:

Source and Source Types

The Tenable Add-on for Splunk stores data with the following sources and source types.

TOT (ICP)

Source	Source type	Description
tenable_ot://<data input name>	tenable:ot:vuln	Collects cumulative vulnerability data from active and agent scans from licensed assets.
tenable_ot://<data input name>	tenable:ot:assets	Collects all assets data.
tenable_ot://<data input name>	tenable:ot:plugin	Collects all plugin detail data.

TSC

Source	Source type	Description
<username>\|<address>	tenable:sc:vuln	Collects cumulative vulnerability and compliance data from active and agent scans.
<username>\|<address>	tenable:sc:assets	Collects all assets data.
<username>\|<address>	tenable:sc:plugin	Collects all plugin detail data.

TVM

Source	Source type	Description
tenable_io://<data input name>	tenable:io:vuln	Collects cumulative vulnerability data from active and agent scans from licensed assets.
tenable_io://<data input name>	tenable:io:assets	Collects all assets data.
tenable_io://<data input name>	tenable:io:plugin	Collects all plugin detail data.

TVM Audit Logs

Source	Source type	Description
tenable_io://<data input name>	tenable:io:audit_logs	Collects all audit logs

TVM Compliance Module

Source	Source type	Description
tenable_io://<data input name>	tenable:io:compliance	Collects all compliance data.

Tenable Attack Surface Management

Source	Source type	Description
<username>\|<address>	tenable:asm:assets	This collects all assets data.

Tenable Web App Scanning

Source	Source type	Description
<username>\|<address>	tenable:was:assets	This collects all asset data.
<username>\|<address>	tenable:was:vuln	This collects all vulnerability data.

Copyright © 2025 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.