TOC & Recently Viewed

Recently Viewed Topics

Analyzing Events

A wide variety of LCE analysis and reporting tools are available to Tenable.sc users. These users can make use of any LCE event that intersects with their range of managed IP addresses. All analysis and reporting options are described in the Tenable.sc User Guide.

Identifying Vulnerabilities

LCE can leverage log data to find vulnerabilities. The Tenable plugins that report this information will have the plugin ID range of 800,000 - 899,999.

You can filter for the vulnerabilities identified by LCE in Tenable.sc by using the “Filters” and selecting “Plugin ID”, then selecting “≥” and then entering “800000.” The filter setting is pictured below:

TASL Scripts

After PRM processing normalizes an event, the event is submitted to the LCE TASL engine for advanced processing by TASL scripts. TASL scripts are used for many types of detection events such as thresholds, successful attack detection, and alerting. By default, all TASL scripts are enabled in the LCE server; however they can be disabled manually in the “TASL and Plugins” section of the LCE interface described in detail earlier in this document. For more information regarding TASL scripts review the LCE TASL Reference Guide.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.