Configure Certificates

To complete the installation process, you must complete the setup for the Tenable Add-on for Splunk. For additional information on Certificates, see SSL Client Certificate Authentication.

To setup the Tenable Add-on for Splunk:

  1. Log in to your data collection node.
  2. In the left navigation bar, click Tenable Add-on for Splunk.

  3. Click the Configuration tab.

  4. Click the Add button.

    The Add Account window appears.

  5. In the Tenable Account Type field, select Certificates.
  6. Enter the necessary information for each field, described in the chart below.

    Note: The certificates you upload and configure must be associated to a specific user in

    Input Parameters Description
    Account Name (Required) The unique name for each data input.
    Tenable Account Type (Required) The type of Tenable account -, Credentials, or Certificate.
    Address (Required)The host name or IP address for
    Verify SSL Certificate If enabled, Splunk verifies the SSL Certificate in
    Certificate Filename The name of the certificate that you uploaded to $SPLUNK_HOME/etc/apps/TA-tenable/certs/.
    Key Filename The name of the key that you uploaded to $SPLUNK_HOME/etc/apps/TA-tenable/certs/.
    Key Password The password for the key file you uploaded.
    Proxy Enable

    Enables the plugin to collect data via a proxy server. If you select this option, the plug- in prompts you to enter the following:

    • Proxy Type - the type of proxy used.
    • Proxy Host - the host name or IP address of the the roxy server.
    • Proxy Port - the port number of the proxy server.
    • Proxy Username - the username for an account that has permissions to access and use the proxy server.
    • Proxy Password - the password associated with the username you provided.
  7. Click Add to complete the configuration.

Next steps: