You are here: Clients > Getting Started with the LCE Splunk Client

Getting Started with the LCE Splunk Client

This document describes the LCE Splunk Client version 4.6 that is available for Tenable Network Security’s Log Correlation Engine (LCE).

A working knowledge of Splunk, SecurityCenter, and LCE operation and architecture is assumed. Familiarity with general log formats from various operating systems, network devices, and applications, as well as a basic understanding of Linux/Unix, is also assumed.

Please email any comments and suggestions to


LCE unifies vulnerability collection and event analysis data through SecurityCenter, which provides easy-to-use dashboards to display multiple data points in a centralized view. Organizations that choose to send Splunk logs to the LCE have a unique advantage in that Splunk data is normalized by LCE and can be included for automatic anomaly detection, discovering assets, and additional vulnerability information including botnet and malware detection.

The LCE Splunk Client forwards data that Splunk collects to the LCE server. Once the data reaches the LCE server, the data is reviewed and normalized so it can be queried in SecurityCenter. The scope of this client can vary depending on what data is being forwarded from Splunk to the LCE Splunk Client.

Copyright © 2017 - 2018. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.