Configure a Tenable OT Security (ICP) Account

Connect to OT Security (ICP) by creating the account configuration.

Note: The OT Security integration is available for Splunk add-on version 6.3.0 and later.

Account Creation

Complete the following steps to configure your account:

  1. Navigate to the Tenable Add-on for Splunk > Configuration.

  2. Under the Account tab click Add.

  3. Select TOT (ICP) in the Tenable Account Type drop-down.

  4. Enter a name in the Account Name field.

  5. Enter the FQDN or IP of your server for this account without scheme (http:// or https://) in the Address field.

  6. Enter your API secret in the API Secret field.

    Note: For more information on API keys, see Generate an API Key.

    Note: SSL Verification - Splunk requires all connections to verify SSL by default and not be configurable via the UI. To configure your TSC connection to not verify SSL certificate you will need to modify {SPLUNK_HOME}/etc/apps/TA-tenable/bin/tenable_consts.py and set to verify_ssl_for_ot = False.

  7. (Optional If you are using a proxy, click the Proxy Enable checkbox and complete the proxy fields.

  8. Click Add to save the configuration.