Configure Tenable Web App Scanning

Complete the installation of the Tenable applications for Splunk according to the following workflow.

Required User Role: Administrator

Before you begin:

  • You must have Splunk downloaded on your system with a Splunk basic login.

Note: See the Splunk Environments section for additional information about the different types of Splunk deployments and their requirements.

Note: If you install the Tenable App for Splunk on the search head, you must also install the Tenable Add-on.

To install the Tenable Web App Scanning Add-on for Splunk the first time:

  1. Log in to Splunk.
  2. Click Apps at the top-left of the screen.

    A drop-down menu appears:

  3. Click the Find More Apps.

  4. On the Browse More Apps page, type Tenable in the search bar.

    Tenable-related options appear.

  5. Enter the necessary information for each field. The following table describes the available options.

    Input Parameters Description
    Account Name (Required) The unique name for each Tenable data input.
    Tenable Account Type (Required) The type of Tenable account - Tenable Web App Scanning, Tenable Vulnerability Management, API Keys, or Certificate
    Address (Required) The hostname or IP address for Tenable Vulnerability Management.
    Verify SSL Certificate If enabled, Splunk verifies the SSL certificate in Tenable Vulnerability Management. Domain (Required) URL of Tenable server. Access Key (Required) Your Tenable account API access key. Secret Key (Required) Your Tenable account API secret key.
    Proxy Enable

    Enables the plugin to collect Tenable Vulnerability Management data via a proxy server. If you select this option, the plug- in prompts you to enter the following:

    • Proxy Type - the type of proxy used.
    • Proxy Host - the hostname or IP address of the proxy server.
    • Proxy Port - the port number of the proxy server.
    • Proxy Username - the username for an account that has permissions to access and use the proxy server.
    • Proxy Password - the password associated with the username you provided.
  1. Click Add to complete the configuration.

Next steps

  • Create an Input for the Tenable Tenable Web App Scanning Add-On for Splunk.