Installation
For Tenable.io:
Required User Role: Administrator
For Tenable.sc:
Required User Role: Security Manager, Security Analyst, or Vulnerability Analyst
Before you begin:
- You must have Splunk downloaded on your system with a Splunk basic login.
Note: See the Splunk Environments section for additional information about the different types of Splunk deployments and their requirements.
Note: If you install the Tenable App for Splunk on the search head, you must also install the Tenable Add-on.
To install Tenable Add-on for Splunk and Tenable App for Splunk for the first time:
- Log in to Splunk.
-
Go to Apps at the top of the screen.
A drop-down menu appears:
-
Click Find More Apps.
-
On the Browse More Apps page, type Tenable in the search bar.
Tenable-related options appear:
-
Click the Install button next to Tenable Add-on for Splunk:
-
Restart Splunk if a Restart Required prompt displays.
Note:Follow steps 1 to 6 to install the Tenable App for Splunk.
To upgrade Tenable Add-on for Splunk and Tenable App for Splunk:
- Log in to Splunk.
-
Go to Apps at the top of the screen.
A drop-down menu appears:
-
Click Manage App.
-
In the search bar, type Tenable.
Tenable-related options appear:
-
In the Version column, click Update to x.y.z version link for Tenable Add-On for Splunk:
-
Restart Splunk if a Restart Required prompt displays.
Note:Follow steps 1 to 6 to upgrade the Tenable App for Splunk.
Note: You can optionally update the default chunk size for Tenable.io export host vulnerabilities and export host assets sync calls. To update the default setting, open the $SPLUNK_HOME/etc/apps/TA-tenable/default/inputs.conf file, and update value of vuln_num_assets (number of assets used to chunk the vulnerabilities) and assets_chunk_size (number of assets per exported chunk) in tenable_io stanza as per requirement. Save the file changes and restart Splunk.
Note: You may need to update the Tenable Macro, get_tenable_index, for data to begin populating the application dashboards.
Next, configure the Tenable application.