Frequently Asked Questions

  1. I am unable to save the account for TASM.

    • Check the Domain and API Key. Make sure each one is valid.

    • If using a proxy, check the proxy configuration.

  2. I am unable to save the account for TSC and TOT.

    • Custom Certificate option has been added in v8.0.0, Make sure that SSL Certificate is valid if provided.

  3. Input is created successfully but data is not getting collected.

    • Check the data by expanding the time range in Splunk search.

    • If using a proxy, check the proxy configuration.Make sure that you are entering correct search query. For example, if you want to search TASM data the search query will be: index = your_index sourcetype = tenable:asm:assets

    • Check the log messages for errors:

      • For logs related to TASM data collection: You can view the logs in the ta_tenable_tenable_asm.log log file by navigating to $SPLUNK_HOME/var/log/splunk/.

      • For logs related to TWAS Assets & Vulns: You can view the logs in the ta_tenable_tenable_was.log log file by navigating to $SPLUNK_HOME/var/log/splunk/.

      • Error log messages regarding TASM data collection can also be seen from Splunk search in “_internal” index: index = _internal source = *ta_tenable_tenable_asm.log* ERROR

      • Error log messages regarding TWAS Assets & Vulns data collection can also be seen from Splunk search in “_internal” index: index = _internal source = *ta_tenable_tenable_was.log* ERROR

      Note: $SPLUNK_HOME is the path where the Splunk is installed.