Frequently Asked Questions
-
I am unable to save the account for TASM.
-
Check the Domain and API Key. Make sure each one is valid.
-
If using a proxy, check the proxy configuration.
-
-
I am unable to save the account for TSC and TOT.
-
Custom Certificate option has been added in v8.0.0, Make sure that SSL Certificate is valid if provided.
-
-
Input is created successfully but data is not getting collected.
-
Check the data by expanding the time range in Splunk search.
-
If using a proxy, check the proxy configuration.Make sure that you are entering correct search query. For example, if you want to search TASM data the search query will be: index = your_index sourcetype = tenable:asm:assets
-
Check the log messages for errors:
-
For logs related to TASM data collection: You can view the logs in the ta_tenable_tenable_asm.log log file by navigating to $SPLUNK_HOME/var/log/splunk/.
-
For logs related to TWAS Assets & Vulns: You can view the logs in the ta_tenable_tenable_was.log log file by navigating to $SPLUNK_HOME/var/log/splunk/.
-
Error log messages regarding TASM data collection can also be seen from Splunk search in “_internal” index: index = _internal source = *ta_tenable_tenable_asm.log* ERROR
-
Error log messages regarding TWAS Assets & Vulns data collection can also be seen from Splunk search in “_internal” index: index = _internal source = *ta_tenable_tenable_was.log* ERROR
Note: $SPLUNK_HOME is the path where the Splunk is installed.
-
-