendar: Entry End.

    • Repeat Interval/Time: Set the time (hh/mm/ss) to run the import. This differs based on the Run selection.

    		 If selected, Daily is the default value.

    8. Note: The Name text box is automatically populated based on the name of the connector and Job Type.

  8. Click Submit.

Next steps: